处理器虚拟化技术

处理器虚拟化技术

出版信息

邓志 / 电子工业出版社 / 2014-5-1 / CNY 109.00

内容简介

《处理器虚拟化技术》针对在Intel处理器端的虚拟化技术(Intel Virtualization Technology for x86,即Intel VT-x)进行全面讲解。在Intel VT-x技术下实现了VMX(Virtual-Machine Extensions,虚拟机扩展)架构平台来支持对处理器的虚拟化管理。因此,VMX架构是Intel VT-x技术的核心。《处理器虚拟化技术》内容围绕VMX架构实现细节展开全面讲解。但Intel VT-d(Virtualization Technology for Directed I/O)和Intel VT-c(Virtualization Technology for Connectivity)技术并不在本书的描述范围。同时,也不针对AMD-v技术进行讨论。

《处理器虚拟化技术》共分为7章,书的整体结构也较为规整,可读性比较强。《处理器虚拟化技术》共提供14个例子,对VMX架构的一些特色功能进行辅助讲解。

读者阅读《处理器虚拟化技术》,可以学习Intel VT-x技术的VMX架构知识,并且对整个x86/x64体系有更深入的了解!可以说,不了解VMX架构,根本算不上对x86/x64体系熟悉,因为,在处理器的虚拟化技术里需要使用全方位的体系知识,对处理器在非常细节的地方进行虚拟化处理。

