| commit | 3dc769ab43fb4f0e552ecae7ed4414e2b7b77c4b | |
| author | Yang, Wei Y <wei.y.yang@intel.com> | |
| Mon, 30 May 2011 15:17:42 +0000 (30 23:17 +0800) | ||
| committer | Marcelo Tosatti <mtosatti@redhat.com> | |
| Wed, 1 Jun 2011 13:12:15 +0000 (1 10:12 -0300) | ||
| tree | 0d64cbd9f3c9f8eaeb5b7c5b609b5d3d609cfbe4 | treesnapshot (tar.gz zip) |
| parent | 2d5f20b5f055109c4ccfd1dbf22a100be0b03491 | commitdiff |
kvm: Enable CPU SMEP feature
This patchset enables a new CPU feature SMEP (Supervisor Mode Execution
Protection) in QEMU-KVM. SMEP prevents kernel from executing code in application.
Updated Intel SDM describes this CPU feature. The document will be published soon.
SMEP is identified by CPUID leaf 7 EBX[7], which is 0 before. Get the right value by query KVM kernel module, so that guest can get SMEP through CPUID.
Signed-off-by: Yang, Wei <wei.y.yang@intel.com>
Singed-off-by: Shan, Haitao <haitao.shan@intel.com>
Singed-off-by: Li, Xin <xin.li@intel.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
This patchset enables a new CPU feature SMEP (Supervisor Mode Execution
Protection) in QEMU-KVM. SMEP prevents kernel from executing code in application.
Updated Intel SDM describes this CPU feature. The document will be published soon.
SMEP is identified by CPUID leaf 7 EBX[7], which is 0 before. Get the right value by query KVM kernel module, so that guest can get SMEP through CPUID.
Signed-off-by: Yang, Wei <wei.y.yang@intel.com>
Singed-off-by: Shan, Haitao <haitao.shan@intel.com>
Singed-off-by: Li, Xin <xin.li@intel.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
| target-i386/cpuid.c | diffblobblamehistory |