From: Sheng Yang Date: Wed, 2 Jun 2010 06:05:24 +0000 (+0800) Subject: KVM: VMX: Enforce EPT pagetable level checking X-Git-Tag: firefly_0821_release~9833^2~1315^2~114 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=4bc9b9828150747386130ab172f7e868e1a0fc2a;p=firefly-linux-kernel-4.4.55.git KVM: VMX: Enforce EPT pagetable level checking We only support 4 levels EPT pagetable now. Signed-off-by: Sheng Yang Signed-off-by: Marcelo Tosatti --- diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c index 8c9085d44c37..2201e3816205 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c @@ -340,6 +340,11 @@ static inline bool cpu_has_vmx_ept_1g_page(void) return vmx_capability.ept & VMX_EPT_1GB_PAGE_BIT; } +static inline bool cpu_has_vmx_ept_4levels(void) +{ + return vmx_capability.ept & VMX_EPT_PAGE_WALK_4_BIT; +} + static inline bool cpu_has_vmx_invept_individual_addr(void) { return vmx_capability.ept & VMX_EPT_EXTENT_INDIVIDUAL_BIT; @@ -1568,7 +1573,8 @@ static __init int hardware_setup(void) if (!cpu_has_vmx_vpid()) enable_vpid = 0; - if (!cpu_has_vmx_ept()) { + if (!cpu_has_vmx_ept() || + !cpu_has_vmx_ept_4levels()) { enable_ept = 0; enable_unrestricted_guest = 0; }