|
Last change
on this file was 109090, checked in by vboxsync, 12 days ago |
|
Docs: bugref:10705. The following commits from doc's team git repo has been applied:
ae80a681fb1658b2e20ff12a36588811c14dfe67 Updated description of network types
4779d5f23ada981651803eb1ab029ae19f3394db Added - Shared Folders can't be used on Arm VMs running Windows
42ff285f84faa143fc53a3678b1a28a0cae68705 Started minor updates to security section
5bb1fe545161ec7211b842952221dee2021a6645 Fixed spacing
86c3d9a9eb8c807907fe3977b100712d8717a0bb Included Vadim's feedback
4117e15a9d3304ed6f011a45ad3d85b1783248bc Minor updates to security guide
67f46d035bca90c2bd0dc518456b5f4734a8f1da Updates from Vadim
|
-
Property svn:eol-style
set to
native
-
Property svn:keywords
set to
Author Date Id Revision
|
|
File size:
963 bytes
|
| Line | |
|---|
| 1 | <?xml version='1.0' encoding='UTF-8'?>
|
|---|
| 2 | <!DOCTYPE topic PUBLIC "-//OASIS//DTD DITA Topic//EN" "topic.dtd">
|
|---|
| 3 | <topic xml:lang="en-us" id="disable-nested-paging-mitigation">
|
|---|
| 4 | <title>Disable Nested Paging</title>
|
|---|
| 5 |
|
|---|
| 6 | <body>
|
|---|
| 7 | <p>By disabling nested paging (EPT), the VMM will construct page tables shadowing the ones in the guest. It is not possible for the guest to insert anything suspicious into the page tables, since the VMM carefully validates each entry before shadowing it.</p>
|
|---|
| 8 | <p>As a side effect of disabling nested paging, several CPU features will not be made available to the guest. Among these features are AVX, AVX2, XSAVE, AESNI, and POPCNT. Not all guests may be able to cope with dropping these features after installation. Also, for some guests, especially in SMP configurations, there could be stability issues arising from disabling nested paging. Finally, some workloads may experience a performance degradation.</p>
|
|---|
| 9 | </body>
|
|---|
| 10 |
|
|---|
| 11 | </topic>
|
|---|
Note:
See
TracBrowser
for help on using the repository browser.
