Re: [kvm-unit-tests PATCH] x86: svm: low CR3 bits are not MBZ

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


On 8/18/20 11:25 AM, Krish Sadhukhan wrote:


On 8/17/20 11:38 PM, Paolo Bonzini wrote:

On 05/08/20 01:13, Krish Sadhukhan wrote:
I did some experiments on the processor behavior on an Epyc 2 system via 
KVM:

   1. MBZ bits:  VMRUN passes even if these bits are set to 1 and
guest is exiting with exit code of           SVM_EXIT_VMMCALL.
According to the APM, this settting should constitute an invalid guest
state and hence I should get and exit code of SVM_EXIT_ERR. There's no
KVM check in place for these CR3 bits, so the check is all done in
hardware.
   2. non-MBZ reserved bits:  Based on Nadav Amit's suggestion, I set 
the 'not present' bit in an upper level NPT in order to trigger an NPF
and I did get an exit code of SVM_EXIT_NPF when I set any of these bits. 
I am hoping that the processor has done the consistency check before it
tripped on NPF and not the other way around, so that our test is useful : 

    In PAE-legacy and non-PAE-legacy modes, the guest doesn't exit
with SVM_EXIT_VMMCALL when these bits are set to 0. I am not sure if I
am missing any special setting for the PAE-legacy and non-PAE-legacy
modes. In long-mode, however, the processor seems to behave as per APM,
i.e., guest exits with SVM_EXIT_VMMCALL when these bits are set to 0.

Are you going to send patches for this?



Yes, I am working on it. I need to complete some more investigation.



I have sent out a patch for testing the non-MBZ reserved bits in long mode.
I haven't been able to find a reliable way to test the non-MBZ reserved bits in legacy (PAE and non-PAE) modes.  In long mode if I set any MBZ bit and an in valid NPT entry, I get VMEXIT_INVALID before VMEXIT_NPF.  But I am not sure if this same method of testing is working when a non-MBZ reserved bit is set. It seems that consistency checking is not enforced on these low-order reserved bits. My goal is to get past the consistency checking phase and then trigger a VMEXIT_NPF during translation of guest pages in NPT.  I created a 3-level page table for legacy PAE mode (as per APM) and tried VMRUN with a  non-MBZ reserved bit set, I am getting VMEXIT_NPF but the EXITINFO1 field contains the nested guest's CR3. So I am not entirely sure if I have gotten past the consistency checking phase. 

If there's a better way to test these bits, please let me know.



Thanks,

Paolo
[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux