Received: by 2002:a89:2c3:0:b0:1ed:23cc:44d1 with SMTP id d3csp143386lqs; Mon, 4 Mar 2024 19:00:56 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCVtGJSGI1x6p4mReN6eQM0TUcDdVjTSJF95iUPkvTzwnyA3a2vafE+0oZEfFtmYFuuWShDBFXatxH5aT8427RY/LZRs0QP3kqPFzMcqVA== X-Google-Smtp-Source: AGHT+IGKVtTAPJaofmSiaBHNB18F1kh3j6+ChMRnsPA+P8CrFxWHwY3vRywaBj+YVjP2BH6Q8G9F X-Received: by 2002:a17:903:22ce:b0:1dd:8f6:69bf with SMTP id y14-20020a17090322ce00b001dd08f669bfmr885084plg.26.1709607655936; Mon, 04 Mar 2024 19:00:55 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709607655; cv=pass; d=google.com; s=arc-20160816; b=pV1kDnt6C284vIl2npGkv99aGZPH3MVJIW0WUH+7mqQxFw+eurwBQFfdCXzl+K6xmm 9uPYOKyhIrH4Z7qZVOyFLN5meoOCMP0Klr5QmHxA5YUDEEvgLUCKT2sVvirrpC4QDv4A wejldvXFI8AOVeFjWJyHPwYjNWglL72L913Nkp6MR21ilxxGZAyeZBAURxmDALBvLKgZ n+LqcEGwjch3b0vPZdaALq9QwXzmEiVUPEiqhq4NvvAL/jwKcjJmxddfEqz9SM4I/20o Ip/wef1Uah3ghvgUl4haq0lG5tF0KVutcdzqN9LtHZf4MN4mWly70b+2LbBwDlDUghrF Z53w== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:date:message-id:dkim-signature; bh=me9rdqUdg6xGv50pqCf98GXz0Lhf7oW6OHZrvVPRSbU=; fh=WsWnnrK01j6Rz9dqG9uiY1lADDYC+4FtHZ8nAMqb+4k=; b=Qf1PVNQeBd3E0XeQfvIEPM8mhsKfnOiGC0FB7Irz25IU+rrIvZEX6pyT+x6HxzvZTV SeEj9PL3uubvckdM1UL+pHCYtWzU9S0398A04Zbc60felQW9/POIKYr1pdbrUPHL+yQ+ Vw/cgx6Xx1EjhHupS/HnW5Sp7NdZ3gY1I29jNogHZzfdycHbBnTwncMdT+FVTxTRpINo psDTOoIE93IUPfKUE8C9A/2sqEweaz0wNVPBJacrNg/SYmO5S32GgiaK9JW6EQlF4QVP vAJJfabLfk4PKjL/tJ2FJUjauyhMc07Jdu7IMidwFyGP8ChqktZpOsiO0qZWBiVRl/zd PcrQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=arNz0Iln; arc=pass (i=1 spf=pass spfdomain=intel.com dkim=pass dkdomain=intel.com dmarc=pass fromdomain=intel.com); spf=pass (google.com: domain of linux-kernel+bounces-91593-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-91593-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161]) by mx.google.com with ESMTPS id s10-20020a170902ea0a00b001dbe7a31ab9si9227945plg.315.2024.03.04.19.00.55 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 04 Mar 2024 19:00:55 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-91593-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) client-ip=147.75.48.161; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=arNz0Iln; arc=pass (i=1 spf=pass spfdomain=intel.com dkim=pass dkdomain=intel.com dmarc=pass fromdomain=intel.com); spf=pass (google.com: domain of linux-kernel+bounces-91593-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-91593-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 3DEA2B2290E for ; Tue, 5 Mar 2024 03:00:02 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 07E1329428; Tue, 5 Mar 2024 02:59:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="arNz0Iln" Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 48B9C18046; Tue, 5 Mar 2024 02:59:30 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.16 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709607572; cv=none; b=dHtWJIatxOaw0+qoTuNjZvmJO3BVuUUxgWUQj7EwW4y9IphE8kcmFfsjiT+Ui+x1MKzBwnvCd+ukC280ifHIiOeraWqzM5aMucpX8ZBTpg6CdscJR5SvofWwKKz2BXO6XlH7+00sRXCT3kk8zaAdg5wSC3htVBwevwL6cqduQPs= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709607572; c=relaxed/simple; bh=m10ogqdrHv106k5OB8fY9EcjuKzov88CtD1qN+O1/PY=; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: In-Reply-To:Content-Type; b=NErEqxJ0TqL3P9Su1r5C5ZzPUCViQ1PcpNTRRHXHX5u7Km0RAfeu75ueNWnQW/TIgZBwHTGnLzYu/Tk4jCoSTII2GokSftr8X4ibrugdbiYirJw16hFf+J3MN7A9TaY0ic+OcTVm91IjDLe/UobPBJfShvYbWVJ+18ppby1//O0= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=arNz0Iln; arc=none smtp.client-ip=192.198.163.16 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1709607570; x=1741143570; h=message-id:date:mime-version:subject:to:cc:references: from:in-reply-to:content-transfer-encoding; bh=m10ogqdrHv106k5OB8fY9EcjuKzov88CtD1qN+O1/PY=; b=arNz0IlntIDIy9vubdTA3qG7snBX0aY/7veKGL/f8MKxW5tFo+wXtcFz tbkEc3JfNJBYr9a7LVbELRMUbBr7KejizgIOZtOrmoH4kQ0xVzog0JvTz S4zx8N2r4IZeU/w4wqSaSsp+vmEOchL+KAaQn+kejND0E0KvXn0RxAcfb t/shN29w3zHFDLILRqXQctgKHfpuBVDywlgUh17gy/K/bIjrX5SSuRrXH