From mboxrd@z Thu Jan 1 00:00:00 1970 From: Xiao Guangrong Subject: Re: [RFC PATCH 0/4] Add support for EPT execute only for nested hypervisors Date: Wed, 22 Jun 2016 12:39:55 +0800 Message-ID: <576A169B.5090608@linux.intel.com> References: <1466478746-14153-1-git-send-email-bsd@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Cc: pbonzini@redhat.com To: Bandan Das , kvm@vger.kernel.org Return-path: Received: from mga01.intel.com ([192.55.52.88]:1974 "EHLO mga01.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751077AbcFVErD (ORCPT ); Wed, 22 Jun 2016 00:47:03 -0400 In-Reply-To: <1466478746-14153-1-git-send-email-bsd@redhat.com> Sender: kvm-owner@vger.kernel.org List-ID: On 06/21/2016 11:12 AM, Bandan Das wrote: > I spoke to Paolo about this a while back and thought to post this as > RFC while I am thinking of adding some unit tests. > > Background: ESX refuses to run as L1 if support for EPT execute only isn't > found. I am not really sure if it uses it for anything since just advertising > the bits seems to work but adding the necessary plumbing seemed like a good idea. > > Xiao, I took the liberty of adding you based on "git blame" :) Thank you, Bandan! I really hope all mmu related patches can be CCed to me in case if i am too busy to watch patches in kvm mail list. :) Some points are missed in this patchset: 1) You also need to tech is_present_gpte() about this fact. 2) update_permission_bitmask() need to be fixed as it always expects that read-access is available (actually, read-access is equal with user-access if ept is shadowed).