Add an ipi for executing INVEPT to flush EPT on remote cpus.
authordv <dv@openbsd.org>
Thu, 26 Sep 2024 13:18:25 +0000 (13:18 +0000)
committerdv <dv@openbsd.org>
Thu, 26 Sep 2024 13:18:25 +0000 (13:18 +0000)
commit30e2643ae7ed7dfd637efff87fd5d6cbb8ead7f2
tree1aa8f7afed08c09b343aedb84d978a4f1697dbb5
parent54b0a309fb3f2a8ec180dc311cfa629a40bad568
Add an ipi for executing INVEPT to flush EPT on remote cpus.

Similar to how the fast ipi for tlb flush is implemented, this adds
one for calling INVEPT to invalidate EPT caches on the cpu. This
is the first step to allowing guest memory to not be wired by UVM
and decreases the behavioral differences between Intel and AMD's
nested paging in vmm(4) and pmap(9).

This change does not hook EPT ptes into the PV list, so the ipi is
only used during address space teardown and pte removal. (With the
removal of the "mprotect" ioctl, vmm(4) no longer modifies EPT ptes
other than inserting them and removing them.)

ok mlarkin@
sys/arch/amd64/amd64/cpu.c
sys/arch/amd64/amd64/lapic.c
sys/arch/amd64/amd64/pmap.c
sys/arch/amd64/amd64/vector.S
sys/arch/amd64/amd64/vmm_machdep.c
sys/arch/amd64/include/cpu.h
sys/arch/amd64/include/i82489var.h
sys/arch/amd64/include/pmap.h
sys/arch/amd64/include/vmmvar.h