因此,《处理器虚拟化技术》适合有一定x86/x64体系知识基础或者想更深入学习x86/x64体系知识的读者。

目录

第1 章 系统平台 ............................................................................................. 1
1.1 环境及工具 .................................................................................................................. 1
1.1.1 使用VMware ........................................................................................................ 2
1.1.2 使用Bochs ............................................................................................................ 4
1.1.3 在真实机器上运行 ................................................................................................ 4
1.1.4 Build 工具............................................................................................................. 4
1.2 64 位与32 位代码的混合编译 ................................................................................... 7
1.2.1 使用符号__X64 ..................................................................................................... 7
1.2.2 指令操作数 ........................................................................................................... 8
1.2.3 64-bit 模式下其他指令处理 .................................................................................. 11
1.2.4 函数重定义表 ..................................................................................................... 15
1.3 地址空间 .................................................................................................................... 17
1.4 数据结构 .................................................................................................................... 23
1.4.1 PCB 结构 ............................................................................................................ 23
1.4.2 LSB 结构 ....................................................................................... 37
1.4.3 初始化PCB ........................................................................................................ 38
1.4.4 SDA 结构 ............................................................................................. 42
1.4.5 初始化SDA ........................................................................................................ 56
1.4.6 DRS 结构 ........................................................................................................... 57
1.5 系统启动 .................................................................................................................... 59
1.5.1 Boot 阶段 ........................................................................................................... 59
1.5.2 stage1 阶段 ......................................................................................................... 62
1.5.2.1 stage1 阶段的多处理器初始化 ................................................................. 66
1.5.2.2 BSP 的收尾工作 ..................................................................................... 68
1.5.2.3 APs 的stage1 阶段工作 ........................................................................... 70
1.5.3 stage2 阶段 ......................................................................................................... 73
1.5.3.1 BSP 在stage2 最后处理 ........................................................................... 80
1.5.3.2 APs 在stage2 阶段收尾工作 .................................................................... 81
1.5.4 stage3 阶段 ......................................................................................................... 83
1.5.4.1 BSP 在stage3 阶段的最后工作 ................................................................ 87
1.5.4.2 APs 在stage3 阶段收尾工作 .................................................................... 88
1.5.5 例子1-1 .............................................................................................................. 90
1.6 系统机制 .................................................................................................................... 91
1.6.1 分页机制 ............................................................................................................ 91
1.6.1.1 PAE 分页模式实现 ................................................................................. 91
1.6.1.2 IA-32e 分页模式实现 .............................................................................. 98
1.6.2 多处理器机制 ................................................................................................... 102
1.6.2.1 调度任务 ............................................................................................. 102
1.6.2.2 处理器切换 .......................................................................................... 109
1.6.3 调试记录机制 ................................................................................................... 113
1.6.3.1 例子1-2 ............................................................................................... 120
1.6.3.2 运行结果 ............................................................................................. 121
第2 章 VMX 架构基础 ................................................................................ 122
2.1 虚拟化概述 .............................................................................................................. 123
2.1.1 虚拟设备 .......................................................................................................... 124
2.1.2 地址转换 .......................................................................................................... 125
2.1.3 设备的I/O 访问 ................................................................................................ 125
2.2 VMX 架构 ................................................................................................................ 126
2.2.1 VMM 与VM ..................................................................................................... 127
2.2.2 VMXON 与VMCS 区域 .................................................................................... 127
2.2.3 检测VMX 支持 ................................................................................................ 128
2.2.4 开启VMX 进入允许 .......................................................................................... 128
2.3 VMX operation 模式 ................................................................................................ 129
2.3.1 进入VMX operation 模式 ................................................................................... 130
2.3.2 进入VMX operation 的制约 ............................................................................... 131
2.3.2.1 IA32_FEATURE_CONTROL 寄存器 ...................................................... 131
2.3.2.2 CR0 与CR4 固定位 .............................................................................. 133
2.3.2.3 A20M 模式 .......................................................................................... 135
2.3.3 设置VMXON 区域 ............................................................................................ 135
2.3.3.1 分配VMXON 区域 ............................................................................... 135
2.3.3.2 VMXON 区域初始设置 ......................................................................... 135
2.3.4 退出VMX operation 模式 ................................................................................... 136
