On 05/24/2011 05:53 AM, Haitao Shan wrote:
I don't understand why. Can you elaborate?
Shadow implements the U bit, which is all that is needed by SMEP
as far as I can tell.
Basically, all SMEP-capable platform has EPT, which is on by default
in KVM. Thus, we naturally thought there was little value to add it to
SPT.
We try to keep features orthogonal. That has value for testing, and
results in clearer code.
Another thing that we are not so sure of is whether SPT has tricky
usages on U bit (for optimization or whatever). With SMEP, this trick
may be easily broken.
In fact it does, we play with the U bit to emulate cr0.wp. I'll be
happy to write the patch to handle this issue, since I'm familiar with
the code.
Anyway, we are investigating enabling SMEP with SPT now.
Great, thanks.
--
I have a truly marvellous patch that fixes the bug which this
signature is too narrow to contain.
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
