On Tue, Nov 07, 2023, Maxim Levitsky wrote: > Since no sane L1 hypervisor will ever allow access to all its msrs from L2, > it might make sense to always use a dedicated MSR bitmap for L2. Hmm, there might be a full passthrough use case out there, but in general, yeah, I agree. I think even kernel hardening use cases where the "hypervisor" is just a lowvisor would utilize MSR bitmaps to prevent modifying the de-privileged kernel from modifying select MSRs. > Also since all sane L1 hypervisors do use a msr bitmap means that > dedicated code path that doesn't use it is not well tested. > > On VMX if I am not mistaken, this is not an issue because either all > MSRS are intercepted or a bitmap is used. Yep, if the MSR bitmaps aren't used then all MSR accesses are intercepted.