2.4 VMX operation 模式切换 ........................................................................................ 137
2.4.1 VM entry .......................................................................................................... 138
2.4.2 VM exit ............................................................................................................ 139
2.4.3 SMM 双重监控处理下 ....................................................................................... 140
2.5 VMX 能力的检测 .................................................................................................... 141
2.5.1 检测是否支持VMX .......................................................................................... 141
2.5.2 通过MSR 组检查VMX 能力 ............................................................................. 141
2.5.3 例子2-1 ............................................................................................................ 146
2.5.4 基本信息检测 ................................................................................................... 147
2.5.5 允许为0 以及允许为1 位 .................................................................................. 149
2.5.5.1 决定VMX 支持的功能 ......................................................................... 150
2.5.5.2 控制字段设置算法 ................................................................................ 150
2.5.6 VM-execution 控制字段 ..................................................................................... 151
2.5.6.1 Pin-based VM-execution control 字段 ....................................................... 151
2.5.6.2 primary processor-based VM-execution control 字段 .................................. 152
2.5.6.3 secondary processor-based VM-execution control 字段 ............................... 152
2.5.7 VM-exit control 字段 .......................................................................................... 152
2.5.8 VM-entry control 字段 ........................................................................................ 153
2.5.9 VM-function control 字段 .................................................................................... 153
2.5.10 CR0 与CR4 的固定位 ...................................................................................... 154
2.5.10.1 CR0 与CR4 寄存器设置算法 ............................................................... 155
2.5.11 VMX 杂项信息 ................................................................................................ 156
2.5.12 VMCS 区域字段index 值 ................................................................................. 157
2.5.13 VPID 与EPT 能力 ........................................................................................... 157
2.6 VMX 指令 ................................................................................................................ 158
2.6.1 VMX 指令执行环境 .......................................................................................... 159
2.6.2 指令执行的状态 ................................................................................................ 159
2.6.3 VMfailValid 事件原因 ........................................................................................ 160
2.6.4 指令异常优先级 ................................................................................................ 161
2.6.5 VMCS 管理指令 ................................................................................................ 161
2.6.5.1 VMPTRLD 指令 ................................................................................... 162
2.6.5.2 VMPTRST 指令 .................................................................................... 162
2.6.5.3 VMCLEAR 指令 ................................................................................... 162
2.6.5.4 VMREAD 指令 ..................................................................................... 163
2.6.5.5 VMWRITE 指令 ................................................................................... 165
2.6.6 VMX 模式管理指令 .......................................................................................... 166
2.6.6.1 VMXON 指令 ...................................................................................... 167
2.6.6.2 VMXOFF 指令 ..................................................................................... 167
2.6.6.3 VMLAUNCH 指令 ................................................................................ 167
2.6.6.4 VMRESUME 指令 ................................................................................ 168
2.6.6.5 返回到executive monitor ....................................................................... 168
2.6.7 cache 刷新指令.................................................................................................. 169
2.6.7.1 INVEPT 指令 ....................................................................................... 170
2.6.7.2 INVVPID 指令 ..................................................................................... 170
2.6.8 调用服务例程指令 ............................................................................................ 171
2.6.8.1 VMCALL 指令 ..................................................................................... 171
2.6.8.2 VMFUNC 指令 ..................................................................................... 172
第3 章 VMCS 结构 .................................................................................... 173
3.1 VMCS 状态 .............................................................................................................. 173
3.1.1 activity 属性 ...................................................................................................... 174
3.1.2 current 属性 ...................................................................................................... 174
3.1.3 launch 属性 ....................................................................................................... 174
3.2 VMCS 区域 .............................................................................................................. 175
3.2.1 VMXON 区域 ................................................................................................... 176
3.2.2 Executive-VMCS 与SMM-transfer VMCS ............................................................ 176
3.2.3 VMCS 区域格式 ................................................................................................ 176
3.3 访问VMCS 字段 ..................................................................................................... 177
3.3.1 字段ID 格式 ..................................................................................................... 178
3.3.2 不同宽度的字段处理 ......................................................................................... 179
3.4 字段ID 值 ................................................................................................................ 181
3.4.1 16 位字段ID ..................................................................................................... 181
3.4.2 64 位字段ID ..................................................................................................... 182
3.4.3 32 位字段ID ..................................................................................................... 184
3.4.4 natural-width 字段ID ......................................................................................... 185
