linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: "Li, Liang Z" <liang.z.li@intel.com>
To: Paolo Bonzini <pbonzini@redhat.com>,
	"kvm@vger.kernel.org" <kvm@vger.kernel.org>
Cc: "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
	"tglx@linutronix.de" <tglx@linutronix.de>,
	"mingo@redhat.com" <mingo@redhat.com>,
	"kirill.shutemov@linux.intel.com"
	<kirill.shutemov@linux.intel.com>,
	"dave.hansen@linux.intel.com" <dave.hansen@linux.intel.com>,
	"guangrong.xiao@linux.intel.com" <guangrong.xiao@linux.intel.com>,
	"rkrcmar@redhat.com" <rkrcmar@redhat.com>,
	"Neiger, Gil" <gil.neiger@intel.com>,
	"Lai, Paul C" <paul.c.lai@intel.com>
Subject: RE: [PATCH RFC 0/4] 5-level EPT
Date: Tue, 17 Jan 2017 02:18:36 +0000	[thread overview]
Message-ID: <F2CBF3009FA73547804AE4C663CAB28E3C35386E@shsmsx102.ccr.corp.intel.com> (raw)
In-Reply-To: <9ddf602b-6c8b-8c1e-ab46-07ed12366593@redhat.com>

> On 29/12/2016 10:25, Liang Li wrote:
> > x86-64 is currently limited physical address width to 46 bits, which
> > can support 64 TiB of memory. Some vendors require to support more for
> > some use case. Intel plans to extend the physical address width to
> > 52 bits in some of the future products.
> >
> > The current EPT implementation only supports 4 level page table, which
> > can support maximum 48 bits physical address width, so it's needed to
> > extend the EPT to 5 level to support 52 bits physical address width.
> >
> > This patchset has been tested in the SIMICS environment for 5 level
> > paging guest, which was patched with Kirill's patchset for enabling
> > 5 level page table, with both the EPT and shadow page support. I just
> > covered the booting process, the guest can boot successfully.
> >
> > Some parts of this patchset can be improved. Any comments on the
> > design or the patches would be appreciated.
> 
> I will review the patches.  They seem fairly straightforward.
> 
> However, I am worried about the design of the 5-level page table feature
> with respect to migration.
> 
> Processors that support the new LA57 mode can write 57-canonical/48-
> noncanonical linear addresses to some registers even when LA57 mode is
> inactive.  This is true even of unprivileged instructions, in particular
> WRFSBASE/WRGSBASE.
> 
> This is fairly bad because, if a guest performs such a write (because of a bug
> or because of malice), it will not be possible to migrate the virtual machine to
> a machine that lacks LA57 mode.
> 
> Ordinarily, hypervisors trap CPUID to hide features that are only present in
> some processors of a heterogeneous cluster, and the hypervisor also traps
> for example CR4 writes to prevent enabling features that were masked away.
> In this case, however, the only way for the hypervisor to prevent the write
> would be to run the guest with
> CR4.FSGSBASE=0 and trap all executions of WRFSBASE/WRGSBASE.  This
> might have negative effects on performance for workloads that use the
> instructions.
> 
> Of course, this is a problem even without your patches.  However, I think it
> should be addressed first.  I am seriously thinking of blacklisting FSGSBASE
> completely on LA57 machines until the above is fixed in hardware.
> 
> Paolo

The issue has already been forwarded to the hardware guys, still waiting for the feedback.

Thanks!
Liang

  reply	other threads:[~2017-01-17  2:19 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-12-29  9:25 [PATCH RFC 0/4] 5-level EPT Liang Li
2016-12-29  9:26 ` [PATCH RFC 1/4] x86: Add the new CPUID and CR4 bits for 5 level page table Liang Li
2016-12-29  9:26 ` [PATCH RFC 2/4] KVM: MMU: Rename PT64_ROOT_LEVEL to PT64_ROOT_4LEVEL Liang Li
2017-03-09 14:39   ` Paolo Bonzini
2016-12-29  9:26 ` [PATCH RFC 3/4] KVM: MMU: Add 5 level EPT & Shadow page table support Liang Li
2017-03-09 15:12   ` Paolo Bonzini
2016-12-29  9:26 ` [PATCH RFC 4/4] VMX: Expose the LA57 feature to VM Liang Li
2017-03-09 15:16   ` Paolo Bonzini
2016-12-29 20:38 ` [PATCH RFC 0/4] 5-level EPT Valdis.Kletnieks
2016-12-30  1:26   ` Li, Liang Z
2017-01-02 10:18 ` Paolo Bonzini
2017-01-17  2:18   ` Li, Liang Z [this message]
2017-03-09 14:16     ` Paolo Bonzini
2017-03-10  8:00       ` Yu Zhang
2017-01-05 13:26 ` Kirill A. Shutemov

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=F2CBF3009FA73547804AE4C663CAB28E3C35386E@shsmsx102.ccr.corp.intel.com \
    --to=liang.z.li@intel.com \
    --cc=dave.hansen@linux.intel.com \
    --cc=gil.neiger@intel.com \
    --cc=guangrong.xiao@linux.intel.com \
    --cc=kirill.shutemov@linux.intel.com \
    --cc=kvm@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mingo@redhat.com \
    --cc=paul.c.lai@intel.com \
    --cc=pbonzini@redhat.com \
    --cc=rkrcmar@redhat.com \
    --cc=tglx@linutronix.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).