Received: by 2002:ac0:a594:0:0:0:0:0 with SMTP id m20-v6csp2958370imm;
        Sun, 13 May 2018 00:54:13 -0700 (PDT)
X-Google-Smtp-Source: AB8JxZrsbZmIREeclPoCl5YJkrMMYqba+JDzENPp8Nq3IV7OQmbZjrxEVqMbutO/TWamU/LYCOVe
X-Received: by 2002:a62:f80c:: with SMTP id d12-v6mr5780345pfh.159.1526198053177;
        Sun, 13 May 2018 00:54:13 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1526198053; cv=none;
        d=google.com; s=arc-20160816;
        b=QklrDE6WLDPDVP3jk2ty7YawiEKu6tayA8/ljL+s+RD4A8EP11LlYhXrrxXG54HRUn
         fg3d4KcoVERNPM4WCKXYPW1c9m1Pb0kgyvJUqH5KjiV7XYRO6872yNv/nq1ekVfLI2ln
         vaUVBxlXCCGSfG9/0UQlJFf9MD+NtNobZVyFbT2rfT3ODSujbNcNcaiAEPykK8dJWoT4
         6AjppUkc3/g0LlAi3524oonT292PAbQ40PJiYwkQsIfQR261W0ePbCE1sawVxaJzuwa4
         iCPxNZKvBtT9An89zB8S+1ajieqdz5VRDAk5YQmnocW6+AI2o/vzYdJYar7xriUXZQF1
         JG6w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-disposition
         :content-transfer-encoding:subject:cc:to:from:date:message-id
         :mime-version:dkim-signature:arc-authentication-results;
        bh=F3sruQcoVBnjN1X4q65FXbnQ4ymLpiwQKHpuSWLimUI=;
        b=lLdZ998IzKJxBiLFJl5ukhQrA8QL9mzsLx/gZ7iIfaEoWKA4jAeB5H4oaqru+srdRe
         T51IYbUP3wS5IwxLi1zxKWXA5OlqsPV6/LjhlRe3VmY9t7TrWAXeMRML+m53cblEiE9x
         U3mGwaTMxn2jxK6sQYflsE5beKHGBn6lRS8q3FTc5ewGM9qIbS2nKzplQggJRMPK1vgy
         wQRUwPVNqpZCrwNbGuz9W+Z3/LUy5qEYXPyDhESlXrCWOzurYqgqWRDp9sw7E6eiAGJu
         x7nawdgcPLWE2VIGKZH9cqSYYYq8lra36ot8z4RCzvaiDJFE1dS03ywzt1D09djEv60I
         8M1w==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=sGcvUUbj;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id c1-v6si6805069plz.307.2018.05.13.00.53.48;
        Sun, 13 May 2018 00:54:13 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=sGcvUUbj;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751293AbeEMHxj (ORCPT <rfc822;plaguedbypenguins@gmail.com>
        + 99 others); Sun, 13 May 2018 03:53:39 -0400
Received: from aserp2120.oracle.com ([141.146.126.78]:46730 "EHLO
        aserp2120.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751022AbeEMHxh (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sun, 13 May 2018 03:53:37 -0400
Received: from pps.filterd (aserp2120.oracle.com [127.0.0.1])
        by aserp2120.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w4D7pEK9189670;
        Sun, 13 May 2018 07:53:12 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=mime-version :
 message-id : date : from : to : cc : subject : content-type :
 content-transfer-encoding; s=corp-2017-10-26;
 bh=F3sruQcoVBnjN1X4q65FXbnQ4ymLpiwQKHpuSWLimUI=;
 b=sGcvUUbj13S7tIBr6jGCsVCFPQ/kJUvjZszJ4WnFnzAauDcXU27VG1Fgz8nqWB+Mq88l
 8qfAzE2VWb6QdH7Tb/XqzxvMFiv8vVRv5uhcIL97289sLKQgODRzIlaLUH3B34d7w/ty
 Tuoz1tTlcGONWRm9VXtVdx+QJKWX8BnXZIkx/gxCw+Bo0vzSBo2xacVgSVct1UYnd6kv
 qWcA8Ql+Gd9W/2hFDCnvjq3ekcRJN/wnmF2lI5zkQmG//v4CBqMCdU52SpNsGX1N8+W/
 6ohdvrn0YfLVum8/OHC6gYYK5LVNDF4481N1Gjv0u4XKuesFTmJswg3AMEW8IikH4dRJ vA== 
Received: from userv0022.oracle.com (userv0022.oracle.com [156.151.31.74])
        by aserp2120.oracle.com with ESMTP id 2hx29vrupp-1
        (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
        Sun, 13 May 2018 07:53:12 +0000
Received: from aserv0121.oracle.com (aserv0121.oracle.com [141.146.126.235])
        by userv0022.oracle.com (8.14.4/8.14.4) with ESMTP id w4D7rB29022573
        (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
        Sun, 13 May 2018 07:53:11 GMT
Received: from abhmp0010.oracle.com (abhmp0010.oracle.com [141.146.116.16])
        by aserv0121.oracle.com (8.14.4/8.13.8) with ESMTP id w4D7rBFQ017365;
        Sun, 13 May 2018 07:53:11 GMT
MIME-Version: 1.0
Message-ID: <dface5bf-04f4-439a-86d1-df301eec1974@default>
Date:   Sun, 13 May 2018 00:53:10 -0700 (PDT)
From:   Liran Alon <liran.alon@oracle.com>
To:     <kernellwp@gmail.com>
Cc:     <rkrcmar@redhat.com>, <pbonzini@redhat.com>,
        <linux-kernel@vger.kernel.org>, <kvm@vger.kernel.org>,
        <junaids@google.com>
Subject: Re: [PATCH 1/2] KVM: X86: Fix CR3 reserve bits
X-Mailer: Zimbra on Oracle Beehive
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8891 signatures=668698
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=1 malwarescore=0
 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=739
 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.0.1-1711220000 definitions=main-1805130083
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org


