On 23/10/20 19:23, Jim Mattson wrote: >> The information that we need is _not_ that provided by the advanced >> VM-exit information (or by a page walk). If a page is neither writable >> nor executable, the advanced information doesn't say if the injected #PF >> should be a W=1 or a F=1 fault. We need the information in bits 0..2 of >> the exit qualification for the final access, which however is not >> available for the paging-structure access. >> > Are you planning to extend the emulator, then, to support all > instructions? I'm not sure where you are going with this. I'm going to fix the bit 8=1 case, but for bit 8=0 there's not much that you can do. In all likelihood the guest is buggy anyway. It would be possible to only do the decode part of the emulator to get the PFEC (matching the GVA from the vmexit to the memory operand, for example, and retrying if the instruction is unexpected). Then one would only need enough VEX/EVEX parsing to process the decoding. Paolo
