Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8d87a03aea43535a92efbb180e0ceac94d4bb5db Commit: 8d87a03aea43535a92efbb180e0ceac94d4bb5db Parent: fe135d2ceb3d7dc08151b3cbad96565d02cc8676 Author: Avi Kivity <[EMAIL PROTECTED]> AuthorDate: Sun Dec 9 16:37:36 2007 +0200 Committer: Avi Kivity <[EMAIL PROTECTED]> CommitDate: Wed Jan 30 17:53:20 2008 +0200
KVM: MMU: Set nx bit correctly on shadow ptes While the page table walker correctly generates a guest page fault if a guest tries to execute a non-executable page, the shadow code does not mark it non-executable. This means that if a guest accesses an nx page first with a read access, then subsequent code fetch accesses will succeed. Fix by setting the nx bit on shadow ptes. Signed-off-by: Avi Kivity <[EMAIL PROTECTED]> --- drivers/kvm/paging_tmpl.h | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/drivers/kvm/paging_tmpl.h b/drivers/kvm/paging_tmpl.h index 7688cbf..59ba752 100644 --- a/drivers/kvm/paging_tmpl.h +++ b/drivers/kvm/paging_tmpl.h @@ -255,6 +255,8 @@ static void FNAME(set_pte)(struct kvm_vcpu *vcpu, pt_element_t gpte, spte |= gpte & PT64_NX_MASK; if (!dirty) pte_access &= ~ACC_WRITE_MASK; + if (!(pte_access & ACC_EXEC_MASK)) + spte |= PT64_NX_MASK; page = gfn_to_page(vcpu->kvm, gfn); - To unsubscribe from this list: send the line "unsubscribe git-commits-head" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html