[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] x86/paging: restrict physical address width reported to guests


  • To: Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Mon, 18 Oct 2021 16:13:48 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=/OrEeaixkF0Y9PlxWXxua5NQ52g/p32JvW5cL3gsTB0=; b=LEClWOSlZ3Y9km81RjiesPeaKQSNW7GA3P4lEV4I11FgCgA14UBKbg5NkpEVGsW7O1O6qTvZz9lJaBqRO3QO7r5rypr+tsXUdlJLK8Z4bwL2+EB5Apucp9N2xoBnIaNj8v0ztplJrZxG3/geCxfa3+xJyvA2gUWlzQLuTvABTIx0bZd8imzO54oAeqCGy7AR3+e6I3mHa9sEEj2yZlSUPyhv7uxh9JjAQnlMyVieNQRMfbgueJdWLGf0ERrQuNIKVij4X7knt+WZJY5W9H4bMV+C2pgeQNSIg7YGYubi1q4lghiI7lW2PmBKvY4V+4DcgzCnJEmAFU7lLxyCqHa1Cw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QSV10rQIS44so6poFafC3eu1kgOaqgZ7nLOwl9FeiNRRaNyRkqS0p2sIW98jrL2ffOZ5Gs0lcIP3iXSAR6lQUv5AdKZaZACSZDwpp96TrSONhz6qJz1bHi4G9yvUMbOCUmnDyP1g+qMR4R3tvHqKnwu66hhxGF/2RUxUM3jArszXTUbvEtvIotKTx6g0TAMoKPkqbc4p2v3a1oZUSfL9v7UuOPdRv+4DOYKKQ60pCH4N13QyHJa3bckg3vEKYt3nfXzO84tTJJp1mdsDU0seg0IyOOY1etPBnxaEUPpbzFPum7B/oPCsMEO1WfedqRVqzZQGSutfIi13KzBWFBEbpg==
  • Authentication-results: xen.org; dkim=none (message not signed) header.d=none;xen.org; dmarc=none action=none header.from=suse.com;
  • Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>
  • Delivery-date: Mon, 18 Oct 2021 14:13:58 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 18.10.2021 15:46, Roger Pau Monné wrote:
> On Wed, Sep 29, 2021 at 02:47:49PM +0200, Jan Beulich wrote:
>> Modern hardware may report more than 48 bits of physical address width.
>> For paging-external guests our P2M implementation does not cope with
>> larger values. Telling the guest of more available bits means misleading
>> it into perhaps trying to actually put some page there (like was e.g.
>> intermediately done in OVMF for the shared info page).
>>
>> While there also convert the PV check to a paging-external one (which in
>> our current code base are synonyms of one another anyway).
>>
>> Fixes: 5dbd60e16a1f ("x86/shadow: Correct guest behaviour when creating PTEs 
>> above maxphysaddr")
>> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
> 
> Reviewed-by: Roger Pau Monné <roger.pau@xxxxxxxxxx>

Thanks.

>> --- a/xen/include/asm-x86/paging.h
>> +++ b/xen/include/asm-x86/paging.h
>> @@ -401,11 +401,18 @@ static always_inline unsigned int paging
>>  {
>>      unsigned int bits = paging_mode_hap(d) ? hap_paddr_bits : paddr_bits;
>>  
>> -    if ( !IS_ENABLED(CONFIG_BIGMEM) && paging_mode_shadow(d) &&
>> -         !is_pv_domain(d) )
>> +    if ( paging_mode_external(d) )
>>      {
>> -        /* Shadowed superpages store GFNs in 32-bit page_info fields. */
>> -        bits = min(bits, 32U + PAGE_SHIFT);
>> +        if ( !IS_ENABLED(CONFIG_BIGMEM) && paging_mode_shadow(d) )
>> +        {
>> +            /* Shadowed superpages store GFNs in 32-bit page_info fields. */
>> +            bits = min(bits, 32U + PAGE_SHIFT);
>> +        }
>> +        else
>> +        {
>> +            /* Both p2m-ept and p2m-pt only support 4-level page tables. */
>> +            bits = min(bits, 48U);
> 
> It would be nice if there was a way to not have to manually change the
> values here if we ever support 5-level page tables for example, but I
> don't know of any way.

Well, I have a vague plan, along the lines of "IOMMU: have vendor
code announce supported page sizes": Once the value isn't constant
anymore, vendor code needs to supply it.

Jan




 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.