On 15/06/2017 13:20, Ladi Prosek wrote: > @@ -4635,6 +4669,7 @@ static void enable_nmi_window(struct kvm_vcpu *vcpu) > * Something prevents NMI from been injected. Single step over possible > * problem (IRET or exception injection or interrupt shadow) > */ > + svm->nmi_singlestep_guest_rflags = svm_get_rflags(vcpu); > svm->nmi_singlestep = true; I like this, and I think it should be extended (not by you necessarily :)) to KVM_GUESTDBG_SINGLESTEP. The current way of dropping TF from the guest altogether kinda works, because you're not going to run nested gdb, but is conceptually broken. Paolo
