On Mon, May 13, 2019 at 7:39 AM Alexandre Chartre <alexandre.chartre@xxxxxxxxxx> wrote: > > The KVM page fault handler handles page fault occurring while using > the KVM address space by switching to the kernel address space and > retrying the access (except if the fault occurs while switching > to the kernel address space). Processing of page faults occurring > while using the kernel address space is unchanged. > > Page fault log is cleared when creating a vm so that page fault > information doesn't persist when qemu is stopped and restarted. Are you saying that a page fault will just exit isolation? This completely defeats most of the security, right? Sure, it still helps with side channels, but not with actual software bugs.
