€•"pŒsphinx.addnodes”Œdocument”“”)”}”(Œ rawsource”Œ”Œchildren”]”(Œ translations”Œ LanguagesNode”“”)”}”(hhh]”(hŒ pending_xref”“”)”}”(hhh]”Œdocutils.nodes”ŒText”“”ŒChinese (Simplified)”…””}”Œparent”hsbaŒ attributes”}”(Œids”]”Œclasses”]”Œnames”]”Œdupnames”]”Œbackrefs”]”Œ refdomain”Œstd”Œreftype”Œdoc”Œ reftarget”Œ+/translations/zh_CN/virt/kvm/x86/nested-vmx”Œmodname”NŒ classname”NŒ refexplicit”ˆuŒtagname”hhh ubh)”}”(hhh]”hŒChinese (Traditional)”…””}”hh2sbah}”(h]”h ]”h"]”h$]”h&]”Œ refdomain”h)Œreftype”h+Œ reftarget”Œ+/translations/zh_TW/virt/kvm/x86/nested-vmx”Œmodname”NŒ classname”NŒ refexplicit”ˆuh1hhh ubh)”}”(hhh]”hŒItalian”…””}”hhFsbah}”(h]”h ]”h"]”h$]”h&]”Œ refdomain”h)Œreftype”h+Œ reftarget”Œ+/translations/it_IT/virt/kvm/x86/nested-vmx”Œmodname”NŒ classname”NŒ refexplicit”ˆuh1hhh ubh)”}”(hhh]”hŒJapanese”…””}”hhZsbah}”(h]”h ]”h"]”h$]”h&]”Œ refdomain”h)Œreftype”h+Œ reftarget”Œ+/translations/ja_JP/virt/kvm/x86/nested-vmx”Œmodname”NŒ classname”NŒ refexplicit”ˆuh1hhh ubh)”}”(hhh]”hŒKorean”…””}”hhnsbah}”(h]”h ]”h"]”h$]”h&]”Œ refdomain”h)Œreftype”h+Œ reftarget”Œ+/translations/ko_KR/virt/kvm/x86/nested-vmx”Œmodname”NŒ classname”NŒ refexplicit”ˆuh1hhh ubh)”}”(hhh]”hŒPortuguese (Brazilian)”…””}”hh‚sbah}”(h]”h ]”h"]”h$]”h&]”Œ refdomain”h)Œreftype”h+Œ reftarget”Œ+/translations/pt_BR/virt/kvm/x86/nested-vmx”Œmodname”NŒ classname”NŒ refexplicit”ˆuh1hhh ubh)”}”(hhh]”hŒSpanish”…””}”hh–sbah}”(h]”h ]”h"]”h$]”h&]”Œ refdomain”h)Œreftype”h+Œ reftarget”Œ+/translations/sp_SP/virt/kvm/x86/nested-vmx”Œmodname”NŒ classname”NŒ refexplicit”ˆuh1hhh ubeh}”(h]”h ]”h"]”h$]”h&]”Œcurrent_language”ŒEnglish”uh1h hhŒ _document”hŒsource”NŒline”NubhŒcomment”“”)”}”(hŒ SPDX-License-Identifier: GPL-2.0”h]”hŒ SPDX-License-Identifier: GPL-2.0”…””}”hh·sbah}”(h]”h ]”h"]”h$]”h&]”Œ xml:space”Œpreserve”uh1hµhhh²hh³ŒE/var/lib/git/docbuild/linux/Documentation/virt/kvm/x86/nested-vmx.rst”h´KubhŒsection”“”)”}”(hhh]”(hŒtitle”“”)”}”(hŒ Nested VMX”h]”hŒ Nested VMX”…””}”(hhÏh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhhÊh²hh³hÇh´KubhÉ)”}”(hhh]”(hÎ)”}”(hŒOverview”h]”hŒOverview”…””}”(hhàh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhhÝh²hh³hÇh´KubhŒ paragraph”“”)”}”(hXOn Intel processors, KVM uses Intel's VMX (Virtual-Machine eXtensions) to easily and efficiently run guest operating systems. Normally, these guests *cannot* themselves be hypervisors running their own guests, because in VMX, guests cannot use VMX instructions.”h]”(hŒ—On Intel processors, KVM uses Intel’s VMX (Virtual-Machine eXtensions) to easily and efficiently run guest operating systems. Normally, these guests ”…””}”(hhðh²hh³Nh´NubhŒemphasis”“”)”}”(hŒ*cannot*”h]”hŒcannot”…””}”(hhúh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1høhhðubhŒh themselves be hypervisors running their own guests, because in VMX, guests cannot use VMX instructions.”