From mboxrd@z Thu Jan 1 00:00:00 1970 From: Gleb Natapov Subject: Re: [PATCH] KVM: x86 emulator mark VMMCALL and LMSW as privileged Date: Sun, 7 Mar 2010 10:56:27 +0200 Message-ID: <20100307085627.GP16909@redhat.com> References: <20100303155305.GF16909@redhat.com> <4B9367BB.8030600@redhat.com> <20100307084648.GO16909@redhat.com> <4B93695A.1030906@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: mtosatti@redhat.com, kvm@vger.kernel.org To: Avi Kivity Return-path: Received: from mx1.redhat.com ([209.132.183.28]:16548 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750773Ab0CGI4a (ORCPT ); Sun, 7 Mar 2010 03:56:30 -0500 Received: from int-mx03.intmail.prod.int.phx2.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.16]) by mx1.redhat.com (8.13.8/8.13.8) with ESMTP id o278uUET004018 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Sun, 7 Mar 2010 03:56:30 -0500 Content-Disposition: inline In-Reply-To: <4B93695A.1030906@redhat.com> Sender: kvm-owner@vger.kernel.org List-ID: On Sun, Mar 07, 2010 at 10:52:42AM +0200, Avi Kivity wrote: > On 03/07/2010 10:46 AM, Gleb Natapov wrote: > >On Sun, Mar 07, 2010 at 10:45:47AM +0200, Avi Kivity wrote: > >>On 03/03/2010 05:53 PM, Gleb Natapov wrote: > >>>LMSW is present in both group tables. It was marked privileged only in > >>>one of them. Intel analog of VMMCALL is already marked privileged. > >>> > >>Both VMCALL and VMMCALL are unprivileged. > >> > >But _we_ do not allow them in CPL!=0. > > Then that should be done outside the emulator. > As long as KVM is the only user of the emulator it doesn't matter. -- Gleb.