From mboxrd@z Thu Jan  1 00:00:00 1970
From: Paolo Bonzini <pbonzini@redhat.com>
Subject: Re: [PATCH v3 7/7] KVM, pkeys: disable PKU feature without ept
Date: Wed, 18 Nov 2015 10:06:42 +0100
Message-ID: <564C3FA2.9050104@redhat.com>
References: <1447825444-13550-1-git-send-email-huaitong.han@intel.com>
 <1447825444-13550-8-git-send-email-huaitong.han@intel.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 8bit
Cc: kvm@vger.kernel.org
To: Huaitong Han <huaitong.han@intel.com>, gleb@kernel.org
Return-path: <kvm-owner@vger.kernel.org>
Received: from mail-wm0-f54.google.com ([74.125.82.54]:37289 "EHLO
	mail-wm0-f54.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1755278AbbKRJGt (ORCPT <rfc822;kvm@vger.kernel.org>);
	Wed, 18 Nov 2015 04:06:49 -0500
Received: by wmww144 with SMTP id w144so62280062wmw.0
        for <kvm@vger.kernel.org>; Wed, 18 Nov 2015 01:06:48 -0800 (PST)
In-Reply-To: <1447825444-13550-8-git-send-email-huaitong.han@intel.com>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>



On 18/11/2015 06:44, Huaitong Han wrote:
> This patch disables CPUID:PKU without ept, becase pkeys is not supported
> with softmmu.

Sure, but _what_ makes it impossible to support pkeys with shadow pages?

Is it enough to add the pkey bits to the role (and then to
kvm_get_mmu_page, mmu_set_spte, set_spte) or are there fundamental problems?

The trick to handle !CR0.WP in FNAME(page_fault) (search for
"walker.pte_access &= ~ACC_USER_MASK"; it's documented in
Documentation/virtual/kvm/mmu.txt as well) should work for PKRU.

If you just want me to change it to "is not yet implemented for shadow
paging", I can do that.

Thanks,

Paolo

> Signed-off-by: Huaitong Han <huaitong.han@intel.com>