Avoiding vmexit on control register accesses

Avoiding vmexit on control register accesses

I'm working on a security measure based on the virtualization instructions. The only requirement is memory isolation. So, to minimize performance impact, a vmexit should only be issued when a (EPT) protected page is accessed. On my processor however, access to control registers always causes an vmexit, resulting in a noticeable impact from the hypervisor. The documentation states that future processors may be more flexible and allow the programmer to disable the vmexits in such situations. Are there processors on the market yet that support this feature? If not, when will they become available?

Thanks,
Raoul

2 posts / novo 0
Último post
Para obter mais informações sobre otimizações de compiladores, consulte Aviso sobre otimizações.
imagem de David Ott (Intel)

Hi Raoul,

The place to go for detailed information on control registers and VM exits is

Intel 64 and IA-32 Architectures Software Developer's Manual
Volume 3B of the SDM, Chapter 22.
http://www.intel.com/products/processor/manuals/

An expert in this area sent me some summary information as follows:

CR0
o MOV from CR0 (read of the register) never causes a VM exit.
o MOV to CR0 (write to the register) causes VM exits based on the CR0 guest/host mask and the CR0 read shadow. If the CR0 guest/host mask is zero, MOV to CR0 never causes a VM exit.

CR2. MOV to/from CR2 never causes a VM exit.

CR3.
o MOV from CR3 does not cause a VM exit if bit 16 of the primary processor-based VM-execution controls (CR3-store exiting) is 0.
o MOV to CR3 does not cause a VM exit if bit 15 of the primary processor-based VM-execution controls (CR3-load exiting) is 0.

CR4
o MOV from CR4 never causes a VM exit.
o MOV to CR4 causes VM exits based on the CR4 guest/host mask and the CR4 read shadow. If the CR4 guest/host mask is zero, MOV to CR4 never causes a VM exit.

CR8.
o MOV from CR8 does not cause a VM exit if bit 20 of the primary processor-based VM-execution controls (CR8-store exiting) is 0.
o MOV to CR8 does not cause a VM exit if bit 19 of the primary processor-based VM-execution controls (CR8-load exiting) is 0. If bit 21 of the primary processor-based VM-execution controls (use TPR shadow) is 1, MOV to CR8 may cause a VM exit after it executes.

David Ott

Faça login para deixar um comentário.