On Fri, Jun 19, 2020 at 05:39:14PM +0200, Mohammed Gamal wrote: > When EPT/NPT is enabled, KVM does not really look at guest physical > address size. Address bits above maximum physical memory size are reserved. > Because KVM does not look at these guest physical addresses, it currently > effectively supports guest physical address sizes equal to the host. > > This can be problem when having a mixed setup of machines with 5-level page > tables and machines with 4-level page tables, as live migration can change > MAXPHYADDR while the guest runs, which can theoretically introduce bugs. > > In this patch series we add checks on guest physical addresses in EPT > violation/misconfig and NPF vmexits and if needed inject the proper > page faults in the guest. > > A more subtle issue is when the host MAXPHYADDR is larger than that of the > guest. Page faults caused by reserved bits on the guest won't cause an EPT > violation/NPF and hence we also check guest MAXPHYADDR and add PFERR_RSVD_MASK > error code to the page fault if needed. > > The last 3 patches (i.e. SVM bits and patch 11) are not intended for > immediate inclusion and probably need more discussion. > We've been noticing some unexpected behavior in handling NPF vmexits > on AMD CPUs (see individual patches for details), and thus we are > proposing a workaround (see last patch) that adds a capability that > userspace can use to decide who to deal with hosts that might have > issues supprting guest MAXPHYADDR < host MAXPHYADDR. > > > Mohammed Gamal (7): > KVM: x86: Add helper functions for illegal GPA checking and page fault > injection > KVM: x86: mmu: Move translate_gpa() to mmu.c > KVM: x86: mmu: Add guest physical address check in translate_gpa() > KVM: VMX: Add guest physical address check in EPT violation and > misconfig > KVM: SVM: introduce svm_need_pf_intercept > KVM: SVM: Add guest physical address check in NPF/PF interception > KVM: x86: SVM: VMX: Make GUEST_MAXPHYADDR < HOST_MAXPHYADDR support > configurable > > Paolo Bonzini (4): > KVM: x86: rename update_bp_intercept to update_exception_bitmap > KVM: x86: update exception bitmap on CPUID changes > KVM: VMX: introduce vmx_need_pf_intercept > KVM: VMX: optimize #PF injection when MAXPHYADDR does not match > > arch/x86/include/asm/kvm_host.h | 10 ++------ > arch/x86/kvm/cpuid.c | 2 ++ > arch/x86/kvm/mmu.h | 6 +++++ > arch/x86/kvm/mmu/mmu.c | 12 +++++++++ > arch/x86/kvm/svm/svm.c | 41 +++++++++++++++++++++++++++--- > arch/x86/kvm/svm/svm.h | 6 +++++ > arch/x86/kvm/vmx/nested.c | 28 ++++++++++++-------- > arch/x86/kvm/vmx/vmx.c | 45 +++++++++++++++++++++++++++++---- > arch/x86/kvm/vmx/vmx.h | 6 +++++ > arch/x86/kvm/x86.c | 29 ++++++++++++++++++++- > arch/x86/kvm/x86.h | 1 + > include/uapi/linux/kvm.h | 1 + > 12 files changed, 158 insertions(+), 29 deletions(-) > > -- > 2.26.2 >
