From: Robert Hoo <robert.hu@linux.intel.com>
To: Chao Gao <chao.gao@intel.com>
Cc: seanjc@google.com, pbonzini@redhat.com,
binbin.wu@linux.intel.com, kvm@vger.kernel.org
Subject: Re: [PATCH v5 3/5] KVM: x86: Virtualize CR3.LAM_{U48,U57}
Date: Sun, 05 Mar 2023 09:31:52 +0800 [thread overview]
Message-ID: <88dd1570086f4a553a8dffbde71770cb51163388.camel@linux.intel.com> (raw)
In-Reply-To: <ZAIX7m177/rQEl22@gao-cwp>
On Fri, 2023-03-03 at 23:53 +0800, Chao Gao wrote:
> On Fri, Mar 03, 2023 at 10:23:50PM +0800, Robert Hoo wrote:
> > On Fri, 2023-03-03 at 14:21 +0800, Chao Gao wrote:
> > > On Mon, Feb 27, 2023 at 04:45:45PM +0800, Robert Hoo wrote:
> > > > LAM feature uses 2 high bits in CR3 (bit 62 for LAM_U48 and bit
> > > > 61
> > > > for
> > > > LAM_U57) to enable/config LAM feature for user mode addresses.
> > > > The
> > > > LAM
> > > > masking is done before legacy canonical checks.
> > > >
> > > > To virtualize LAM CR3 bits usage, this patch:
> > > > 1. Don't reserve these 2 bits when LAM is enable on the vCPU.
> > > > Previously
> > > > when validate CR3, kvm uses kvm_vcpu_is_legal_gpa(), now define
> > > > kvm_vcpu_is_valid_cr3() which is actually
> > > > kvm_vcpu_is_legal_gpa()
> > > > + CR3.LAM bits validation. Substitutes
> > > > kvm_vcpu_is_legal/illegal_gpa()
> > > > with kvm_vcpu_is_valid_cr3() in call sites where is validating
> > > > CR3
> > > > rather
> > > > than pure GPA.
> > > > 2. mmu::get_guest_pgd(), its implementation is get_cr3() which
> > > > returns
> > > > whole guest CR3 value. Strip LAM bits in those call sites that
> > > > need
> > > > pure
> > > > PGD value, e.g. mmu_alloc_shadow_roots(),
> > > > FNAME(walk_addr_generic)().
> > > > 3. When form a new guest CR3 (vmx_load_mmu_pgd()), melt in LAM
> > > > bit
> > > > (kvm_get_active_lam()).
> > > > 4. When guest sets CR3, identify ONLY-LAM-bits-toggling cases,
> > > > where it is
> > > > unnecessary to make new pgd, but just make request of load pgd,
> > > > then new
> > > > CR3.LAM bits configuration will be melt in (above point 3). To
> > > > be
> > > > conservative, this case still do TLB flush.
> > > > 5. For nested VM entry, allow the 2 CR3 bits set in
> > > > corresponding
> > > > VMCS host/guest fields.
> > >
> > > isn't this already covered by item #1 above?
> >
> > Ah, it is to address your comments on last version. To
> > repeat/emphasize
> > again, doesn't harm, does it?;)
>
> It is confusing. Trying to merge #5 to #1:
Well this is kind of subjective. I don't have any bias on this.
>
> If LAM is supported, bits 62:61 (LAM_U48 and LAM_U57) are not
> reserved
> in CR3. VM entry also allows the two bits to be set in CR3 field in
> guest-state and host-state area of the VMCS. Previously ...
>
> > >
> >
> > (...)
> > > >
> > > > +static inline u64 kvm_get_active_lam(struct kvm_vcpu *vcpu)
> > > > +{
> > > > + return kvm_read_cr3(vcpu) & (X86_CR3_LAM_U48 |
> > > > X86_CR3_LAM_U57);
> > > > +}
> > >
> > > I think it is better to define a mask (like reserved_gpa_bits):
> > >
> > > kvm_vcpu_arch {
> > > ...
