Received: by 2002:a05:6a10:f3d0:0:0:0:0 with SMTP id a16csp650249pxv; Thu, 24 Jun 2021 16:51:43 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyjqAOBsYxjabMn8XRUL969UOPFi/lFt18blgYPjnUnoG6WTyqeNTMoPhCjD4HPK6AdU6MA X-Received: by 2002:a17:906:39d7:: with SMTP id i23mr7668618eje.121.1624578703311; Thu, 24 Jun 2021 16:51:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1624578703; cv=none; d=google.com; s=arc-20160816; b=DQq1SoyuHb4dAy5sBg+TPtsliFLesqzX0kuBHxAP7vMG6rulyW/4gag0eC/2nfVdmx asXLGYo1R9AD8pLr1nYSiFaRypk+JxW0a/zCCxUNJ6tTRMU529rSUactGyqTBZG8q7fv NOwwnnLYzgN1YWsj2XVQL/b4d5huDfm4PUVDOWevhgbjRUPxBKY5gK4LIckIkjZ61aZB rNy39BLEVa3oLPDgkT5IwgWrS8lIFf3xLQpBbpg/5/cBYgsW2u0lNXnX8My6zyLQ/wFI of6Fr8yI8ELAIDj2/1Wr65hz377O33alicHFrKutW3i5Xx3ZCEFVX192f5mGZ6nhFHin 47Ew== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=3TTTSx9oGUkYkJu7+ALA0wTUTD3ZhTwQcOChtOj/Zk4=; b=cA8BOY/7d+OAQeUAEc3VuehKZJ2GB/VEL/MH8nOX81tHbKfiMJU04hFkQ4CVY/3IPr rf59tK6p8sPAs0ZYAhcNwCYMtf4H/9st2JecCtIFv+6egACr0c58oT/GxzHNNCp8ScUd 8j4/7uydUWl6TSh/eBV7VrOezANAhmzgtm9OvbL79o9qXHi5c91kfhMESRHZ+XUDoKB0 HeiIu5Pc1wcToEFcxR5eBGju+prVhWCnhQOdP99rJB+vuSm1mHxMl3AWPNRJTGQA/hQd ndJq4keRCYUWruUBGUJiYgmfzMW3rwNXUGY8hdOFDfeBcU6Rm5+flJI5jVSP/79jE0D3 qnug== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=dcIRON5m; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id m24si4948020ejn.329.2021.06.24.16.51.20; Thu, 24 Jun 2021 16:51:43 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=dcIRON5m; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232866AbhFXXuT (ORCPT + 99 others); Thu, 24 Jun 2021 19:50:19 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58018 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229521AbhFXXuR (ORCPT ); Thu, 24 Jun 2021 19:50:17 -0400 Received: from mail-pl1-x630.google.com (mail-pl1-x630.google.com [IPv6:2607:f8b0:4864:20::630]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 49DA6C061756 for ; Thu, 24 Jun 2021 16:47:58 -0700 (PDT) Received: by mail-pl1-x630.google.com with SMTP id y13so3788232plc.8 for ; Thu, 24 Jun 2021 16:47:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=3TTTSx9oGUkYkJu7+ALA0wTUTD3ZhTwQcOChtOj/Zk4=; b=dcIRON5mUNGGXsf2qIr0RoyLHTz85BI5k4nQGGFwzXCBXEB42N+25XKBb545MiCh3n X333TJJd8CA4KI/l8oLU2FXmJikjTnS6jtwgwOm6EdOj8jCE7Ngospb91nsnjDN3vTdK Gm/Q6MidDco7j/BnrWV3jeDWdYp2T6ieCy59xZyGulffeuufjD4EP2Utcme5V8XUtWap xMjqyYVxaRbhvRfbPYnGpw2YEpquVd3V1g8HsD4LwCJNgyd/pto8Ok5edEEJ9TZKMBj9 eJiujwLn/t/g1xBc0xs/JJxKrIuFVN8g3MsNqzmK6FC9GedID/DrTRn8iujNY/Ey5D0A eicg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=3TTTSx9oGUkYkJu7+ALA0wTUTD3ZhTwQcOChtOj/Zk4=; b=Vy78RWfSlbX96rp3x5DZBSDKuP4XX6IZJwH79Ah3tOjqgikYze/NntfpmLhZzYU7ns nyp2Auq4T//CyhXZ15kNKH7+736nj3B5eBHrlqD7A1Nvfr3YKLkLBIZAyprPJGRT98CB H7gkakaUtbWEWjnLLX3sFmBHybmIontHdDJC1IW28CfE789A8GLxbMd/9ncz44NjPDWU NvuLZao4/5ityf9/G6Pyjp0eAUChyhYgiJMPhKbto2sx/AiH6fHbOtJqKtud8gfxnma/ sNuIsuiDfNOelv3pLYAwyjafbop521lSe5l/xbZpwaztac/RbVHO7hQ8zzlOGZkrf4DA hFoA== X-Gm-Message-State: AOAM5304JfSCRQnUQUd+zHnPAT6OjYLBir28fAlpHSp6CYl6o0r5OeUi 8VKFIxA9RV4hZ64TZ5sQPe3xPg== X-Received: by 2002:a17:902:d50b:b029:121:b5c8:b246 with SMTP id b11-20020a170902d50bb0290121b5c8b246mr6347367plg.51.1624578477622; Thu, 24 Jun 2021 16:47:57 -0700 (PDT) Received: from google.com (157.214.185.35.bc.googleusercontent.com. [35.185.214.157]) by smtp.gmail.com with ESMTPSA id d129sm2648854pfd.218.2021.06.24.16.47.