3.5 VM-execution 控制类字段 ...................................................................................... 187
3.5.1 Pin-based VM-execution control 字段 ................................................................... 188
3.5.2 processor-based VM-execution control 字段 ........................................................... 190
3.5.2.1 primary processor-based VM-execution control 字段 .................................. 191
3.5.2.2 secondary processor-based VM-execution control 字段 ............................... 195
3.5.3 exception bitmap 字段 ......................................................................................... 200
3.5.4 PFEC_MASK 与PFEC_MATCH 字段 ................................................................. 200
3.5.5 I/O bitmap address 字段 ...................................................................................... 202
3.5.6 TSC offset 字段 ................................................................................................. 202
3.5.7 guest/host mask 与read shadow 字段 ................................................... 202
3.5.8 CR3-target 字段 ................................................................................................. 203
3.5.9 APIC-access address 字段 ................................................................................... 203
3.5.10 virtual-APIC address 字段 ................................................................................. 204
3.5.11 TPR threshold 字段 ........................................................................................... 204
3.5.12 EOI-exit bitmap 字段 ........................................................................................ 204
3.5.13 posted-interrupt notification vector 字段 .............................................. 205
3.5.14 posted-interrupt descriptor address 字段 ........................................ 205
3.5.15 MSR bitmap address 字段 .................................................................................. 205
3.5.16 executive-VMCS pointer .................................................................................... 206
3.5.17 EPTP 字段 ...................................................................................................... 206
3.5.18 virtual-processor identifier 字段 .......................................................................... 207
3.5.19 PLE_Gap 与PLE_Window 字段 ........................................................................ 207
3.5.20 VM-function control 字段 .................................................................................. 209
3.5.21 EPTP-list address 字段 ...................................................................................... 210
3.6 VM-entry 控制类字段 ............................................................................................. 210
3.6.1 VM-entry control 字段 ........................................................................................ 211
3.6.2 VM-entry MSR-load 字段 ................................................................................... 214
3.6.3 事件注入控制字段 ............................................................................................ 214
3.6.3.1 VM-entry interruption information 字段 .................................................... 215
3.6.3.2 VM-entry exception error code 字段 ......................................................... 217
3.6.3.3 VM-entry instruction length 字段 ............................................................. 217
3.7 VM-exit 控制类字段 ................................................................................................ 218
3.7.1 VM-exit control 字段 .......................................................................................... 218
3.7.2 VM-exit MSR-store 与MSR-load 字段 ................................................................. 220
3.8 guest-state 区域字段 ................................................................................................ 221
3.8.1 段寄存器字段 ................................................................................................... 224
3.8.1.1 access right 字段 ................................................................................... 224
3.8.2 GDTR 与IDTR 字段 .......................................................................................... 229
3.8.3 MSR 字段 ......................................................................................................... 229
3.8.4 SMBASE 字段 .................................................................................................. 229
3.8.5 activity state 字段 ............................................................................................... 230
3.8.6 interruptibility state 字段 ..................................................................................... 232
3.8.7 pending debug exceptions 字段 ............................................................................ 235
3.8.7.1 #DB 异常的处理 ................................................................................... 237
3.8.8 VMCS link pointer 字段 ...................................................................................... 243
3.8.9 VMX-preemption timer value 字段 ....................................................................... 243
3.8.10 PDPTEs 字段 ................................................................................................... 243
3.8.11 guest interrupt status 字段 .................................................................................. 244
3.9 host-state 区域字段 .................................................................................................. 245
3.10 VM-exit 信息类字段 .............................................................................................. 247
3.10.1 基本信息类字段 .............................................................................................. 248
3.10.1.1 Exit reason 字段 .................................................................................. 248
3.10.1.2 VM-exit 原因 ...................................................................................... 249
3.10.1.3 Exit qualification 字段 .......................................................................... 255
3.10.1.4 由某些指令引发的VM-exit ................................................................. 256
3.10.1.5 由#DB 异常引发的VM-exit ................................................................. 256
3.10.1.6 由#PF 异常引发的VM-exit .................................................................. 257
3.10.1.7 由SIPI 引发的VM-exit ....................................................................... 257
3.10.1.8 由I/O SMI 引发的VM-exit .................................................................. 257
3.10.1.9 由任务切换引发的VM-exit ................................................................. 258
3.10.1.10 访问控制寄存器引发的VM-exit ......................................................... 259
3.10.1.11 由MOV-DR 指令引发的VM-exit ....................................................... 260
3.10.1.12 由I/O 指令引发的VM-exit ................................................................ 260
3.10.1.13 由于访问APIC-access page 引发的VM-exit......................................... 261
3.10.1.14 由EPT violation 引发的VM-exit ......................................................... 262
3.10.1.15 由EOI 虚拟化引发的VM-exit ............................................................ 264
