Received: by 2002:ab2:710b:0:b0:1ef:a325:1205 with SMTP id z11csp1569954lql; Wed, 13 Mar 2024 01:38:40 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCWEknfZMZ3/ziZ+zQbjmVI1hyFVb3f/hcYFH2oheSVfuWkrZsN2GAbgCQ9TQBnHZ8Do624GeCaOdsaLb2nhkjgk84XvLAKJS9UuA7oubQ== X-Google-Smtp-Source: AGHT+IG9ccnNaK4XJujgd9RCvrA5NC1DFSSqWODV3Zv9eIXnjhgzPGy18DQ8PXgytgMeAX+6LoHQ X-Received: by 2002:a17:907:a093:b0:a45:54f3:b44d with SMTP id hu19-20020a170907a09300b00a4554f3b44dmr8533702ejc.8.1710319119968; Wed, 13 Mar 2024 01:38:39 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1710319119; cv=pass; d=google.com; s=arc-20160816; b=s3rrS5JOfvp48frAilu9c166xFktMLOFXgkNUE5rsr6+fhoCj4/pBaKpQSPY0RuzTH DWUtgaRHqBdOb3EICDbaiNXRr6yvPPmaKqb+fLve6nHBGLVlO8mjr/h+znhd+stcXrRI HWeToRhTGRnJ7JMoCSjl45wJ5Gryhc94XOZIHoMDJ6MIXWEGevcJHl01Shj2M2QDVw7D 1cJWWLoB+k4Y6kThWiZrYULThoSAXOwMQ9ejKhkmbi6y7RrOKL3udRDGXwhcJCuIAHSc xLF5JyPbhH8S9Ru37lFEMGXicjyY7Y/eN8KfD8vPQLruRx3liXx+oP54iVj5HTwijLLj RZnA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:list-unsubscribe:list-subscribe:list-id:precedence :references:message-id:subject:cc:to:from:date:dkim-signature; bh=Mpack/J+7HrVXgcyiDIBRHYLXZMo3CgTAYK0qYafvtI=; fh=c9F30OzTUouvgNoE8Yy8y3KzHlBC30KWWmf3Ukr3V98=; b=JyDKBj7KIFI0+qkkoCp09m+9YtiZLe87Og2TSFwl89q3b3xde2M41hBZNZ7mAWrxEW 6PU1M9P3uTMDGmcj/BytIsNA+QgkCwthLargAf888YD7lvBncjLR6pEsL9t1M5i11xRM ZwsFnH05YYrbiZhkm2phWY6ebNUsjjM5g+Tu9O4qf/MHulHJb9P6/FfPdAeMDCn6YgdA kvgXOYPW6m9MlYHOY0h7k9wgTkclEvEVe2aUChbIEWwJ5ldyyVmTORLt8xJH8ksiL3Dk ce3FsxoDWN+6Ws2S+F0Y+TtPs1RWdHibSp8obGPk3r1+nn9xYFh0iodsWUlT2Dkrrd4L nLKQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=a5j4p96p; arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass dkdomain=redhat.com dmarc=pass fromdomain=redhat.com); spf=pass (google.com: domain of linux-kernel+bounces-101218-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-101218-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id q8-20020a170906b28800b00a4617f1b766si3412224ejz.132.2024.03.13.01.38.39 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 13 Mar 2024 01:38:39 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-101218-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=a5j4p96p; arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass dkdomain=redhat.com dmarc=pass fromdomain=redhat.com); spf=pass (google.com: domain of linux-kernel+bounces-101218-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-101218-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id AF8351F2218D for ; Wed, 13 Mar 2024 08:38:39 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 9AB291B5BA; Wed, 13 Mar 2024 08:38:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="a5j4p96p" Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2B7A1199D9 for ; Wed, 13 Mar 2024 08:38:30 