FluZBw+4XJfP2apvwQvaa7d522xU4JvVOgi92Lrct/4neF7IE7i8/2cpv ofz9cqo6G9MlE0dTYXR6NrDXl0bt62ZBAEPlZ2/BJbOVhR+jUOf0EmX31 Q==; X-IronPort-AV: E=McAfee;i="6600,9927,11003"; a="4717479" X-IronPort-AV: E=Sophos;i="6.06,205,1705392000"; d="scan'208";a="4717479" Received: from orviesa002.jf.intel.com ([10.64.159.142]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Mar 2024 18:59:30 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.06,205,1705392000"; d="scan'208";a="40096009" Received: from xiaoyaol-hp-g830.ccr.corp.intel.com (HELO [10.125.243.127]) ([10.125.243.127]) by orviesa002-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Mar 2024 18:59:25 -0800 Message-ID: <8106d06c-4359-47ef-b363-a6302e1271a4@intel.com> Date: Tue, 5 Mar 2024 10:59:23 +0800 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH 1/3] kvm: wire up KVM_CAP_VM_GPA_BITS for x86 Content-Language: en-US To: Sean Christopherson , Gerd Hoffmann Cc: kvm@vger.kernel.org, Paolo Bonzini , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)" , "H. Peter Anvin" , "open list:X86 ARCHITECTURE (32-BIT AND 64-BIT)" References: <20240301101410.356007-1-kraxel@redhat.com> <20240301101410.356007-2-kraxel@redhat.com> From: Xiaoyao Li In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit On 3/4/2024 11:15 PM, Sean Christopherson wrote: > On Fri, Mar 01, 2024, Gerd Hoffmann wrote: >> Add new guest_phys_bits field to kvm_caps, return the value to >> userspace when asked for KVM_CAP_VM_GPA_BITS capability. >> >> Initialize guest_phys_bits with boot_cpu_data.x86_phys_bits. >> Vendor modules (i.e. vmx and svm) can adjust this field in case >> additional restrictions apply, for example in case EPT has no >> support for 5-level paging. >> >> Signed-off-by: Gerd Hoffmann >> --- >> arch/x86/kvm/x86.h | 2 ++ >> arch/x86/kvm/x86.c | 5 +++++ >> 2 files changed, 7 insertions(+) >> >> diff --git a/arch/x86/kvm/x86.h b/arch/x86/kvm/x86.h >> index 2f7e19166658..e03aec3527f8 100644 >> --- a/arch/x86/kvm/x86.h >> +++ b/arch/x86/kvm/x86.h >> @@ -24,6 +24,8 @@ struct kvm_caps { >> bool has_bus_lock_exit; >> /* notify VM exit supported? */ >> bool has_notify_vmexit; >> + /* usable guest phys bits */ >> + u32 guest_phys_bits; >> >> u64 supported_mce_cap; >> u64 supported_xcr0; >> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c >> index 48a61d283406..e270b9b708d1 100644 >> --- a/arch/x86/kvm/x86.c >> +++ b/arch/x86/kvm/x86.c >> @@ -4784,6 +4784,9 @@ int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext) >> if (kvm_is_vm_type_supported(KVM_X86_SW_PROTECTED_VM)) >> r |= BIT(KVM_X86_SW_PROTECTED_VM); >> break; >> + case KVM_CAP_VM_GPA_BITS: >> + r = kvm_caps.guest_phys_bits; > > This is not a fast path, just compute the effective guest.MAXPHYADDR on the fly > using tdp_root_level and max_tdp_level. But as pointed out and discussed in the > previous thread, adverising a guest.MAXPHYADDR that is smaller than host.MAXPHYADDR > simply doesn't work[*]. > > I thought the plan was to add a way for KVM to advertise the maximum *addressable* > GPA, and figure out a way to communicate that to the guest, e.g. so that firmware > doesn't try to use legal GPAs that the host cannot address. From one off-list email thread, Paolo was proposing to change the definition of CPUID.0x80000008:EAX[23:16] to "Maximum usable physical address size in bits", in detail: Maximum usable physical address size in bits. Physical addresses above this size should not be used, but will not produce a "reserved" page fault. When this field is zero, all bits up to PhysAddrSize are usable. This field is expected to be nonzero only on guests where the hypervisor is using nesting paging. As I understand it, it turns bit [23:16] of EAX of CPUID 0x80000008 into a PV field, that is set by VMM(e.g., KVM/QEMU) and consumed by guest. So KVM can advertise maximum addressable/usable physical address bits in CPUID.0x80000008:EAX[23:16] via GET_SUPPORTED_CPUID. > Paolo, any update on this? > > [*] https://lore.kernel.org/all/CALMp9eTutnTxCjQjs-nxP=XC345vTmJJODr+PcSOeaQpBW0Skw@mail.gmail.com >