On Thu, Feb 29, 2024 at 7:40 PM Sean Christopherson <seanjc@xxxxxxxxxx> wrote: > Long story short, I think we should get to the below (I'll post a separate series, > assuming I'm not missing something). > > unsigned long rflags = static_call(kvm_x86_get_rflags)(vcpu); > unsigned int pfec = access & (PFERR_PRESENT_MASK | > PFERR_WRITE_MASK | > PFERR_USER_MASK | > PFERR_FETCH_MASK); > > /* > * For explicit supervisor accesses, SMAP is disabled if EFLAGS.AC = 1. > * For implicit supervisor accesses, SMAP cannot be overridden. > * > * SMAP works on supervisor accesses only, and not_smap can > * be set or not set when user access with neither has any bearing > * on the result. > * > * We put the SMAP checking bit in place of the PFERR_RSVD_MASK bit; > * this bit will always be zero in pfec, but it will be one in index > * if SMAP checks are being disabled. > */ > u64 implicit_access = access & PFERR_IMPLICIT_ACCESS; > bool not_smap = ((rflags & X86_EFLAGS_AC) | implicit_access) == X86_EFLAGS_AC; > int index = (pfec | (not_smap ? PFERR_RSVD_MASK : 0)) >> 1; > u32 errcode = PFERR_PRESENT_MASK; > bool fault; Sounds good. The whole series is Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> apart from the small nits that were pointed out here and there. Paolo
