diff options
| author | Maxim Levitsky <mlevitsk@redhat.com> | 2024-09-06 18:18:23 -0400 | 
|---|---|---|
| committer | Sean Christopherson <seanjc@google.com> | 2024-11-01 09:22:26 -0700 | 
| commit | 9245fd6b8531497d129a7a6e3eef258042862f85 (patch) | |
| tree | cc562e86d66c93f5652552dc1772ca0eb1cdccfb /rust/helpers/mutex.c | |
| parent | c534b37b7584e2abc5d487b4e017f61a61959ca9 (diff) | |
KVM: x86: model canonical checks more precisely
As a result of a recent investigation, it was determined that x86 CPUs
which support 5-level paging, don't always respect CR4.LA57 when doing
canonical checks.
In particular:
1. MSRs which contain a linear address, allow full 57-bitcanonical address
regardless of CR4.LA57 state. For example: MSR_KERNEL_GS_BASE.
2. All hidden segment bases and GDT/IDT bases also behave like MSRs.
This means that full 57-bit canonical address can be loaded to them
regardless of CR4.LA57, both using MSRS (e.g GS_BASE) and instructions
(e.g LGDT).
3. TLB invalidation instructions also allow the user to use full 57-bit
address regardless of the CR4.LA57.
Finally, it must be noted that the CPU doesn't prevent the user from
disabling 5-level paging, even when the full 57-bit canonical address is
present in one of the registers mentioned above (e.g GDT base).
In fact, this can happen without any userspace help, when the CPU enters
SMM mode - some MSRs, for example MSR_KERNEL_GS_BASE are left to contain
a non-canonical address in regard to the new mode.
Since most of the affected MSRs and all segment bases can be read and
written freely by the guest without any KVM intervention, this patch makes
the emulator closely follow hardware behavior, which means that the
emulator doesn't take in the account the guest CPUID support for 5-level
paging, and only takes in the account the host CPU support.
Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
Link: https://lore.kernel.org/r/20240906221824.491834-4-mlevitsk@redhat.com
Signed-off-by: Sean Christopherson <seanjc@google.com>
Diffstat (limited to 'rust/helpers/mutex.c')
0 files changed, 0 insertions, 0 deletions