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 24 Jun 2021 16:47:57 -0700 (PDT) Date: Thu, 24 Jun 2021 23:47:53 +0000 From: Sean Christopherson To: Tom Lendacky Cc: Paolo Bonzini , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Peter Gonda , Brijesh Singh Subject: Re: [PATCH 0/7] KVM: x86: guest MAXPHYADDR and C-bit fixes Message-ID: References: <20210623230552.4027702-1-seanjc@google.com> <324a95ee-b962-acdf-9bd7-b8b23b9fb991@amd.com> <2b79e962-b7de-4617-000d-f85890b7ea2c@amd.com> <7e3a90c0-75a1-b8fe-dbcf-bda16502ace9@amd.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Jun 24, 2021, Sean Christopherson wrote: > On Thu, Jun 24, 2021, Tom Lendacky wrote: > > On 6/24/21 12:39 PM, Tom Lendacky wrote: > > > > > > > > > On 6/24/21 12:31 PM, Sean Christopherson wrote: > > >> On Thu, Jun 24, 2021, Tom Lendacky wrote: > > >>>> > > >>>> Here's an explanation of the physical address reduction for bare-metal and > > >>>> guest. > > >>>> > > >>>> With MSR 0xC001_0010[SMEE] = 0: > > >>>> No reduction in host or guest max physical address. > > >>>> > > >>>> With MSR 0xC001_0010[SMEE] = 1: > > >>>> - Reduction in the host is enumerated by CPUID 0x8000_001F_EBX[11:6], > > >>>> regardless of whether SME is enabled in the host or not. So, for example > > >>>> on EPYC generation 2 (Rome) you would see a reduction from 48 to 43. > > >>>> - There is no reduction in physical address in a legacy guest (non-SEV > > >>>> guest), so the guest can use a 48-bit physical address > > >> > > >> So the behavior I'm seeing is either a CPU bug or user error. Can you verify > > >> the unexpected #PF behavior to make sure I'm not doing something stupid? > > > > > > Yeah, I saw that in patch #3. Let me see what I can find out. I could just > > > be wrong on that myself - it wouldn't be the first time. > > > > From patch #3: > > SVM: KVM: CPU #PF @ rip = 0x409ca4, cr2 = 0xc0000000, pfec = 0xb > > KVM: guest PTE = 0x181023 @ GPA = 0x180000, level = 4 > > KVM: guest PTE = 0x186023 @ GPA = 0x181000, level = 3 > > KVM: guest PTE = 0x187023 @ GPA = 0x186000, level = 2 > > KVM: guest PTE = 0xffffbffff003 @ GPA = 0x187000, level = 1 > > SVM: KVM: GPA = 0x7fffbffff000 > > > > I think you may be hitting a special HT region that is at the top 12GB of > > the 48-bit memory range and is reserved, even for GPAs. Can you somehow > > get the test to use an address below 0xfffd_0000_0000? That would show > > that bit 47 is valid for the legacy guest while staying out of the HT region. > > I can make that happen. Ah, hilarious. That indeed does the trick. 0xfffd00000000 = #PF, 0xfffcfffff000 = good. I'll send a revert shortly. There's another C-bit bug that needs fixing, too :-/ The unconditional __sme_clr() in npf_interception() is wrong and breaks non-SEV guests. Based on this from the APM If the C-bit is an address bit, this bit is masked from the guest physical address when it is translated through the nested page tables. Consequently, the hypervisor does not need to be aware of which pages the guest has chosen to mark private. I assume it's not needed for SEV either? I'm about to find out shortly, but if you happen to know for sure... :-)