分类: 虚拟化
2012-05-11 23:23:38
类似ASID, ASID用以区分不同进程的地址空间,切换时不用刷新TLB。VPID用来区分不同的虚拟处理器地址空间,虚拟机切换时不用刷新TLB。
VMM为每个VMCS分配一个唯一的VPID,在VMCS中将Enable VPID置1就可以启用该功能。
硬件支持的情况下,当VM ENTRY (optionally)时,EPT被激活。模式CPU同时控制两个页表,一个是Guest常规意义上的页表,该页表维护 logical page numbers (LPNs) to physical page numbers (PPNs)的映射。另一个是VMM maintains a mapping of PPNs to machine page numbers (MPNs),称为extended page tables。When EPT active, EPT base pointer (loaded on VM entry from VMCS) points to extended page tables。当VM exit事件发生时,EPT deactivated。
见
因此当EPT模式address translation时,实际要遍历两个页表,注意是从guest的CR3开始地址转换。如下简图:
实际情况要复杂一些,因为guest page table()和可能是多层的,每遍历GPT的一层都可能要遍历一次EPT,所以GPT是m层,EPT是n层,遍历最大次数大约是m*n(假定TLB MISS)。下面是来自2009 虚拟化技术全国高校师资研讨班的详细示意图:
这也就是为什么huge page对VM的作用更加明显的原因,可以参看下面的链接:
EPT模式下TLB的管理相对复杂,详见INTEL Manual 25.3 CACHING TRANSLATION INFORMATION。分为三类Cache:Linear mappings(LPN->PPN), Guest-physical mappings(PPN->MFN), Combined mappings(LPN->MFN)
后两者的内容(部分)来自EPT。可以是使用指令/INVVPID来 invalidates entries in the TLBs and paging-structure caches that were derived from extended page tables (EPT), or based on a Virtual-Processor Identifier (VPID).
参考资料:
不包含虚拟机相关内容,现在已经是Intel Manual的一部分,但是整合在一起看起来方便一些。
参考资料
Intel® 64 and IA-32 Architectures Software Developer’s Manual Volume 3B: System Programming Guide, Part 2 :chapter 25 VMX SUPPORT FOR ADDRESS TRANSLATION
见Intel Manual,Accesses using guest-physical addresses may cause VM exits due to EPT misconfigurations and EPT violations. An EPT misconfiguration occurs when, in the course of translation a guest-physical address, the logical processor encounters an EPT paging-structure entry that contains an unsupported value. An EPT violation occurs when there is no EPT misconfiguration but the EPT paging-structure entries disallow an access using the guest-physical address. 其中EPT violations发生的一个情况就是Translation of the guest-physical address encounters an EPT paging-structure entry that is not present,基于此可以动态创建EPT.
此外,guest的 page faults 应该先于对应的EPT violations发生,因为EPT是根据guest的page table建立起来的。
4.1.2
标志位SECONDARY_EXEC_ENABLE_VPID用以控制VPID是否打开
/* VPID was disabled: now enabled. */
curr->arch.hvm_vmx.secondary_exec_control|= ;
construct_vmcs有如下代码
if ( cpu_has_vmx_vpid )
__vmwrite(VIRTUAL_PROCESSOR_ID, v->arch.hvm_vcpu.asid);
asid的分配在文件xen-4.1.2/xen/arch/x86/hvm/asid.c文件中.
EPT
设置见
readmsr(curr_vcpu->arch.hvm_vmx.secondary_exec_control |=
SECONDARY_EXEC_ENABLE_EPT)
__vmwrite(EPT_POINTER, d->arch.hvm_domain.vmx.ept_control.eptp)
ept表项对应的数据结构是ept_entry_t。为ept页表建立page pool,使用的函数为hap_alloc.
EPT的建立完全类似demand paging机制,触发EPT Violation时建立,相应的处理函数是
=>hvm_hap_nested_page_fault,有代码如下,注释里面的PoD是populate-on-demand的意思。
/* Spurious fault? and log-dirty also take this path. */
if ( p2m_is_ram(p2mt) )
{
/*
* Page log dirty is always done with order 0. If this mfn resides in
* a large page, we do not change other pages type within that large
* page.
*/
paging_mark_dirty(v->domain, mfn_x(mfn));
p2m_change_type(p2m, gfn, p2m_ram_logdirty, p2m_ram_rw);
return 1;
}
EPT的设置在vmx_set_cr3函数中。EPT是动态创建的,利用 EPT Violation VM Exit,见tdp_page_fault函数。
ept_sync_*函数封装了invept指令。
VPID activated if new “enable VPID”control bit is set in VMCS
New 16-bit virtual-processor-ID field
(VPID) field in VMCS
–VMM allocates unique value for each guest OS
–VMM uses VPID of 0×0000, no guest can have this VPID;
Cached linear translations are tagged with VPID value.
管理VPID资源。
