lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <gcyh7dlszzaj3wnp3fu3x6loedfhzds55kxvubxm53deb4yodm@3xk4mt32nf3j>
Date: Tue, 18 Nov 2025 23:22:00 +0000
From: Yosry Ahmed <yosry.ahmed@...ux.dev>
To: Jim Mattson <jmattson@...gle.com>
Cc: Sean Christopherson <seanjc@...gle.com>, 
	Paolo Bonzini <pbonzini@...hat.com>, kvm@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 00/23] Extend test coverage for nested SVM

On Tue, Nov 18, 2025 at 03:00:26PM -0800, Jim Mattson wrote:
> On Tue, Nov 18, 2025 at 2:26 PM Yosry Ahmed <yosry.ahmed@...ux.dev> wrote:
> >
> > On Tue, Oct 21, 2025 at 07:47:13AM +0000, Yosry Ahmed wrote:
> > > There are multiple selftests exercising nested VMX that are not specific
> > > to VMX (at least not anymore). Extend their coverage to nested SVM.
> > >
> > > This version is significantly different (and longer) than v1 [1], mainly
> > > due to the change of direction to reuse __virt_pg_map() for nested EPT/NPT
> > > mappings instead of extending the existing nested EPT infrastructure. It
> > > also has a lot more fixups and cleanups.
> > >
> > > This series depends on two other series:
> > > - "KVM: SVM: GIF and EFER.SVME are independent" [2]
> > > - "KVM: selftests: Add test of SET_NESTED_STATE with 48-bit L2 on 57-bit L1" [3]
> >
> > v2 of Jim's series switches all tests to use 57-bit by default when
> > available:
> > https://lore.kernel.org/kvm/20251028225827.2269128-4-jmattson@google.com/
> >
> > This breaks moving nested EPT mappings to use __virt_pg_map() because
> > nested EPTs are hardcoded to use 4-level paging, while __virt_pg_map()
> > will assume we're using 5-level paging.
> >
> > Patch #16 ("KVM: selftests: Use __virt_pg_map() for nested EPTs") will
> > need the following diff to make nested EPTs use the same paging level as
> > the guest:
> >
> > diff --git a/tools/testing/selftests/kvm/lib/x86_64/vmx.c b/tools/testing/selftests/kvm/lib/x86_64/vmx.c
> > index 358143bf8dd0d..8bacb74c00053 100644
> > --- a/tools/testing/selftests/kvm/lib/x86/vmx.c
> > +++ b/tools/testing/selftests/kvm/lib/x86/vmx.c
> > @@ -203,7 +203,7 @@ static inline void init_vmcs_control_fields(struct vmx_pages *vmx)
> >                 uint64_t ept_paddr;
> >                 struct eptPageTablePointer eptp = {
> >                         .memory_type = X86_MEMTYPE_WB,
> > -                       .page_walk_length = 3, /* + 1 */
> > +                       .page_walk_length = get_cr4() & X86_CR4_LA57 ? 4 : 3, /* + 1 */
> 
> LA57 does not imply support for 5-level EPT. (SRF, IIRC)

Huh, that's annoying. We can keep the EPTs hardcoded to 4 levels and
pass in the max level to __virt_pg_map() instead of hardcoding
vm->pgtable_levels.

Sean, let me know how you want to handle this. I can fix this and rebase
the series (or part of it?), or you can fix it up if you prefer to do
so.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