[Qemu-devel] [PATCH 0/5] x86: Physical address limit patches

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

From: "Dr. David Alan Gilbert (git)" <dgilbert@redhat.com>
To: qemu-devel@nongnu.org, pbonzini@redhat.com, aarcange@redhat.com,
	ehabkost@redhat.com
Subject: [Qemu-devel] [PATCH 0/5] x86: Physical address limit patches
Date: Thu, 16 Jun 2016 18:12:08 +0100	[thread overview]
Message-ID: <1466097133-5489-1-git-send-email-dgilbert@redhat.com> (raw)

From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>

QEMU sets the guests physical address bits to 40; this is wrong
on most hardware, and can theoretically be detected by the guest.
It also stops you using really huge multi-TB VMs.

Red Hat has had a patch, that Andrea wrote, downstream for a couple
of years that reads the hosts value and uses that in the guest.  That's
correct as far as the guest sees it, and lets you create huge VMs.

The downside, is that if you've got a mix of hosts, say an i7 and a Xeon,
life gets complicated in migration; prior to 2.6 it all apparently
worked (although a guest that looked might spot the change).
In 2.6 Paolo started checking MSR writes and they failed when the 
incoming MTRR mask didn't fit.

This series:
   a) Fixes up mtrr masks so that if you're migrating between hosts
      of different physical address size it tries to do something sensible.

   b) Lets you specify the guest physical address size via a CPU property, i.e.
        -cpu SandyBridge,phys-bits=36

      The default is to use the existing 40 bits value.

   c) Lets you tell qemu to use the same setting as the host, i.e.
        -cpu SandyBridge,phys-bits=0

Note that mixed size hosts are still not necessarily safe; a guest
started on a host with a large physical address size might start using
those bits and get upset when it's moved to a small host.
However that was already potentially broken in existing qemu that
used a magic value of 40.

There's potential to add some extra guards against people
doing silly stuff; e.g. stop people running VMs using 1TB of
address space on a tiny host.

Dave

Dr. David Alan Gilbert (5):
  BIT_RANGE convenience macro
  x86: Mask mtrr mask based on CPU physical address limits
  x86: fill high bits of mtrr mask
  x86: Allow physical address bits to be set
  x86: Set physical address bits based on host

 include/hw/i386/pc.h  |  5 +++++
 include/qemu/bitops.h |  3 +++
 target-i386/cpu.c     | 36 +++++++++++++++++++++++++++++++++---
 target-i386/cpu.h     |  7 +++++++
 target-i386/kvm.c     | 38 +++++++++++++++++++++++++++++++++++---
 5 files changed, 83 insertions(+), 6 deletions(-)

-- 
2.7.4

next             reply	other threads:[~2016-06-16 17:12 UTC|newest]

