On 04/08/2015 15:10, Xiao Guangrong wrote:
This should be cpu_has_nx, I think.
cpu_has_nx() checks the feature on host CPU, however, this is the shadow
page table which completely follow guest's features.
E.g, if guest does not execution-protect the physical page, then
KVM does not do it either.
That's just true for current code. In principle you could add a memslot
flag for KVM_MEMSLOT_NO_EXECUTE, then NX would be true on an spte but
not on a PTE.
+ guest_cpuid_has_gbpages(vcpu),
This should be cpu_has_gbpages.
E.g, if guest does not use 1G page size, it's also not used in shadow page
table.
However, bit 7 in the shadow PDPTE is not reserved. If you're not
testing "is this bit reserved" but rather "should this bit be always
zero" in the SPTE, then checking guest_cpuid is okay. But in that case
shadow_rsvd_check is really more like shadow_always_zero_check.
is_pse(vcpu));
This should be cpu_has_pse.
E.g, guest does no use 4M page size, then KVM does not use it either.
Right, it should always be true, not cpu_has_pse, because PAE and 64-bit
page tables always support huge (2M) pages. Or as above, if you're
testing "should this bit be always zero" then it's a different story.