> On Jul 3, 2019, at 4:54 PM, Krish Sadhukhan <krish.sadhukhan@xxxxxxxxxx> wrote: > > According to section "Checks on Host Segment and Descriptor-Table > Registers" in Intel SDM vol 3C, the following checks are performed on > vmentry of nested guests: > > - In the selector field for each of CS, SS, DS, ES, FS, GS and TR, the > RPL (bits 1:0) and the TI flag (bit 2) must be 0. > - The selector fields for CS and TR cannot be 0000H. > - The selector field for SS cannot be 0000H if the "host address-space > size" VM-exit control is 0. > - On processors that support Intel 64 architecture, the base-address > fields for FS, GS, GDTR, IDTR, and TR must contain canonical > addresses. As I noted on v1, this patch causes the test to fail on bare-metal: FAIL: HOST_SEL_SS 0: VMX inst error is 8 (actual 7) I don’t know what the root-cause is, but I don't think that tests that fail on bare-metal (excluding because of CPU errata) should be included.
