* Tian, Kevin <kevin.tian@xxxxxxxxx> wrote: > > From: Ingo Molnar > > Sent: Monday, May 30, 2011 3:41 PM > > > > > > * Yang, Wei Y <wei.y.yang@xxxxxxxxx> wrote: > > > > > This patch removes SMEP bit from CR4_RESERVED_BITS. > > > > I'm wondering, what is the best-practice way for tools/kvm/ to set > > SMEP for the guest kernel automatically, even if the guest kernel > > itsef has not requested SMEP? > > > > enabling SMEP w/o guest's knowledge can be problematic if the guest > is doing U/S 0->1 bit change w/o TLB invalidation, which is a > required action to ensure SMEP protection working correctly. Linux > versions known so far don't have this behavior because TLB > invalidation due to P bit change covers U/S 0->1 change. [...] We'd like to use this in the 'kvm' tool: git clone git://github.com/penberg/linux-kvm master cd linux-kvm/tools/kvm/ make -j Which is only interested in Linux guests. Thanks, Ingo -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
