The host pkru is restored right after vcpu exit (commit 1be0e61), so KVM_GET_XSAVE will return the host PKRU value instead. In general, the PKRU value in vcpu->arch.guest_fpu.state cannot be trusted. The first patch removes an unnecessary abstraction. The second fixes the bug. Please test the patches, as I don't have the affected hardware. Paolo Paolo Bonzini (2): KVM: x86: simplify handling of PKRU KVM, pkeys: do not use PKRU value in vcpu->arch.guest_fpu.state arch/x86/include/asm/fpu/internal.h | 6 +++--- arch/x86/include/asm/kvm_host.h | 1 + arch/x86/kvm/kvm_cache_regs.h | 5 ----- arch/x86/kvm/mmu.h | 2 +- arch/x86/kvm/svm.c | 7 ------- arch/x86/kvm/vmx.c | 23 ++++++----------------- arch/x86/kvm/x86.c | 17 ++++++++++++++--- 7 files changed, 25 insertions(+), 36 deletions(-) -- 1.8.3.1
