From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linutronix.de (193.142.43.55:993) by crypto-ml.lab.linutronix.de with IMAP4-SSL for ; 25 Oct 2019 10:40:07 -0000 Received: from us-smtp-delivery-1.mimecast.com ([207.211.31.120] helo=us-smtp-1.mimecast.com) by Galois.linutronix.de with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1iNx0o-0005QF-LX for speck@linutronix.de; Fri, 25 Oct 2019 12:40:07 +0200 Received: by mail-wr1-f71.google.com with SMTP id c6so833079wrp.3 for ; Fri, 25 Oct 2019 03:40:02 -0700 (PDT) Received: from ?IPv6:2001:b07:6468:f312:9c7b:17ec:2a40:d29? ([2001:b07:6468:f312:9c7b:17ec:2a40:d29]) by smtp.gmail.com with ESMTPSA id x8sm2042143wrr.43.2019.10.25.03.39.59 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 25 Oct 2019 03:39:59 -0700 (PDT) Subject: [MODERATED] Re: ***UNCHECKED*** Re: Re: [PATCH v7 3/5] NX 3 References: <1571934870-34323-1-git-send-email-pbonzini@redhat.com> <1571934870-34323-4-git-send-email-pbonzini@redhat.com> <20191025083739.GC7069@suse.de> <20191025090331.GD7069@suse.de> <201e8590-30ed-ab29-6fc2-bbeab1fb5592@redhat.com> <20191025094527.GE7069@suse.de> From: Paolo Bonzini Message-ID: <801f92a4-befa-79da-8f64-7d721f6e5c8f@redhat.com> Date: Fri, 25 Oct 2019 12:39:58 +0200 MIME-Version: 1.0 In-Reply-To: <20191025094527.GE7069@suse.de> Content-Type: multipart/mixed; boundary="OKNTk1gG1qA5IEWw6pxE9MNal37cCOo87"; protected-headers="v1" To: speck@linutronix.de List-ID: This is an OpenPGP/MIME encrypted message (RFC 4880 and 3156) --OKNTk1gG1qA5IEWw6pxE9MNal37cCOo87 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable On 25/10/19 11:45, speck for Joerg Roedel wrote: > On Fri, Oct 25, 2019 at 11:08:25AM +0200, speck for Paolo Bonzini wrote= : >> diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c >> index e7970a2e8eae..8979d5e7b6f5 100644 >> --- a/arch/x86/kvm/vmx/vmx.c >> +++ b/arch/x86/kvm/vmx/vmx.c >> @@ -969,17 +969,9 @@ static bool update_transition_efer(struct vcpu_vm= x *vmx, int efer_offset) >> u64 guest_efer =3D vmx->vcpu.arch.efer; >> u64 ignore_bits =3D 0; >> =20 >> - if (!enable_ept) { >> - /* >> - * NX is needed to handle CR0.WP=3D1, CR4.SMEP=3D1. Testing >> - * host CPUID is more efficient than testing guest CPUID >> - * or CR4. Host SMEP is anyway a requirement for guest SMEP. >> - */ >> - if (boot_cpu_has(X86_FEATURE_SMEP)) >> - guest_efer |=3D EFER_NX; >> - else if (!(guest_efer & EFER_NX)) >> - ignore_bits |=3D EFER_NX; >> - } >> + /* Shadow paging assumes the NX bit to be available. */ >> + if (!enable_ept) >> + guest_efer |=3D EFER_NX; >> =20 >> /* >> * LMA and LME handled by hardware; SCE meaningless outside long mod= e. >=20 > Works with ept on and off, thanks. Thanks, I'll include also the AMD version in a new patch and send it out = as v8: diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c index 4153ca8cddb7..29feb3ecc91c 100644 --- a/arch/x86/kvm/svm.c +++ b/arch/x86/kvm/svm.c @@ -739,8 +739,12 @@ static int get_npt_level(struct kvm_vcpu *vcpu) static void svm_set_efer(struct kvm_vcpu *vcpu, u64 efer) { vcpu->arch.efer =3D efer; - if (!npt_enabled && !(efer & EFER_LMA)) - efer &=3D ~EFER_LME; + if (!npt_enabled) { + /* Shadow paging assumes the NX bit to be available. */ + efer |=3D EFER_NXE; + if (!(efer & EFER_LMA)) + efer &=3D ~EFER_LME; + } =20 to_svm(vcpu)->vmcb->save.efer =3D efer | EFER_SVME; mark_dirty(to_svm(vcpu)->vmcb, VMCB_CR); Paolo --OKNTk1gG1qA5IEWw6pxE9MNal37cCOo87--