Re: [PATCH 5/8] KVM: x86/mmu: bootstrap support for Intel MBEC

Next message: Taniya Das: "[PATCH v2 1/2] arm64: dts: qcom: Add support for MM clock controllers for Glymur"
Previous message: Nathan Chancellor: "Re: [PATCH v1 4/8] ACPI: x86/rtc-cmos: Use platform device for driver binding"
Next in thread: Jon Kohler: "Re: [PATCH 5/8] KVM: x86/mmu: bootstrap support for Intel MBEC"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Paolo Bonzini

Date: Tue Mar 03 2026 - 12:54:24 EST

On 12/23/25 06:47, Jon Kohler wrote:

Extend kvm_mmu_page_role access bitfield from 3 to 4, where the 4th bit
will be used to track user executable pages with Intel mode-based
execute control (MBEC).

Extend SPTE generation and introduce shadow_ux value to account for
user and kernel executable distinctions under MBEC.

While MBEC has a different definition of the bits, GMET is essentially SMEP (except that AMD couldn't retrofit it into hCR4.SMEP due to how NPT handles the U bit). I wonder if it's possible to handle MBEC as SMEP as well, with some additional handling of the SPTEs (with shadox_x_mask and shadow_ux_mask taking the functionality of shadow_nx_mask and shadow_u_mask) but no large changes to the MMU.

This should be a much simpler patch set if it can be made to work. I'll take a look.

Paolo