On 19/06/2017 18:17, Radim Krčmář wrote: > Right, we only need the single step over IRET and interrupt shadow. > > Btw. instead of single-stepping over IRET/interrupt shadow, could we set > INTERRUPT_SHADOW in VMCB, inject the NMI, and let it execute? > This mechanism would explain why AMD didn't provide a trap for IRET ... You mean they didn't provide a trap-like VMEXIT for IRET, only fault-like? Thanks, Paolo > APM 15.20 says "Injected events are treated in every way as though they > had occurred normally in the guest", which makes me think that > INTERRUPT_SHADOW blocks them, if it blocks NMIs at all on AMD.
