From: Sean Christopherson <sean.j.christopherson@intel.com>
To: Krish Sadhukhan <krish.sadhukhan@oracle.com>
Cc: kvm@vger.kernel.org, pbonzini@redhat.com, jmattson@google.com
Subject: Re: [PATCH 3/4 v2] KVM: nSVM: Test non-MBZ reserved bits in CR3 in long mode
Date: Wed, 30 Sep 2020 17:50:42 -0700 [thread overview]
Message-ID: <20201001005041.GE2988@linux.intel.com> (raw)
In-Reply-To: <5f236941-5086-167a-6518-6191d8ef04cf@oracle.com>
On Wed, Sep 30, 2020 at 05:29:24PM -0700, Krish Sadhukhan wrote:
>
> On 9/28/20 8:11 PM, Sean Christopherson wrote:
> >On Mon, Sep 28, 2020 at 07:20:42AM +0000, Krish Sadhukhan wrote:
> >>According to section "CR3" in APM vol. 2, the non-MBZ reserved bits in CR3
> >>need to be set by software as follows:
> >>
> >> "Reserved Bits. Reserved fields should be cleared to 0 by software
> >> when writing CR3."
> >Nothing in the shortlog or changelog actually states what this patch does.
> >"Test non-MBZ reserved bits in CR3 in long mode" is rather ambiguous, and
> >IIUC, the changelog is straight up misleading.
> >
> >Based on the discussion from v1, I _think_ this test verifies that KVM does
> >_not_ fail nested VMRUN if non-MBZ bits are set, correct?
>
> Not KVM, hardware rather. Hardware doesn't consider it as an invalid guest
> state if non-MBZ reserved bits are set.
> >
> >If so, then something like:
> >
> > KVM: nSVM: Verify non-MBZ CR3 reserved bits can be set in long mode
> >
> >with further explanation in the changelog would be very helpful.
>
> Even though the non-MBZ reserved bits are ignored by the consistency checks
> in hardware, eventually page-table walks fail. So, I am wondering whether it
Page table walks fail how? Are you referring to forcing the #NPF, or does
the CPU puke on the non-MBZ reserved bits at some point?
> is appropriate to say,
>
> "Verify non-MBZ CR3 reserved bits can be set in long mode"
>
> because the test is inducing an artificial failure even before any guest
> instruction is executed. We are not entering the guest with these bits set.
Yes we are, unless I'm misunderstanding how SVM handles VMRUN. "entering" the
guest does not mean successfully executing guest code, it means loading guest
state and completing the world switch. I don't think I'm misunderstanding,
because the test explicitly clears the NPT PML4[0]'s present bit to induce a
#NPF. That means the CPU is fetching instructions, and again unless there's
details about NPT that I'm missing, the fact that the test sees a #NPF means
that the CPU successfully completed the GVA->GPA translation using the "bad"
CR3.
> I prefer to keep the commit header as is and rather expand the commit
> message to explain what I have described here. How about that ?
That's fine, so long as it documents both what the test is actually verifying
and what is/isn't legal.
next prev parent reply other threads:[~2020-10-01 0:50 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-28 7:20 [PATCH 0/4 v2] KVM: nSVM: Add checks for CR3 and CR4 reserved bits to svm_set_nested_state() and test CR3 non-MBZ reserved bits Krish Sadhukhan
2020-09-28 7:20 ` [PATCH 1/4 v2] KVM: nSVM: CR3 MBZ bits are only 63:52 Krish Sadhukhan
2020-09-28 7:20 ` [PATCH 2/4 v2] KVM: nSVM: Add check for reserved bits for CR3, CR4, DR6, DR7 and EFER to svm_set_nested_state() Krish Sadhukhan
2020-09-28 7:20 ` [PATCH 3/4 v2] KVM: nSVM: Test non-MBZ reserved bits in CR3 in long mode Krish Sadhukhan
2020-09-29 3:11 ` Sean Christopherson
2020-10-01 0:29 ` Krish Sadhukhan
2020-10-01 0:50 ` Sean Christopherson [this message]
2020-10-05 19:10 ` Krish Sadhukhan
2020-09-28 7:20 ` [PATCH 4/4 v2] KVM: nSVM: nested_vmcb_checks() needs to check all bits of EFER Krish Sadhukhan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201001005041.GE2988@linux.intel.com \
--to=sean.j.christopherson@intel.com \
--cc=jmattson@google.com \
--cc=krish.sadhukhan@oracle.com \
--cc=kvm@vger.kernel.org \
--cc=pbonzini@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).