| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aAiFrImd+thCUXw+@intel.com>
Date: Wed, 23 Apr 2025 14:16:12 +0800
From: Chao Gao <chao.gao@...el.com>
To: Jon Kohler <jon@...anix.com>
CC: <seanjc@...gle.com>, <pbonzini@...hat.com>, <tglx@...utronix.de>,
<mingo@...hat.com>, <bp@...en8.de>, <dave.hansen@...ux.intel.com>,
<x86@...nel.org>, <hpa@...or.com>, <kvm@...r.kernel.org>,
<linux-kernel@...r.kernel.org>, Mickaël Salaün
<mic@...ikod.net>
Subject: Re: [RFC PATCH 14/18] KVM: x86/mmu: Extend is_executable_pte to
understand MBEC
>-static inline bool is_executable_pte(u64 spte)
>+static inline bool is_executable_pte(u64 spte, bool for_kernel_mode,
>+ struct kvm_vcpu *vcpu)
> {
>- return (spte & (shadow_x_mask | shadow_nx_mask)) == shadow_x_mask;
>+ u64 x_mask = shadow_x_mask;
>+
>+ if (vcpu->arch.pt_guest_exec_control) {
>+ x_mask |= shadow_ux_mask;
>+ if (for_kernel_mode)
>+ x_mask &= ~VMX_EPT_USER_EXECUTABLE_MASK;
>+ else
>+ x_mask &= ~VMX_EPT_EXECUTABLE_MASK;
>+ }
using VMX_EPT_* directly here looks weird. how about:
u64 x_mask = shadow_x_mask;
if (/* mbec enabled */ && !for_kernel_mode)
x_mask = shadow_ux_mask;
return (spte & (x_mask | shadow_nx_mask)) == x_mask;
>+
>+ return (spte & (x_mask | shadow_nx_mask)) == x_mask;
> }
Powered by blists - more mailing lists