On Sat, 2017-05-06 at 11:04 +0200, Paolo Bonzini wrote:
On 05/05/2017 20:17, Ricardo Neri wrote:
User-Mode Instruction Prevention is a security feature present in new Intel processors that, when set, prevents the execution of a subset of instructions if such instructions are executed in user mode (CPL > 0). Attempting to execute such instructions causes a general protection exception.
The subset of instructions comprises:
* SGDT - Store Global Descriptor Table * SIDT - Store Interrupt Descriptor Table * SLDT - Store Local Descriptor Table * SMSW - Store Machine Status Word * STR - Store Task Register
This feature is also added to the list of disabled-features to allow a cleaner handling of build-time configuration.
Cc: Andy Lutomirski <luto(a)kernel.org> Cc: Andrew Morton <akpm(a)linux-foundation.org> Cc: H. Peter Anvin <hpa(a)zytor.com> Cc: Borislav Petkov <bp(a)suse.de> Cc: Brian Gerst <brgerst(a)gmail.com> Cc: Chen Yucong <slaoub(a)gmail.com> Cc: Chris Metcalf <cmetcalf(a)mellanox.com> Cc: Dave Hansen <dave.hansen(a)linux.intel.com> Cc: Fenghua Yu <fenghua.yu(a)intel.com> Cc: Huang Rui <ray.huang(a)amd.com> Cc: Jiri Slaby <jslaby(a)suse.cz> Cc: Jonathan Corbet <corbet(a)lwn.net> Cc: Michael S. Tsirkin <mst(a)redhat.com> Cc: Paul Gortmaker <paul.gortmaker(a)windriver.com> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Ravi V. Shankar <ravi.v.shankar(a)intel.com> Cc: Shuah Khan <shuah(a)kernel.org> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: Tony Luck <tony.luck(a)intel.com> Cc: Paolo Bonzini <pbonzini(a)redhat.com> Cc: Liang Z. Li <liang.z.li(a)intel.com> Cc: Alexandre Julliard <julliard(a)winehq.org> Cc: Stas Sergeev <stsp(a)list.ru> Cc: x86(a)kernel.org Cc: linux-msdos(a)vger.kernel.org
Signed-off-by: Ricardo Neri <ricardo.neri-calderon(a)linux.intel.com>
Would it be possible to have this patch in a topic branch for KVM's consumption?
I have put a branch here with this single patch: https://github.com/ricardon/tip.git rneri/umip_for_kvm This is based on Linux v4.11. Please let me know if this works for your or you'd prefer it to be based on a different branch/commit/repo. Thanks and BR, Ricardo