[PATCH v6] Enable CPU SMEP feature for QEMU-KVM

public inbox for kvm@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH v6] Enable CPU SMEP feature for QEMU-KVM
@ 2011-05-30 15:17 Yang, Wei Y
  2011-06-01 13:20 ` Marcelo Tosatti
  0 siblings, 1 reply; 2+ messages in thread
From: Yang, Wei Y @ 2011-05-30 15:17 UTC (permalink / raw)
  To: Avi Kivity; +Cc: kvm@vger.kernel.org

This patchset enables a new CPU feature SMEP (Supervisor Mode Execution
Protection) in QEMU-KVM. SMEP prevents kernel from executing code in application.
Updated Intel SDM describes this CPU feature. The document will be published soon.

SMEP is identified by CPUID leaf 7 EBX[7], which is 0 before. Get the right value by query KVM kernel module, so that guest can get SMEP through CPUID.

Changes since v5: no changes.
Changes since v4: no changes.
Changes since v3: no changes.
Changes since v2: no changes.

 Signed-off-by: Yang, Wei <wei.y.yang@intel.com>
 Singed-off-by: Shan, Haitao <haitao.shan@intel.com>
 Singed-off-by: Li, Xin <xin.li@intel.com>

---
 target-i386/cpuid.c |    8 ++++++++
 1 files changed, 8 insertions(+), 0 deletions(-)

diff --git a/target-i386/cpuid.c b/target-i386/cpuid.c
index 091d812..cd20dbf 100644
--- a/target-i386/cpuid.c
+++ b/target-i386/cpuid.c
@@ -1115,6 +1115,14 @@ void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count,
         *ecx = 0;
         *edx = 0;
         break;
+    case 7:
+        if (kvm_enabled()) {
+            *eax = kvm_arch_get_supported_cpuid(env, 0x7, count, R_EAX);
+            *ebx = kvm_arch_get_supported_cpuid(env, 0x7, count, R_EBX);
+            *ecx = kvm_arch_get_supported_cpuid(env, 0x7, count, R_ECX);
+            *edx = kvm_arch_get_supported_cpuid(env, 0x7, count, R_EDX);
+        }
+        break;
     case 9:
         /* Direct Cache Access Information Leaf */
         *eax = 0; /* Bits 0-31 in DCA_CAP MSR */
--
1.7.4.1


^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [PATCH v6] Enable CPU SMEP feature for QEMU-KVM
  2011-05-30 15:17 [PATCH v6] Enable CPU SMEP feature for QEMU-KVM Yang, Wei Y
@ 2011-06-01 13:20 ` Marcelo Tosatti
  0 siblings, 0 replies; 2+ messages in thread
From: Marcelo Tosatti @ 2011-06-01 13:20 UTC (permalink / raw)
  To: Yang, Wei Y; +Cc: Avi Kivity, kvm@vger.kernel.org

On Mon, May 30, 2011 at 11:17:42PM +0800, Yang, Wei Y wrote:
> This patchset enables a new CPU feature SMEP (Supervisor Mode Execution
> Protection) in QEMU-KVM. SMEP prevents kernel from executing code in application.
> Updated Intel SDM describes this CPU feature. The document will be published soon.
> 
> SMEP is identified by CPUID leaf 7 EBX[7], which is 0 before. Get the right value by query KVM kernel module, so that guest can get SMEP through CPUID.
> 
> Changes since v5: no changes.
> Changes since v4: no changes.
> Changes since v3: no changes.
> Changes since v2: no changes.
> 
>  Signed-off-by: Yang, Wei <wei.y.yang@intel.com>
>  Singed-off-by: Shan, Haitao <haitao.shan@intel.com>
>  Singed-off-by: Li, Xin <xin.li@intel.com>

Applied to uq/master (zeroing registers in !kvm_enabled case),
and kernel patches, thanks.


^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2011-06-01 13:20 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-05-30 15:17 [PATCH v6] Enable CPU SMEP feature for QEMU-KVM Yang, Wei Y
2011-06-01 13:20 ` Marcelo Tosatti

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox