Unexpected VM Exit with newest Win10 update
mrtiggles5 opened this issue · 2 comments
Hello Tandasat,
After the recent windows update I am having issues with loading my hypervisor. Every time I start the hypervisor's service I get a manually initiated crash, something that I haven't had problems with before.
After some investigating with Windbg, I found that the BSOD was caused by an unexpected Vm-Exit in VmmpHandleUnexpectedExit() during VmInitialization.
Have you been having the same sorts of issues?
Reproduced the issue and found a fix on my side. Try 1) enabling invpcid, and 2) filtering out the bit 63 when CR3 is updated. Those changes were already applied to HyperPlatform but not ported to DdiMon. You can, however, tentatively copy changes here: 1) and 2)
I will plan to rebase the ddimon branch of HyperPlatform to be in sync with master soon.
- Technical explanation in case you are interested in
The patch on Jun 3 introduced a set of changes called KPTI (Kernel Page Table Isolation, or Kernel VA Shadowing as what Microsoft calls it) for all supported x64 Windows, in order to mitigate the Meltdown vulnerability. With this patch, Windows started to use Process-Context Identifiers (PCIDs) and the bit 63 of CR3 to avoid flushing TLB and paging-structure caches for better performance, as KPTI introduced one more additional CR3 for each process, and hence, more move-to-CR3 operations which would flush TLB etc. The bit 63 of CR3 is ignored by a processor on move-to-CR3 but not on vmwrite, and such CR3 values are illegal, leading to the VM-exit. Also, to manage PCIDs, the Windows kernel also started to use the invpcid instruction.