From bf2c609b3ead56c69c1c71aa7c07f2a005c918e3 Mon Sep 17 00:00:00 2001 From: "Yang, Wei Y" Date: Fri, 3 Jun 2011 11:14:16 +0800 Subject: [PATCH] --- yaml --- r: 258032 b: refs/heads/master c: e57d4a356ad3ac46881399c424cc6cf6dd16359d h: refs/heads/master v: v3 --- [refs] | 2 +- trunk/arch/x86/kvm/paging_tmpl.h | 9 ++++++++- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/[refs] b/[refs] index 721d062cefd1..c80ad137dd82 100644 --- a/[refs] +++ b/[refs] @@ -1,2 +1,2 @@ --- -refs/heads/master: 611c120f7486a19e7df2225f875a52ef0b599ae8 +refs/heads/master: e57d4a356ad3ac46881399c424cc6cf6dd16359d diff --git a/trunk/arch/x86/kvm/paging_tmpl.h b/trunk/arch/x86/kvm/paging_tmpl.h index 9d03ad4dd5ec..1caeb4d22e01 100644 --- a/trunk/arch/x86/kvm/paging_tmpl.h +++ b/trunk/arch/x86/kvm/paging_tmpl.h @@ -246,6 +246,12 @@ static int FNAME(walk_addr_generic)(struct guest_walker *walker, gfn_t gfn; u32 ac; + /* check if the kernel is fetching from user page */ + if (unlikely(pte_access & PT_USER_MASK) && + kvm_read_cr4_bits(vcpu, X86_CR4_SMEP)) + if (fetch_fault && !user_fault) + eperm = true; + gfn = gpte_to_gfn_lvl(pte, lvl); gfn += (addr & PT_LVL_OFFSET_MASK(lvl)) >> PAGE_SHIFT; @@ -305,7 +311,8 @@ static int FNAME(walk_addr_generic)(struct guest_walker *walker, walker->fault.error_code |= write_fault | user_fault; - if (fetch_fault && mmu->nx) + if (fetch_fault && (mmu->nx || + kvm_read_cr4_bits(vcpu, X86_CR4_SMEP))) walker->fault.error_code |= PFERR_FETCH_MASK; if (rsvd_fault) walker->fault.error_code |= PFERR_RSVD_MASK;