----- kernellwp@gmail.com wrote:

> From: Wanpeng Li <wanpengli@tencent.com>
>=20
> MSB of CR3 is a reserved bit if the PCIDE bit is not set in CR4.=20
> It should be checked when PCIDE bit is not set, however commit=20
> 'd1cd3ce900441 ("KVM: MMU: check guest CR3 reserved bits based on=20
> its physical address width")' removes the bit 63 checking=20
> unconditionally. This patch fixes it by checking bit 63 of CR3=20
> when PCIDE bit is not set in CR4.
>=20
> Fixes: d1cd3ce900441 (KVM: MMU: check guest CR3 reserved bits based on
> its physical address width)
> Cc: Paolo Bonzini <pbonzini@redhat.com>
> Cc: Radim Kr=C4=8Dm=C3=A1=C5=99 <rkrcmar@redhat.com>
> Cc: Junaid Shahid <junaids@google.com>
> Signed-off-by: Wanpeng Li <wanpengli@tencent.com>
> ---
>  arch/x86/kvm/emulate.c | 4 +++-
>  arch/x86/kvm/x86.c     | 2 +-
>  2 files changed, 4 insertions(+), 2 deletions(-)
>=20
> diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c
> index b3705ae..b21f427 100644
> --- a/arch/x86/kvm/emulate.c
> +++ b/arch/x86/kvm/emulate.c
> @@ -4189,7 +4189,9 @@ static int check_cr_write(struct
> x86_emulate_ctxt *ctxt)
>  =09=09=09=09maxphyaddr =3D eax & 0xff;
>  =09=09=09else
>  =09=09=09=09maxphyaddr =3D 36;
> -=09=09=09rsvd =3D rsvd_bits(maxphyaddr, 62);
> +=09=09=09if (ctxt->ops->get_cr(ctxt, 4) & X86_CR4_PCIDE)
> +=09=09=09=09new_val &=3D ~CR3_PCID_INVD;
> +=09=09=09rsvd =3D rsvd_bits(maxphyaddr, 63);

I would prefer instead to do this:
if (ctxt->ops->get_cr(ctxt, 4) & X86_CR4_PCIDE)
    rsvd &=3D ~CR3_PCID_INVD;
It makes more sense as opposed to temporary removing the CR3_PCID_INVD bit =
from new_val.

>  =09=09}
> =20
>  =09=09if (new_val & rsvd)
> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> index 87e4805..9a90668 100644
> --- a/arch/x86/kvm/x86.c
> +++ b/arch/x86/kvm/x86.c
> @@ -863,7 +863,7 @@ int kvm_set_cr3(struct kvm_vcpu *vcpu, unsigned
> long cr3)
>  =09}
> =20
>  =09if (is_long_mode(vcpu) &&
> -=09    (cr3 & rsvd_bits(cpuid_maxphyaddr(vcpu), 62)))
> +=09    (cr3 & rsvd_bits(cpuid_maxphyaddr(vcpu), 63)))
>  =09=09return 1;
>  =09else if (is_pae(vcpu) && is_paging(vcpu) &&
>  =09=09   !load_pdptrs(vcpu, vcpu->arch.walk_mmu, cr3))
> --=20
> 2.7.4