From mboxrd@z Thu Jan  1 00:00:00 1970
From: Christoph Hellwig <hch@infradead.org>
Subject: Re: [PATCH RFC 00/10] Intel EPT-Based Sub-page Write Protection
 Support.
Date: Wed, 18 Oct 2017 00:09:36 -0700
Message-ID: <20171018070936.GA10808@infradead.org>
References: <cover.1506559196.git.yi.z.zhang@linux.intel.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
        pbonzini@redhat.com, rkrcmar@redhat.com
To: Zhang Yi <yi.z.zhang@linux.intel.com>
Return-path: <linux-kernel-owner@vger.kernel.org>
Content-Disposition: inline
In-Reply-To: <cover.1506559196.git.yi.z.zhang@linux.intel.com>
Sender: linux-kernel-owner@vger.kernel.org
List-Id: kvm.vger.kernel.org

> We introduced 2 ioctls to let user application to set/get subpage write protection bitmap per gfn, each gfn corresponds to a bitmap.
> The user application, qemu, or some other security control daemon. will set the protection bitmap via this ioctl.
> the API defined as:
> 	struct kvm_subpage {
> 		__u64 base_gfn;
> 		__u64 npages;
> 		/* sub-page write-access bitmap array */
> 		__u32 access_map[SUBPAGE_MAX_BITMAP];
> 		}sp;
> 	kvm_vm_ioctl(s, KVM_SUBPAGES_SET_ACCESS, &sp)
> 	kvm_vm_ioctl(s, KVM_SUBPAGES_GET_ACCESS, &sp)

What is the use case for this feature?