« Previous | Next » 

Revision f7911686

IDf79116867ec80ed5d1d10043a3fd9ac8afd182c1

Added by Yang, Wei Y almost 10 years ago

kvm: Enable CPU SMEP feature

This patchset enables a new CPU feature SMEP (Supervisor Mode Execution
Protection) in QEMU-KVM. SMEP prevents kernel from executing code in application.
Updated Intel SDM describes this CPU feature. The document will be published soon.

SMEP is identified by CPUID leaf 7 EBX7, which is 0 before. Get the right value by query KVM kernel module, so that guest can get SMEP through CPUID.

Signed-off-by: Yang, Wei <>
Singed-off-by: Shan, Haitao <>
Singed-off-by: Li, Xin <>

Signed-off-by: Marcelo Tosatti <>

Files

  • added
  • modified
  • copied
  • renamed
  • deleted

View differences