On 3/2/2023 9:16 PM, Robert Hoo wrote:
On Thu, 2023-03-02 at 14:41 +0800, Binbin Wu wrote:
__linearize is not the only path the modified LAM canonical check
needed, also some vmexits path should be taken care of, like VMX,
SGX
ENCLS.
SGX isn't in this version's implementation's scope, like nested LAM.
LAM in SGX enclave mode is not the scope of the this version.
But I think since the capability is exposed to guest, need to cover the
case if the guest use the supervisor mode pointer as the operand of SGX
EENCS operations.
Also the instruction INVLPG, INVPCID should have some special
handling
since LAM is not applied to the memory operand of the two
instruction
according to the LAM spec.
The spec's meaning on these 2 is: LAM masking doesn't apply to their
operands (the address), so the behavior is like before LAM feature
introduced. No change.
Yes, LAM are not applied to the 2 instrustions, but the __linearize is
changed.
For example, the emulation of invlpg (em_invpg) will also call it. So
need to handle the case specificlly.
Can add a flag as the input of linearize to indicate the LAM check and
untag is needed or not.
+#ifdef CONFIG_X86_64
+/*
+ * LAM Canonical Rule:
+ * LAM_U/S48 -- bit 63 == bit 47
+ * LAM_U/S57 -- bit 63 == bit 56
The modified LAM canonical check for LAM_U57 + 4-level paging is:
bit
63, bit 56:47 should be all 0s.
Yes, this case was missed. Chao's suggestion on signed-extend + legacy
canonical check can cover this.
