From: "Yang, Wei Y" <wei.y.yang@xxxxxxxxx> This patchset enables a new CPU feature SMEP (Supervisor Mode Execution Protection) in QEMU-KVM. SMEP prevents kernel from executing code in application. Updated Intel SDM describes this CPU feature. The document will be published soon. SMEP is identified by CPUID leaf 7 EBX[7], which is 0 before. Get the right value by query KVM kernel module, so that guest can get SMEP through CPUID. Signed-off-by: Yang, Wei <wei.y.yang@xxxxxxxxx> Singed-off-by: Shan, Haitao <haitao.shan@xxxxxxxxx> Singed-off-by: Li, Xin <xin.li@xxxxxxxxx> Signed-off-by: Marcelo Tosatti <mtosatti@xxxxxxxxxx> --- target-i386/cpuid.c | 13 +++++++++++++ 1 files changed, 13 insertions(+), 0 deletions(-) diff --git a/target-i386/cpuid.c b/target-i386/cpuid.c index 40a73c7..79e7580 100644 --- a/target-i386/cpuid.c +++ b/target-i386/cpuid.c @@ -1142,6 +1142,19 @@ void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count, *ecx = 0; *edx = 0; break; + case 7: + if (kvm_enabled()) { + *eax = kvm_arch_get_supported_cpuid(env, 0x7, count, R_EAX); + *ebx = kvm_arch_get_supported_cpuid(env, 0x7, count, R_EBX); + *ecx = kvm_arch_get_supported_cpuid(env, 0x7, count, R_ECX); + *edx = kvm_arch_get_supported_cpuid(env, 0x7, count, R_EDX); + } else { + *eax = 0; + *ebx = 0; + *ecx = 0; + *edx = 0; + } + break; case 9: /* Direct Cache Access Information Leaf */ *eax = 0; /* Bits 0-31 in DCA_CAP MSR */ -- 1.7.5.2 -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html