KVM: MMU: Set nx bit correctly on shadow ptes
While the page table walker correctly generates a guest page fault
if a guest tries to execute a non-executable page, the shadow code does
not mark it non-executable. This means that if a guest accesses an nx
page first with a read access, then subsequent code fetch accesses will
succeed.
Fix by setting the nx bit on shadow ptes.
Signed-off-by: NAvi Kivity <avi@qumranet.com>
Showing
想要评论请 注册 或 登录