From 5208ff86c83db70cd3c2040e5ceafe27c68352bf Mon Sep 17 00:00:00 2001
From: Qiu Wenbo <qiuwenbo@phytium.com.cn>
Date: Wed, 4 Dec 2019 20:29:09 +0800
Subject: [PATCH] vmm: Detect and handle AMD SME (Secure Memory Encryption)

Some physical address bits may become reserved in page table when SME
is enabled on AMD platform. Guest will trigger a reserved bit
violation page fault in this case due to write these reserved bits to 1
in page table. We need reduce the reserved bits to get the right
physical address range.

Signed-off-by: Qiu Wenbo <qiuwenbo@phytium.com.cn>
---
 vmm/src/vm.rs | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/vmm/src/vm.rs b/vmm/src/vm.rs
index 2fb941b74..c5dc3ef47 100755
--- a/vmm/src/vm.rs
+++ b/vmm/src/vm.rs
@@ -213,9 +213,23 @@ fn get_host_cpu_phys_bits() -> u8 {
     unsafe {
         let leaf = x86_64::__cpuid(0x8000_0000);
 
+        // Detect and handle AMD SME (Secure Memory Encryption) properly.
+        // Some physical address bits may become reserved when the feature is enabled.
+        // See AMD64 Architecture Programmer's Manual Volume 2, Section 7.10.1
+        let reduced = if leaf.eax >= 0x8000_001f
+            && leaf.ebx == 0x6874_7541    // Vendor ID: AuthenticAMD
+            && leaf.ecx == 0x444d_4163
+            && leaf.edx == 0x6974_6e65
+            && x86_64::__cpuid(0x8000_001f).eax & 0x1 != 0
+        {
+            (x86_64::__cpuid(0x8000_001f).ebx >> 6) & 0x3f
+        } else {
+            0
+        };
+
         if leaf.eax >= 0x8000_0008 {
             let leaf = x86_64::__cpuid(0x8000_0008);
-            (leaf.eax & 0xff) as u8
+            ((leaf.eax & 0xff) - reduced) as u8
         } else {
             36
         }