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710319112; cv=none; b=u6QNmcTI3HkDzUfclJRUxS3Bkk+MNhBZ+nxm2Dx5CrkCSq0gqg0tDoHPUxB9EAnUZkwLcNb2aumYsi1jc14e1DjK6usnZkoIA95n//fiZU6445Sn0WT8Aaf5ttd19+ZKzE51/TuvtWJp2oKdk4rZAIImSovLiWEePeqVTw7wBDk= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710319112; c=relaxed/simple; bh=PnOTieHCZlMmJbLEcfj7Iqz+Y9jzI/+xF58R5cFRyFk=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=A9T4nZ4S+L4lB/j1nSdOQ3c7iaPj4+2WkWe/epdnr2D2zW154YMQ+vTlmn5p7THYiooM1dS4gsyhLvt9lVPd1bO/MNQ5NFdMFE+GLmEXIT0x6UQWGERoqRy3GzB9IGQWAk0Eqv1z/AzUa6rI62BFQCHoYHhRVbGBnSekvjSaeAo= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=a5j4p96p; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1710319110; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Mpack/J+7HrVXgcyiDIBRHYLXZMo3CgTAYK0qYafvtI=; b=a5j4p96pYMLOezM+y+ZdT2JUdRo7oOPmkj3CtdMW4QB8WSdz0A6mqG035Ptz7smqaki7JL Bhw+W5ozWzZ3hHpXMWfcWjURC2kWOxK6izge3XxKi34nG+Y/sRa5NiM6XDlQFFeKMiZHqu j0SCrfXxqdgZ02atyyVxYkbHX1tVHZA= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-358-_rhQDwNENAiFYF4EUFFgFg-1; Wed, 13 Mar 2024 04:38:26 -0400 X-MC-Unique: _rhQDwNENAiFYF4EUFFgFg-1 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 3B2E91018985; Wed, 13 Mar 2024 08:38:26 +0000 (UTC) Received: from sirius.home.kraxel.org (unknown [10.39.192.160]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D7E013C22; Wed, 13 Mar 2024 08:38:25 +0000 (UTC) Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id 7C1F718009A3; Wed, 13 Mar 2024 09:38:24 +0100 (CET) Date: Wed, 13 Mar 2024 09:38:24 +0100 From: Gerd Hoffmann To: Xiaoyao Li Cc: Tao Su , kvm@vger.kernel.org, Tom Lendacky , Sean Christopherson , Paolo Bonzini , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)" , "H. Peter Anvin" , "open list:X86 ARCHITECTURE (32-BIT AND 64-BIT)" Subject: Re: [PATCH v3 2/2] kvm/cpuid: set proper GuestPhysBits in CPUID.0x80000008 Message-ID: References: <20240311104118.284054-1-kraxel@redhat.com> <20240311104118.284054-3-kraxel@redhat.com> <76a8a880-6c8f-4c4c-bd5d-da02206967ed@intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <76a8a880-6c8f-4c4c-bd5d-da02206967ed@intel.com> X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.1 Hi, > > > - entry->eax = phys_as | (virt_as << 8); > > > + entry->eax = phys_as | (virt_as << 8) | (g_phys_as << 16); > > > > When g_phys_as==phys_as, I would suggest advertising g_phys_as==0, > > otherwise application can easily know whether it is in a VM, I’m > > concerned this could be abused by application. There are *tons* of options to figure whenever you are running in a VM, there is no need to go for this obscure way. > IMO, this should be protected by userspace VMM, e.g., QEMU to set actual > g_phys_as. On KVM side, KVM only reports the capability to userspace. Yes, at the end of the day this is handled by qemu. Current plan for qemu is to communicate it to the guest unconditionally though. When setting this only in case g_phys_as != phys_as the firmware has the problem that it doesn't know the reason for finding zero there. Could be g_phys_as == phys_as, but could also be old kernel / qemu without GuestPhysBits support. So the firmware doesn't know whenever it is save to use phys_as. take care, Gerd