From: Sean Christopherson <seanjc@google.com>
To: Kai Huang <kai.huang@intel.com>
Cc: "kvm@vger.kernel.org" <kvm@vger.kernel.org>,
"pbonzini@redhat.com" <pbonzini@redhat.com>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
Yan Y Zhao <yan.y.zhao@intel.com>,
Rick P Edgecombe <rick.p.edgecombe@intel.com>,
"yosry.ahmed@linux.dev" <yosry.ahmed@linux.dev>
Subject: Re: [PATCH] KVM: x86/mmu: Don't create SPTEs for addresses that aren't mappable
Date: Mon, 23 Feb 2026 13:25:52 -0800 [thread overview]
Message-ID: <aZzF4C1L9EdEBViW@google.com> (raw)
In-Reply-To: <9e899034687731c7ee6d431ae49dbe3f5ca13a6c.camel@intel.com>
On Mon, Feb 23, 2026, Kai Huang wrote:
> On Mon, 2026-02-23 at 08:54 -0800, Sean Christopherson wrote:
> > On Mon, Feb 23, 2026, Kai Huang wrote:
> > > But the odd is if the fault->addr is L2 GPA or L2 GVA, then the shared bit
> > > (which is concept of L1 guest) doesn't apply to it.
> > >
> > > Btw, from hardware's point of view, does EPT/NPT silently drops high
> > > unmappable bits of GPA or it generates some kinda EPT violation/misconfig?
> >
> > EPT violation. The SDM says:
> >
> > With 4-level EPT, bits 51:48 of the guest-physical address must all be zero;
> > otherwise, an EPT violation occurs (see Section 30.3.3).
> >
> > I can't find anything in the APM (shocker, /s) that clarifies the exact NPT
> > behavior. It barely even alludes to the use of hCR4.LA57 for controlling the
> > depth of the walk. But I'm fairly certain NPT behaves identically.
>
> Then in case of nested EPT (ditto for NPT), shouldn't L0 emulate an VMEXIT
> to L1 if fault->addr exceeds mappable bits?
Huh. Yes, for sure. I was expecting FNAME(walk_addr_generic) to handle that,
but AFAICT it doesn't. Assuming I'm not missing something, that should be fixed
before landing this patch, otherwise I believe KVM would terminate the entire VM
if L2 accesses memory that L1 can't map.
next prev parent reply other threads:[~2026-02-23 21:25 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-19 0:22 [PATCH] KVM: x86/mmu: Don't create SPTEs for addresses that aren't mappable Sean Christopherson
2026-02-19 0:23 ` Sean Christopherson
[not found] ` <c06466c636da3fc1dc14dc09260981a2554c7cc2.camel@intel.com>
2026-02-20 16:54 ` Sean Christopherson
2026-02-21 0:01 ` Edgecombe, Rick P
2026-02-21 0:07 ` Sean Christopherson
2026-02-21 0:08 ` Edgecombe, Rick P
2026-02-21 0:49 ` Sean Christopherson
2026-02-23 23:23 ` Edgecombe, Rick P
2026-02-24 1:49 ` Sean Christopherson
2026-02-23 11:12 ` Huang, Kai
2026-02-23 16:54 ` Sean Christopherson
2026-02-23 20:48 ` Huang, Kai
2026-02-23 21:25 ` Sean Christopherson [this message]
2026-02-23 21:44 ` Huang, Kai
2026-03-05 7:55 ` Yan Zhao
2026-03-06 22:22 ` Sean Christopherson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aZzF4C1L9EdEBViW@google.com \
--to=seanjc@google.com \
--cc=kai.huang@intel.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=rick.p.edgecombe@intel.com \
--cc=yan.y.zhao@intel.com \
--cc=yosry.ahmed@linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.