On 10/04/19 17:43, Xiexiangyou wrote:
> 1. The VM is migrated from the A host to the B host. The A host is configured
> with nopku but the B host is not.
> 2. The VM has an internal restart on the B host. The "setup_pku" is executed
> during the booting of the VM kernel. Because pku is supported, CR4.PKE is set.
> 3. Next, migrate the VM from the B host back to the A host. Panic will be
> triggered. Because vcpu vmexit will do host pkru restoring if guest_CR4.PKE
> is enabled.
The VM should have never been migrated to host B, since it does not
support setting guest CPUID.PKU
/* PKU is not yet implemented for shadow paging. */
if (!tdp_enabled || !boot_cpu_has(X86_FEATURE_OSPKE))
entry->ecx &= ~F(PKU);
Paolo
