Re: [PATCH v2 0/4] Enable SMEP CPU Feature

From: Ingo Molnar
Date: Tue May 17 2011 - 03:03:43 EST

Next message: Ingo Molnar: "Re: [PATCH v2 0/4] Enable SMEP CPU Feature"
Previous message: Nicholas A. Bellinger: "[PATCH-v4 11/14] iscsi-target: Add iSCSI Error Recovery Hierarchy support"
In reply to: Ingo Molnar: "Re: [PATCH v2 0/4] Enable SMEP CPU Feature"
Next in thread: Avi Kivity: "Re: [PATCH v2 0/4] Enable SMEP CPU Feature"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Fenghua Yu <fenghua.yu@xxxxxxxxx> wrote:

> From: Fenghua Yu <fenghua.yu@xxxxxxxxx>
>
> Intel new CPU supports SMEP (Supervisor Mode Execution Protection). SMEP
> prevents kernel from executing code in application. Updated Intel SDM describes
> this CPU feature. The document will be published soon.
>
> Note: This patch set doesn't enable the SMEP feature in KVM. If it's needed,
> another patch will be pushed for enabling the feature in KVM.

We can do it separately from native kernel support, but i'm sure Avi would
agree that SMEP support in KVM would be nice! (as long as it's configurable as
well, there might be guest OSs that break if SMEP is enabled, right?)

Thanks,

Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Ingo Molnar: "Re: [PATCH v2 0/4] Enable SMEP CPU Feature"
Previous message: Nicholas A. Bellinger: "[PATCH-v4 11/14] iscsi-target: Add iSCSI Error Recovery Hierarchy support"
In reply to: Ingo Molnar: "Re: [PATCH v2 0/4] Enable SMEP CPU Feature"
Next in thread: Avi Kivity: "Re: [PATCH v2 0/4] Enable SMEP CPU Feature"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]