I am getting an EPT Violation with bits 0, 1, 7, and 8 set in the exit qualification field. However, bit 6 is cleared in the EPTP. The spec indicates that it is only possible for both bits 0 and 1 to be set for the exit qualification if bit 6 is set in EPTP:
"1. If accessed and dirty flags for EPT are enabled, processor accesses to guest paging-structure entries are treated as writes with regard to EPT violations (see Section 126.96.36.199). If such an access causes an EPT violation, the processor sets both bit 0 and bit 1 of the exit qualification."
Are there other circumstances that would cause both bits 0 and 1 to be set? The address on which the EPT Violation is occurring is read only by the OS, so an access treated as a write, would be a problem. Thanks for any insight you can provide.
Here is some feedback from my peer:
At the bottom of page 27-6 of Volume 3 of the SDM (revision 057), the text reads, "An EPT violation that occurs during as a result of execution of a read-modify-write operation sets bit 1 (data write). Whether it also sets bit 0 (data read) is implementation-specific and, for a given implementation, may differ for different kinds of read-modify-write operations."
This setting of both bits 0 and 1 can occur regardless of the value of bit 6 of EPTP.