3.10.1.16 由APIC-write 引发的VM-exit ............................................................ 264
3.10.1.17 guest-linear address 字段 ..................................................................... 264
3.10.1.18 guest-physical address 字段 ................................................................. 265
3.10.2 直接向量事件类信息字段 ................................................................................. 265
3.10.2.1 VM-exit interruption information 字段 .................................................... 265
3.10.2.2 VM-exit interruption error code 字段 ...................................................... 267
3.10.3 间接向量事件类信息字段 ................................................................................. 267
3.10.3.1 IDT-vectoring information 字段 ............................................................. 268
3.10.3.2 IDT-vectoring error code 字段 ............................................................... 269
3.10.4 指令类信息字段 .............................................................................................. 269
3.10.4.1 VM-exit instruction length 字段 ............................................................. 269
3.10.4.2 VM-exit instruction information 字段 ..................................................... 272
3.10.5 I/O SMI 信息类字段 ......................................................................................... 280
3.10.6 指令错误类字段 .............................................................................................. 280
3.11 VMM 初始化实例 ................................................................................................. 280
3.11.1 VMCS 相关的数据结构 .................................................................................... 281
3.11.1.1 VMB 结构 .......................................................................................... 281
3.11.1.2 VSB 结构 ........................................................................................... 284
3.11.1.3 VMCS buffer 结构 ............................................................................... 287
3.11.2 初始化VMXON 区域 ...................................................................................... 288
3.11.3 初始化VMCS 区域 .......................................................................................... 289
3.11.3.1 分配VMCS 区域 ................................................................................ 290
3.11.3.2 VMCS 初始化模式 .............................................................................. 291
3.11.3.3 VMCS buffer 初始化 ........................................................................... 293
3.11.4 例子3-1 .......................................................................................................... 297
第4 章 VM-entry 处理 ................................................................................... 301
4.1 发起VM-entry 操作 ................................................................................................ 302
4.2 VM-entry 执行流程 ................................................................................................. 303
4.3 指令执行的基本检查 .............................................................................................. 303
4.4 检查控制区域及host-state 区域 ............................................................................. 305
4.4.1 VM-execution 控制区域检查 ............................................................................... 305
4.4.1.1 检查pin-based VM-execution control 字段 ............................................... 306
4.4.1.2 检查primary processor-based VM-execution control 字段 ........................... 306
4.4.1.3 检查secondary processor-based VM-execution control 字段 ........................ 307
4.4.1.4 检查CR3-target 字段 ............................................................................ 308
4.4.2 VM-exit 控制区域检查 ....................................................................................... 308
4.4.2.1 VM-exit control 字段的检查 ................................................................... 308
4.4.2.2 MSR-store 与MSR-load 相关字段的检查 ................................................ 308
4.4.3 VM-entry 控制区域检查 ..................................................................................... 309
4.4.3.1 VM-entry control 字段的检查 ................................................................. 309
4.4.3.2 MSR-load 相关字段的检查 .................................................................... 309
4.4.3.3 事件注入相关字段的检查 ..................................................................... 309
4.4.4 Host-state 区域的检查 ........................................................................................ 310
4.4.4.1 Host 控制寄存器字段的检查 .................................................................. 310
4.4.4.2 Host-RIP 的检查 ................................................................................... 310
4.4.4.3 段selector 字段的检查 .......................................................................... 311
4.4.4.4 段基址字段的检查 ................................................................................ 311
4.4.4.5 MSR 字段的检查 .................................................................................. 311
4.5 检查guest-state 区域 ............................................................................................... 311
4.5.1 检查控制寄存器字段 ......................................................................................... 312
4.5.2 检查RIP 与RFLAGS 字段 ................................................................................. 312
4.5.3 检查DR7 与IA32_DEBUGCTL 字段 .................................................................. 313
4.5.4 检查段寄存器字段 ............................................................................................ 313
4.5.4.1 virtual-8086 模式下的检查 ..................................................................... 314
4.5.4.2 unrestricted guest 位为0 时的检查 .......................................................... 315
4.5.4.3 unrestricted guest 位为1 时的检查 .......................................................... 318
4.5.5 检查GDTR 与IDTR 字段 .................................................................................. 320
4.5.6 检查MSR 字段 ................................................................................................. 320
4.5.7 检查activity state 字段 ....................................................................................... 321
4.5.8 检查interruptibility state 字段 ............................................................................. 321
4.5.9 检查pending debug exception 字段 ...................................................................... 322
4.5.10 检查VMCS link pointer 字段 ............................................................................ 322
4.5.11 检查PDPTE 字段 ............................................................................................ 323
4.5.11.1 由加载CR3 引发的PDPTE 检查 .......................................................... 323
4.6 检查guest state 引起的VM-entry 失败 .................................................................. 324
4.7 加载guest 环境信息 ................................................................................................ 324
4.7.1 加载控制寄存器 ................................................................................................ 325
