On 5/14/21 6:06 PM, Peter Gonda wrote: > On Fri, May 14, 2021 at 1:22 PM Tom Lendacky <thomas.lendacky@xxxxxxx> wrote: >> >> Currently, an SEV-ES guest is terminated if the validation of the VMGEXIT >> exit code and parameters fail. Since the VMGEXIT instruction can be issued >> from userspace, even though userspace (likely) can't update the GHCB, >> don't allow userspace to be able to kill the guest. >> >> Return a #GP request through the GHCB when validation fails, rather than >> terminating the guest. > > Is this a gap in the spec? I don't see anything that details what > should happen if the correct fields for NAE are not set in the first > couple paragraphs of section 4 'GHCB Protocol'. No, I don't think the spec needs to spell out everything like this. The hypervisor is free to determine its course of action in this case. I suppose the spec could suggest a course of action, but I don't think the spec should require a specific course of action. Thanks, Tom >
