[PATCH] KVM: VMX: Set IGMT bit in EPT entry

public inbox for kvm@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH] KVM: VMX: Set IGMT bit in EPT entry
@ 2008-11-06  6:55 Sheng Yang
  2008-11-06 12:54 ` Avi Kivity
  2008-11-06 13:47 ` Anthony Liguori
  0 siblings, 2 replies; 4+ messages in thread
From: Sheng Yang @ 2008-11-06  6:55 UTC (permalink / raw)
  To: Avi Kivity; +Cc: kvm, Sheng Yang

(Patch for 2.6.27, based on kvm-updates/2.6.27)

There is a potential issue that, when guest using pagetable without vmexit when
EPT enabled, guest would use PAT/PCD/PWT bits to index PAT msr for it's memory,
which would be inconsistent with host side and would cause host MCE due to
inconsistent cache attribute.

The patch set IGMT bit in EPT entry to ignore guest PAT and use WB as default
memory type to protect host (notice that all memory mapped by KVM should be WB).

Signed-off-by: Sheng Yang <sheng@linux.intel.com>
---
 arch/x86/kvm/vmx.c |    3 ++-
 arch/x86/kvm/vmx.h |    1 +
 2 files changed, 3 insertions(+), 1 deletions(-)

diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index 7041cc5..8277466 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -3300,7 +3300,8 @@ static int __init vmx_init(void)
 		bypass_guest_pf = 0;
 		kvm_mmu_set_base_ptes(VMX_EPT_READABLE_MASK |
 			VMX_EPT_WRITABLE_MASK |
-			VMX_EPT_DEFAULT_MT << VMX_EPT_MT_EPTE_SHIFT);
+			VMX_EPT_DEFAULT_MT << VMX_EPT_MT_EPTE_SHIFT |
+			VMX_EPT_IGMT_BIT);
 		kvm_mmu_set_mask_ptes(0ull, 0ull, 0ull, 0ull,
 				VMX_EPT_EXECUTABLE_MASK);
 		kvm_enable_tdp();
diff --git a/arch/x86/kvm/vmx.h b/arch/x86/kvm/vmx.h
index 23e8373..198cdf3 100644
--- a/arch/x86/kvm/vmx.h
+++ b/arch/x86/kvm/vmx.h
@@ -370,6 +370,7 @@ enum vmcs_field {
 #define VMX_EPT_READABLE_MASK			0x1ull
 #define VMX_EPT_WRITABLE_MASK			0x2ull
 #define VMX_EPT_EXECUTABLE_MASK			0x4ull
+#define VMX_EPT_IGMT_BIT    			(1ull << 6)
 
 #define VMX_EPT_IDENTITY_PAGETABLE_ADDR		0xfffbc000ul
 
-- 
1.5.4.5


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH] KVM: VMX: Set IGMT bit in EPT entry
  2008-11-06  6:55 [PATCH] KVM: VMX: Set IGMT bit in EPT entry Sheng Yang
@ 2008-11-06 12:54 ` Avi Kivity
  2008-11-06 13:47 ` Anthony Liguori
  1 sibling, 0 replies; 4+ messages in thread
From: Avi Kivity @ 2008-11-06 12:54 UTC (permalink / raw)
  To: Sheng Yang; +Cc: kvm

Sheng Yang wrote:
> (Patch for 2.6.27, based on kvm-updates/2.6.27)
>
> There is a potential issue that, when guest using pagetable without vmexit when
> EPT enabled, guest would use PAT/PCD/PWT bits to index PAT msr for it's memory,
> which would be inconsistent with host side and would cause host MCE due to
> inconsistent cache attribute.
>
> The patch set IGMT bit in EPT entry to ignore guest PAT and use WB as default
> memory type to protect host (notice that all memory mapped by KVM should be WB).
>   

Applied, thanks.

(I applied it to 2.6.28; in general -stable does not accept patches 
until they have been merged into mainline)

-- 
error compiling committee.c: too many arguments to function


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] KVM: VMX: Set IGMT bit in EPT entry
  2008-11-06  6:55 [PATCH] KVM: VMX: Set IGMT bit in EPT entry Sheng Yang
  2008-11-06 12:54 ` Avi Kivity
@ 2008-11-06 13:47 ` Anthony Liguori
  2008-11-07  1:26   ` Sheng Yang
  1 sibling, 1 reply; 4+ messages in thread
From: Anthony Liguori @ 2008-11-06 13:47 UTC (permalink / raw)
  To: Sheng Yang; +Cc: Avi Kivity, kvm

Sheng Yang wrote:
> (Patch for 2.6.27, based on kvm-updates/2.6.27)
>
> There is a potential issue that, when guest using pagetable without vmexit when
> EPT enabled, guest would use PAT/PCD/PWT bits to index PAT msr for it's memory,
> which would be inconsistent with host side and would cause host MCE due to
> inconsistent cache attribute.
>
> The patch set IGMT bit in EPT entry to ignore guest PAT and use WB as default
> memory type to protect host (notice that all memory mapped by KVM should be WB).
>   

So this seems incompatible with hardware passthrough, since that would 
require being able to map guest memory as something other than WB.  Is 
there a fix for that?

