From mboxrd@z Thu Jan 1 00:00:00 1970 From: Marcelo Tosatti Subject: Re: [PATCH v4 2/4] KVM: Add SMAP support when setting CR4 Date: Thu, 10 Apr 2014 17:12:34 -0300 Message-ID: <20140410201234.GB26092@amt.cnet> References: <1396345596-25682-1-git-send-email-feng.wu@intel.com> <1396345596-25682-3-git-send-email-feng.wu@intel.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: pbonzini@redhat.com, gleb@redhat.com, hpa@zytor.com, kvm@vger.kernel.org To: Feng Wu Return-path: Received: from mx1.redhat.com ([209.132.183.28]:44071 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1759153AbaDJUQ0 (ORCPT ); Thu, 10 Apr 2014 16:16:26 -0400 Content-Disposition: inline In-Reply-To: <1396345596-25682-3-git-send-email-feng.wu@intel.com> Sender: kvm-owner@vger.kernel.org List-ID: On Tue, Apr 01, 2014 at 05:46:34PM +0800, Feng Wu wrote: > This patch adds SMAP handling logic when setting CR4 for guests > > Thanks a lot to Paolo Bonzini for his suggestion to use the branchless > way to detect SMAP violation. > > Signed-off-by: Feng Wu > > @@ -110,10 +118,30 @@ static inline bool is_write_protection(struct kvm_vcpu *vcpu) > * Will a fault with a given page-fault error code (pfec) cause a permission > * fault with the given access (in ACC_* format)? > */ > -static inline bool permission_fault(struct kvm_mmu *mmu, unsigned pte_access, > - unsigned pfec) > +static inline bool permission_fault(struct kvm_vcpu *vcpu, struct kvm_mmu *mmu, > + unsigned pte_access, unsigned pfec) > { > - return (mmu->permissions[pfec >> 1] >> pte_access) & 1; > + int cpl = kvm_x86_ops->get_cpl(vcpu); > + unsigned long rflags = kvm_x86_ops->get_rflags(vcpu); Some branches added here (can't think of anything useful to avoid them).