Re: [PATCH 01/22] KVM: TDX/VMX: rework EPT_VIOLATION_EXEC_FOR_RING3_LIN into PROT_MASK

Next message: illusion.wang: "[PATCH v9 net-next 07/11] net/nebula-matrix: add intr resource implementation"
Previous message: Huang, Kai: "Re: [PATCH 10/22] KVM: x86/mmu: split XS/XU bits for MBEC"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Huang, Kai

Date: Wed Mar 25 2026 - 00:29:43 EST

On Sat, 2026-03-21 at 01:09 +0100, Paolo Bonzini wrote:
> From: Jon Kohler <jon@xxxxxxxxxxx>
>
> EPT exit qualification bit 6 is used when mode-based execute control
> is enabled, and reflects user executable addresses. Rework name to
> reflect the intention and add to EPT_VIOLATION_PROT_MASK, which allows
> simplifying the return evaluation in
> tdx_is_sept_violation_unexpected_pending a pinch.
>
> Rework handling in __vmx_handle_ept_violation to unconditionally clear
> EPT_VIOLATION_PROT_USER_EXEC until MBEC is implemented, as suggested by
> Sean [1].
>
> Note: Intel SDM Table 29-7 defines bit 6 as:
> If the “mode-based execute control” VM-execution control is 0, the
> value of this bit is undefined. If that control is 1, this bit is the
> logical-AND of bit 10 in the EPT paging-structure entries used to
> translate the guest-physical address of the access causing the EPT
> violation. In this case, it indicates whether the guest-physical
> address was executable for user-mode linear addresses.
>
> [1] https://lore.kernel.org/all/aCJDzU1p_SFNRIJd@xxxxxxxxxx/
>
> Suggested-by: Sean Christopherson <seanjc@xxxxxxxxxx>
> Signed-off-by: Jon Kohler <jon@xxxxxxxxxxx>
> Message-ID: <20251223054806.1611168-2-jon@xxxxxxxxxxx>
> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx>
>

Acked-by: Kai Huang <kai.huang@xxxxxxxxx>