On 1/20/22 10:31, Xiaoyao Li wrote:
So while my gut feeling that #UD would not cause a vmexit was correct,
technically I was reading the SDM incorrectly.
SDM also states
Certain exceptions have priority over VM exits. These include
invalid-opcode exception, faults based on privilege level,
and general-protection exceptions that are based on checking
I/O permission bits in the task-state segment(TSS)
in "Relative Priority of Faults and VM Exits"
So my understanding is that the architectural check always takes the
higher priority than VM exit.
Good point! It's right above in 25.1.1. I was confused by the specific
mention of GETSEC, but the reason for the footnote is because undefined
GETSEC leaves cause a vmexit instead of #UD, and GETSEC vmexits also
override #GP faults based on privilege level.
Thanks,
Paolo
