Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1755135AbdCJIHV (ORCPT <rfc822;w@1wt.eu>);
        Fri, 10 Mar 2017 03:07:21 -0500
Received: from mga09.intel.com ([134.134.136.24]:44334 "EHLO mga09.intel.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1753863AbdCJIHT (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 10 Mar 2017 03:07:19 -0500
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.36,139,1486454400"; 
   d="scan'208";a="58507484"
Subject: Re: [PATCH RFC 0/4] 5-level EPT
To: Paolo Bonzini <pbonzini@redhat.com>,
        "Li, Liang Z" <liang.z.li@intel.com>,
        "kvm@vger.kernel.org" <kvm@vger.kernel.org>
References: <1483003563-25847-1-git-send-email-liang.z.li@intel.com>
 <9ddf602b-6c8b-8c1e-ab46-07ed12366593@redhat.com>
 <F2CBF3009FA73547804AE4C663CAB28E3C35386E@shsmsx102.ccr.corp.intel.com>
 <f3d8ffc8-c719-0999-3d55-d791def51e4f@redhat.com>
Cc: "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        "tglx@linutronix.de" <tglx@linutronix.de>,
        "mingo@redhat.com" <mingo@redhat.com>,
        "kirill.shutemov@linux.intel.com" <kirill.shutemov@linux.intel.com>,
        "dave.hansen@linux.intel.com" <dave.hansen@linux.intel.com>,
        "guangrong.xiao@linux.intel.com" <guangrong.xiao@linux.intel.com>,
        "rkrcmar@redhat.com" <rkrcmar@redhat.com>,
        "Neiger, Gil" <gil.neiger@intel.com>,
        "Lai, Paul C" <paul.c.lai@intel.com>
From: Yu Zhang <yu.c.zhang@linux.intel.com>
Message-ID: <58C25D1A.3030001@linux.intel.com>
Date: Fri, 10 Mar 2017 16:00:26 +0800
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101
 Thunderbird/38.5.0
MIME-Version: 1.0
In-Reply-To: <f3d8ffc8-c719-0999-3d55-d791def51e4f@redhat.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 2859
Lines: 62



On 3/9/2017 10:16 PM, Paolo Bonzini wrote:
>
> On 17/01/2017 03:18, Li, Liang Z wrote:
>>> On 29/12/2016 10:25, Liang Li wrote:
>>>> x86-64 is currently limited physical address width to 46 bits, which
>>>> can support 64 TiB of memory. Some vendors require to support more for
>>>> some use case. Intel plans to extend the physical address width to
>>>> 52 bits in some of the future products.
>>>>
>>>> The current EPT implementation only supports 4 level page table, which
>>>> can support maximum 48 bits physical address width, so it's needed to
>>>> extend the EPT to 5 level to support 52 bits physical address width.
>>>>
>>>> This patchset has been tested in the SIMICS environment for 5 level
>>>> paging guest, which was patched with Kirill's patchset for enabling
>>>> 5 level page table, with both the EPT and shadow page support. I just
>>>> covered the booting process, the guest can boot successfully.
>>>>
>>>> Some parts of this patchset can be improved. Any comments on the
>>>> design or the patches would be appreciated.
>>> I will review the patches.  They seem fairly straightforward.
>>>
>>> However, I am worried about the design of the 5-level page table feature
>>> with respect to migration.
>>>
>>> Processors that support the new LA57 mode can write 57-canonical/48-
>>> noncanonical linear addresses to some registers even when LA57 mode is
>>> inactive.  This is true even of unprivileged instructions, in particular
>>> WRFSBASE/WRGSBASE.
>>>
>>> This is fairly bad because, if a guest performs such a write (because of a bug
>>> or because of malice), it will not be possible to migrate the virtual machine to
>>> a machine that lacks LA57 mode.
>>>
>>> Ordinarily, hypervisors trap CPUID to hide features that are only present in
>>> some processors of a heterogeneous cluster, and the hypervisor also traps
>>> for example CR4 writes to prevent enabling features that were masked away.
>>> In this case, however, the only way for the hypervisor to prevent the write
>>> would be to run the guest with
>>> CR4.FSGSBASE=0 and trap all executions of WRFSBASE/WRGSBASE.  This
>>> might have negative effects on performance for workloads that use the
>>> instructions.
>>>
>>> Of course, this is a problem even without your patches.  However, I think it
>>> should be addressed first.  I am seriously thinking of blacklisting FSGSBASE
>>> completely on LA57 machines until the above is fixed in hardware.
>>>
>>> Paolo
>> The issue has already been forwarded to the hardware guys, still waiting for the feedback.
> Going to review this now.  Any news?

Thanks for your reivew, Paolo.
This is Yu Zhang from Intel. I'll pick up this 5 level ept feature, and 
will try to address your comments next. :-)
Now I am learning Liang's code and trying to bring VM up with Kirill's 
native 5 level paging code integrated.

Yu
> Paolo
>