On 01/25/2018 12:31 AM, Bitweasil . wrote: > I've recently discovered that if you attempt to use introspection to > capture CR3 changes with the new KPTI enabled kernels, the guest dies > shortly after the start of introspection with failed VM entry due to > invalid guest state. > > I believe the invalid state here is the high bit being set in CR3 - > while this is how one indicates that PCID should not invalidate the > various page table caches, introspection leads to this being set in the > VMCS, which appears to be wrong. Our solution doesn't intercept CR3 writes (and hasn't for a while), so it is unaffected (and this explains why we haven't come across this issue). But the problem should clearly be solved - although at this point it looks like the fix is somewhere deeper than the introspection layer.
Thanks, Razvan _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
