On 22/08/20 18:42, Andy Lutomirski wrote: > On VMX, when a VM exits, the VM's > value of MSR_TSC_AUX is live, and we can take an NMI, MCE, or > abominable new #SX, #VE, #VC, etc on the next instruction boundary. > And unless we use the atomic MSR switch mechanism, the result is that > we're going through the entry path with guest-controlled MSRs. If anything of that is a problem, we can and will use the atomic MSR switching; it's not worth doing complicated stuff if you're going to pay the price of rdmsr/wrmsr anyway. The remaining cases are MSRs that are really meant for usermode (such as the syscall MSRs) and especially the edge cases of these two MSRs that the kernel doesn't mind too much about. But they are really really rare, I don't expect any new one coming soon and if they are ever needed (by SGX perhaps?!?) I'll certainly loop you guys in. Paolo