Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp586047ybt; Fri, 19 Jun 2020 08:45:15 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwD6RguQ4cvyQBvjBv0BZSR2cKBaAu4/Dlv+3G5bgjPFTwn+QLRTQqJie5a8XuWvgqNwhxw X-Received: by 2002:a50:ec0f:: with SMTP id g15mr4026556edr.359.1592581514784; Fri, 19 Jun 2020 08:45:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1592581514; cv=none; d=google.com; s=arc-20160816; b=AhfQMmPxcUeUjqphx6heRBwXME1dx/IRJWyVI4dhdwnxkmMpinUI93ikQA9CeV7WAn mAI6UbgunjAil7exKAsn/LXRfRNvk4mqM8dC3ZxirwIsXzqccXYbqz7w2ChdVHgF+bMP sb4xEX+8jPowj5I/KUfwUl6ll4YAd4tWNUckMefaFmjYPYwJxgMmfsoH6soAB8DERm2D Ymt67Q4Z8eryA27dRJwsDirzKHQdxHOo5qfmnRMryANsjE4EH7Hngrn15uN3vtRRD0Z0 WQD2J+4hmgqtvTHQzpMa8+zsTRYriGMLLTx2oMY6Idtkxiuopkg8kW7jSqfVdA/rHDWh dpeA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=ApAwRnIqoKoWTTJBXjZG+FIZOjIxYSpaUm7PAr6FKp4=; b=FXeTspKJp0vte8UBeI/mGfvensmqV6ByOoTAeie7Z4lC4dYEO3Bzn7F6kOhwmjM3bE 1DEo0BGT17uWc3qdS9v90J1+vJs3zfZ3hUK20ROc7M+l9WeAPwFKEzYJZF1VbDU+lL6/ BUpMAIT7XsiwfawPsKketX+A7CmplDETwrejTqgNPJv7DEVrxzUBxrbqES3Eu04RF2mZ ecLjGS1y8SXFTvCZc4dAV+1ZMG7wXT5IbKhF9nb+ZFhID2Zw1uccNe9loRUIV997vV0f vfBywzLZdpRp5umZaR6k38RkwbF7GgpoBmR1pbeCM3LiUSUm0uh/rp9dE8FRMNYBrK3T 6elg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=FgbMGbaN; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id li7si3864898ejb.607.2020.06.19.08.44.52; Fri, 19 Jun 2020 08:45:14 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=FgbMGbaN; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2404711AbgFSPmX (ORCPT + 99 others); Fri, 19 Jun 2020 11:42:23 -0400 Received: from us-smtp-1.mimecast.com ([205.139.110.61]:21585 "EHLO us-smtp-delivery-1.mimecast.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S2393535AbgFSPjx (ORCPT ); Fri, 19 Jun 2020 11:39:53 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1592581191; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=ApAwRnIqoKoWTTJBXjZG+FIZOjIxYSpaUm7PAr6FKp4=; b=FgbMGbaNrri7g0e8F0ed/VWy4BULI0vu6/CDqeBg/tZhR3Mk4DBfOt9+y0YxAjuBxyctOq PiBS8E/yKKnH6GIAcyCe+EsxKjt2MfOS0LEw3kDv6au3h1m7aN08DtfpdNYWBtbrm/o5D+ bkLxm8iatMVeMxZubCXUpjrWQb+3Jlk= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-506-T7shlh7sO1iy-CaAz7ymvA-1; Fri, 19 Jun 2020 11:39:50 -0400 X-MC-Unique: T7shlh7sO1iy-CaAz7ymvA-1 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 7A53F81EDED; Fri, 19 Jun 2020 15:39:34 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-112-254.ams2.redhat.com [10.36.112.254]) by smtp.corp.redhat.com (Postfix) with ESMTP id 3C18460BF4; Fri, 19 Jun 2020 15:39:27 +0000 (UTC) From: Mohammed Gamal To: kvm@vger.kernel.org, pbonzini@redhat.com Cc: linux-kernel@vger.kernel.org, vkuznets@redhat.com, sean.j.christopherson@intel.com, wanpengli@tencent.com, jmattson@google.com, joro@8bytes.org, thomas.lendacky@amd.com, babu.moger@amd.com, Mohammed Gamal Subject: [PATCH v2 00/11] KVM: Support guest MAXPHYADDR < host MAXPHYADDR Date: Fri, 19 Jun 2020 17:39:14 +0200 Message-Id: <20200619153925.79106-1-mgamal@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org When EPT/NPT is enabled, KVM does not really look at guest physical address size. Address bits above maximum physical memory size are reserved. Because KVM does not look at these guest physical addresses, it currently effectively supports guest physical address sizes equal to the host. This can be problem when having a mixed setup of machines with 5-level page tables and machines with 4-level page tables, as live migration can change MAXPHYADDR while the guest runs, which can theoretically introduce bugs. In this patch series we add checks on guest physical addresses in EPT violation/misconfig and NPF vmexits and if needed inject the proper page faults in the guest. A more subtle issue is when the host MAXPHYADDR is larger than that of the guest. Page faults caused by reserved bits on the guest won't cause an EPT violation/NPF and hence we also check guest MAXPHYADDR and add PFERR_RSVD_MASK error code to the page fault if needed. The last 3 patches (i.e. SVM bits and patch 11) are not intended for immediate inclusion and probably need more discussion. We've been noticing some unexpected behavior in handling NPF vmexits on AMD CPUs (see individual patches for details), and thus we are proposing a workaround (see last patch) that adds a capability that userspace can use to decide who to deal with hosts that might have issues supprting guest MAXPHYADDR < host MAXPHYADDR. Mohammed Gamal (7): KVM: x86: Add helper functions for illegal GPA checking and page fault injection KVM: x86: mmu: Move translate_gpa() to mmu.c KVM: x86: mmu: Add guest physical address check in translate_gpa() KVM: VMX: Add guest physical address check in EPT violation and misconfig KVM: SVM: introduce svm_need_pf_intercept KVM: SVM: Add guest physical address check in NPF/PF interception KVM: x86: SVM: VMX: Make GUEST_MAXPHYADDR < HOST_MAXPHYADDR support configurable Paolo Bonzini (4): KVM: x86: rename update_bp_intercept to update_exception_bitmap KVM: x86: update exception bitmap on CPUID changes KVM: VMX: introduce vmx_need_pf_intercept KVM: VMX: optimize #PF injection when MAXPHYADDR does not match arch/x86/include/asm/kvm_host.h | 10 ++------ arch/x86/kvm/cpuid.c | 2 ++ arch/x86/kvm/mmu.h | 6 +++++ arch/x86/kvm/mmu/mmu.c | 12 +++++++++ arch/x86/kvm/svm/svm.c | 41 +++++++++++++++++++++++++++--- arch/x86/kvm/svm/svm.h | 6 +++++ arch/x86/kvm/vmx/nested.c | 28 ++++++++++++-------- arch/x86/kvm/vmx/vmx.c | 45 +++++++++++++++++++++++++++++---- arch/x86/kvm/vmx/vmx.h | 6 +++++ arch/x86/kvm/x86.c | 29 ++++++++++++++++++++- arch/x86/kvm/x86.h | 1 + include/uapi/linux/kvm.h | 1 + 12 files changed, 158 insertions(+), 29 deletions(-) -- 2.26.2