From mboxrd@z Thu Jan 1 00:00:00 1970 From: Bandan Das Subject: Re: [RFC PATCH 0/4] Add support for EPT execute only for nested hypervisors Date: Wed, 22 Jun 2016 12:34:54 -0400 Message-ID: References: <1466478746-14153-1-git-send-email-bsd@redhat.com> <576A169B.5090608@linux.intel.com> Mime-Version: 1.0 Content-Type: text/plain Cc: kvm@vger.kernel.org, pbonzini@redhat.com To: Xiao Guangrong Return-path: Received: from mx1.redhat.com ([209.132.183.28]:46857 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751910AbcFVQe4 (ORCPT ); Wed, 22 Jun 2016 12:34:56 -0400 In-Reply-To: <576A169B.5090608@linux.intel.com> (Xiao Guangrong's message of "Wed, 22 Jun 2016 12:39:55 +0800") Sender: kvm-owner@vger.kernel.org List-ID: Xiao Guangrong writes: > On 06/21/2016 11:12 AM, Bandan Das wrote: >> I spoke to Paolo about this a while back and thought to post this as >> RFC while I am thinking of adding some unit tests. >> >> Background: ESX refuses to run as L1 if support for EPT execute only isn't >> found. I am not really sure if it uses it for anything since just advertising >> the bits seems to work but adding the necessary plumbing seemed like a good idea. >> >> Xiao, I took the liberty of adding you based on "git blame" :) > > Thank you, Bandan! I really hope all mmu related patches can be CCed to me > in case if i am too busy to watch patches in kvm mail list. :) We all try but it's easy to miss interested people in the cc list :) > Some points are missed in this patchset: > 1) You also need to tech is_present_gpte() about this fact. If I understood right, this isn't needed anymore since a check for rsvd bits follows and is_present_gpte already does pte & 7. > 2) update_permission_bitmask() need to be fixed as it always expects > that read-access is available (actually, read-access is equal with > user-access if ept is shadowed). Do you mean this part of update_permission_bitmask() ? ... } else /* Not really needed: no U/S accesses on ept */ u = 1;