OpenE2K/qemu-e2k
13
4
Fork 0
Code Issues 4 Pull Requests Projects 2 Releases Activity

kvm: Enable CPU SMEP feature

Browse Source 
This patchset enables a new CPU feature SMEP (Supervisor Mode Execution
Protection) in QEMU-KVM. SMEP prevents kernel from executing code in application.
Updated Intel SDM describes this CPU feature. The document will be published soon.

SMEP is identified by CPUID leaf 7 EBX[7], which is 0 before. Get the right value by query KVM kernel module, so that guest can get SMEP through CPUID.

 Signed-off-by: Yang, Wei <wei.y.yang@intel.com>
 Singed-off-by: Shan, Haitao <haitao.shan@intel.com>
 Singed-off-by: Li, Xin <xin.li@intel.com>

Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
This commit is contained in:
Yang, Wei Y 2011-05-30 23:17:42 +08:00 committed by Marcelo Tosatti
parent 2d5f20b5f0
commit 3dc769ab43
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
target-i386/cpuid.c
View File

@ -1142,6 +1142,19 @@ void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count,
*ecx = 0;
*edx = 0;
break;
case 7:
if (kvm_enabled()) {
*eax = kvm_arch_get_supported_cpuid(env, 0x7, count, R_EAX);
*ebx = kvm_arch_get_supported_cpuid(env, 0x7, count, R_EBX);
*ecx = kvm_arch_get_supported_cpuid(env, 0x7, count, R_ECX);
*edx = kvm_arch_get_supported_cpuid(env, 0x7, count, R_EDX);
} else {
*eax = 0;
*ebx = 0;
*ecx = 0;
*edx = 0;
}
break;
case 9:
/* Direct Cache Access Information Leaf */
*eax = 0; /* Bits 0-31 in DCA_CAP MSR */