On Thu, Jul 09, 2020 at 10:00:59AM -0700, Jim Mattson wrote: > On Thu, Jul 9, 2020 at 2:44 AM Gerd Hoffmann <kraxel@xxxxxxxxxx> wrote: > > > (2) GUEST_MAXPHYADDR < HOST_MAXPHYADDR > > > > Mostly fine. Some edge cases, like different page fault errors for > > addresses above GUEST_MAXPHYADDR and below HOST_MAXPHYADDR. Which I > > think Mohammed fixed in the kernel recently. > > Doesn't this require intercepting MOV-to-CR3 when the guest is in PAE > mode, so that the hypervisor can validate the high bits in the PDPTEs? If the fix has additional overhead, is the additional overhead bad enough to warrant making it optional? Most existing GUEST_MAXPHYADDR < HOST_MAXPHYADDR guests already work today without the fix. -- Eduardo