4.7.2 加载DR7 与IA32_DEBUGCTL .......................................................................... 325
4.7.3 加载MSR ......................................................................................................... 325
4.7.4 SMBASE 字段处理 ............................................................................................ 326
4.7.5 加载段寄存器与描述符表寄存器 ........................................................................ 326
4.7.5.1 unusable 段寄存器 ................................................................................ 327
4.7.5.2 加载GDTR 与IDTR ............................................................................. 327
4.7.6 加载RIP、RSP 和RFLAGS ............................................................................... 327
4.7.7 加载PDPTE 表项 .............................................................................................. 327
4.8 刷新处理器cache .................................................................................................... 328
4.9 更新Vritual-APIC 状态 ........................................................................................... 328
4.9.1 PPR 虚拟化 ....................................................................................................... 329
4.9.2 虚拟中断评估与delivery .................................................................................... 329
4.10 加载MSR-load 列表 .............................................................................................. 329
4.10.1 IA32_EFER 的加载处理 ................................................................................... 330
4.10.2 其他MSR 字段的加载处理 .............................................................................. 331
4.11 由加载guest state 引起的VM-entry 失败 ............................................................ 331
4.12 事件注入 ................................................................................................................ 332
4.12.1 注入事件的delivery ......................................................................................... 335
4.12.1.1 保护模式下的事件注入 ....................................................................... 335
4.12.1.2 实模式下的事件注入 ........................................................................... 338
4.12.1.3 virtual-8086 模式下的事件注入 ............................................................ 338
4.12.2 注入事件的间接VM-exit .................................................................................. 339
4.13 执行pending debug exception ............................................................................... 341
4.13.1 注入事件下的#DB 异常delivery ....................................................................... 342
4.13.2 例子4-1 .......................................................................................................... 346
4.13.3 非注入事件下的#DB 异常delivery .................................................................... 351
4.14 使用MTF VM-exit 功能 ....................................................................................... 354
4.14.1 注入事件下的MTF VM-exit ............................................................................. 354
4.14.2 非注入事件下的MTF VM-exit .......................................................................... 355
4.14.3 MTF VM-exit 与其他VM-exit ........................................................................... 355
4.14.4 MTF VM-exit 的优先级别 ................................................................................. 356
4.14.5 例子4-2 .......................................................................................................... 356
4.15 VM-entry 后直接导致VM-exit 的事件 ................................................................ 362
4.15.1 VM-exit 事件的优先级别 .................................................................................. 362
4.15.2 TPR below threshold VM-exit ............................................................................ 363
4.15.3 pending MTF VM-exit ....................................................................................... 364
4.15.4 由pending debug exception 引发的VM-exit ........................................................ 364
4.15.5 VMX-preemption timer ..................................................................................... 364
4.15.6 NMI-window exiting ......................................................................................... 366
4.15.7 interrupt-window exiting .................................................................................... 367
4.16 处理器的可中断状态 ............................................................................................ 367
4.16.1 中断的阻塞状态 .............................................................................................. 367
4.16.2 阻塞状态的解除 .............................................................................................. 368
4.16.3 中断的阻塞 ..................................................................................................... 369
4.16.4 VM-entry 后的可中断状态 ................................................................................ 370
4.17 处理器的活动状态 ................................................................................................ 370
4.17.1 active 与inactive 状态 ...................................................................................... 371
4.17.2 事件的阻塞 ..................................................................................................... 371
4.17.3 inactive 状态的唤醒 ......................................................................................... 372
4.17.4 VM-entry 后的活动状态 ................................................................................... 372
4.18 VM-entry 的机器检查事件 ................................................................................... 373
第5 章 VM-exit 处理 ...................................................................................... 374
5.1 无条件引发VM-exit 的指令 ................................................................................... 374
5.2 有条件引发VM-exit 的指令 ................................................................................... 375
5.3 引发VM-exit 的事件 ............................................................................................... 377
5.4 由于VM-entry 失败导致的VM-exit ...................................................................... 380
5.5 例子5-1 .................................................................................................................... 380
5.6 指令引发的异常与VM-exit .................................................................................... 385
5.6.1 优先级高于VM-exit 的异常 ............................................................................... 386
5.6.2 VM-exit 优先级高于指令的异常 ......................................................................... 387
5.6.3 例子5-2 ............................................................................................................ 387
5.7 VM-exit 的处理流程 ................................................................................................ 389
5.8 记录VM-exit 的相关信息 ....................................................................................... 390
5.9 更新VM-entry 区域字段 ........................................................................................ 391
5.10 更新处理器状态信息 ............................................................................................ 391
