On Sat, Feb 29, 2020 at 10:33 AM Oliver Upton <oupton@xxxxxxxxxx> wrote: > > Hi Jan, > > On Sat, Feb 29, 2020 at 10:00 AM Jan Kiszka <jan.kiszka@xxxxxx> wrote: > > Is this expected to cause regressions on less common workloads? > > Jailhouse as L1 now fails when Linux as L2 tries to boot a CPU: L2-Linux > > gets a triple fault on load_current_idt() in start_secondary(). Only > > bisected so far, didn't debug further. > > I'm guessing that Jailhouse doesn't use 'descriptor table exiting', so > when KVM gets the corresponding exit from L2 the emulation burden is > on L0. We now refuse the emulation, which kicks a #UD back to L2. I > can get a patch out quickly to address this case (like the PIO exiting > one that came in this series) but the eventual solution is to map > emulator intercept checks into VM-exits + call into the > nested_vmx_exit_reflected() plumbing. If Jailhouse doesn't use descriptor table exiting, why is L0 intercepting descriptor table instructions? Is this just so that L0 can partially emulate UMIP on hardware that doesn't support it?
