From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <jroedel@suse.de>
Received: from mail.linutronix.de (193.142.43.55:993) by
  crypto-ml.lab.linutronix.de with IMAP4-SSL for <speck@linutronix.de>; 25 Oct
  2019 09:45:38 -0000
Received: from mx2.suse.de ([195.135.220.15] helo=mx1.suse.de)
	by Galois.linutronix.de with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256)
	(Exim 4.80)
	(envelope-from <jroedel@suse.de>)
	id 1iNwA4-0004WA-Nm
	for speck@linutronix.de; Fri, 25 Oct 2019 11:45:37 +0200
Received: from relay2.suse.de (unknown [195.135.220.254])
	by mx1.suse.de (Postfix) with ESMTP id 7BE1BB3DF
	for <speck@linutronix.de>; Fri, 25 Oct 2019 09:45:29 +0000 (UTC)
Date: Fri, 25 Oct 2019 11:45:27 +0200
From: Joerg Roedel <jroedel@suse.de>
Subject: [MODERATED] Re: ***UNCHECKED*** Re: Re: [PATCH v7 3/5] NX 3
Message-ID: <20191025094527.GE7069@suse.de>
References: <1571934870-34323-1-git-send-email-pbonzini@redhat.com>
 <1571934870-34323-4-git-send-email-pbonzini@redhat.com>
 <20191025083739.GC7069@suse.de>
 <a5f3f0dd-2eb8-6bf7-ae08-6bb45e8a4c68@redhat.com>
 <20191025090331.GD7069@suse.de>
 <201e8590-30ed-ab29-6fc2-bbeab1fb5592@redhat.com>
MIME-Version: 1.0
In-Reply-To: <201e8590-30ed-ab29-6fc2-bbeab1fb5592@redhat.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
To: speck@linutronix.de
List-ID: <speck.linutronix.de>

On Fri, Oct 25, 2019 at 11:08:25AM +0200, speck for Paolo Bonzini wrote:
> diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
> index e7970a2e8eae..8979d5e7b6f5 100644
> --- a/arch/x86/kvm/vmx/vmx.c
> +++ b/arch/x86/kvm/vmx/vmx.c
> @@ -969,17 +969,9 @@ static bool update_transition_efer(struct vcpu_vmx *vmx, int efer_offset)
>  	u64 guest_efer = vmx->vcpu.arch.efer;
>  	u64 ignore_bits = 0;
>  
> -	if (!enable_ept) {
> -		/*
> -		 * NX is needed to handle CR0.WP=1, CR4.SMEP=1.  Testing
> -		 * host CPUID is more efficient than testing guest CPUID
> -		 * or CR4.  Host SMEP is anyway a requirement for guest SMEP.
> -		 */
> -		if (boot_cpu_has(X86_FEATURE_SMEP))
> -			guest_efer |= EFER_NX;
> -		else if (!(guest_efer & EFER_NX))
> -			ignore_bits |= EFER_NX;
> -	}
> +	/* Shadow paging assumes the NX bit to be available.  */
> +	if (!enable_ept)
> +		guest_efer |= EFER_NX;
>  
>  	/*
>  	 * LMA and LME handled by hardware; SCE meaningless outside long mode.

Works with ept on and off, thanks.


	Joerg