From: Tao Su <tao1.su@linux.intel.com>
To: Jim Mattson <jmattson@google.com>
Cc: kvm@vger.kernel.org, seanjc@google.com, pbonzini@redhat.com,
eddie.dong@intel.com, chao.gao@intel.com, xiaoyao.li@intel.com,
yuan.yao@linux.intel.com, yi1.lai@intel.com,
xudong.hao@intel.com, chao.p.peng@intel.com
Subject: Re: [PATCH 2/2] x86: KVM: Emulate instruction when GPA can't be translated by EPT
Date: Mon, 8 Jan 2024 21:48:17 +0800 [thread overview]
Message-ID: <ZZv9ISKuJs66ZCbz@linux.bj.intel.com> (raw)
In-Reply-To: <CALMp9eT=s7eifhmJZ4uQNTABQi+r9-JyjjUVt-Rj-B=y0+mbPA@mail.gmail.com>
On Wed, Dec 20, 2023 at 05:42:56AM -0800, Jim Mattson wrote:
> On Mon, Dec 18, 2023 at 6:08 AM Tao Su <tao1.su@linux.intel.com> wrote:
> >
> > With 4-level EPT, bits 51:48 of the guest physical address must all
> > be zero; otherwise, an EPT violation always occurs, which is an unexpected
> > VM exit in KVM currently.
> >
> > Even though KVM advertises the max physical bits to guest, guest may
> > ignore MAXPHYADDR in CPUID and set a bigger physical bits to KVM.
> > Rejecting invalid guest physical bits on KVM side is a choice, but it will
> > break current KVM ABI, e.g., current QEMU ignores the physical bits
> > advertised by KVM and uses host physical bits as guest physical bits by
> > default when using '-cpu host', although we would like to send a patch to
> > QEMU, it will still cause backward compatibility issues.
> >
> > For GPA that can't be translated by EPT but within host.MAXPHYADDR,
> > emulation should be the best choice since KVM will inject #PF for the
> > invalid GPA in guest's perspective and try to emulate the instructions
> > which minimizes the impact on guests as much as possible.
> >
> > Signed-off-by: Tao Su <tao1.su@linux.intel.com>
> > Tested-by: Yi Lai <yi1.lai@intel.com>
> > ---
> > arch/x86/kvm/vmx/vmx.c | 7 +++++++
> > 1 file changed, 7 insertions(+)
> >
> > diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
> > index be20a60047b1..a8aa2cfa2f5d 100644
> > --- a/arch/x86/kvm/vmx/vmx.c
> > +++ b/arch/x86/kvm/vmx/vmx.c
> > @@ -5774,6 +5774,13 @@ static int handle_ept_violation(struct kvm_vcpu *vcpu)
> >
> > vcpu->arch.exit_qualification = exit_qualification;
> >
> > + /*
> > + * Emulate the instruction when accessing a GPA which is set any bits
> > + * beyond guest-physical bits that EPT can translate.
> > + */
> > + if (unlikely(gpa & rsvd_bits(kvm_mmu_tdp_maxphyaddr(), 63)))
> > + return kvm_emulate_instruction(vcpu, 0);
> > +
>
> This doesn't really work, since the KVM instruction emulator is
> woefully incomplete. To make this work, first you have to teach the
> KVM instruction emulator how to emulate *all* memory-accessing
> instructions.
Please forget allow_smaller_maxphyaddr and #PF for a while.
I agree KVM instruction emulator is incomplete. However, hardware can’t
execute instructions with GPA>48-bit and exits to KVM, KVM just repeatedly
builds SPTE, I.e., current KVM is buggy.
In this case, emulation may be a choice, I.e., KVM can emulate most common
instructions which reflects KVM's best efforts to maintain an environment for
continued execution. Even if some instructions can’t be emulated, it can
terminate the guest and will not make KVM silently hang there.
Thanks,
Tao
>
> > /*
> > * Check that the GPA doesn't exceed physical memory limits, as that is
> > * a guest page fault. We have to emulate the instruction here, because
> > --
> > 2.34.1
> >
> >
next prev parent reply other threads:[~2024-01-08 13:51 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-12-18 14:05 [PATCH 0/2] x86: KVM: Limit guest physical bits when 5-level EPT is unsupported Tao Su
2023-12-18 14:05 ` [PATCH 1/2] " Tao Su
2023-12-18 15:13 ` Sean Christopherson
2023-12-19 2:51 ` Chao Gao
2023-12-19 3:40 ` Jim Mattson
2023-12-19 8:09 ` Chao Gao
2023-12-19 15:26 ` Sean Christopherson
2023-12-20 7:16 ` Xiaoyao Li
2023-12-20 15:37 ` Sean Christopherson
2023-12-20 11:59 ` Tao Su
2023-12-20 13:39 ` Jim Mattson
2023-12-19 8:31 ` Tao Su
2023-12-20 16:28 ` Sean Christopherson
2023-12-21 7:45 ` Tao Su
2023-12-21 8:19 ` Xu Yilun
2024-01-02 23:24 ` Sean Christopherson
2024-01-03 0:34 ` Jim Mattson
2024-01-03 18:04 ` Sean Christopherson
2024-01-04 2:45 ` Chao Gao
2024-01-04 3:40 ` Jim Mattson
2024-01-04 4:34 ` Jim Mattson
2024-01-04 11:56 ` Tao Su
2024-01-04 14:03 ` Jim Mattson
2024-01-04 15:07 ` Chao Gao
2024-01-04 17:02 ` Jim Mattson
2024-01-05 20:26 ` Sean Christopherson
2024-01-08 13:45 ` Tao Su
2024-01-08 15:29 ` Sean Christopherson
2023-12-18 14:05 ` [PATCH 2/2] x86: KVM: Emulate instruction when GPA can't be translated by EPT Tao Su
2023-12-18 15:23 ` Sean Christopherson
2023-12-19 3:10 ` Chao Gao
2023-12-20 13:42 ` Jim Mattson
2024-01-08 13:48 ` Tao Su [this message]
2024-01-08 15:19 ` Sean Christopherson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZZv9ISKuJs66ZCbz@linux.bj.intel.com \
--to=tao1.su@linux.intel.com \
--cc=chao.gao@intel.com \
--cc=chao.p.peng@intel.com \
--cc=eddie.dong@intel.com \
--cc=jmattson@google.com \
--cc=kvm@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=seanjc@google.com \
--cc=xiaoyao.li@intel.com \
--cc=xudong.hao@intel.com \
--cc=yi1.lai@intel.com \
--cc=yuan.yao@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox