On 06.04.2022 17:15, Julien Grall wrote:
> On 06/04/2022 15:44, Jan Beulich wrote:
>> c49ee0329ff3 ("SUPPORT.md: limit security support for hosts with very
>> much memory"), as a result of XSA-385, restricted security support to
>> 8 TiB of host memory. Extend this to 12 TiB, putting in place a guest
>> restriction to 8 TiB in exchange.
>
> And this is even without CONFIG_BIGMEM?
Yes. BIGMEM only matters when memory extends past the 16 TiB boundary
(i.e. when frame numbers with ore than 32 significant bits appear).
>> --- a/SUPPORT.md
>> +++ b/SUPPORT.md
>> @@ -50,7 +50,7 @@ For the Cortex A57 r0p0 - r1p1, see Erra
>>
>> ### Physical Memory
>>
>> - Status: Supported up to 8 TiB
>> + Status: Supported up to 12 TiB
>
> I am afraid this limit is going to be too high for Arm. Even the
> previous one was technically incorrect. From [1], it should be:
> - 5TB for arm64
> - 16GB for arm32
May I ask that you submit a patch correcting this, and I'll rebase
on top of that? I can't really fit such an adjustment under the
umbrella of the title and purpose of this change.
>> @@ -121,6 +121,14 @@ ARM only has one guest type at the momen
>>
>> Status: Supported
>>
>> +## Guest Limits
>> +
>> +### Memory
>> +
>> + Status: Supported up to 8 TiB
>
> For Arm, this should be limited to 1TB for arm64 and 16GB for arm32.
Sure, will do.
>> +
>> +Guests with more memory are supported, but not security supported.
>
> d->max_pages is a 32-bit value. So Xen can effectively only support up
> to 16TB of memory. AFAICT, it would require quite a bit rework to lift
> that limit. So I think it would be better to spell out the upper limit.
Same here.
Jan
