On Fri, Mar 17, 2023 at 04:01:59PM +0100, Jan Beulich wrote: > On 17.03.2023 15:29, Roger Pau Monné wrote: > > On Thu, Apr 15, 2021 at 11:47:42AM +0200, Jan Beulich wrote: > >> There are three noteworthy drawbacks: > >> 1) The intercepts we need to enable here are CPL-independent, i.e. we > >> now have to emulate certain instructions for ring 0. > >> 2) On VMX there's no intercept for SMSW, so the emulation isn't really > >> complete there. > > > > Then I'm afraid we can't set the bit in the max CPUID policy. What > > about domains being migrated from a host that has UMIP to an Intel > > host where UMIP is emulated? They would see a change in behavior in > > SMSW, and the behavior won't match the ISA anymore. > > Right, but that's the price to pay if we want such emulation (which back > at the time did look at least desirable, because the other affected insns > are more important to deal with). Not setting the bit in the max policy > is as good as not having emulation on VMX at all then.
It would need some kind of justification at least on why it's deemed worth exposing in the max policy (and thus made available to incoming guests) even when not compliant to the specification. Could the non-intercaption of CR0 reads and thus no #GP on SMSW on Intel lead to software malfunctioning as a result? Thanks, Roger.