Thread overview: 73+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-06-16 17:12 Dr. David Alan Gilbert (git) [this message]
2016-06-16 17:12 ` [Qemu-devel] [PATCH 1/5] BIT_RANGE convenience macro Dr. David Alan Gilbert (git)
2016-06-16 17:23   ` Paolo Bonzini
2016-06-16 17:24     ` Dr. David Alan Gilbert
2016-06-16 18:01   ` Peter Maydell
2016-06-16 18:05     ` Paolo Bonzini
2016-06-20 14:11     ` Dr. David Alan Gilbert
2016-06-20 14:17       ` Peter Maydell
2016-06-16 17:12 ` [Qemu-devel] [PATCH 2/5] x86: Mask mtrr mask based on CPU physical address limits Dr. David Alan Gilbert (git)
2016-06-16 19:59   ` Eduardo Habkost
2016-06-17  8:23     ` Dr. David Alan Gilbert
2016-06-17 12:13     ` Paolo Bonzini
2016-06-16 17:12 ` [Qemu-devel] [PATCH 3/5] x86: fill high bits of mtrr mask Dr. David Alan Gilbert (git)
2016-06-16 20:14   ` Eduardo Habkost
2016-06-17  7:47     ` Paolo Bonzini
2016-06-17 12:46       ` Eduardo Habkost
2016-06-17 13:01         ` Paolo Bonzini
2016-06-17 13:41           ` Eduardo Habkost
2016-06-17 14:25             ` Paolo Bonzini
2016-06-17 15:27               ` Eduardo Habkost
2016-06-17 15:29                 ` Paolo Bonzini
2016-06-17 15:35                   ` Eduardo Habkost
2016-06-17 13:51           ` Dr. David Alan Gilbert
2016-06-17 14:19             ` Paolo Bonzini
2016-06-17  8:53     ` Dr. David Alan Gilbert
2016-06-16 17:12 ` [Qemu-devel] [PATCH 4/5] x86: Allow physical address bits to be set Dr. David Alan Gilbert (git)
2016-06-16 17:26   ` Paolo Bonzini
2016-06-16 18:09     ` Eduardo Habkost
2016-06-16 20:24   ` Eduardo Habkost
2016-06-17  8:15     ` Dr. David Alan Gilbert
2016-06-17  8:43       ` Paolo Bonzini
2016-06-17  9:17         ` Gerd Hoffmann
2016-06-17  9:52           ` Igor Mammedov
2016-06-17 11:20             ` Gerd Hoffmann
2016-06-17 16:20               ` Laszlo Ersek
2016-06-17 16:07             ` Laszlo Ersek
2016-06-19 16:13               ` Marcel Apfelbaum
2016-06-20 10:42                 ` Igor Mammedov
2016-06-20 11:13                   ` Marcel Apfelbaum
2016-06-17  9:37       ` Dr. David Alan Gilbert
2016-06-17  9:54         ` Paolo Bonzini
2016-06-17 13:18       ` Eduardo Habkost
2016-06-17 13:38         ` Paolo Bonzini
2016-06-17 15:19           ` Eduardo Habkost
2016-06-17 15:28             ` Paolo Bonzini
2016-06-17 15:49               ` Eduardo Habkost
2016-06-21 19:44                 ` [Qemu-devel] Default for phys-addr-bits? (was Re: [PATCH 4/5] x86: Allow physical address bits to be set) Eduardo Habkost
2016-06-22 12:41                   ` Paolo Bonzini
2016-06-22 14:24                     ` Andrea Arcangeli
2016-06-22 14:33                       ` Paolo Bonzini
2016-06-22 14:44                         ` Andrea Arcangeli
2016-06-22 14:48                           ` Paolo Bonzini
2016-06-22 15:02                             ` Andrea Arcangeli
2016-06-22 22:44                       ` Michael S. Tsirkin
2016-06-22 23:23                         ` Andrea Arcangeli
2016-06-22 23:45                           ` Michael S. Tsirkin
2016-06-23  8:40                             ` Gerd Hoffmann
2016-06-23 16:38                               ` Michael S. Tsirkin
2016-06-24  5:55                                 ` Gerd Hoffmann
2016-06-24 23:12                                   ` Michael S. Tsirkin
2016-06-29 16:42                               ` Dr. David Alan Gilbert
2016-06-30  6:10                                 ` Gerd Hoffmann
2016-06-30 10:59                                   ` Dr. David Alan Gilbert
2016-06-30 16:14                                     ` Gerd Hoffmann
2016-06-30 17:12                                       ` Dr. David Alan Gilbert
2016-07-01 19:03                                       ` Dr. David Alan Gilbert
2016-06-22 22:40                     ` Michael S. Tsirkin
2016-06-22 23:15                       ` Andrea Arcangeli
2016-06-19  3:36           ` [Qemu-devel] [PATCH 4/5] x86: Allow physical address bits to be set Michael S. Tsirkin
2016-06-20  7:04             ` Paolo Bonzini
2016-06-17 14:24         ` Marcel Apfelbaum
2016-06-16 17:12 ` [Qemu-devel] [PATCH 5/5] x86: Set physical address bits based on host Dr. David Alan Gilbert (git)
2016-06-17  7:25   ` Igor Mammedov

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1466097133-5489-1-git-send-email-dgilbert@redhat.com \
    --to=dgilbert@redhat.com \
    --cc=aarcange@redhat.com \
    --cc=ehabkost@redhat.com \
    --cc=pbonzini@redhat.com \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).