Received: by 2002:a05:6a10:6744:0:0:0:0 with SMTP id w4csp350099pxu; Fri, 23 Oct 2020 02:24:34 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyWUqiEQa1ZhhXjpRYWy8Be7NR0aXZbbr7Gg/VIJk9RGOeZNuSri6UMyvATFZR5eP8n42hf X-Received: by 2002:a05:6402:142a:: with SMTP id c10mr1297398edx.261.1603445073950; Fri, 23 Oct 2020 02:24:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1603445073; cv=none; d=google.com; s=arc-20160816; b=erTj71dMxxzqpjPJjKG2LzLVws+9+/eSSIj9W79/nTAApNqOC+7GEijEMSTa+FQJfT AyD9AmTokUE/7BCFyS1aGNtLS+X9f8SOpBfFLG5652Pl1qmqs6KGzovihCZgy6o36VSH D3fsbadYIvVDitGQPYzhUn5K/thINtgVnLhX6orP79Vnl7tdgu92YqaoJDJEmHgFexkW rwhp2vKQF7p3G4x7/xnyGMIq2k22hLTZEYeytdde+XxtPbpf6xsRJRraw+sasAzk80pz IlLRPUSn1wKrlejMeZlo1U3bvVB0+zMwCXaCXDUBeG25HihBg24mRdyXUYheqoKH5NNd WqHA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:subject:from :references:cc:to:dkim-signature; bh=zFy8cKDrlOK1vlR1rPZ1yB4Mtk+7r9jVofEsE3/FjNs=; b=Cq11WTc4KXj7BDWfD/n8hWFUPPPPSy86cB4LmziK5ByTVs1F7sEUMwLup9jq/s+Bac 3tjruIUkrsgPnJoW4FYqPW8wTrU7w7k2RmQjX0uMgTlMrCSAZF4Te0lzzPL3sA2l+g1E GqrRQscIzBAHUcPBdd02YGSh8tyC8yjTpmYm2GFcXV8SY41dg4g4Ck8XUHOWUHHG2SK2 0g43KLiRZg+tFfSj1qoOJ93I10ewXYyrBuRA5JXrjGqS7K7DC7M45Tb+vHYNqW0Ss9wn sLKQViZDkpcX4Sl2RA6f+Ly98lxGUpd45OoyrGI6/wYrHmrv1ufwE10+D6GB/XhC07m+ sn0A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=WZhse79o; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id q1si389688eds.359.2020.10.23.02.24.11; Fri, 23 Oct 2020 02:24:33 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=WZhse79o; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S461366AbgJWJWa (ORCPT + 99 others); Fri, 23 Oct 2020 05:22:30 -0400 Received: from us-smtp-delivery-124.mimecast.com ([63.128.21.124]:35077 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S461313AbgJWJW3 (ORCPT ); Fri, 23 Oct 2020 05:22:29 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1603444948; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=zFy8cKDrlOK1vlR1rPZ1yB4Mtk+7r9jVofEsE3/FjNs=; b=WZhse79o2PD+XYU6fUFocjqEkzk/uQw7bvpdElUMZ6q+z32yWMQ6p8rBidhzTQ1llKN+bz EP2PtnPGzWJfyZal9Arpo5/uML4X0ND01giTtlv1YeZ7S3C8jLAr9Kz5bS7A+3Gb7tlXUH 9+TKNAwuW33qEK0wnUp8m7kME0qcqAU= Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com [209.85.128.71]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-216-u01CMOkIOVG5IUBmPhG-6w-1; Fri, 23 Oct 2020 05:22:26 -0400 X-MC-Unique: u01CMOkIOVG5IUBmPhG-6w-1 Received: by mail-wm1-f71.google.com with SMTP id y13so127588wmj.7 for ; Fri, 23 Oct 2020 02:22:26 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:to:cc:references:from:subject:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=zFy8cKDrlOK1vlR1rPZ1yB4Mtk+7r9jVofEsE3/FjNs=; b=qW7mikR8nSx0oREOy1I/nGIz0Kba82WFA62wRPHkC/W66wzc2Xi+aeGrtvoOZwFu/q hWn8D0jexKnStNoZSzbUmBruH9eey5oyVA7+2HqOay24nxTsPNIt7A4TXGyqNNnOym2D aQ/JrFQt+vOjSmkXijfXuC0+s3JIp6Snb1A8AcSdNR5BY/JXXXt20j8jU8F5qfxJEV3T yF6mUWd+vQSMqT+yNNaounrFILxpjil1PvBo64ndJ2rqt08mge75gj+5FJ+nouInaoew ly9+NwyKah01x9i03ppcaGMBUS9FVPjVxwiKKCP5tmyNdKu/cVahuyYKhc0ts4mOdpMz f1CA== X-Gm-Message-State: