On 09/03/2016 06:51, Xiao Guangrong wrote: >>> >> >> Yes. Neither PKRU nor MPX. > > Er... I noticed fpregs is not switched if the CPU is running in KVM module > (vcpu is not scheduled out and does not exit to userspace), that is why > read_pkru() can be used to read guest's PKRU in the patch 4. > > However, then guest can fully control the access of userspace's memory if > CR4.PKRU is enabled on host and KVM needs to access QEMU's memory to do > some emulation anyway. Is it really safe? I was thinking the same, and I think you're right. We need to save/restore PKRU in vmx_vcpu_run, and access a field in kvm_arch_vcpu instead of using __read_pkru directly. Paolo -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
