Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp2458577ybt; Sun, 21 Jun 2020 21:34:50 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxeT3uPtnhXsrEmD3CWs+LfwtksOIM8gmi95xVbuk+NtOg949VZ0jBIVy8XB/N25TgSV0b0 X-Received: by 2002:a50:fe0d:: with SMTP id f13mr15541525edt.204.1592800490050; Sun, 21 Jun 2020 21:34:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1592800490; cv=none; d=google.com; s=arc-20160816; b=sHDiG1lj2O9aafqZs2YbMZhbR0pdZcWrKPsO9jZtJwFGdRrtd4mpHVgxeiOrIKd9lt 6pfjNMwrqS4a6GFQ95GtkWAPULWmjziBAlxAY3HxtUTZCLE58FZexE2fgVNIhBK0zx3t r/1lrd9Vg4nGoD9q5M12v/u6avDwZOJ21nNuBdfIQJ3EoZhHa+fWzo6VkgQfd1PI0u8Q uSftT0jxV4TKtah3bGIiFcxflkQ1ouAbzlqfYYBj35t4+szqWBj+wZMHjXuMMfMVhw4l 7KE6pBYr6xPmqHYGwIgFSj1h6DScPMhxGr5Bmf+XtdcCAlwA8zyt0VmwFk4qamkB9D5e bPFQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:ironport-sdr:ironport-sdr; bh=PKyFT3QUEBQM5ln44DQdwBo90ezg0bmxu2NAAFrjDIs=; b=u4mGWyMUnvzx18cFbmhyo1tvVVwJJz6OYzc1CkEniYUcJuDPGCyLvgWcI5yAq4SQ/b UsJUohOcpmVB0BJqzJWHztL2PQm/C5JN0+1DOznHsagiBNIWoHkontusA8iMVXS3ukLL njNKz/f1lo44Ltyuj45MxS7gSZCyA2Cs06jJvnjwDqLdsnLU33UEPw5Ocn+1IuMl7UkM TlJJnfpMV7CJbXBisapDwcdopiCtjVib1D2SkxiFy6ghAbET7qzx1T/xoJ6OAUXG68Le lAbdwKmPY/OroFpB7KWtmtMpr8z8kKlT8zgPQc36d1X3FTJMpAOUDrzZpb5nopQ2Eq/N qq4Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id i5si2820627ejb.510.2020.06.21.21.34.27; Sun, 21 Jun 2020 21:34:50 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726061AbgFVEcS (ORCPT + 99 others); Mon, 22 Jun 2020 00:32:18 -0400 Received: from mga11.intel.com ([192.55.52.93]:48287 "EHLO mga11.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725934AbgFVEcS (ORCPT ); Mon, 22 Jun 2020 00:32:18 -0400 IronPort-SDR: IfrdkJvhcBZLZ3jS64wy9VAfIq+HU6oT5f5lmyaCZJoVXGexJmj1Ez6rSGroQPyoMK0z6BNXWN D31BeQLPf/Zw== X-IronPort-AV: E=McAfee;i="6000,8403,9659"; a="141922171" X-IronPort-AV: E=Sophos;i="5.75,265,1589266800"; d="scan'208";a="141922171" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 Jun 2020 21:32:17 -0700 IronPort-SDR: Yx+XOhfbkDOqzLdXMgDXDVJRW7YxbzqttsA38FgTYJQeoyfz/be9ut09lQUtW8CFVuu0vnn6Pk /qkeAr3ahYgA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.75,265,1589266800"; d="scan'208";a="262860550" Received: from yy-desk-7060.sh.intel.com (HELO localhost) ([10.239.159.127]) by fmsmga007.fm.intel.com with ESMTP; 21 Jun 2020 21:32:14 -0700 Date: Mon, 22 Jun 2020 12:32:14 +0800 From: Yuan Yao To: Mohammed Gamal Cc: kvm@vger.kernel.org, pbonzini@redhat.com, linux-kernel@vger.kernel.org, vkuznets@redhat.com, sean.j.christopherson@intel.com, wanpengli@tencent.com, jmattson@google.com, joro@8bytes.org, thomas.lendacky@amd.com, babu.moger@amd.com Subject: Re: [PATCH v2 00/11] KVM: Support guest MAXPHYADDR < host MAXPHYADDR Message-ID: <20200622043214.2qy4iteismo45lbb@yy-desk-7060> References: <20200619153925.79106-1-mgamal@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200619153925.79106-1-mgamal@redhat.com> User-Agent: NeoMutt/20171215 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Jun 19, 2020 at 05:39:14PM +0200, Mohammed Gamal wrote: > When EPT/NPT is enabled, KVM does not really look at guest physical > address size. Address bits above maximum physical memory size are reserved. > Because KVM does not look at these guest physical addresses, it currently > effectively supports guest physical address sizes equal to the host. > > This can be problem when having a mixed setup of machines with 5-level page > tables and machines with 4-level page tables, as live migration can change > MAXPHYADDR while the guest runs, which can theoretically introduce bugs. > > In this patch series we add checks on guest physical addresses in EPT > violation/misconfig and NPF vmexits and if needed inject the proper > page faults in the guest. > > A more subtle issue is when the host MAXPHYADDR is larger than that of the > guest. Page faults caused by reserved bits on the guest won't cause an EPT > violation/NPF and hence we also check guest MAXPHYADDR and add PFERR_RSVD_MASK > error code to the page fault if needed. > > The last 3 patches (i.e. SVM bits and patch 11) are not intended for > immediate inclusion and probably need more discussion. > We've been noticing some unexpected behavior in handling NPF vmexits > on AMD CPUs (see individual patches for details), and thus we are > proposing a workaround (see last patch) that adds a capability that > userspace can use to decide who to deal with hosts that might have > issues supprting guest MAXPHYADDR < host MAXPHYADDR. > > > Mohammed Gamal (7): > KVM: x86: Add helper functions for illegal GPA checking and page fault > injection > KVM: x86: mmu: Move translate_gpa() to mmu.c > KVM: x86: mmu: Add guest physical address check in translate_gpa() > KVM: VMX: Add guest physical address check in EPT violation and > misconfig > KVM: SVM: introduce svm_need_pf_intercept > KVM: SVM: Add guest physical address check in NPF/PF interception > KVM: x86: SVM: VMX: Make GUEST_MAXPHYADDR < HOST_MAXPHYADDR support > configurable > > Paolo Bonzini (4): > KVM: x86: rename update_bp_intercept to update_exception_bitmap > KVM: x86: update exception bitmap on CPUID changes > KVM: VMX: introduce vmx_need_pf_intercept > KVM: VMX: optimize #PF injection when MAXPHYADDR does not match > > arch/x86/include/asm/kvm_host.h | 10 ++------ > arch/x86/kvm/cpuid.c | 2 ++ > arch/x86/kvm/mmu.h | 6 +++++ > arch/x86/kvm/mmu/mmu.c | 12 +++++++++ > arch/x86/kvm/svm/svm.c | 41 +++++++++++++++++++++++++++--- > arch/x86/kvm/svm/svm.h | 6 +++++ > arch/x86/kvm/vmx/nested.c | 28 ++++++++++++-------- > arch/x86/kvm/vmx/vmx.c | 45 +++++++++++++++++++++++++++++---- > arch/x86/kvm/vmx/vmx.h | 6 +++++ > arch/x86/kvm/x86.c | 29 ++++++++++++++++++++- > arch/x86/kvm/x86.h | 1 + > include/uapi/linux/kvm.h | 1 + > 12 files changed, 158 insertions(+), 29 deletions(-) > > -- > 2.26.2 >