On 03/10/19 23:23, Rick Edgecombe wrote: > Add XO memslot type to create execute-only guest physical memory based on > the RO memslot. Like the RO memslot, disallow changing the memslot type > to/from XO. > > In the EPT case ACC_USER_MASK represents the readable bit, so add the > ability for set_spte() to unset this. > > This is based in part on a patch by Yu Zhang. > > Signed-off-by: Yu Zhang <yu.c.zhang@xxxxxxxxxxxxxxx> > Signed-off-by: Rick Edgecombe <rick.p.edgecombe@xxxxxxxxx> Instead of this, why not check the exit qualification gpa and, if it has the XO bit set, mask away both the XO bit and the R bit? It can be done unconditionally for all memslots. This should require no change to userspace. Paolo
