Better late than never, although in this instance, it’s really really late—about thirty years late. In the world of computing, that is eternity.
The talk is about the new CR4.UMIP control bit documented in the latest (revision 58) Intel SDM, and the corresponding CPUID feature bit. When set, the CR4.UMIP (User Mode Instruction Prevention) bit prevents the SGDT, SIDT, SLDT, SMSW, and STR instructions from being executed outside of the highest-privileged code (ring 0).
The question is of course why it was ever possible to execute these instructions from unprivileged code. Setting the critical registers (GDTR, IDTR, LDTR, MSW, TR) was never possible from user code, but they could be freely read. The excuse Intel had back in 1982 (when these instructions became part of the 80286) was that they didn’t know what they were doing. That was much less of an excuse with the 386 and by the early 1990, it was well known to be a problem.
It’s a problem for at two reasons. It exposes critical information to unprivileged code for no good reason. That is implicitly a security issue, because such information needs to be protected.
The other reason is virtualization. These instructions caused headaches to anyone attempting to implement efficient x86-on-x86 virtualization. A guest OS invariably needs critical system structures like the GDT “faked”. Writing the system registers is no problem because the relevant instructions can be trapped and emulated. But reading does not trap, and that’s bad—the virtualized OS might see what it’s not supposed to see. All code needs to be carefully scanned and patched to prevent the guest OS from executing such instructions directly.
There are other instructions that pose problems, such as CPUID or flag manipulation. There’s no doubt that Intel’s addition of CR4.UMIP was motivated by security since for virtualization, VT-x solves all these problems and more. But really, if they had thought of this decades ago, they could have saved the industry quite a bit of effort and money. It’s one of those inexplicable “well, duh” things.