From: Mohammed Gamal <mgamal@redhat.com>
To: kvm@vger.kernel.org, pbonzini@redhat.com
Cc: linux-kernel@vger.kernel.org, vkuznets@redhat.com,
sean.j.christopherson@intel.com, wanpengli@tencent.com,
jmattson@google.com, joro@8bytes.org,
Mohammed Gamal <mgamal@redhat.com>
Subject: [PATCH v3 0/9] KVM: Support guest MAXPHYADDR < host MAXPHYADDR
Date: Fri, 10 Jul 2020 17:48:02 +0200 [thread overview]
Message-ID: <20200710154811.418214-1-mgamal@redhat.com> (raw)
When EPT is enabled, KVM does not really look at guest physical
address size. Address bits above maximum physical memory size are reserved.
Because KVM does not look at these guest physical addresses, it currently
effectively supports guest physical address sizes equal to the host.
This can be problem when having a mixed setup of machines with 5-level page
tables and machines with 4-level page tables, as live migration can change
MAXPHYADDR while the guest runs, which can theoretically introduce bugs.
In this patch series we add checks on guest physical addresses in EPT
violation/misconfig and NPF vmexits and if needed inject the proper
page faults in the guest.
A more subtle issue is when the host MAXPHYADDR is larger than that of the
guest. Page faults caused by reserved bits on the guest won't cause an EPT
violation/NPF and hence we also check guest MAXPHYADDR and add PFERR_RSVD_MASK
error code to the page fault if needed.
----
Changes from v2:
- Drop support for this feature on AMD processors after discussion with AMD
Mohammed Gamal (5):
KVM: x86: Add helper functions for illegal GPA checking and page fault
injection
KVM: x86: mmu: Move translate_gpa() to mmu.c
KVM: x86: mmu: Add guest physical address check in translate_gpa()
KVM: VMX: Add guest physical address check in EPT violation and
misconfig
KVM: x86: SVM: VMX: Make GUEST_MAXPHYADDR < HOST_MAXPHYADDR support
configurable
Paolo Bonzini (4):
KVM: x86: rename update_bp_intercept to update_exception_bitmap
KVM: x86: update exception bitmap on CPUID changes
KVM: VMX: introduce vmx_need_pf_intercept
KVM: VMX: optimize #PF injection when MAXPHYADDR does not match
arch/x86/include/asm/kvm_host.h | 10 ++------
arch/x86/kvm/cpuid.c | 2 ++
arch/x86/kvm/mmu.h | 6 +++++
arch/x86/kvm/mmu/mmu.c | 12 +++++++++
arch/x86/kvm/svm/svm.c | 22 +++++++++++++---
arch/x86/kvm/vmx/nested.c | 28 ++++++++++++--------
arch/x86/kvm/vmx/vmx.c | 45 +++++++++++++++++++++++++++++----
arch/x86/kvm/vmx/vmx.h | 6 +++++
arch/x86/kvm/x86.c | 29 ++++++++++++++++++++-
arch/x86/kvm/x86.h | 1 +
include/uapi/linux/kvm.h | 1 +
11 files changed, 133 insertions(+), 29 deletions(-)
--
2.26.2
next reply other threads:[~2020-07-10 15:48 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-10 15:48 Mohammed Gamal [this message]
2020-07-10 15:48 ` [PATCH v3 1/9] KVM: x86: Add helper functions for illegal GPA checking and page fault injection Mohammed Gamal
2020-07-10 15:48 ` [PATCH v3 2/9] KVM: x86: mmu: Move translate_gpa() to mmu.c Mohammed Gamal
2020-07-10 15:48 ` [PATCH v3 3/9] KVM: x86: mmu: Add guest physical address check in translate_gpa() Mohammed Gamal
2020-07-10 17:41 ` Paolo Bonzini
2020-07-10 15:48 ` [PATCH v3 4/9] KVM: x86: rename update_bp_intercept to update_exception_bitmap Mohammed Gamal
2020-07-10 16:15 ` Jim Mattson
2020-07-10 15:48 ` [PATCH v3 5/9] KVM: x86: update exception bitmap on CPUID changes Mohammed Gamal
2020-07-10 16:25 ` Jim Mattson
2020-07-10 15:48 ` [PATCH v3 6/9] KVM: VMX: introduce vmx_need_pf_intercept Mohammed Gamal
2020-07-10 15:48 ` [PATCH v3 7/9] KVM: VMX: Add guest physical address check in EPT violation and misconfig Mohammed Gamal
2020-07-13 18:32 ` Sean Christopherson
2020-07-15 23:00 ` Sean Christopherson
2020-08-17 17:22 ` Sean Christopherson
2020-08-17 18:01 ` Paolo Bonzini
2020-10-09 16:17 ` Jim Mattson
2020-10-14 23:44 ` Jim Mattson
2020-10-23 3:14 ` Sean Christopherson
2020-10-23 9:22 ` Paolo Bonzini
2020-10-23 16:59 ` Jim Mattson
2020-10-23 17:16 ` Paolo Bonzini
2020-10-23 17:23 ` Jim Mattson
2020-10-23 17:43 ` Paolo Bonzini
2021-01-15 19:35 ` Jim Mattson
2021-01-20 21:16 ` Jim Mattson
2021-01-27 20:57 ` Jim Mattson
2021-06-21 18:31 ` Jim Mattson
2020-07-10 15:48 ` [PATCH v3 8/9] KVM: VMX: optimize #PF injection when MAXPHYADDR does not match Mohammed Gamal
2020-07-10 15:48 ` [PATCH v3 9/9] KVM: x86: SVM: VMX: Make GUEST_MAXPHYADDR < HOST_MAXPHYADDR support configurable Mohammed Gamal
2020-07-10 17:40 ` Paolo Bonzini
2020-07-10 16:30 ` [PATCH v3 0/9] KVM: Support guest MAXPHYADDR < host MAXPHYADDR Jim Mattson
2020-07-10 17:06 ` Paolo Bonzini
2020-07-10 17:13 ` Jim Mattson
2020-07-10 17:16 ` Paolo Bonzini
2020-07-10 17:26 ` Sean Christopherson
2020-07-10 17:26 ` Jim Mattson
2020-07-10 17:40 ` Paolo Bonzini
2020-07-10 17:49 ` Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200710154811.418214-1-mgamal@redhat.com \
--to=mgamal@redhat.com \
--cc=jmattson@google.com \
--cc=joro@8bytes.org \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=sean.j.christopherson@intel.com \
--cc=vkuznets@redhat.com \
--cc=wanpengli@tencent.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).