EPT 原理解释

64-ia-32-architectures-software-developer-system-programming-manual-325384

28.2

When EPT is in use, certain addresses that would normally be treated as physical addresses (and used to 
access memory) are instead treated as guest-physical addresses. 


Guest-physical addresses are translated by 
traversing a set of EPT paging structures to produce physical addresses that are used to access memory.


The translation from guest-physical addresses to physical addresses is determined by a set of EPT paging struc-
tures.


EPT的作用就是用于在vmx non-root模式下转换 guest-physical addresses --> physical addresses


EPT 的主要作用是用于vmx non-root模式. 也就是说，当前的上下文在guest OS环境中。已经不再vmx root, hypervisor中。

EPT is used when the “enable EPT” VM-execution control is 1.1 It translates the guest-physical addresses used in 
VMX non-root operation


If CR0.PG = 1, the translation of a linear address to a physical address requiresmultiple translations of guest-phys-
ical addresses using EPT. 


The translation of a 32-bit linear 
address then operates as follows:


Bits 31:22 of the linear address select an entry in the guest page directory located at the guest-physical 
address in CR3. The guest-physical address of the guest page-directory entry (PDE) is translated through EPT 
to determine the guest PDE’s physical address.


Bits 21:12 of the linear address select an entry in the guest page table located at the guest-physical address in 
the guest PDE. The guest-physical address of the guest page-table entry (PTE) is translated through EPT to 
determine the guest PTE’s physical address.


Bits 11:0 of the linear address is the offset in the page frame located at the guest-physical address in the guest 
PTE. The guest-physical address determined by this offset is translated through EPT to determine the physical 
address to which the original linear address translates.


In addition to translating a guest-physical address to a physical address, EPT specifies the privileges that software 
is allowed when accessing the address.