Hi,
On 3/13/25 21:36, Jon Kohler wrote:
[snip]
The semantics for EPT violation qualifications also change when MBEC
is enabled, with bit 5 reflecting supervisor/kernel mode execute
permissions and bit 6 reflecting user mode execute permissions.
This ultimately serves to expose this feature to the L1 hypervisor,
which consumes MBEC and informs the L2 partitions not to use the
software MBEC by removing bit 14 in 0x40000004 EAX [4].
Should this say bit 13 of 0x40000004.EAX? According to the referenced
docs [4]:
Bit 13: "Recommend using INT for MBEC system calls."
Bit 14: "Recommend a nested hypervisor using the enlightened VMCS
interface. Also indicates that additional nested enlightenments may be
available (see leaf 0x4000000A)."
Regards,
Adrian
