2016-11-25 17:10+0100, Paolo Bonzini: > On 25/11/2016 15:51, Radim Krčmář wrote: >> The guest could have configured a maximal physical address that exceeds >> the host. Prevent that situation as it could easily lead to a bug. >> >> Signed-off-by: Radim Krčmář <rkrcmar@xxxxxxxxxx> >> --- >> arch/x86/kvm/cpuid.c | 8 +++++++- >> 1 file changed, 7 insertions(+), 1 deletion(-) >> >> diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c >> index 25f0f15fab1a..aed910e9fbed 100644 >> --- a/arch/x86/kvm/cpuid.c >> +++ b/arch/x86/kvm/cpuid.c >> @@ -136,7 +136,13 @@ int kvm_update_cpuid(struct kvm_vcpu *vcpu) >> ((best->eax & 0xff00) >> 8) != 0) >> return -EINVAL; >> >> - /* Update physical-address width */ >> + >> + /* >> + * Update physical-address width. >> + * Make sure that it does not exceed hardware capabilities. >> + */ >> + if (cpuid_query_maxphyaddr(vcpu) > boot_cpu_data.x86_phys_bits) >> + return -EINVAL; >> vcpu->arch.maxphyaddr = cpuid_query_maxphyaddr(vcpu); >> >> kvm_pmu_refresh(vcpu); >> > > Not possible unfortunately, this would break most versions of QEMU that > hard-code 40 for MAXPHYADDR. > > Also, "wider" physical addresses in the guest are actually possible with > shadow paging. We don't disable EPT in that case, though. I guess that situations where QEMU configures mem slot into high physical addresses are not hit in production ... Is any solution better than ignoring this situation? -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
