On 05/29/2011 02:42 PM, Yang, Wei Y wrote:
This patch adds instruction fetch checking when walking guest page table. + /* check if the kernel is fetching from user page */ + if (unlikely((pte_access& PT_USER_MASK)&& + kvm_read_cr4_bits(vcpu, X86_CR4_SMEP))) + if (fetch_fault&& !user_fault) + eperm = true; +
pte_access is a union of ACC_*_MASK values, so this should be ACC_USER_MASK (though the values are the same).
The difference is that bit 0 is execute permission, while in ptes bit 63 is the no-execute permission.
-- error compiling committee.c: too many arguments to function -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
