* [PATCH v8 0/4] Enable SMEP feature support for KVM
@ 2011-06-03 3:13 Yang, Wei Y
2011-06-06 8:47 ` Avi Kivity
0 siblings, 1 reply; 2+ messages in thread
From: Yang, Wei Y @ 2011-06-03 3:13 UTC (permalink / raw)
To: Avi Kivity; +Cc: kvm@vger.kernel.org
This patchset enables a new CPU feature SMEP (Supervisor Mode Execution
Protection) in KVM. SMEP prevents kernel from executing code in application.
Updated Intel SDM describes this CPU feature. The document will be published soon.
This patchset is based on Fenghua's SMEP patch series, as referred by:
https://lkml.org/lkml/2011/5/17/523
changes since v7:
Correct the indentation and ebx
changes since v6:
Set KVM_CPUID_FLAG_SIGNIFCANT_INDEX flag for leaf 7
changes since v5:
Add kvm_supported_word9_x86_features and mask against it
before masking against host capability
changes since v4:
Update patch 1/4 comment
Change PT_USER_MASK to ACC_USER_MASK
changes since v3:
Add SMEP bit in CR4_RESERVED_BITS while removing cr4_reserved_bits;
Mask CPUID leaf 7 ebx against host capability word9 in do_cpuid_ent;
Changes since v2:
add instruction fetch checking when walking guest page table.
---
arch/x86/include/asm/kvm_host.h | 2 +-
arch/x86/kvm/paging_tmpl.h | 9 ++++++++-
arch/x86/kvm/x86.c | 35 +++++++++++++++++++++++++++++++++---
3 files changed, 41 insertions(+), 5 deletions(-)
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2011-06-06 8:47 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-06-03 3:13 [PATCH v8 0/4] Enable SMEP feature support for KVM Yang, Wei Y
2011-06-06 8:47 ` Avi Kivity
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.