…””}”(hhðh²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´K hhÝh²hubhï)”}”(hX The "Nested VMX" feature adds this missing capability - of running guest hypervisors (which use VMX) with their own nested guests. It does so by allowing a guest to use VMX instructions, and correctly and efficiently emulating them using the single level of VMX available in the hardware.”h]”hX$The “Nested VMX†feature adds this missing capability - of running guest hypervisors (which use VMX) with their own nested guests. It does so by allowing a guest to use VMX instructions, and correctly and efficiently emulating them using the single level of VMX available in the hardware.”…””}”(hjh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´KhhÝh²hubhï)”}”(hŒôWe describe in much greater detail the theory behind the nested VMX feature, its implementation and its performance characteristics, in the OSDI 2010 paper "The Turtles Project: Design and Implementation of Nested Virtualization", available at:”h]”hŒøWe describe in much greater detail the theory behind the nested VMX feature, its implementation and its performance characteristics, in the OSDI 2010 paper “The Turtles Project: Design and Implementation of Nested Virtualizationâ€, available at:”…””}”(hj h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´KhhÝh²hubhŒ block_quote”“”)”}”(hŒFhttps://www.usenix.org/events/osdi10/tech/full_papers/Ben-Yehuda.pdf ”h]”hï)”}”(hŒDhttps://www.usenix.org/events/osdi10/tech/full_papers/Ben-Yehuda.pdf”h]”hŒ reference”“”)”}”(hj6h]”hŒDhttps://www.usenix.org/events/osdi10/tech/full_papers/Ben-Yehuda.pdf”…””}”(hj:h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”Œrefuri”j6uh1j8hj4ubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Khj0ubah}”(h]”h ]”h"]”h$]”h&]”uh1j.h³hÇh´KhhÝh²hubeh}”(h]”Œoverview”ah ]”h"]”Œoverview”ah$]”h&]”uh1hÈhhÊh²hh³hÇh´KubhÉ)”}”(hhh]”(hÎ)”}”(hŒ Terminology”h]”hŒ Terminology”…””}”(hj_h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhj\h²hh³hÇh´Kubhï)”}”(hŒíSingle-level virtualization has two levels - the host (KVM) and the guests. In nested virtualization, we have three levels: The host (KVM), which we call L0, the guest hypervisor, which we call L1, and its nested guest, which we call L2.”h]”hŒíSingle-level virtualization has two levels - the host (KVM) and the guests. In nested virtualization, we have three levels: The host (KVM), which we call L0, the guest hypervisor, which we call L1, and its nested guest, which we call L2.”…””}”(hjmh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Khj\h²hubeh}”(h]”Œ terminology”ah ]”h"]”Œ terminology”ah$]”h&]”uh1hÈhhÊh²hh³hÇh´KubhÉ)”}”(hhh]”(hÎ)”}”(hŒRunning nested VMX”h]”hŒRunning nested VMX”…””}”(hj†h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhjƒh²hh³hÇh´K&ubhï)”}”(hŒ©The nested VMX feature is enabled by default since Linux kernel v4.20. For older Linux kernel, it can be enabled by giving the "nested=1" option to the kvm-intel module.”h]”hŒ­The nested VMX feature is enabled by default since Linux kernel v4.20. For older Linux kernel, it can be enabled by giving the “nested=1†option to the kvm-intel module.”…””}”(hj”h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´K(hjƒh²hubhï)”}”(hŒÚNo modifications are required to user space (qemu). However, qemu's default emulated CPU type (qemu64) does not list the "VMX" CPU feature, so it must be explicitly enabled, by giving qemu one of the following options:”h]”hŒàNo modifications are required to user space (qemu). However, qemu’s default emulated CPU type (qemu64) does not list the “VMX†CPU feature, so it must be explicitly enabled, by giving qemu one of the following options:”…””}”(hj¢h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´K-hjƒh²hubj/)”}”(hŒ‘- cpu host (emulated CPU has all features of the real CPU) - cpu qemu64,+vmx (add just the vmx feature to a named CPU type) ”h]”hŒ bullet_list”“”)”}”(hhh]”(hŒ list_item”“”)”}”(hŒFcpu host (emulated CPU has all features of the real CPU) ”h]”hï)”}”(hŒEcpu host (emulated CPU has all features of the real CPU)”h]”hŒEcpu host (emulated CPU has all features of the real CPU)”…””}”(hj¿h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´K1hj»ubah}”(h]”h ]”h"]”h$]”h&]”uh1j¹hj¶ubjº)”}”(hŒFcpu qemu64,+vmx (add just the vmx feature to a named CPU type) ”h]”hï)”}”(hŒDcpu qemu64,+vmx (add just the vmx feature to a named CPU type)”h]”hŒDcpu qemu64,+vmx (add just the vmx feature to a named CPU type)”…””}”(hj×h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´K3hjÓubah}”(h]”h ]”h"]”h$]”h&]”uh1j¹hj¶ubeh}”(h]”h ]”h"]”h$]”h&]”Œbullet”Œ-”uh1j´h³hÇh´K1hj°ubah}”(h]”h ]”h"]”h$]”h&]”uh1j.h³hÇh´K1hjƒh²hubeh}”(h]”Œrunning-nested-vmx”ah ]”h"]”Œrunning nested vmx”ah$]”h&]”uh1hÈhhÊh²hh³hÇh´K&ubhÉ)”}”(hhh]”(hÎ)”}”(hŒABIs”h]”hŒABIs”…””}”(hjh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhjh²hh³hÇh´K7ubhï)”}”(hXNested VMX aims to present a standard and (eventually) fully-functional VMX implementation for the a guest hypervisor to use. As such, the official specification of the ABI that it provides is Intel's VMX specification, namely volume 3B of their "Intel 64 and IA-32 Architectures Software Developer's Manual". Not all of VMX's features are currently fully supported, but the goal is to eventually support them all, starting with the VMX features which are used in practice by popular hypervisors (KVM and others).”h]”hX Nested VMX aims to present a standard and (eventually) fully-functional VMX implementation for the a guest hypervisor to use. As such, the official specification of the ABI that it provides is Intel’s VMX specification, namely volume 3B of their “Intel 64 and IA-32 Architectures Software Developer’s Manualâ€. Not all of VMX’s features are currently fully supported, but the goal is to eventually support them all, starting with the VMX features which are used in practice by popular hypervisors (KVM and others).”…””}”(hjh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´K9hjh²hubhï)”}”(hXáAs a VMX implementation, nested VMX presents a VMCS structure to L1. As mandated by the spec, other than the two fields revision_id and abort, this structure is *opaque* to its user, who is not supposed to know or care about its internal structure. Rather, the structure is accessed through the VMREAD and VMWRITE instructions. Still, for debugging purposes, KVM developers might be interested to know the internals of this structure; This is struct vmcs12 from arch/x86/kvm/vmx.c.”h]”(hŒ¡As a VMX implementation, nested VMX presents a VMCS structure to L1. As mandated by the spec, other than the two fields revision_id and abort, this structure is ”…””}”(hj h²hh³Nh´Nubhù)”}”(hŒ*opaque*”h]”hŒopaque”…””}”(hj(h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1høhj ubhX8 to its user, who is not supposed to know or care about its internal structure. Rather, the structure is accessed through the VMREAD and VMWRITE instructions. Still, for debugging purposes, KVM developers might be interested to know the internals of this structure; This is struct vmcs12 from arch/x86/kvm/vmx.c.”