From: Robert Hoo <robert.hu@linux.intel.com>
To: seanjc@google.com, pbonzini@redhat.com, chao.gao@intel.com,
binbin.wu@linux.intel.com
Cc: kvm@vger.kernel.org, Robert Hoo <robert.hu@linux.intel.com>
Subject: [PATCH v5 0/5] Linear Address Masking (LAM) KVM Enabling
Date: Mon, 27 Feb 2023 16:45:42 +0800 [thread overview]
Message-ID: <20230227084547.404871-1-robert.hu@linux.intel.com> (raw)
===Feature Introduction===
Linear-address masking (LAM) [1], modifies the checking that is applied to
*64-bit* linear addresses, allowing software to use of the untranslated
address (upper) bits for metadata.
As for which upper bits of linear address can be borrowed, LAM has 2 modes:
LAM_48 (bits 62:48, i.e. LAM width of 15) and LAM_57 (bits 62:57, i.e. LAM
width of 6), controlled by these new bits: CR3[62] (LAM_U48), CR3[61]
(LAM_U57), and CR4[28] (LAM_SUP).
* LAM_U48 and LAM_U57 bits controls LAM for user mode address. I.e. if
CR3.LAM_U57 = 1, LAM57 is applied; if CR3.LAM_U48 = 1 and CR3.LAM_U57 = 0,
LAM48 is applied.
* LAM_SUP bit, combined with paging mode (4-level or 5-level), determines
LAM status for supervisor mode address. I.e. when CR4.LAM_SUP =1, 4-level
paging mode will have LAM48 for supervisor mode address while 5-level paging
will have LAM57.
Note:
1. LAM applies to only data address, not to instructions.
2. LAM identification of an address as user or supervisor is based solely on the
value of pointer bit 63 and does not, for the purposes of LAM, depend on the CPL.
3. For user mode address, it is possible that 5-level paging and LAM_U48 are both
set, in this case, the effective usable linear address width is 48. [2]
4. When VM exit, the problematic address saved in VMCS field is clean, i.e.
metadata cleared with canonical form.
===LAM KVM Design===
Intercept CR4.LAM_SUP by KVM, to avoid read VMCS field every time, with
expectation that guest won't toggle this bit frequently.
Under EPT mode, CR3 is fully under guest control, guest LAM is thus transparent to
KVM.
For Shadow paging (EPT = off), KVM need to handle guest CR3.LAM_U48 and CR3.LAM_U57
toggles.
In KVM emulator, when a linear address is calculated, imitate HW LAM rules
per LAM setting.
===Unit Test===
1. Run Kernel LAM kselftests in guest, with both EPT=Y/N.
2. Add a kvm-unit-test [3] for CR4.LAM_SUP part, as Kernel LAM selftests doesn't
cover this yet. This test covers CR4 LAM_SUP bits toggle, LAM supervisor
mode address masking, KVM emulator code patch. Run the unit test with both LAM feature
on/off (i.e. including negative cases).
3. Launch a nested guest.
All tests has passed in Simics environment.
[1] ISE Chap 10 https://cdrdv2.intel.com/v1/dl/getContent/671368 (Section 10.6 VMX interaction)
[2] Thus currently, Kernel enabling patch only enables LAM_U57. https://lore.kernel.org/lkml/20230123220500.21077-1-kirill.shutemov@linux.intel.com/
[3] https://lore.kernel.org/kvm/20230227082557.403584-1-robert.hu@linux.intel.com/
---
Changelog
v4 --> v5:
Reorder and melt patches surround CR3.LAM bits into Patch 3 of this
version.
Revise Patch 1's subject and description
Drop Patch 3
Use kvm_read_cr4_bits() instead of kvm_read_cr4()
Fix: No need to untag addr when write to msr, it should be legacy canonical check
Rename kvm_is_valid_cr3() --> kvm_vcpu_is_valid_cr3(), and update some call
sites of kvm_vcpu_is_valid_cr3() to use kvm_is_valid_cr3().
Other refactors and Miscs.
v3 --> v4:
Drop unrelated Patch 1 in v3 (Binbin, Sean, Xiaoyao)
Intercept CR4.LAM_SUP instead of pass through to guest (Sean)
Just filter out CR3.LAM_{U48, U57}, instead of all reserved high bits
(Sean, Yuan)
Use existing __canonical_address() helper instead write a new one (Weijiang)
Add LAM handling in KVM emulation (Yu, Yuan)
Add Jingqi's reviwed-by on Patch 7
Rebased to Kirill's latest code, which is 6.2-rc1 base.
v2 --> v3:
As LAM Kernel patches are in tip tree now, rebase to it.
https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/
v1 --> v2:
1. Fixes i386-allyesconfig build error on get_pgd(), where
CR3_HIGH_RSVD_MASK isn't applicable.
