Option for Hypervisor Graceful Shutdown Over Panic

[memN0ps]

Errors in the hypervisor are typically handled using a custom error type, HypervisorError, through Result or Option. Despite this, errors default to causing a panic in the vmm.rs file, particularly during critical issues that necessitate halting the hypervisor. This panic approach, while highlighting problems quickly, isn't always ideal, especially when a graceful shutdown would be preferable. It can hinder debugging and disrupt processes unnecessarily, although there are cases where shutting down the hypervisor isn't desired, and panicking is the preferred option. I personally prefer handling all errors with a custom error type, returning Result<(), HypervisorError>, and funneling them to a single location in the main function (vmm.rs). If an error cannot be handled and I no longer want the hypervisor running or off, I opt for panicking the Windows guest OS (BSOD).

To improve the hypervisor's adaptability and robustness, a mechanism for a graceful shutdown and CPU devirtualization could be a better option. This would involve executing VMXOFF to cleanly exit VMX operation, restoring any altered states during VMXON, and orderly devirtualizing CPUs.