…””}”(hj h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´KAhjh²hubhï)”}”(hŒöThe name "vmcs12" refers to the VMCS that L1 builds for L2. In the code we also have "vmcs01", the VMCS that L0 built for L1, and "vmcs02" is the VMCS which L0 builds to actually run L2 - how this is done is explained in the aforementioned paper.”h]”hXThe name “vmcs12†refers to the VMCS that L1 builds for L2. In the code we also have “vmcs01â€, the VMCS that L0 built for L1, and “vmcs02†is the VMCS which L0 builds to actually run L2 - how this is done is explained in the aforementioned paper.”…””}”(hj@h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´KIhjh²hubhï)”}”(hX For convenience, we repeat the content of struct vmcs12 here. If the internals of this structure changes, this can break live migration across KVM versions. VMCS12_REVISION (from vmx.c) should be changed if struct vmcs12 or its inner struct shadow_vmcs is ever changed.”h]”hX For convenience, we repeat the content of struct vmcs12 here. If the internals of this structure changes, this can break live migration across KVM versions. VMCS12_REVISION (from vmx.c) should be changed if struct vmcs12 or its inner struct shadow_vmcs is ever changed.”…””}”(hjNh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´KNhjh²hubhŒ literal_block”“”)”}”(hXAtypedef u64 natural_width; struct __packed vmcs12 { /* According to the Intel spec, a VMCS region must start with * these two user-visible fields */ u32 revision_id; u32 abort; u32 launch_state; /* set to 0 by VMCLEAR, to 1 by VMLAUNCH */ u32 padding[7]; /* room for future expansion */ u64 io_bitmap_a; u64 io_bitmap_b; u64 msr_bitmap; u64 vm_exit_msr_store_addr; u64 vm_exit_msr_load_addr; u64 vm_entry_msr_load_addr; u64 tsc_offset; u64 virtual_apic_page_addr; u64 apic_access_addr; u64 ept_pointer; u64 guest_physical_address; u64 vmcs_link_pointer; u64 guest_ia32_debugctl; u64 guest_ia32_pat; u64 guest_ia32_efer; u64 guest_pdptr0; u64 guest_pdptr1; u64 guest_pdptr2; u64 guest_pdptr3; u64 host_ia32_pat; u64 host_ia32_efer; u64 padding64[8]; /* room for future expansion */ natural_width cr0_guest_host_mask; natural_width cr4_guest_host_mask; natural_width cr0_read_shadow; natural_width cr4_read_shadow; natural_width dead_space[4]; /* Last remnants of cr3_target_value[0-3]. */ natural_width exit_qualification; natural_width guest_linear_address; natural_width guest_cr0; natural_width guest_cr3; natural_width guest_cr4; natural_width guest_es_base; natural_width guest_cs_base; natural_width guest_ss_base; natural_width guest_ds_base; natural_width guest_fs_base; natural_width guest_gs_base; natural_width guest_ldtr_base; natural_width guest_tr_base; natural_width