lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <YR1EPNRNtIZZ7LXd@google.com>
Date:   Wed, 18 Aug 2021 17:32:44 +0000
From:   Sean Christopherson <seanjc@...gle.com>
To:     Wei Huang <wei.huang2@....com>
Cc:     kvm@...r.kernel.org, linux-kernel@...r.kernel.org,
        pbonzini@...hat.com, vkuznets@...hat.com, wanpengli@...cent.com,
        jmattson@...gle.com, joro@...tes.org, tglx@...utronix.de,
        mingo@...hat.com, bp@...en8.de, x86@...nel.org, hpa@...or.com
Subject: Re: [PATCH v3 3/3] KVM: SVM: Add 5-level page table support for SVM

On Wed, Aug 18, 2021, Wei Huang wrote:
> When the 5-level page table is enabled on host OS, the nested page table
> for guest VMs must use 5-level as well. Update get_npt_level() function
> to reflect this requirement. In the meanwhile, remove the code that
> prevents kvm-amd driver from being loaded when 5-level page table is
> detected.
> 
> Signed-off-by: Wei Huang <wei.huang2@....com>
> Signed-off-by: Paolo Bonzini <pbonzini@...hat.com>

If this patch authored by Paolo, he needs to be attributed via From:.  If Paolo
is a co-author, he needs a Co-developed-by:.  If either of those is true, your
SOB needs to be last in the chain since you are the last handler of the patch.
If neither is true, Paolo's SOB should be removed.

> ---
>  arch/x86/kvm/svm/svm.c | 9 +++------
>  1 file changed, 3 insertions(+), 6 deletions(-)
> 
> diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
> index b34840a2ffa7..ecc4bb8e4ea0 100644
> --- a/arch/x86/kvm/svm/svm.c
> +++ b/arch/x86/kvm/svm/svm.c
> @@ -261,7 +261,9 @@ u32 svm_msrpm_offset(u32 msr)
>  static int get_max_npt_level(void)
>  {
>  #ifdef CONFIG_X86_64
> -	return PT64_ROOT_4LEVEL;
> +	bool la57 = (cr4_read_shadow() & X86_CR4_LA57) != 0;
> +
> +	return la57 ? PT64_ROOT_5LEVEL : PT64_ROOT_4LEVEL;

Why obfuscate this?  KVM is completely hosed if pgtable_l5_enabled() doesn't
match host CR4.  E.g.

	return pgtable_l5_enabled() ? PT64_ROOT_5LEVEL : PT64_ROOT_4LEVEL;

>  #else
>  	return PT32E_ROOT_LEVEL;
>  #endif
> @@ -462,11 +464,6 @@ static int has_svm(void)
>  		return 0;
>  	}
>  
> -	if (pgtable_l5_enabled()) {
> -		pr_info("KVM doesn't yet support 5-level paging on AMD SVM\n");
> -		return 0;
> -	}
> -
>  	return 1;
>  }
>  
> -- 
> 2.31.1
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