EPT Violation

Michelle_Cunningham · ‎03-28-2016

Hi,

I am getting an EPT Violation with bits 0, 1, 7, and 8 set in the exit qualification field. However, bit 6 is cleared in the EPTP. The spec indicates that it is only possible for both bits 0 and 1 to be set for the exit qualification if bit 6 is set in EPTP:

"1. If accessed and dirty flags for EPT are enabled, processor accesses to guest paging-structure entries are treated as writes with regard to EPT violations (see Section 28.2.3.2). If such an access causes an EPT violation, the processor sets both bit 0 and bit 1 of the exit qualification."

Are there other circumstances that would cause both bits 0 and 1 to be set? The address on which the EPT Violation is occurring is read only by the OS, so an access treated as a write, would be a problem. Thanks for any insight you can provide.

-Michelle

Quoc-Thai_L_Intel · ‎03-29-2016

Hi Michelle,

Here is some feedback from my peer:

//*

At the bottom of page 27-6 of Volume 3 of the SDM (revision 057), the text reads, "An EPT violation that occurs during as a result of execution of a read-modify-write operation sets bit 1 (data write). Whether it also sets bit 0 (data read) is implementation-specific and, for a given implementation, may differ for different kinds of read-modify-write operations."

This setting of both bits 0 and 1 can occur regardless of the value of bit 6 of EPTP.

*//

Regards, Thai