On Wed, 2024-09-11 at 13:17 +1200, Huang, Kai wrote: > > is the VM-Enter > > error uniquely identifiable, > > When zero-step mitigation is active in the module, TDH.VP.ENTER tries to > grab the SEPT lock thus it can fail with SEPT BUSY error. But if it > does grab the lock successfully, it exits to VMM with EPT violation on > that GPA immediately. > > In other words, TDH.VP.ENTER returning SEPT BUSY means "zero-step > mitigation" must have been active. I think this isn't true. A sept locking related busy, maybe. But there are other things going on that return BUSY. > A normal EPT violation _COULD_ mean > mitigation is already active, but AFAICT we don't have a way to tell > that in the EPT violation. > > > and can KVM rely on HOST_PRIORITY to be set if KVM > > runs afoul of the zero-step mitigation? > > I think HOST_PRIORITY is always set if SEPT SEAMCALLs fails with BUSY. What led you to think this? It seemed more limited to me.
