On Fri, Feb 5, 2021 at 3:39 PM Kuppuswamy Sathyanarayanan <[email protected]> wrote: > > From: "Kirill A. Shutemov" <[email protected]> > > The TDX module injects #VE exception to the guest TD in cases of > disallowed instructions, disallowed MSR accesses and subset of CPUID > leaves. Also, it's theoretically possible for CPU to inject #VE > exception on EPT violation, but the TDX module makes sure this does > not happen, as long as all memory used is properly accepted using > TDCALLs.
By my very cursory reading of the TDX arch specification 9.8.2, "Secure" EPT violations don't send #VE. But the docs are quite unclear, or at least the docs I found are. What happens if the guest attempts to access a secure GPA that is not ACCEPTed? For example, suppose the VMM does THH.MEM.PAGE.REMOVE on a secure address and the guest accesses it, via instruction fetch or data access. What happens?