5.10.1 直接VM-exit 事件下的状态更新 ....................................................................... 393
5.10.2 间接VM-exit 事件下的状态更新 ....................................................................... 394
5.10.3 其他情况下的状态更新 .................................................................................... 395
5.11 保存guest 环境信息 .............................................................................................. 397
5.11.1 保存控制寄存器,debug 寄存器及MSR ............................................................ 397
5.11.2 保存RIP 与RSP .............................................................................................. 397
5.11.3 保存RFLAGS ................................................................................................. 399
5.11.4 保存段寄存器 .................................................................................................. 399
5.11.5 保存GDTR 与IDTR ........................................................................................ 400
5.11.6 保存activity 与interruptibility 状态信息 ............................................. 400
5.11.7 保存pending debug exception 信息 .................................................................... 400
5.11.8 保存VMX-preemption timer 值 ......................................................................... 402
5.11.9 保存PDPTE .................................................................................................... 402
5.11.10 保存SMBASE 与VMCS-link pointer ............................................................... 403
5.12 保存MSR-store 列表 ............................................................................................. 403
5.13 加载host 环境 ........................................................................................................ 404
5.13.1 加载控制寄存器 .............................................................................................. 404
5.13.2 加载DR7 与MSR ............................................................................................ 405
5.13.3 加载host 段寄存器 .......................................................................................... 405
5.13.3.1 加载selector ....................................................................................... 406
5.13.3.2 加载base ............................................................................................ 406
5.13.3.3 加载limit ........................................................................................... 406
5.13.3.4 加载access rights ................................................................................ 407
5.13.4 加载GDTR 与IDTR ........................................................................................ 408
5.13.5 加载RIP,RSP 及RFLAGS ............................................................................. 408
5.13.6 加载PDPTE .................................................................................................... 408
5.14 更新host 处理器状态信息 .................................................................................... 409
5.15 刷新处理器cache 信息 ......................................................................................... 409
5.16 加载MSR-load 列表 .............................................................................................. 410
5.17 VMX-abort ............................................................................................................. 411
第6 章 内存虚拟化 ................................................................................... 412
6.1 EPT(扩展页表)机制 ........................................................................................... 412
6.1.1 EPT 机制概述 ................................................................................................... 413
6.1.1.1 guest 分页机制与EPT ........................................................................... 413
6.1.2 EPT 页表结构 ................................................................................................... 416
6.1.3 guest-physical address ......................................................................................... 417
6.1.4 EPTP ................................................................................................................ 417
6.1.5 4K 页面下的EPT 页表结构 ................................................................................ 418
6.1.6 2M 页面下的EPT 页表结构 ............................................................................... 422
6.1.7 1G 页面下的EPT 页表结构 ................................................................................ 424
6.1.8 EPT 导致的VM-exit .......................................................................................... 426
6.1.8.1 EPT violation ........................................................................................ 426
6.1.8.2 EPT misconfiguration ............................................................................. 427
6.1.8.3 EPT 页故障的优先级 ........................................................................... 428
6.1.8.4 修复EPT 页故障 .................................................................................. 431
6.1.9 accessed 与dirty 标志位 ..................................................................................... 436
6.1.10 EPT 内存类型.................................................................................................. 438
6.1.11 EPTP switching ................................................................................................ 440
6.1.12 实现EPT 机制 ................................................................................................. 442
6.2 Cache 管理 ............................................................................................................... 454
6.2.1 linear mapping(线性映射) ............................................................................... 455
6.2.2 guest-physical mapping(guest 物理映射) ........................................................... 456
6.2.3 combined mapping(合并映射) ......................................................................... 457
6.2.4 cache 域 ............................................................................................................ 458
6.2.5 cache 建立 ........................................................................................................ 463
6.2.6 cache 刷新 ........................................................................................................ 465
6.2.6.1 INVLPG 指令刷新cache ....................................................................... 468
6.2.6.2 INVPCID 指令刷新cache ...................................................................... 468
6.2.6.3 INVVPID 指令刷新cache ...................................................................... 469
6.2.6.4 INVEPT 指令刷新cache ........................................................................ 470
6.2.6.5 INVVPID 指令使用指南 ........................................................................ 470
6.2.6.6 INVEPT 指令使用指南 .......................................................................... 471
6.3 内存虚拟化管理 ...................................................................................................... 473
6.3.1 分配物理内存 ................................................................................................... 473