guest_gdtr_base; natural_width guest_idtr_base; natural_width guest_dr7; natural_width guest_rsp; natural_width guest_rip; natural_width guest_rflags; natural_width guest_pending_dbg_exceptions; natural_width guest_sysenter_esp; natural_width guest_sysenter_eip; natural_width host_cr0; natural_width host_cr3; natural_width host_cr4; natural_width host_fs_base; natural_width host_gs_base; natural_width host_tr_base; natural_width host_gdtr_base; natural_width host_idtr_base; natural_width host_ia32_sysenter_esp; natural_width host_ia32_sysenter_eip; natural_width host_rsp; natural_width host_rip; natural_width paddingl[8]; /* room for future expansion */ u32 pin_based_vm_exec_control; u32 cpu_based_vm_exec_control; u32 exception_bitmap; u32 page_fault_error_code_mask; u32 page_fault_error_code_match; u32 cr3_target_count; u32 vm_exit_controls; u32 vm_exit_msr_store_count; u32 vm_exit_msr_load_count; u32 vm_entry_controls; u32 vm_entry_msr_load_count; u32 vm_entry_intr_info_field; u32 vm_entry_exception_error_code; u32 vm_entry_instruction_len; u32 tpr_threshold; u32 secondary_vm_exec_control; u32 vm_instruction_error; u32 vm_exit_reason; u32 vm_exit_intr_info; u32 vm_exit_intr_error_code; u32 idt_vectoring_info_field; u32 idt_vectoring_error_code; u32 vm_exit_instruction_len; u32 vmx_instruction_info; u32 guest_es_limit; u32 guest_cs_limit; u32 guest_ss_limit; u32 guest_ds_limit; u32 guest_fs_limit; u32 guest_gs_limit; u32 guest_ldtr_limit; u32 guest_tr_limit; u32 guest_gdtr_limit; u32 guest_idtr_limit; u32 guest_es_ar_bytes; u32 guest_cs_ar_bytes; u32 guest_ss_ar_bytes; u32 guest_ds_ar_bytes; u32 guest_fs_ar_bytes; u32 guest_gs_ar_bytes; u32 guest_ldtr_ar_bytes; u32 guest_tr_ar_bytes; u32 guest_interruptibility_info; u32 guest_activity_state; u32 guest_sysenter_cs; u32 host_ia32_sysenter_cs; u32 padding32[8]; /* room for future expansion */ u16 virtual_processor_id; u16 guest_es_selector; u16 guest_cs_selector; u16 guest_ss_selector; u16 guest_ds_selector; u16 guest_fs_selector; u16 guest_gs_selector; u16 guest_ldtr_selector; u16 guest_tr_selector; u16 host_es_selector; u16 host_cs_selector; u16 host_ss_selector; u16 host_ds_selector; u16 host_fs_selector; u16 host_gs_selector; u16 host_tr_selector; };”h]”hXAtypedef u64 natural_width; struct __packed vmcs12 { /* According to the Intel spec, a VMCS region must start with * these two user-visible fields */ u32 revision_id; u32 abort; u32 launch_state; /* set to 0 by VMCLEAR, to 1 by VMLAUNCH */ u32 padding[7]; /* room for future expansion */ u64 io_bitmap_a; u64 io_bitmap_b; u64 msr_bitmap; u64 vm_exit_msr_store_addr; u64 vm_exit_msr_load_addr; u64 vm_entry_msr_load_addr; u64 tsc_offset; u64 virtual_apic_page_addr; u64 apic_access_addr; u64 ept_pointer; u64 guest_physical_address; u64 vmcs_link_pointer; u64 guest_ia32_debugctl; u64 guest_ia32_pat; u64 guest_ia32_efer; u64 guest_pdptr0; u64 guest_pdptr1; u64 guest_pdptr2; u64 guest_pdptr3; u64 host_ia32_pat; u64 host_ia32_efer; u64 padding64[8]; /* room for future expansion */ natural_width cr0_guest_host_mask; natural_width cr4_guest_host_mask; natural_width cr0_read_shadow; natural_width