Il 13/03/2014 13:59, Alexander Binun ha scritto:
Dear Friends,Thanks for your assistance! We would like to ask you a question about the KVM internals. Our module includes a timer which (once in every second) fetches the IDT value of every online VCPU in the system using the kvm_x86_ops->get_idt ; the code looks like: struct kvm_vcpu *curr_vcpu; struct desc_ptr dt; list_for_each_entry(kvm, vms_list, vm_list) { for (i = 0; i < kvm->online_vcpus.counter; i++) { curr_vcpu = kvm->vcpus[i]; kvm_x86_ops->get_idt(curr_vcpu, &dt); } } We have noticed that get_idt returns DIFFERENT values for the same VCPU (i.e. for the same value of i that refers to a given VCPU). We cannot understand this issue; could you explain ? It is very strange since nobody changes the IDT value (as , for example, rootkits do).
At the very least, running nested virtualization would lead to different IDT values.
But more simply, on Intel you can hardly do anything with kvm_x86_ops or kvm_vcpu except on the same physical CPU that is in vcpu->cpu. The state is not in memory, it is cached inside the physical CPU.
There is no easy solution to this without modifying KVM. You can add a request bit to KVM's vcpu->requests field, kick the vcpu and do the check in vcpu_enter_guest.
Paolo
