On Sun, Feb 11, 2018 at 3:56 AM, Wanpeng Li <kernellwp@xxxxxxxxx> wrote: > Writes 0 to cr3 can't be detected during vmentry checks by hardware. I never suggested otherwise. I was just trying to explain why you can't assume that the host CR3 field in the VMCS matches the host CR3 at the time of VMLAUNCH. KVM is set up for failure, because it loads a bunch of guest state before checking the validity of all of the control fields. If a control field in the vmcs12 is invalid, but KVM doesn't recognize this until after it has loaded guest state, all of the host state that has been overwritten should be restored. "Restored" does not mean "loaded from the vmcs12." It means reverted to its state at the time of the failed VMLAUNCH/VMRESUME.