On Thu, Mar 19, 2020 at 11:43:20AM -0700, Andy Lutomirski wrote: > Or future generations could have enough hardware support for debugging > that #DB doesn't need to be intercepted or can be re-injected > correctly with the #DB vector. Yeah, the problem is, the GHCB spec suggests the single-step-over-iret way to re-enable the NMI window and requires intercepting #DB for it. So the hypervisor probably still has to intercept it, even when debug support is added some day. I need to think more about this. Regards, Joerg
