* Yang, Wei Y <[email protected]> wrote:
> This patch removes SMEP bit from CR4_RESERVED_BITS.
I'm wondering, what is the best-practice way for tools/kvm/ to set
SMEP for the guest kernel automatically, even if the guest kernel
itsef has not requested SMEP?
The portion i'm worried about are old KVM versions that have the SMEP
bit in CR4_RESERVED_BITS and reject it. So we cannot just
unilaterally add SMEP to every cr4 write of the guest. Is there a way
to query whether the host KVM version supports SMEP setting in cr4?
That way tools/kvm/ could add the SMEP bit if the host CPU has it in
/proc/cpuinfo and if KVM supports it.
( With a --no-smep kind of command line option to opt out of this
automatic protection, to test it, and for the unlikely case that
SMEP causes problems. )
Thanks,
Ingo
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
