Re: [RFC PATCH v2 00/24] KVM: combined patchset for MBEC/GMET support
From: Jon Kohler
Date: Mon Mar 30 2026 - 14:59:50 EST
> On Mar 30, 2026, at 6:43 AM, Paolo Bonzini <pbonzini@xxxxxxxxxx> wrote:
>
> On Mon, Mar 30, 2026 at 4:28 AM Jon Kohler <jon@xxxxxxxxxxx> wrote:
>> For this RFCv2 series:
>> Tested-By: Jon Kohler <jon@xxxxxxxxxxx>
>
> Great, thanks! FWIW I found a small hole (just by code inspection);
> translate_nested_gpa is always setting PFERR_USER_MASK and therefore
> always using XU (and always allowing execution for GMET). The fix is
> not hard, basically translate_nested_gpa needs to become an entry in
> the nested_ops and the callers need a little bit of adjustment to pass
> more info down. Then the vendor code can do respectively:
>
> /*
> * MBEC differentiates based on the effective U/S bit of
> * the guest page tables; not the processor CPL.
> */
> access &= ~PFERR_USER_MASK;
> if ((pte_access & ACC_USER_MASK)
> && (access & PFERR_GUEST_FINAL_MASK))
> access |= PFERR_USER_MASK;
>
> and
>
> /* Non-GMET walks are always user-walks */
> if (!(svm->nested.ctl.nested_ctl & SVM_NESTED_CTL_GMET_ENABLE))
> access |= PFERR_USER_MASK;
>
> I'll post this after the series gets more review altogether.
Ok cool, will look forward to that!
>
>> On the ecosystem enablement side, qemu has both mbec [1] and gmet [2];
>> however, they are not exposed via any model definitions (yet), so users
>> would need to manually enable them in the short term. I'll work up
>> a patch to expose these via model definitions and propose that to the
>> list this week.
>
> Sounds good!
>
> Paolo
QEMU GMET models:
https://lists.nongnu.org/archive/html/qemu-devel/2026-03/msg08090.html
https://github.com/qemu/qemu/commit/fa530e86bed12c5743f6e88c4a1e4cc02cf0e68b
QEMU MBEC models:
https://lists.nongnu.org/archive/html/qemu-devel/2026-03/msg08091.html
https://github.com/qemu/qemu/commit/2b70121653b2037e551677377f92ca4623f8d4ff