-
Notifications
You must be signed in to change notification settings - Fork 1.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
KVM: fillAddressSpace broken when physical address space is greater than 46 bits #208
Comments
FYI, If SME/SEV is enabled on AMD Naples system then physical address space is reduced by a few bits. $ cat /proc/cpuinfo |
I looked at the code today. Currently, PhysicalAddressBits() uses CPUID 0x80000008 to query the number of bits in physical address. On AMD Zen core, if memory encryption is enabled then the physical address is reduced. The number of bits reduced from physical address space is available via CPUID 0x8000_001F. So, we first need to check if leaf 8000_001F exist, if so check whether SME is enabled. When enabled CPUID 0x8000_001F.EBX[5:0] can be used to get the number of reduced physical bits. Here is my naive attempt to fix it. But this is causing compilation error
|
copy/paste the patch in reply is messed up, you can see the patch here: https://gist.github.com/codomania/ec7080b82c56d9063bdc3c6ab398c0f4 |
You can find more information about the CPUID in AMD APM or kernel doc https://www.kernel.org/doc/Documentation/x86/amd-memory-encryption.txt |
Thanks, that's very helpful. I don't think rdmsr will work in userspace -- do you know how else this information is exposed to a regular userspace process? I suspect that we may need to shrink the address space regardless of whether it's currently enabled or not. E.g., if the leaf exists then just shrink by (bx >> 6) & 0x3f. But wait -- does SEV affect the guest physical address size? That's what we care about here. The kernel docs seem to indicate no. |
Right, rdmsr will not work from userspace. So far there was no need for userspace applications to know whether SME is enabled. The SME is transparently handled inside the kernel. userspace does not need to know about it. Having said so, there was some discussion about providing a sysfs for SME which can expose the information like this. Maybe we can take this opportunity to restart the discussion on LKML about providing a sysfs. IMO, it's safe to shrink the physical address bit regardless of SME state. Yes, the physical address size reduction is not applicable in SEV guest. |
Apparently some platforms don't have pSize < vSize. Fixes google#208 PiperOrigin-RevId: 245480998 Change-Id: I2a98229912f4ccbfcd8e79dfa355104f14275a9c Upstream-commit: 5749f64
kvm.fillAddressSpace effectively assumes that ring0.PhysicalAddressBits() returns 46 or less, as VirtualAddressBits is (effectively) always 48, which we then cut in half for the kernel address space.
A 48-bit physical address space is at least possible on AMD Naples cores:
The text was updated successfully, but these errors were encountered: