From mboxrd@z Thu Jan 1 00:00:00 1970 From: Xiao Guangrong Subject: Re: [PATCH 4/5] KVM: MMU: Optimize pte permission checks Date: Thu, 13 Sep 2012 20:41:33 +0800 Message-ID: <5051D47D.1070809@linux.vnet.ibm.com> References: <1347460194-11807-1-git-send-email-avi@redhat.com> <1347460194-11807-5-git-send-email-avi@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Cc: Marcelo Tosatti , kvm@vger.kernel.org To: Avi Kivity Return-path: Received: from e23smtp04.au.ibm.com ([202.81.31.146]:33888 "EHLO e23smtp04.au.ibm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754689Ab2IMMlk (ORCPT ); Thu, 13 Sep 2012 08:41:40 -0400 Received: from /spool/local by e23smtp04.au.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 13 Sep 2012 22:39:15 +1000 Received: from d23av02.au.ibm.com (d23av02.au.ibm.com [9.190.235.138]) by d23relay03.au.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id q8DCfZBv18350236 for ; Thu, 13 Sep 2012 22:41:36 +1000 Received: from d23av02.au.ibm.com (loopback [127.0.0.1]) by d23av02.au.ibm.com (8.14.4/8.13.1/NCO v10.0 AVout) with ESMTP id q8DCfZMg018231 for ; Thu, 13 Sep 2012 22:41:35 +1000 In-Reply-To: <1347460194-11807-5-git-send-email-avi@redhat.com> Sender: kvm-owner@vger.kernel.org List-ID: On 09/12/2012 10:29 PM, Avi Kivity wrote: > + pte_access = pt_access & gpte_access(vcpu, pte); > + eperm |= (mmu->permissions[access >> 1] >> pte_access) & 1; > > last_gpte = FNAME(is_last_gpte)(walker, vcpu, mmu, pte); > - if (last_gpte) { > - pte_access = pt_access & gpte_access(vcpu, pte); > - /* check if the kernel is fetching from user page */ > - if (unlikely(pte_access & PT_USER_MASK) && > - kvm_read_cr4_bits(vcpu, X86_CR4_SMEP)) > - if (fetch_fault && !user_fault) > - eperm = true; > - } I see this in the SDM: If CR4.SMEP = 1, instructions may be fetched from any linear address with a valid translation for which the U/S flag (bit 2) is 0 in at least one of the paging-structure entries controlling the translation. This patch checks smep on every levels, breaks this rule. (current code checks smep on the last level).