(Reported-by: kernel test robot <lkp@intel.com>)
2. In kvm_set_cr3(), be conservative on skip tlb flush when only LAM bits
toggles. (Kirill)
Robert Hoo (5):
KVM: x86: Virtualize CR4.LAM_SUP
[Trivial]KVM: x86: Explicitly cast ulong to bool in kvm_set_cr3()
KVM: x86: Virtualize CR3.LAM_{U48,U57}
KVM: x86: emulation: Apply LAM mask when emulating data access in
64-bit mode
KVM: x86: LAM: Expose LAM CPUID to user space VMM
arch/x86/include/asm/kvm_host.h | 3 +-
arch/x86/kvm/cpuid.c | 2 +-
arch/x86/kvm/emulate.c | 13 ++++++
arch/x86/kvm/mmu.h | 5 +++
arch/x86/kvm/mmu/mmu.c | 9 +++-
arch/x86/kvm/mmu/paging_tmpl.h | 2 +-
arch/x86/kvm/vmx/nested.c | 4 +-
arch/x86/kvm/vmx/vmx.c | 3 +-
arch/x86/kvm/x86.c | 35 +++++++++++++---
arch/x86/kvm/x86.h | 73 +++++++++++++++++++++++++++++++++
10 files changed, 136 insertions(+), 13 deletions(-)
https://git.kernel.org/pub/scm/linux/kernel/git/kas/linux.git lam
base-commit: 03334443640f226f56f71b5dfa3b1be6d4a1a1bc
--
2.31.1
next reply other threads:[~2023-02-27 8:55 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-27 8:45 Robert Hoo [this message]
2023-02-27 8:45 ` [PATCH v5 1/5] KVM: x86: Virtualize CR4.LAM_SUP Robert Hoo
2023-03-02 7:17 ` Chao Gao
2023-03-02 12:03 ` Binbin Wu
2023-03-02 13:00 ` Robert Hoo
2023-02-27 8:45 ` [PATCH v5 2/5] [Trivial]KVM: x86: Explicitly cast ulong to bool in kvm_set_cr3() Robert Hoo
2023-03-02 7:24 ` Chao Gao
2023-03-03 3:23 ` Robert Hoo
2023-03-10 20:22 ` Sean Christopherson
2023-03-20 12:05 ` Binbin Wu
2023-03-20 13:56 ` Binbin Wu
2023-03-21 16:03 ` Sean Christopherson
2023-02-27 8:45 ` [PATCH v5 3/5] KVM: x86: Virtualize CR3.LAM_{U48,U57} Robert Hoo
2023-03-03 6:21 ` Chao Gao
2023-03-03 14:23 ` Robert Hoo
2023-03-03 15:53 ` Chao Gao
2023-03-05 1:31 ` Robert Hoo
2023-03-10 20:12 ` Sean Christopherson
2023-03-20 6:57 ` Binbin Wu
2023-02-27 8:45 ` [PATCH v5 4/5] KVM: x86: emulation: Apply LAM mask when emulating data access in 64-bit mode Robert Hoo
2023-03-02 6:41 ` Binbin Wu
2023-03-02 13:16 ` Robert Hoo
2023-03-03 1:08 ` Binbin Wu
2023-03-03 3:16 ` Robert Hoo
2023-03-03 3:35 ` Binbin Wu
2023-03-03 9:00 ` Robert Hoo
2023-03-03 10:18 ` Binbin Wu
2023-03-10 20:26 ` Sean Christopherson
2023-03-02 8:55 ` Chao Gao
2023-03-02 11:31 ` Binbin Wu
2023-03-10 20:23 ` Sean Christopherson
2023-02-27 8:45 ` [PATCH v5 5/5] KVM: x86: LAM: Expose LAM CPUID to user space VMM Robert Hoo
2023-03-03 6:46 ` Chao Gao
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230227084547.404871-1-robert.hu@linux.intel.com \
--to=robert.hu@linux.intel.com \
--cc=binbin.wu@linux.intel.com \
--cc=chao.gao@intel.com \
--cc=kvm@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=seanjc@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).