Regards,

Anthony Liguori

> Signed-off-by: Sheng Yang <sheng@linux.intel.com>
> ---
>  arch/x86/kvm/vmx.c |    3 ++-
>  arch/x86/kvm/vmx.h |    1 +
>  2 files changed, 3 insertions(+), 1 deletions(-)
>
> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> index 7041cc5..8277466 100644
> --- a/arch/x86/kvm/vmx.c
> +++ b/arch/x86/kvm/vmx.c
> @@ -3300,7 +3300,8 @@ static int __init vmx_init(void)
>  		bypass_guest_pf = 0;
>  		kvm_mmu_set_base_ptes(VMX_EPT_READABLE_MASK |
>  			VMX_EPT_WRITABLE_MASK |
> -			VMX_EPT_DEFAULT_MT << VMX_EPT_MT_EPTE_SHIFT);
> +			VMX_EPT_DEFAULT_MT << VMX_EPT_MT_EPTE_SHIFT |
> +			VMX_EPT_IGMT_BIT);
>  		kvm_mmu_set_mask_ptes(0ull, 0ull, 0ull, 0ull,
>  				VMX_EPT_EXECUTABLE_MASK);
>  		kvm_enable_tdp();
> diff --git a/arch/x86/kvm/vmx.h b/arch/x86/kvm/vmx.h
> index 23e8373..198cdf3 100644
> --- a/arch/x86/kvm/vmx.h
> +++ b/arch/x86/kvm/vmx.h
> @@ -370,6 +370,7 @@ enum vmcs_field {
>  #define VMX_EPT_READABLE_MASK			0x1ull
>  #define VMX_EPT_WRITABLE_MASK			0x2ull
>  #define VMX_EPT_EXECUTABLE_MASK			0x4ull
> +#define VMX_EPT_IGMT_BIT    			(1ull << 6)
>  
>  #define VMX_EPT_IDENTITY_PAGETABLE_ADDR		0xfffbc000ul
>  
>   


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] KVM: VMX: Set IGMT bit in EPT entry
  2008-11-06 13:47 ` Anthony Liguori
@ 2008-11-07  1:26   ` Sheng Yang
  0 siblings, 0 replies; 4+ messages in thread
From: Sheng Yang @ 2008-11-07  1:26 UTC (permalink / raw)
  To: Anthony Liguori; +Cc: Avi Kivity, kvm

On Thursday 06 November 2008 21:47:59 Anthony Liguori wrote:
> Sheng Yang wrote:
> > (Patch for 2.6.27, based on kvm-updates/2.6.27)
> >
> > There is a potential issue that, when guest using pagetable without
> > vmexit when EPT enabled, guest would use PAT/PCD/PWT bits to index PAT
> > msr for it's memory, which would be inconsistent with host side and would
> > cause host MCE due to inconsistent cache attribute.
> >
> > The patch set IGMT bit in EPT entry to ignore guest PAT and use WB as
> > default memory type to protect host (notice that all memory mapped by KVM
> > should be WB).
>
> So this seems incompatible with hardware passthrough, since that would
> require being able to map guest memory as something other than WB.  Is
> there a fix for that?

Well, this comment is for 2.6.27/2.6.28 which lacks of EPT memory type 
support, so it based on the assumption there is no memory type other than WB 
for EPT... And indeed a new fix is needed for 2.6.28 which lacks of EPT memory 
type support and got device assignment, but we haven't decided yet how to 
fix...

It's compatible with hardware passthrough, if kernel got EPT memory type(as 
current KVM upstream). The EPT memory type derived from guest MTRR, and guest 
would set MMIO region as UC, then the EPT memory type in EPT entry was UC, and 
this determined the memory type. Well, still a issue here, guest and host may 
access same region of memory use different memory type, and we are still in the 
discussion...

-- 
regards
Yang, Sheng

>
> Regards,
>
> Anthony Liguori
>
> > Signed-off-by: Sheng Yang <sheng@linux.intel.com>
> > ---
> >  arch/x86/kvm/vmx.c |    3 ++-
> >  arch/x86/kvm/vmx.h |    1 +
> >  2 files changed, 3 insertions(+), 1 deletions(-)
> >
> > diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> > index 7041cc5..8277466 100644
> > --- a/arch/x86/kvm/vmx.c
> > +++ b/arch/x86/kvm/vmx.c
> > @@ -3300,7 +3300,8 @@ static int __init vmx_init(void)
> >  		bypass_guest_pf = 0;
> >  		kvm_mmu_set_base_ptes(VMX_EPT_READABLE_MASK |
> >  			VMX_EPT_WRITABLE_MASK |
> > -			VMX_EPT_DEFAULT_MT << VMX_EPT_MT_EPTE_SHIFT);
> > +			VMX_EPT_DEFAULT_MT << VMX_EPT_MT_EPTE_SHIFT |
> > +			VMX_EPT_IGMT_BIT);
> >  		kvm_mmu_set_mask_ptes(0ull, 0ull, 0ull, 0ull,
> >  				VMX_EPT_EXECUTABLE_MASK);
> >  		kvm_enable_tdp();
> > diff --git a/arch/x86/kvm/vmx.h b/arch/x86/kvm/vmx.h
> > index 23e8373..198cdf3 100644
> > --- a/arch/x86/kvm/vmx.h
> > +++ b/arch/x86/kvm/vmx.h
> > @@ -370,6 +370,7 @@ enum vmcs_field {
> >  #define VMX_EPT_READABLE_MASK			0x1ull
> >  #define VMX_EPT_WRITABLE_MASK			0x2ull
> >  #define VMX_EPT_EXECUTABLE_MASK			0x4ull
> > +#define VMX_EPT_IGMT_BIT    			(1ull << 6)
> >
> >  #define VMX_EPT_IDENTITY_PAGETABLE_ADDR		0xfffbc000ul


^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2008-11-07  1:29 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-11-06  6:55 [PATCH] KVM: VMX: Set IGMT bit in EPT entry Sheng Yang
2008-11-06 12:54 ` Avi Kivity
2008-11-06 13:47 ` Anthony Liguori
2008-11-07  1:26   ` Sheng Yang

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox