On Mon, Apr 14, 2025, Chao Gao wrote: > A related topic is why KVM is flushing VMCSs. I haven't found any explicit > statement in the SDM indicating that the flush is necessary. > > SDM chapter 26.11 mentions: > > If a logical processor leaves VMX operation, any VMCSs active on that logical > processor may be corrupted (see below). To prevent such corruption of a VMCS > that may be used either after a return to VMX operation or on another logical > processor, software should execute VMCLEAR for that VMCS before executing the > VMXOFF instruction or removing power from the processor (e.g., as part of a > transition to the S3 and S4 power states). > > To me, the issue appears to be VMCS corruption after leaving VMX operation and > the flush is necessary only if you intend to use the VMCS after re-entering VMX > operation. The problem is that if the CPU flushes a VMCS from the cache at a later time, for any reason, then the CPU will write back data to main memory. The issue isn't reusing the VMCS, it's reusing the underlying memory.
