On 10/03/2016 13:14, Xiao Guangrong wrote:
>> More precisely, ignore_bits is only needed if guest EFER.NX=0 and we're
>> not in this CR0.WP=1/CR4.SMEP=0 situation. In theory you could have
>> guest EFER.NX=1 and host EFER.NX=0.
>
> It is not in linux, the kernel always set EFER.NX if CPUID
On 10/03/2016 13:14, Xiao Guangrong wrote:
>> More precisely, ignore_bits is only needed if guest EFER.NX=0 and we're
>> not in this CR0.WP=1/CR4.SMEP=0 situation. In theory you could have
>> guest EFER.NX=1 and host EFER.NX=0.
>
> It is not in linux, the kernel always set EFER.NX if CPUID
On 03/10/2016 06:09 PM, Paolo Bonzini wrote:
On 10/03/2016 09:27, Xiao Guangrong wrote:
+if (!enable_ept) {
+guest_efer |= EFER_NX;
+ignore_bits |= EFER_NX;
Update ignore_bits is not necessary i think.
More precisely, ignore_bits is only needed if guest EFER.NX=0
On 03/10/2016 06:09 PM, Paolo Bonzini wrote:
On 10/03/2016 09:27, Xiao Guangrong wrote:
+if (!enable_ept) {
+guest_efer |= EFER_NX;
+ignore_bits |= EFER_NX;
Update ignore_bits is not necessary i think.
More precisely, ignore_bits is only needed if guest EFER.NX=0
On 10/03/2016 09:27, Xiao Guangrong wrote:
> So it only hurts the box which has cpu_has_load_ia32_efer support otherwise
> NX is inherited from kernel (kernel always sets NX if CPU supports it),
> right?
Yes, but I think !cpu_has_load_ia32_efer && SMEP does not exist. On the
other hand it's
On 10/03/2016 09:27, Xiao Guangrong wrote:
> So it only hurts the box which has cpu_has_load_ia32_efer support otherwise
> NX is inherited from kernel (kernel always sets NX if CPU supports it),
> right?
Yes, but I think !cpu_has_load_ia32_efer && SMEP does not exist. On the
other hand it's
On 10/03/2016 09:27, Xiao Guangrong wrote:
>>
>
>> +if (!enable_ept) {
>> +guest_efer |= EFER_NX;
>> +ignore_bits |= EFER_NX;
>
> Update ignore_bits is not necessary i think.
More precisely, ignore_bits is only needed if guest EFER.NX=0 and we're
not in this
On 10/03/2016 09:27, Xiao Guangrong wrote:
>>
>
>> +if (!enable_ept) {
>> +guest_efer |= EFER_NX;
>> +ignore_bits |= EFER_NX;
>
> Update ignore_bits is not necessary i think.
More precisely, ignore_bits is only needed if guest EFER.NX=0 and we're
not in this
On 10/03/2016 09:46, Xiao Guangrong wrote:
>
>> Yes, all of these are needed. :) This is admittedly a bit odd, but
>> kvm-unit-tests access.flat tests this if you run it with "-cpu host"
>> and of course ept=0.
>>
>> KVM handles supervisor writes of a pte.u=0/pte.w=0/CR0.WP=0 page by
>> setting
On 10/03/2016 09:46, Xiao Guangrong wrote:
>
>> Yes, all of these are needed. :) This is admittedly a bit odd, but
>> kvm-unit-tests access.flat tests this if you run it with "-cpu host"
>> and of course ept=0.
>>
>> KVM handles supervisor writes of a pte.u=0/pte.w=0/CR0.WP=0 page by
>> setting
On 03/08/2016 07:44 PM, Paolo Bonzini wrote:
Yes, all of these are needed. :) This is admittedly a bit odd, but
kvm-unit-tests access.flat tests this if you run it with "-cpu host"
and of course ept=0.
KVM handles supervisor writes of a pte.u=0/pte.w=0/CR0.WP=0 page by
setting U=0 and W=1 in
On 03/08/2016 07:44 PM, Paolo Bonzini wrote:
Yes, all of these are needed. :) This is admittedly a bit odd, but
kvm-unit-tests access.flat tests this if you run it with "-cpu host"
and of course ept=0.
KVM handles supervisor writes of a pte.u=0/pte.w=0/CR0.WP=0 page by
setting U=0 and W=1 in
On 03/08/2016 07:44 PM, Paolo Bonzini wrote:
Yes, all of these are needed. :) This is admittedly a bit odd, but
kvm-unit-tests access.flat tests this if you run it with "-cpu host"
and of course ept=0.
KVM handles supervisor writes of a pte.u=0/pte.w=0/CR0.WP=0 page by
setting U=0 and W=1 in
On 03/08/2016 07:44 PM, Paolo Bonzini wrote:
Yes, all of these are needed. :) This is admittedly a bit odd, but
kvm-unit-tests access.flat tests this if you run it with "-cpu host"
and of course ept=0.
KVM handles supervisor writes of a pte.u=0/pte.w=0/CR0.WP=0 page by
setting U=0 and W=1 in
Yes, all of these are needed. :) This is admittedly a bit odd, but
kvm-unit-tests access.flat tests this if you run it with "-cpu host"
and of course ept=0.
KVM handles supervisor writes of a pte.u=0/pte.w=0/CR0.WP=0 page by
setting U=0 and W=1 in the shadow PTE. This will cause a user write
to
Yes, all of these are needed. :) This is admittedly a bit odd, but
kvm-unit-tests access.flat tests this if you run it with "-cpu host"
and of course ept=0.
KVM handles supervisor writes of a pte.u=0/pte.w=0/CR0.WP=0 page by
setting U=0 and W=1 in the shadow PTE. This will cause a user write
to
16 matches
Mail list logo