From: Hans-Jörg Höxer Subject: amd64 SEV/pmap: Use PG_FRAME on virtual addresses To: , , Cc: Date: Mon, 2 Sep 2024 18:39:03 +0200 Hi, running as a SEV guest we now calculate the page frame mask from the CPUID provided "physical address bit reduction". In amd64 pmap code we use now the variable pg_frame instead of the define PG_FRAME (0x000ffffffffff000). There is one instance in pmap code, where pg_frame is applied to virtual addresses, not physical addresses. I found a machine, where the address bit reduction is rather large (six bits). So the calculated pg_frame is 0x00003fffffe00000. However, on amd64 VM_MAX_ADDRESS is defined as 0x00007fbfdfeff000. So masking such a large virtual address with pg_frame on that machine causes havoc. Therefore, when masking VAs we still have to use PG_FRAME. I've re-checked the other applications of pg_mask, those should be ok. Thoughts? Take care, HJ. --------------------------------------------------------------------------- commit bb02fd22fc19f6e8222d097794d775d226db84ec Author: Hans-Joerg Hoexer Date: Thu Aug 8 19:27:30 2024 +0200 kern: use PG_FRAME when masking virtual addresses diff --git a/sys/arch/amd64/amd64/pmap.c b/sys/arch/amd64/amd64/pmap.c index cf8e59287e4..a9155d239b7 100644 --- a/sys/arch/amd64/amd64/pmap.c +++ b/sys/arch/amd64/amd64/pmap.c @@ -2159,8 +2159,8 @@ pmap_write_protect(struct pmap *pmap, vaddr_t sva, vaddr_t eva, vm_prot_t prot) shootself = (scr3 == 0); /* should be ok, but just in case ... */ - sva &= pg_frame; - eva &= pg_frame; + sva &= PG_FRAME; + eva &= PG_FRAME; if (!(prot & PROT_READ)) set |= pg_xo;