From mboxrd@z Thu Jan  1 00:00:00 1970
From: Bandan Das <bsd@redhat.com>
Subject: [PATCH 0/5] Add support for EPT execute only for nested hypervisors
Date: Tue, 28 Jun 2016 00:32:35 -0400
Message-ID: <1467088360-10186-1-git-send-email-bsd@redhat.com>
Cc: pbonzini@redhat.com, guangrong.xiao@linux.intel.com,
	linux-kernel@vger.kernel.org
To: kvm@vger.kernel.org
Return-path: <linux-kernel-owner@vger.kernel.org>
Sender: linux-kernel-owner@vger.kernel.org
List-Id: kvm.vger.kernel.org

These patches are based on reviews to my RFC
http://www.spinics.net/lists/kvm/msg134440.html

Changes since RFC:
 - Remove shadow_xonly_valid, it's not needed
 - Remove checks from is_shadow_present_pte()
 - In reset_tdp_shadow_zero_bits_mask, pass correct execonly to __reset_rsvds_bits_mask_ept
 - Reuse shadow_user_mask in set_spte()
 - Remove is_present_gpte() and inline the operation at the two call sites

I spoke to Paolo about this a while back and thought to post this as
RFC while I am thinking of adding some unit tests.

Background: ESX refuses to run as L1 if support for EPT execute only isn't
found. I am not really sure if it uses it for anything since just advertising
the bits seems to work but adding the necessary plumbing seemed like a good idea.

Xiao, I took the liberty of adding you based on "git blame" :)

Thanks in advance.

Bandan Das (5):
  mmu: mark spte present if the x bit is set
  mmu: pass execonly value when initializing rsvd bits
  mmu: don't set the present bit unconditionally
  mmu: remove is_present_gpte()
  nvmx: advertise support for ept execute only

 arch/x86/kvm/mmu.c         | 26 ++++++++++++++++++--------
 arch/x86/kvm/mmu.h         |  5 -----
 arch/x86/kvm/paging_tmpl.h |  4 ++--
 arch/x86/kvm/vmx.c         |  5 ++++-
 arch/x86/kvm/x86.c         |  2 +-
 5 files changed, 25 insertions(+), 17 deletions(-)

-- 
2.5.5