File: disable-nested-paging-mitigation.dita

package info (click to toggle)

virtualbox 7.2.2-dfsg-2

links: PTS, VCS
area: contrib
in suites: sid
size: 616,072 kB
sloc: cpp: 2,377,613; ansic: 2,351,258; asm: 379,359; python: 233,965; xml: 89,678; sh: 25,697; makefile: 8,169; perl: 5,697; java: 5,337; cs: 4,872; pascal: 1,785; javascript: 1,692; objc: 1,131; lex: 931; sed: 921; php: 906; yacc: 707

file content (11 lines) | stat: -rw-r--r-- 963 bytes

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE topic PUBLIC "-//OASIS//DTD DITA Topic//EN" "topic.dtd">
<topic xml:lang="en-us" id="disable-nested-paging-mitigation">
  <title>Disable Nested Paging</title>
  
  <body>
    <p>By disabling nested paging (EPT), the VMM will construct page tables shadowing the ones in the guest. It is not possible for the guest to insert anything suspicious into the page tables, since the VMM carefully validates each entry before shadowing it.</p>
    <p>As a side effect of disabling nested paging, several CPU features will not be made available to the guest. Among these features are AVX, AVX2, XSAVE, AESNI, and POPCNT. Not all guests may be able to cope with dropping these features after installation. Also, for some guests, especially in SMP configurations, there could be stability issues arising from disabling nested paging. Finally, some workloads may experience a performance degradation.</p>
  </body>
  
</topic>