github/acrn-hypervisor
1
0
Fork 0
mirror of https://github.com/projectacrn/acrn-hypervisor.git synced 2025-09-04 10:25:00 +00:00
Code Issues Projects Releases Wiki Activity

hv: enable NX in hypervisor

Browse Source 
- enable NX feature in hypervisor:
  1. Set 'XD' bit for all pages, including pages for guests
     when initialize MMU tables in hypervisor.
  2. remove 'XD' bit for pages that contain hypervisor instructions.
  3. enable MSR EFER.NXE,which will enable page access restriction by
     preventing instruction fetches form pages with XD bit set.

- remove "-Wl -z noexecstack" GCC flag option in hypervisor
  Makefile as it would not affect stack attribute in hyervisor,
  which setup stack itself, instead of by loader.

Tracked-On: #1122
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
This commit is contained in:
Yonghua Huang
2018-12-04 21:13:43 +08:00
committed by wenlingz
parent 405d1335c6
commit 4d13ad9d08
5 changed files with 35 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
hypervisor/include/arch/x86/mmu.h
View File

@@ -53,6 +53,8 @@
#define IA32E_REF_MASK \
(boot_cpu_data.physical_address_mask)
extern uint8_t ld_text_end;
static inline uint64_t round_page_up(uint64_t addr)
{
return (((addr + (uint64_t)PAGE_SIZE) - 1UL) & PAGE_MASK);