> > >
> > > /*
> > > * Bits in CR3 used to enable certain features. These bits
> > > don't
> > > * participate in page table walking. They should be masked to
> > > * get the base address of page table. When shadow paging is
> > > * used, these bits should be kept as is in the shadow CR3.
> > > */
> > > u64 cr3_control_bits;
> > >
> >
> > I don't strongly object this. But per SDM, CR3.bit[63:MAXPHYADDR]
> > are
> > reserved; and MAXPHYADDR is at most 52 [1]. So can we assert and
> > simply
> > define the MASK bit[63:52]? (I did this in v3 and prior)
>
> No. Setting any bit in 60:52 should be rejected. And setting bit 62
> or
> 61 should be allowed if LAM is supported by the vCPU. I don't see how
> your proposal can distinguish these two cases.
No you didn't get my point.
Perhaps you can take a look at v3 patch and prior
https://lore.kernel.org/kvm/20221209044557.1496580-4-robert.hu@linux.intel.com/
define CR3_HIGH_RSVD_MASK, given "MAXPHYADDR is at most 52" is stated
in SDM.
next prev parent reply other threads:[~2023-03-05 1:31 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-27 8:45 [PATCH v5 0/5] Linear Address Masking (LAM) KVM Enabling Robert Hoo
2023-02-27 8:45 ` [PATCH v5 1/5] KVM: x86: Virtualize CR4.LAM_SUP Robert Hoo
2023-03-02 7:17 ` Chao Gao
2023-03-02 12:03 ` Binbin Wu
2023-03-02 13:00 ` Robert Hoo
2023-02-27 8:45 ` [PATCH v5 2/5] [Trivial]KVM: x86: Explicitly cast ulong to bool in kvm_set_cr3() Robert Hoo
2023-03-02 7:24 ` Chao Gao
2023-03-03 3:23 ` Robert Hoo
2023-03-10 20:22 ` Sean Christopherson
2023-03-20 12:05 ` Binbin Wu
2023-03-20 13:56 ` Binbin Wu
2023-03-21 16:03 ` Sean Christopherson
2023-02-27 8:45 ` [PATCH v5 3/5] KVM: x86: Virtualize CR3.LAM_{U48,U57} Robert Hoo
2023-03-03 6:21 ` Chao Gao
2023-03-03 14:23 ` Robert Hoo
2023-03-03 15:53 ` Chao Gao
2023-03-05 1:31 ` Robert Hoo [this message]
2023-03-10 20:12 ` Sean Christopherson
2023-03-20 6:57 ` Binbin Wu
2023-02-27 8:45 ` [PATCH v5 4/5] KVM: x86: emulation: Apply LAM mask when emulating data access in 64-bit mode Robert Hoo
2023-03-02 6:41 ` Binbin Wu
2023-03-02 13:16 ` Robert Hoo
2023-03-03 1:08 ` Binbin Wu
2023-03-03 3:16 ` Robert Hoo
2023-03-03 3:35 ` Binbin Wu
2023-03-03 9:00 ` Robert Hoo
2023-03-03 10:18 ` Binbin Wu
2023-03-10 20:26 ` Sean Christopherson
2023-03-02 8:55 ` Chao Gao
2023-03-02 11:31 ` Binbin Wu
2023-03-10 20:23 ` Sean Christopherson
2023-02-27 8:45 ` [PATCH v5 5/5] KVM: x86: LAM: Expose LAM CPUID to user space VMM Robert Hoo
2023-03-03 6:46 ` Chao Gao
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=88dd1570086f4a553a8dffbde71770cb51163388.camel@linux.intel.com \
--to=robert.hu@linux.intel.com \
--cc=binbin.wu@linux.intel.com \
--cc=chao.gao@intel.com \
--cc=kvm@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=seanjc@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).