From: Yu Zhang <yu.c.zhang@linux.intel.com>
To: Paolo Bonzini <pbonzini@redhat.com>,
"Li, Liang Z" <liang.z.li@intel.com>,
"kvm@vger.kernel.org" <kvm@vger.kernel.org>
Cc: "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"tglx@linutronix.de" <tglx@linutronix.de>,
"mingo@redhat.com" <mingo@redhat.com>,
"kirill.shutemov@linux.intel.com"
<kirill.shutemov@linux.intel.com>,
"dave.hansen@linux.intel.com" <dave.hansen@linux.intel.com>,
"guangrong.xiao@linux.intel.com" <guangrong.xiao@linux.intel.com>,
"rkrcmar@redhat.com" <rkrcmar@redhat.com>,
"Neiger, Gil" <gil.neiger@intel.com>,
"Lai, Paul C" <paul.c.lai@intel.com>
Subject: Re: [PATCH RFC 0/4] 5-level EPT
Date: Fri, 10 Mar 2017 16:00:26 +0800 [thread overview]
Message-ID: <58C25D1A.3030001@linux.intel.com> (raw)
In-Reply-To: <f3d8ffc8-c719-0999-3d55-d791def51e4f@redhat.com>
On 3/9/2017 10:16 PM, Paolo Bonzini wrote:
>
> On 17/01/2017 03:18, Li, Liang Z wrote:
>>> On 29/12/2016 10:25, Liang Li wrote:
>>>> x86-64 is currently limited physical address width to 46 bits, which
>>>> can support 64 TiB of memory. Some vendors require to support more for
>>>> some use case. Intel plans to extend the physical address width to
>>>> 52 bits in some of the future products.
>>>>
>>>> The current EPT implementation only supports 4 level page table, which
>>>> can support maximum 48 bits physical address width, so it's needed to
>>>> extend the EPT to 5 level to support 52 bits physical address width.
>>>>
>>>> This patchset has been tested in the SIMICS environment for 5 level
>>>> paging guest, which was patched with Kirill's patchset for enabling
>>>> 5 level page table, with both the EPT and shadow page support. I just
>>>> covered the booting process, the guest can boot successfully.
>>>>
>>>> Some parts of this patchset can be improved. Any comments on the
>>>> design or the patches would be appreciated.
>>> I will review the patches. They seem fairly straightforward.
>>>
>>> However, I am worried about the design of the 5-level page table feature
>>> with respect to migration.
>>>
>>> Processors that support the new LA57 mode can write 57-canonical/48-
>>> noncanonical linear addresses to some registers even when LA57 mode is
>>> inactive. This is true even of unprivileged instructions, in particular
>>> WRFSBASE/WRGSBASE.
>>>
>>> This is fairly bad because, if a guest performs such a write (because of a bug
>>> or because of malice), it will not be possible to migrate the virtual machine to
>>> a machine that lacks LA57 mode.
>>>
>>> Ordinarily, hypervisors trap CPUID to hide features that are only present in
>>> some processors of a heterogeneous cluster, and the hypervisor also traps
>>> for example CR4 writes to prevent enabling features that were masked away.
>>> In this case, however, the only way for the hypervisor to prevent the write
>>> would be to run the guest with
>>> CR4.FSGSBASE=0 and trap all executions of WRFSBASE/WRGSBASE. This
>>> might have negative effects on performance for workloads that use the
>>> instructions.
>>>
>>> Of course, this is a problem even without your patches. However, I think it
>>> should be addressed first. I am seriously thinking of blacklisting FSGSBASE
>>> completely on LA57 machines until the above is fixed in hardware.
>>>
>>> Paolo
>> The issue has already been forwarded to the hardware guys, still waiting for the feedback.
> Going to review this now. Any news?
Thanks for your reivew, Paolo.
This is Yu Zhang from Intel. I'll pick up this 5 level ept feature, and
will try to address your comments next. :-)
Now I am learning Liang's code and trying to bring VM up with Kirill's
native 5 level paging code integrated.
Yu
> Paolo
>
next prev parent reply other threads:[~2017-03-10 8:00 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-12-29 9:25 [PATCH RFC 0/4] 5-level EPT Liang Li
2016-12-29 9:26 ` [PATCH RFC 1/4] x86: Add the new CPUID and CR4 bits for 5 level page table Liang Li
2016-12-29 9:26 ` [PATCH RFC 2/4] KVM: MMU: Rename PT64_ROOT_LEVEL to PT64_ROOT_4LEVEL Liang Li
2017-03-09 14:39 ` Paolo Bonzini
2016-12-29 9:26 ` [PATCH RFC 3/4] KVM: MMU: Add 5 level EPT & Shadow page table support Liang Li
2017-03-09 15:12 ` Paolo Bonzini
2016-12-29 9:26 ` [PATCH RFC 4/4] VMX: Expose the LA57 feature to VM Liang Li
2017-03-09 15:16 ` Paolo Bonzini
2016-12-29 20:38 ` [PATCH RFC 0/4] 5-level EPT Valdis.Kletnieks
2016-12-30 1:26 ` Li, Liang Z
2017-01-02 10:18 ` Paolo Bonzini
2017-01-17 2:18 ` Li, Liang Z
2017-03-09 14:16 ` Paolo Bonzini
2017-03-10 8:00 ` Yu Zhang [this message]
2017-01-05 13:26 ` Kirill A. Shutemov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=58C25D1A.3030001@linux.intel.com \
--to=yu.c.zhang@linux.intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=gil.neiger@intel.com \
--cc=guangrong.xiao@linux.intel.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=kvm@vger.kernel.org \
--cc=liang.z.li@intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=paul.c.lai@intel.com \
--cc=pbonzini@redhat.com \
--cc=rkrcmar@redhat.com \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.