On 09/03/2016 09:05, Xiao Guangrong wrote: >> Besides, should we consider host's setting when guest is running? > > We should. No reason stop QEMU and other KVM-based hypervisors using > protection-key. :) This is a bit tricky. Without pkey support in EPT, you'd also have to: 1) save the host PKRU somewhere in kvm_mmu between invocations of KVM_RUN, and call kvm_mmu_reset_context when it changes; 2) get the pkeys from the host pages, compute ad/wd, and use it to fill in the permissions for the shadow or EPT page tables; 3) add ad/wd to the page role. So it's a good feature, but it should be a separate one. Paolo -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
