Re: [PATCH 5/8] KVM: x86/mmu: bootstrap support for Intel MBEC

Next message: Caleb James DeLisle: "[PATCH 5/8] dt-bindings: PCI: mediatek: Add support for EcoNet EN7528"
Previous message: Caleb James DeLisle: "[PATCH 2/8] clk: airoha: Add econet EN751221 clock/reset support to en7523-scu"
In reply to: Paolo Bonzini: "Re: [PATCH 5/8] KVM: x86/mmu: bootstrap support for Intel MBEC"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Jon Kohler

Date: Tue Mar 03 2026 - 14:11:05 EST

> On Mar 3, 2026, at 12:54 PM, Paolo Bonzini <pbonzini@xxxxxxxxxx> wrote:
>
> On 12/23/25 06:47, Jon Kohler wrote:
>> Extend kvm_mmu_page_role access bitfield from 3 to 4, where the 4th bit
>> will be used to track user executable pages with Intel mode-based
>> execute control (MBEC).
>> Extend SPTE generation and introduce shadow_ux value to account for
>> user and kernel executable distinctions under MBEC.
>
> While MBEC has a different definition of the bits, GMET is essentially SMEP (except that AMD couldn't retrofit it into hCR4.SMEP due to how NPT handles the U bit). I wonder if it's possible to handle MBEC as SMEP as well, with some additional handling of the SPTEs (with shadox_x_mask and shadow_ux_mask taking the functionality of shadow_nx_mask and shadow_u_mask) but no large changes to the MMU.
>
> This should be a much simpler patch set if it can be made to work. I'll take a look.
>
> Paolo

Thanks, Paolo. Certainly if we can make this simpler, I’m all for it.
I appreciate any help we can get on this one.

Happy to test out additional approaches, as we’ve got the Windows
performance regression test for this completely automated on our side
to study the impact one way or the other.

Thanks again,
Jon