When EPT/NPT is enabled, KVM does not really look at guest physical
address size. Address bits above maximum physical memory size are reserved.
Because KVM does not look at these guest physical addresses, it currently
effectively supports guest physical address sizes equal to the host.
This can be problem when having a mixed setup of machines with 5-level page
tables and machines with 4-level page tables, as live migration can change
MAXPHYADDR while the guest runs, which can theoretically introduce bugs.
In this patch series we add checks on guest physical addresses in EPT
violation/misconfig and NPF vmexits and if needed inject the proper
page faults in the guest.
A more subtle issue is when the host MAXPHYADDR is larger than that of the
guest. Page faults caused by reserved bits on the guest won't cause an EPT
violation/NPF and hence we also check guest MAXPHYADDR and add PFERR_RSVD_MASK
error code to the page fault if needed.
Mohammed Gamal (5):
KVM: x86: Add function to inject guest page fault with reserved bits
set
KVM: VMX: Add guest physical address check in EPT violation and
misconfig
KVM: SVM: Add guest physical address check in NPF interception
KVM: x86: mmu: Move translate_gpa() to mmu.c
KVM: x86: mmu: Add guest physical address check in translate_gpa()
arch/x86/include/asm/kvm_host.h | 6 ------
arch/x86/kvm/mmu/mmu.c | 10 ++++++++++
arch/x86/kvm/mmu/paging_tmpl.h | 2 +-
arch/x86/kvm/svm.c | 7 +++++++
arch/x86/kvm/vmx/vmx.c | 13 +++++++++++++
arch/x86/kvm/x86.c | 14 ++++++++++++++
arch/x86/kvm/x86.h | 1 +
7 files changed, 46 insertions(+), 7 deletions(-)
--
2.21.1
