qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [PATCH v3 0/4] x86: Physical address limit patches

From: Dr. David Alan Gilbert (git)
Subject: [Qemu-devel] [PATCH v3 0/4] x86: Physical address limit patches
Date: Tue, 5 Jul 2016 20:03:14 +0100 
From: "Dr. David Alan Gilbert" <address@hidden>

QEMU sets the guests physical address bits to 40; this is wrong
on most hardware, and can be detected by the guest.
It also stops you using really huge multi-TB VMs.

Red Hat has had a patch, that Andrea wrote, downstream for a couple
of years that reads the hosts value and uses that in the guest.  That's
correct as far as the guest sees it, and lets you create huge VMs.

The downside, is that if you've got a mix of hosts, say an i7 and a Xeon,
life gets complicated in migration; prior to 2.6 it all apparently
worked (although a guest that looked might spot the change).
In 2.6 Paolo started checking MSR writes and they failed when the
incoming MTRR mask didn't fit.

This series:
   a) Fixes up mtrr masks so that if you're migrating between hosts
      of different physical address size it tries to do something sensible.

   b) Lets you specify the guest physical address size via a CPU property, i.e.
        -cpu SandyBridge,phys-bits=36

      The default is still to use the existing 40 bits value.

   c) Lets you tell qemu to use the same setting as the host, i.e.
        -cpu SandyBridge,phys-bits=0

Note that mixed size hosts are still not necessarily safe; a guest
started on a host with a large physical address size might start using
those bits and get upset when it's moved to a small host.
However that was already potentially broken in existing qemu that
used a magic value of 40.

There's potential to add some extra guards against people
doing silly stuff; e.g. stop people running VMs using 1TB of
address space on a tiny host.

(* Note I need to do some more testing on this version; but it passes
the smoke test; I'll report back on that but wanted people to comment
if this is closer to what people wanted).

Dave

v3
  Leave the default behaviour as before rather than switching to host behaviour
  Use 9999 as the default value so that we can tell later if the value
     is a user specified value or the default
  Make the host mismatch warning only warn once and not in compat case
  Only use host-bits in kvm mode
  Don't allow explicit setting in 32bit mode
  Flattened the warning & 32 bit patches into the other patches



Dr. David Alan Gilbert (4):
  x86: Allow physical address bits to be set
  x86: Mask mtrr mask based on CPU physical address limits
  x86: fill high bits of mtrr mask
  x86: Set physical address bits based on host

 include/hw/i386/pc.h |  5 +++
 target-i386/cpu.c    | 97 +++++++++++++++++++++++++++++++++++++++++++++++-----
 target-i386/cpu.h    |  6 ++++
 target-i386/kvm.c    | 37 ++++++++++++++++++--
 4 files changed, 133 insertions(+), 12 deletions(-)

-- 
2.7.4
reply via email to
[Prev in Thread] Current Thread [Next in Thread]