On 20/09/2017 10:52, Ladi Prosek wrote: >> Therefore, storing such hidden state or a subset of it in >> vmx->nested.smm is merely a convenience that lets you keep >> vmx->nested.vmxon == false while in SMM. This is different from nSVM, >> and I think it's an acceptable difference for the sake of convenience. > So for nSVM, you'd save to and restore from the state save area? I can > certainly do that but it would be hard to guarantee that KVM won't > blow up if the SMM handler pokes at these fields. It feels safer to > keep it internal or just save, not restore from it. I know that this > comment belongs to the nSVM patch but it looks similar to your > suggestion to protect CR4.VMXE on Intel. If we want to prevent SMM > from wreaking havoc by trying to enable VMX, shouldn't we use the same > measures on AMD and prevent it from switching VMCB while the nested > guest is running. Thanks! The difference is that on AMD you're actually allowed to do that. The SMM handler can also poke the general purpose register or even the descriptor cache, so I think we should stay close to what the manual says---even if it does two opposite things on Intel vs. AMD. Thanks! Paolo
