Re: [PATCH 6/9] KVM: MMU: introduce the framework to check reserved bits on sptes
From: Xiao Guangrong
Date: Tue Aug 04 2015 - 09:40:24 EST
On 08/04/2015 09:23 PM, Paolo Bonzini wrote:
On 04/08/2015 15:10, Xiao Guangrong wrote:
This should be cpu_has_nx, I think.
cpu_has_nx() checks the feature on host CPU, however, this is the shadow
page table which completely follow guest's features.
E.g, if guest does not execution-protect the physical page, then
KVM does not do it either.
That's just true for current code. In principle you could add a memslot
flag for KVM_MEMSLOT_NO_EXECUTE, then NX would be true on an spte but
not on a PTE.
Yes, i agree. I would like to keep it as strict as possible to catch
potential bugs. We can relax it while KVM_MEMSLOT_NO_EXECUTE is being
developed.
+ guest_cpuid_has_gbpages(vcpu),
This should be cpu_has_gbpages.
E.g, if guest does not use 1G page size, it's also not used in shadow page
table.
However, bit 7 in the shadow PDPTE is not reserved. If you're not
testing "is this bit reserved" but rather "should this bit be always
zero" in the SPTE, then checking guest_cpuid is okay. But in that case
shadow_rsvd_check is really more like shadow_always_zero_check.
Yes, it is not reserved in hardware's point of view. shadow_always_zero_check()
seems a more meaningful name, thanks for your suggestion. :)
is_pse(vcpu));
This should be cpu_has_pse.
E.g, guest does no use 4M page size, then KVM does not use it either.
Right, it should always be true, not cpu_has_pse, because PAE and 64-bit
page tables always support huge (2M) pages. Or as above, if you're
testing "should this bit be always zero" then it's a different story.
Yeah, i will rename the function.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/