Re: [PATCH 2/2] kvm, ept: remove the default write bit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 06/11/2010 10:50 PM, Marcelo Tosatti wrote:
On Fri, Jun 11, 2010 at 07:30:50PM +0800, Lai Jiangshan wrote:
When ept enabled, current code set shadow_base_present_pte
including the write bit, thus all pte entries have
writabe bit, and it means guest os can always
write to any mapped page (even VMM maps RO pages for
the guest.)

We always use get_user_pages(write=1), so this bad code does not
cause any bad result currently.

But it is really bad, so fix it, and we will use RO pages future.

We will set writabe bit when it is really writable (determined by
the parameters of the set_spte())

Signed-off-by: Lai Jiangshan<laijs@xxxxxxxxxxxxxx>
---
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index fdb18cf..c7565ea 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -4365,8 +4365,7 @@ static int __init vmx_init(void)

  	if (enable_ept) {
  		bypass_guest_pf = 0;
-		kvm_mmu_set_base_ptes(VMX_EPT_READABLE_MASK |
-			VMX_EPT_WRITABLE_MASK);
+		kvm_mmu_set_base_ptes(VMX_EPT_READABLE_MASK);
  		kvm_mmu_set_mask_ptes(0ull, 0ull, 0ull, 0ull,
  				VMX_EPT_EXECUTABLE_MASK);
  		kvm_enable_tdp();
You can remove the call to kvm_mmu_set_base_ptes entirely, because
VMX_EPT_READABLE_MASK == PT_PRESENT_MASK.

We can leave that to a later patch which removes kvm_mmu_set_base_ptes() entirely.

--
error compiling committee.c: too many arguments to function

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]
  Powered by Linux