On 17.03.2023 17:09, Roger Pau Monné wrote: > On Fri, Mar 17, 2023 at 04:01:59PM +0100, Jan Beulich wrote: >> On 17.03.2023 15:29, Roger Pau Monné wrote: >>> On Thu, Apr 15, 2021 at 11:47:42AM +0200, Jan Beulich wrote: >>>> There are three noteworthy drawbacks: >>>> 1) The intercepts we need to enable here are CPL-independent, i.e. we >>>> now have to emulate certain instructions for ring 0. >>>> 2) On VMX there's no intercept for SMSW, so the emulation isn't really >>>> complete there. >>> >>> Then I'm afraid we can't set the bit in the max CPUID policy. What >>> about domains being migrated from a host that has UMIP to an Intel >>> host where UMIP is emulated? They would see a change in behavior in >>> SMSW, and the behavior won't match the ISA anymore. >> >> Right, but that's the price to pay if we want such emulation (which back >> at the time did look at least desirable, because the other affected insns >> are more important to deal with). Not setting the bit in the max policy >> is as good as not having emulation on VMX at all then. > > It would need some kind of justification at least on why it's deemed > worth exposing in the max policy (and thus made available to incoming > guests) even when not compliant to the specification. > > Could the non-intercaption of CR0 reads and thus no #GP on SMSW on > Intel lead to software malfunctioning as a result?
One can't exclude it of course, but I don't view this as very likely. But as said in reply to Andrew - I guess I'll simply drop this patch then (which also eliminates your request for further justification, which I have to admit I don't really follow). Jan