6.3.2 实模式guest OS 内存处理 .................................................................................. 475
6.3.3 guest 内存虚拟化 ............................................................................................... 476
6.3.3.1 guest 虚拟地址转换 .............................................................................. 477
6.3.3.2 guest OS 的cache 管理 .......................................................................... 479
6.4 例子6-1 .................................................................................................................... 482
6.4.1 GuestBoot 模块.................................................................................................. 483
6.4.2 GuestKernel 模块 ............................................................................................... 486
6.4.3 VSB 结构 ......................................................................................................... 495
6.4.4 VMM 初始化guest ............................................................................................ 498
6.4.5 使用VMX-preemption timer ............................................................................... 503
6.4.6 host 处理流程 .................................................................................................... 507
6.4.7 运行结果 .......................................................................................................... 511
第7 章 中断虚拟化 ........................................................................................ 522
7.1 异常处理 .................................................................................................................. 522
7.1.1 反射异常给guest ............................................................................................... 523
7.1.2 恢复guest 异常 ................................................................................................. 526
7.1.2.1 直接恢复 ............................................................................................. 526
7.1.2.2 例子7-1 ............................................................................................... 527
7.1.2.3 恢复原始向量事件 ................................................................................ 533
7.1.3 处理任务切换 ................................................................................................... 535
7.1.3.1 检查任务切换条件 ................................................................................ 535
7.1.3.2 VMM 处理任务切换 ............................................................................. 537
7.1.3.3 恢复guest 运行 .................................................................................... 547
7.1.3.4 例子7-2 ............................................................................................... 551
7.2 Local APIC 虚拟化 .................................................................................................. 554
7.2.1 监控guest 访问local APIC ................................................................................. 554
7.2.1.1 例子7-3 ............................................................................................... 555
7.2.2 local APIC 虚拟化机制 ....................................................................................... 571
7.2.3 APIC-access page ............................................................................................... 573
7.2.3.1 APIC-access page 的设置 ....................................................................... 574
7.2.4 虚拟化x2APIC MSR 组 ..................................................................................... 577
7.2.5 virtual-APIC page ............................................................................................... 578
7.2.6 APIC-access VM-exit .......................................................................................... 581
7.2.6.1 APIC-access VM-exit 优先级别 .............................................................. 581
7.2.7 虚拟化读取APIC-access page ............................................................................. 582
7.2.8 虚拟化写入APIC-access page ............................................................................. 584
7.2.9 虚拟化基于MSR 读local APIC .......................................................................... 587
7.2.10 虚拟化基于MSR 写local APIC ......................................................................... 588
7.2.11 虚拟化基于CR8 访问TPR ............................................................................... 589
7.2.12 local APIC 虚拟化操作 ..................................................................................... 589
7.2.12.1 TPR 虚拟化 ........................................................................................ 590
7.2.12.2 PPR 虚拟化 ........................................................................................ 591
7.2.12.3 EOI 虚拟化......................................................................................... 591
7.2.12.4 Self-IPI 虚拟化 ................................................................................... 593
7.2.13 虚拟中断的评估与delivery ............................................................................... 593
7.2.13.1 虚拟中断的评估 ................................................................................. 594
7.2.13.2 虚拟中断的delivery ............................................................................ 596
7.2.14 posted-interrupt 处理 ......................................................................................... 597
7.3 中断处理 .................................................................................................................. 601
7.3.1 拦截INT 指令 ................................................................................................... 601
7.3.1.1 处理IDTR.limit .................................................................................... 602
7.3.1.2 处理#GP 异常 ...................................................................................... 605
7.3.1.3 处理中断delivery ................................................................................. 608
7.3.1.4 完成中断的delivery 操作 ...................................................................... 618
7.3.1.5 例子7-4 ............................................................................................... 628
7.3.2 处理NMI ......................................................................................................... 632
7.3.2.1 拦截NMI ............................................................................................. 632
7.3.2.2 虚拟NMI ............................................................................................. 634
7.3.3 处理外部中断 ................................................................................................... 634
7.3.3.1 拦截外部中断 ....................................................................................... 634
7.3.3.2 转发外部中断 ....................................................................................... 635
7.3.3.3 监控guest 设置8259 ............................................................................. 637
7.3.3.4 例子7-5 ............................................................................................... 642

本文地址:https://www.codercto.com/books/d/892.html

随机密码生成器

随机密码生成器

多种字符组合密码

Base64 编码/解码

Base64 编码/解码

Base64 编码/解码

MD5 加密

MD5 加密

MD5 加密工具