cr4_read_shadow; natural_width dead_space[4]; /* Last remnants of cr3_target_value[0-3]. */ natural_width exit_qualification; natural_width guest_linear_address; natural_width guest_cr0; natural_width guest_cr3; natural_width guest_cr4; natural_width guest_es_base; natural_width guest_cs_base; natural_width guest_ss_base; natural_width guest_ds_base; natural_width guest_fs_base; natural_width guest_gs_base; natural_width guest_ldtr_base; natural_width guest_tr_base; natural_width guest_gdtr_base; natural_width guest_idtr_base; natural_width guest_dr7; natural_width guest_rsp; natural_width guest_rip; natural_width guest_rflags; natural_width guest_pending_dbg_exceptions; natural_width guest_sysenter_esp; natural_width guest_sysenter_eip; natural_width host_cr0; natural_width host_cr3; natural_width host_cr4; natural_width host_fs_base; natural_width host_gs_base; natural_width host_tr_base; natural_width host_gdtr_base; natural_width host_idtr_base; natural_width host_ia32_sysenter_esp; natural_width host_ia32_sysenter_eip; natural_width host_rsp; natural_width host_rip; natural_width paddingl[8]; /* room for future expansion */ u32 pin_based_vm_exec_control; u32 cpu_based_vm_exec_control; u32 exception_bitmap; u32 page_fault_error_code_mask; u32 page_fault_error_code_match; u32 cr3_target_count; u32 vm_exit_controls; u32 vm_exit_msr_store_count; u32 vm_exit_msr_load_count; u32 vm_entry_controls; u32 vm_entry_msr_load_count; u32 vm_entry_intr_info_field; u32 vm_entry_exception_error_code; u32 vm_entry_instruction_len; u32 tpr_threshold; u32 secondary_vm_exec_control; u32 vm_instruction_error; u32 vm_exit_reason; u32 vm_exit_intr_info; u32 vm_exit_intr_error_code; u32 idt_vectoring_info_field; u32 idt_vectoring_error_code; u32 vm_exit_instruction_len; u32 vmx_instruction_info; u32 guest_es_limit; u32 guest_cs_limit; u32 guest_ss_limit; u32 guest_ds_limit; u32 guest_fs_limit; u32 guest_gs_limit; u32 guest_ldtr_limit; u32 guest_tr_limit; u32 guest_gdtr_limit; u32 guest_idtr_limit; u32 guest_es_ar_bytes; u32 guest_cs_ar_bytes; u32 guest_ss_ar_bytes; u32 guest_ds_ar_bytes; u32 guest_fs_ar_bytes; u32 guest_gs_ar_bytes; u32 guest_ldtr_ar_bytes; u32 guest_tr_ar_bytes; u32 guest_interruptibility_info; u32 guest_activity_state; u32 guest_sysenter_cs; u32 host_ia32_sysenter_cs; u32 padding32[8]; /* room for future expansion */ u16 virtual_processor_id; u16 guest_es_selector; u16 guest_cs_selector; u16 guest_ss_selector; u16 guest_ds_selector; u16 guest_fs_selector; u16 guest_gs_selector; u16 guest_ldtr_selector; u16 guest_tr_selector; u16 host_es_selector; u16 host_cs_selector; u16 host_ss_selector; u16 host_ds_selector; u16 host_fs_selector; u16 host_gs_selector; u16 host_tr_selector; };”…””}”hj^sbah}”(h]”h ]”h"]”h$]”h&]”hÅhÆuh1j\h³hÇh´KUhjh²hubeh}”(h]”Œabis”ah ]”h"]”Œabis”ah$]”h&]”uh1hÈhhÊh²hh³hÇh´K7ubhÉ)”}”(hhh]”(hÎ)”}”(hŒAuthors”h]”hŒAuthors”…””}”(hjwh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhjth²hh³hÇh´KàubhŒdefinition_list”“”)”}”(hhh]”(hŒdefinition_list_item”“”)”}”(hŒáThese patches were written by: - Abel Gordon, abelg il.ibm.com - Nadav Har'El, nyh il.ibm.com - Orit Wasserman, oritw il.ibm.com - Ben-Ami Yassor, benami il.ibm.com - Muli Ben-Yehuda, muli il.ibm.com ”h]”(hŒterm”“”)”}”(hŒThese patches were written by:”h]”hŒThese patches were written by:”…””}”(hj’h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jh³hÇh´KçhjŒubhŒ definition”“”)”}”(hhh]”jµ)”}”(hhh]”(jº)”}”(hŒ"Abel Gordon, abelg il.ibm.com”h]”hï)”}”(hjªh]”hŒ"Abel Gordon, abelg il.ibm.com”…””}”(hj¬h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Kãhj¨ubah}”(h]”h ]”h"]”h$]”h&]”uh1j¹hj¥ubjº)”}”(hŒ!Nadav Har'El, nyh il.ibm.com”h]”hï)”}”(hjÁh]”hŒ#Nadav Har’El, nyh il.ibm.com”…””}”(hjÃh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Kähj¿ubah}”(h]”h ]”h"]”h$]”h&]”uh1j¹hj¥ubjº)”}”(hŒ%Orit Wasserman, oritw il.ibm.com”h]”hï)”}”(hjØh]”hŒ%Orit Wasserman, oritw il.ibm.com”…””}”(hjÚh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´KåhjÖubah}”(h]”h ]”h"]”h$]”h&]”uh1j¹hj¥ubjº)”}”(hŒ&Ben-Ami Yassor, benami il.ibm.com”h]”hï)”}”(hjïh]”hŒ&Ben-Ami Yassor, benami il.ibm.com”…””}”(hjñh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Kæhjíubah}”(h]”h ]”h"]”h$]”h&]”uh1j¹hj¥ubjº)”}”(hŒ&Muli Ben-Yehuda, muli il.ibm.com ”h]”hï)”}”(hŒ%Muli Ben-Yehuda, muli il.ibm.com”h]”hŒ%Muli Ben-Yehuda, muli il.ibm.com”…””}”(hjh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Kçhjubah}”(h]”h ]”h"]”h$]”h&]”uh1j¹hj¥ubeh}”(h]”h ]”h"]”h$]”h&]”jñjòuh1j´h³hÇh´Kãhj¢ubah}”(h]”h ]”h"]”h$]”h&]”uh1j hjŒubeh}”(h]”h ]”h"]”h$]”h&]”uh1jŠh³hÇh´Kçhj‡ubj‹)”}”(hŒ³With contributions by: - Anthony Liguori, aliguori us.ibm.com - Mike Day, mdday us.ibm.com - Michael Factor, factor il.ibm.com - Zvi Dubitzky, dubi il.ibm.com ”h]”(j‘)”}”(hŒWith contributions by:”h]”hŒWith contributions by:”…””}”(hj2h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jh³hÇh´Kíhj.ubj¡)”}”(hhh]”jµ)”}”(hhh]”(jº)”}”(hŒ)Anthony Liguori, aliguori us.ibm.com”h]”hï)”}”(hjHh]”hŒ)Anthony Liguori, aliguori us.ibm.com”…””}”(hjJh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´KêhjFubah}”(h]”h ]”h"]”h$]”h&]”uh1j¹hjCubjº)”}”(hŒMike Day, mdday us.ibm.com”h]”hï)”}”(hj_h]”hŒMike Day, mdday us.ibm.com”…””}”(hjah²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Këhj]ubah}”(h]”h ]”h"]”h$]”h&]”uh1j¹hjCubjº)”}”(hŒ&Michael Factor, factor il.ibm.com”h]”hï)”}”(hjvh]”hŒ&Michael Factor, factor il.ibm.com”…””}”(hjxh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Kìhjtubah}”(h]”h ]”h"]”h$]”h&]”uh1j¹hjCubjº)”}”(hŒ#Zvi Dubitzky, dubi il.ibm.com ”h]”hï)”}”(hŒ"Zvi Dubitzky, dubi il.ibm.com”h]”hŒ"Zvi Dubitzky, dubi il.ibm.com”…””}”(hjh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Kíhj‹ubah}”(h]”h ]”h"]”h$]”h&]”uh1j¹hjCubeh}”(h]”h ]”h"]”h$]”h&]”jñjòuh1j´h³hÇh´Kêhj@ubah}”(h]”h ]”h"]”h$]”h&]”uh1j hj.ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jŠh³hÇh´Kíhj‡h²hubj‹)”}”(hŒÁAnd valuable reviews by: - Avi Kivity, avi redhat.com - Gleb Natapov, gleb redhat.com - Marcelo Tosatti, mtosatti redhat.com - Kevin Tian, kevin.tian intel.com - and others.”h]”(j‘)”}”(hŒAnd valuable reviews by:”h]”hŒAnd valuable reviews by:”…””}”(hj¹h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jh³hÇh´Kóhjµubj¡)”}”(hhh]”jµ)”}”(hhh]”(jº)”}”(hŒAvi Kivity, avi redhat.com”h]”hï)”}”(hjÏh]”hŒAvi Kivity, avi redhat.com”…””}”(hjÑh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´KðhjÍubah}”(h]”h ]”h"]”h$]”h&]”uh1j¹hjÊubjº)”}”(hŒ"Gleb Natapov, gleb redhat.com”h]”hï)”}”(hjæh]”hŒ"Gleb Natapov, gleb redhat.com”…””}”(hjèh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Kñhjäubah}”(h]”h ]”h"]”h$]”h&]”uh1j¹hjÊubjº)”}”(hŒ)Marcelo Tosatti, mtosatti redhat.com”h]”hï)”}”(hjýh]”hŒ)Marcelo Tosatti, mtosatti redhat.com”…””}”(hjÿh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Kòhjûubah}”(h]”h ]”h"]”h$]”h&]”uh1j¹hjÊubjº)”}”(hŒ%Kevin Tian, kevin.tian intel.com”h]”hï)”}”(hjh]”hŒ%Kevin Tian, kevin.tian intel.com”…””}”(hjh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Kóhjubah}”(h]”h ]”h"]”h$]”h&]”uh1j¹hjÊubjº)”}”(hŒ and others.”h]”hï)”}”(hj+h]”hŒ and others.”…””}”(hj-h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Kôhj)ubah}”(h]”h ]”h"]”h$]”h&]”uh1j¹hjÊubeh}”(h]”h ]”h"]”h$]”h&]”jñjòuh1j´h³hÇh´KðhjÇubah}”(h]”h ]”h"]”h$]”h&]”uh1j hjµubeh}”(h]”h ]”h"]”h$]”h&]”uh1jŠh³hÇh´Kóhj‡h²hubeh}”(h]”h ]”h"]”h$]”h&]”uh1j…hjth²hh³Nh´Nubeh}”(h]”Œauthors”ah ]”h"]”Œauthors”ah$]”h&]”uh1hÈhhÊh²hh³hÇh´Kàubeh}”(h]”Œ nested-vmx”ah ]”h"]”Œ nested vmx”ah$]”h&]”uh1hÈhhh²hh³hÇh´Kubeh}”(h]”h ]”h"]”h$]”h&]”Œsource”hÇuh1hŒcurrent_source”NŒ current_line”NŒsettings”Œdocutils.frontend”ŒValues”“”)”}”(hÍNŒ generator”NŒ datestamp”NŒ source_link”NŒ source_url”NŒ toc_backlinks”Œentry”Œfootnote_backlinks”KŒ sectnum_xform”KŒstrip_comments”NŒstrip_elements_with_classes”NŒ strip_classes”NŒ report_level”KŒ halt_level”KŒexit_status_level”KŒdebug”NŒwarning_stream”NŒ traceback”ˆŒinput_encoding”Œ utf-8-sig”Œinput_encoding_error_handler”Œstrict”Œoutput_encoding”Œutf-8”Œoutput_encoding_error_handler”j‹Œerror_encoding”Œutf-8”Œerror_encoding_error_handler”Œbackslashreplace”Œ language_code”Œen”Œrecord_dependencies”NŒconfig”NŒ id_prefix”hŒauto_id_prefix”Œid”Œ dump_settings”NŒdump_internals”NŒdump_transforms”NŒdump_pseudo_xml”NŒexpose_internals”NŒstrict_visitor”NŒ_disable_config”NŒ_source”hÇŒ _destination”NŒ _config_files”]”Œ7/var/lib/git/docbuild/linux/Documentation/docutils.conf”aŒfile_insertion_enabled”ˆŒ raw_enabled”KŒline_length_limit”M'Œpep_references”NŒ pep_base_url”Œhttps://peps.python.org/”Œpep_file_url_template”Œpep-%04d”Œrfc_references”NŒ rfc_base_url”Œ&https://datatracker.ietf.org/doc/html/”Œ tab_width”KŒtrim_footnote_reference_space”‰Œsyntax_highlight”Œlong”Œ smart_quotes”ˆŒsmartquotes_locales”]”Œcharacter_level_inline_markup”‰Œdoctitle_xform”‰Œ docinfo_xform”KŒsectsubtitle_xform”‰Œ image_loading”Œlink”Œembed_stylesheet”‰Œcloak_email_addresses”ˆŒsection_self_link”‰Œenv”NubŒreporter”NŒindirect_targets”]”Œsubstitution_defs”}”Œsubstitution_names”}”Œrefnames”}”Œrefids”}”Œnameids”}”(jejbjYjVj€j}jþjûjqjnj]jZuŒ nametypes”}”(je‰jY‰j€‰jþ‰jq‰j]‰uh}”(jbhÊjVhÝj}j\jûjƒjnjjZjtuŒ footnote_refs”}”Œ citation_refs”}”Œ autofootnotes”]”Œautofootnote_refs”]”Œsymbol_footnotes”]”Œsymbol_footnote_refs”]”Œ footnotes”]”Œ citations”]”Œautofootnote_start”KŒsymbol_footnote_start”KŒ id_counter”Œ collections”ŒCounter”“”}”…”R”Œparse_messages”]”Œtransform_messages”]”Œ transformer”NŒ include_log”]”Œ decoration”Nh²hub.