[Patch v5 0/4] Enable SMEP feature support for kvm

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This patchset enables a new CPU feature SMEP (Supervisor Mode Execution
Protection) in KVM. SMEP prevents kernel from executing code in application.
Updated Intel SDM describes this CPU feature. The document will be 
published soon.

This patchset is based on Fenghua's SMEP patch series, as referred by:
https://lkml.org/lkml/2011/5/17/523

changes since v4:
	Update patch 1/4 comment
	Change PT_USER_MASK to ACC_USER_MASK

changes since v3:
	Add SMEP bit in CR4_RESERVED_BITS while removing cr4_reserved_bits;
	Mask CPUID leaf 7 ebx against host capability word9 in do_cpuid_ent;
 
Changes since v2: 
	add instruction fetch checking when walking guest page table.

---
 arch/x86/include/asm/kvm_host.h |    2 +-
 arch/x86/kvm/paging_tmpl.h      |    9 ++++++++-
 arch/x86/kvm/x86.c              |   22 +++++++++++++++++++---
 3 files changed, 28 insertions(+), 5 deletions(-)


--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]
  Powered by Linux