diff options
| author | Mathias Krause <[email protected]> | 2023-03-22 02:37:31 +0100 |
|---|---|---|
| committer | Sean Christopherson <[email protected]> | 2023-03-22 07:47:26 -0700 |
| commit | fb509f76acc8d42bed11bca308404f81c2be856a (patch) | |
| tree | b4d975c9aaeb6119487503174ba298ffc3090cd3 /lib/test_fortify/write_overflow-strncpy-src.c | |
| parent | 74cdc836919bf34684ef66f995273f35e2189daf (diff) | |
KVM: VMX: Make CR0.WP a guest owned bit
Guests like grsecurity that make heavy use of CR0.WP to implement kernel
level W^X will suffer from the implied VMEXITs.
With EPT there is no need to intercept a guest change of CR0.WP, so
simply make it a guest owned bit if we can do so.
This implies that a read of a guest's CR0.WP bit might need a VMREAD.
However, the only potentially affected user seems to be kvm_init_mmu()
which is a heavy operation to begin with. But also most callers already
cache the full value of CR0 anyway, so no additional VMREAD is needed.
The only exception is nested_vmx_load_cr3().
This change is VMX-specific, as SVM has no such fine grained control
register intercept control.
Suggested-by: Sean Christopherson <[email protected]>
Signed-off-by: Mathias Krause <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Co-developed-by: Sean Christopherson <[email protected]>
Signed-off-by: Sean Christopherson <[email protected]>
Diffstat (limited to 'lib/test_fortify/write_overflow-strncpy-src.c')
0 files changed, 0 insertions, 0 deletions