AOAM531qhOI3eWkeCnFQ2weGQ7jwIIKoXVfQH7oTtbLCgAbnFWSIWUyF kPefiTzA3ebvk6F4W3Sc8lWEU3dv8OvD6ZP8k8mVLC2tO7nRa9g/qWyCrDsXa5Z4yn86aa28SVa HZCDpXUa5r7oDiT5cGMvVPNU6 X-Received: by 2002:adf:f4ca:: with SMTP id h10mr1528196wrp.89.1603444944947; Fri, 23 Oct 2020 02:22:24 -0700 (PDT) X-Received: by 2002:adf:f4ca:: with SMTP id h10mr1528179wrp.89.1603444944727; Fri, 23 Oct 2020 02:22:24 -0700 (PDT) Received: from ?IPv6:2001:b07:6468:f312:c8dd:75d4:99ab:290a? ([2001:b07:6468:f312:c8dd:75d4:99ab:290a]) by smtp.gmail.com with ESMTPSA id 205sm2081202wme.38.2020.10.23.02.22.23 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 23 Oct 2020 02:22:24 -0700 (PDT) To: Sean Christopherson , Jim Mattson Cc: Mohammed Gamal , kvm list , LKML , Vitaly Kuznetsov , Wanpeng Li , Joerg Roedel References: <20200710154811.418214-1-mgamal@redhat.com> <20200710154811.418214-8-mgamal@redhat.com> <20201023031433.GF23681@linux.intel.com> From: Paolo Bonzini Subject: Re: [PATCH v3 7/9] KVM: VMX: Add guest physical address check in EPT violation and misconfig Message-ID: <498cfe12-f3e4-c4a2-f36b-159ccc10cdc4@redhat.com> Date: Fri, 23 Oct 2020 11:22:23 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.3.1 MIME-Version: 1.0 In-Reply-To: <20201023031433.GF23681@linux.intel.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 23/10/20 05:14, Sean Christopherson wrote: >>>> + >>>> + /* >>>> + * Check that the GPA doesn't exceed physical memory limits, as that is >>>> + * a guest page fault. We have to emulate the instruction here, because >>>> + * if the illegal address is that of a paging structure, then >>>> + * EPT_VIOLATION_ACC_WRITE bit is set. Alternatively, if supported we >>>> + * would also use advanced VM-exit information for EPT violations to >>>> + * reconstruct the page fault error code. >>>> + */ >>>> + if (unlikely(kvm_mmu_is_illegal_gpa(vcpu, gpa))) >>>> + return kvm_emulate_instruction(vcpu, 0); >>>> + >>> Is kvm's in-kernel emulator up to the task? What if the instruction in >>> question is AVX-512, or one of the myriad instructions that the >>> in-kernel emulator can't handle? Ice Lake must support the advanced >>> VM-exit information for EPT violations, so that would seem like a >>> better choice. >>> >> Anyone? > > Using "advanced info" if it's supported seems like the way to go. Outright > requiring it is probably overkill; if userspace wants to risk having to kill a > (likely broken) guest, so be it. Yeah, the instruction is expected to page-fault here. However the comment is incorrect and advanced information does not help here. The problem is that page fault error code bits cannot be reconstructed from bits 0..2 of the EPT violation exit qualification, if bit 8 is clear in the exit qualification (that is, if the access causing the EPT violation is to a paging-structure entry). In that case bits 0..2 refer to the paging-structure access rather than to the final access. In fact advanced information is not available at all for paging-structure access EPT violations. Thanks, Paolo