On 13/02/19 18:19, Singh, Brijesh wrote: > 1. Guest does the MMIO access which causes a rsvd page fault > 2. Hardware processes this as a VMEXIT > 3. During the processing, hardware attempts to read the instruction > bytes. This is done by issuing a data read request from the RIP > that the guest was at. > 4. The result of these reads are then stored in the VMCB. > > So in step #3 there can be a SMAP fault because internally the CPU > is doing a data read from the RIP to get these bytes. Hardware didn't > save them from the actual instruction execution or anything, it > actually go and re-read them, which is why this can cause a SMAP > fault. What combination of NPF bits, EFLAGS and CR4 is causing a SMAP fault? Does KVM actually use that combination? Paolo
