From mboxrd@z Thu Jan 1 00:00:00 1970 From: Avi Kivity Subject: Re: [PATCH 4/5] KVM: MMU: Optimize pte permission checks Date: Thu, 13 Sep 2012 16:35:21 +0300 Message-ID: <5051E119.2030308@redhat.com> References: <1347460194-11807-1-git-send-email-avi@redhat.com> <1347460194-11807-5-git-send-email-avi@redhat.com> <5051D47D.1070809@linux.vnet.ibm.com> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Cc: Marcelo Tosatti , kvm@vger.kernel.org To: Xiao Guangrong Return-path: Received: from mx1.redhat.com ([209.132.183.28]:7586 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750799Ab2IMNf1 (ORCPT ); Thu, 13 Sep 2012 09:35:27 -0400 In-Reply-To: <5051D47D.1070809@linux.vnet.ibm.com> Sender: kvm-owner@vger.kernel.org List-ID: On 09/13/2012 03:41 PM, Xiao Guangrong wrote: > On 09/12/2012 10:29 PM, Avi Kivity wrote: > >> + pte_access = pt_access & gpte_access(vcpu, pte); >> + eperm |= (mmu->permissions[access >> 1] >> pte_access) & 1; >> >> last_gpte = FNAME(is_last_gpte)(walker, vcpu, mmu, pte); >> - if (last_gpte) { >> - pte_access = pt_access & gpte_access(vcpu, pte); >> - /* check if the kernel is fetching from user page */ >> - if (unlikely(pte_access & PT_USER_MASK) && >> - kvm_read_cr4_bits(vcpu, X86_CR4_SMEP)) >> - if (fetch_fault && !user_fault) >> - eperm = true; >> - } > > I see this in the SDM: > > If CR4.SMEP = 1, instructions may be fetched from any linear > address with a valid translation for which the U/S flag (bit 2) is 0 in at > least one of the paging-structure entries controlling the translation. Another good catch. > > This patch checks smep on every levels, breaks this rule. > (current code checks smep on the last level). > We can just move the permission check to the end of the loop. We used to terminate the loop on a permission error, but now we do the whole thing anyway. It does mean that we'll need to set accessed bits after the loop is complete. -- error compiling committee.c: too many arguments to function