Vol. 3C 32-9
VIRTUALIZATION OF SYSTEM RESOURCES
make sure that the entire guest memory buffer (which contains the microcode update image) will not cause a page
fault when accessed.
If the VMM loads the microcode update, then the VMM must have access to the current set of microcode updates.
These updates could be part of the VMM image or could be contained in a separate microcode update image data-
base (for example: a database file on disk or in memory). Again, maintaining a separate microcode update image
database has the advantage of reducing the number of required VMM or OS releases as a result of microcode
update releases.
The VMM may wish to prevent a guest from loading a microcode update or may wish to support the microcode
update requested by a guest using emulation (without actually loading the microcode update). To prevent micro-
code update loading, the VMM may return a microcode update signature value greater than the value of
IA32_BIOS_SIGN_ID MSR. A well behaved guest will not attempt to load an older microcode update. The VMM may
also drop the guest attempts to write to IA32_BIOS_UPDT_TRIG MSR, preventing the guest from loading any
microcode updates. Later, when the guest queries IA32_BIOS_SIGN_ID MSR, the VMM could emulate the micro-
code update signature that the guest expects.
In general, loading a microcode update later will limit guest software’s visibility of features that may be enhanced
by a microcode update.