On 05/02/21 01:20, Krish Sadhukhan wrote:
I think you can use prepare_gif_clear to set RFLAGS.TF and the
exception handler can:
1) look for VMRUN at the interrupted EIP. If it is there store the
VMRUN address and set a flag.
2) on the next #DB (flag set), store the EIP and clear the flag
The finished callback then checks that the EIP was stored and that the
two EIPs are 3 bytes apart (the length of a VMRUN).
Thanks for the suggestion. It worked fine and I have sent out v2.
However, I couldn't use the two RIPs (VMRUN and post-VMRUN) to check the
result because the post-VMRUN RIP was more than the length of the VMRUN
instruction i.e., when #DB handler got executed following guest exit,
the RIP had moved forward a few instructions from VMRUN. So, I have used
the same mechanism I used in v1, to check the results.
Where did it move to? (And could it be a KVM bug?)
Paolo
