From: Andrew Cooper <andrew.cooper3@citrix.com>
To: speck@linutronix.de
Subject: [MODERATED] Re: [PATCH] SPTE masking
Date: Thu, 9 Aug 2018 12:46:36 +0100 [thread overview]
Message-ID: <ed394081-6855-7504-c9ba-a9f7ee236f63@citrix.com> (raw)
In-Reply-To: <fa34a519-ed15-3ea0-4982-089475f3e0f9@redhat.com>
On 09/08/18 12:13, speck for Paolo Bonzini wrote:
> On 09/08/2018 12:47, speck for Andrew Cooper wrote:
>>>> and the CPUID maxphysaddr hasn't been
>>>> levelled for heterogeneous migration safety
>>> I don't know about Xen PV, but when using EPT you cannot do that, the
>>> maxphyaddr is not virtualizable (obviously not to guest-maxphyaddr >
>>> host-maxphyaddr, but guest-maxphyaddr < host-maxphyaddr cannot be
>>> emulated either).
>> There is nothing wrong with telling a guest it has maxphysaddr smaller
>> than the real maxphysaddr. Just like CPUID feature levelling, it says
>> "don't go playing there".
>>
>> No software is permitted to rely on the behaviour of reserved bits.
> That's just not true for page tables. Bits maxphyaddr:51 are documented
> to generate a page fault with the reserved bits set. In the future the
> behavior may change (unlikely) but it would be keyed against e.g. a new
> CR4 bit.
>
> In fact, Intel has been stashing new functionality in previously ignored
> bits, of course keying the interpretation on bits from CR4 (e.g.
> protection keys) or VMCS execution controls (e.g. EPT mode-based
> execution control aka XS/XU).
>
> I tried emulating guestphysaddr < hostphysaddr in KVM, but generating
> the reserved bits page fault from EPT violations doesn't work. If the
> host processor thinks the bits are not reserved and generates e.g. a
> present-but-not-writable fault, no EPT violation happens
Sounds like you've got a KVM bug here. Either an EPT misconfig or
violation is guaranteed to occur here, because you won't have allowed an
EPT mapping at a guest physical address above guest maxphysaddr, would you?
Even with a strict interpretation 51:maxphysaddr, I don't see any
technical limitations with emulating it correctly. Making this work in
Xen is on my todo list (once I've figured out exactly how Intel and
AMD's implementation of SMAP differ, so I can fix the software pagewalk
to match the hardware it is running on).
~Andrew
next prev parent reply other threads:[~2018-08-09 11:46 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-08-08 23:21 [MODERATED] [PATCH] SPTE masking Jim Mattson
2018-08-09 2:57 ` [MODERATED] " Andi Kleen
2018-08-09 9:24 ` Paolo Bonzini
2018-08-09 17:43 ` Andi Kleen
2018-08-10 7:55 ` Paolo Bonzini
2018-08-10 15:59 ` Jim Mattson
2018-08-10 17:23 ` Andi Kleen
2018-08-10 17:32 ` Linus Torvalds
2018-08-10 17:45 ` Andi Kleen
2018-08-10 18:37 ` Paolo Bonzini
2018-08-10 19:17 ` Andi Kleen
2018-08-12 10:57 ` Paolo Bonzini
2018-08-09 9:25 ` Paolo Bonzini
2018-08-09 9:33 ` Andrew Cooper
2018-08-09 10:01 ` Paolo Bonzini
2018-08-09 10:47 ` Andrew Cooper
2018-08-09 11:13 ` Paolo Bonzini
2018-08-09 11:46 ` Andrew Cooper [this message]
2018-08-09 11:54 ` Paolo Bonzini
2018-08-09 14:01 ` Andrew Cooper
2018-08-09 15:00 ` Paolo Bonzini
2018-08-09 20:14 ` Jim Mattson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ed394081-6855-7504-c9ba-a9f7ee236f63@citrix.com \
--to=andrew.cooper3@citrix.com \
--cc=speck@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.