From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Estrada, Zachary J" Subject: Trying to switch EPTP for execute-protecting guest pages Date: Mon, 23 Nov 2015 11:11:22 -0600 Message-ID: <565348BA.4020905@illinois.edu> Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8"; format=flowed Content-Transfer-Encoding: 7bit To: Return-path: Received: from pps05.cites.illinois.edu ([192.17.82.72]:59106 "EHLO pps05.cites.illinois.edu" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750976AbbKWRge (ORCPT ); Mon, 23 Nov 2015 12:36:34 -0500 Received: from cex138.ad.uillinois.edu (cex138.cites.illinois.edu [64.22.177.34]) by pps05.cites.illinois.edu (8.15.0.59/8.15.0.59) with ESMTPS id tANHBMbm000995 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT) for ; Mon, 23 Nov 2015 11:11:23 -0600 Sender: kvm-owner@vger.kernel.org List-ID: Hi all, I'm playing around with EPTs and kvm to track execution in the guest. I've created a separate set of EPTs (and copied the last level entries from the real tables, minus execute permissions) but I'm not getting exits where I expect. I also have code in handle_ept_violation to preserve those permissions for any non-execute ept violations. Here is what I am calling within a VM Exit handler: --- kvm_mmu_unload(vcpu); vcpu->arch.mmu.root_hpa = eptp; kvm_x86_ops->set_tdp_cr3(vcpu, eptp); kvm_mmu_load(vcpu); kvm_flush_remote_tlbs(vcpu->kvm); --- I think some of this is overkill, but am I missing something? I think I may need to flush the rmaps too, but I'm not exactly sure how. I am using Haswell if that matters. Thank you very much for your help! --Zak