| Message ID | 1583403227-11432-5-git-send-email-pbonzini@redhat.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | KVM: nSVM: first step towards fixing event injection | expand |
On 05.03.20 11:13, Paolo Bonzini wrote: > This patch reproduces for nSVM the change that was made for nVMX in > commit b5861e5cf2fc ("KVM: nVMX: Fix loss of pending IRQ/NMI before > entering L2"). While I do not have a test that breaks without it, I > cannot see why it would not be necessary since all events are unblocked > by VMRUN's setting of GIF back to 1. I suspect, running Jailhouse enable/disable in a tight loop as KVM guest can stress this fairly well. At least that was the case last time I tried (4 years ago, or so) - it broke it. Unfortunately, we have no up-to-date configuration for such a setup. Some old pieces are lying around here, could try to hand them over if someone is interested and has the time I lack ATM. Jan > > Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> > --- > arch/x86/kvm/svm.c | 18 ++++++++++++++++++ > 1 file changed, 18 insertions(+) > > diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c > index 0d773406f7ac..3df62257889a 100644 > --- a/arch/x86/kvm/svm.c > +++ b/arch/x86/kvm/svm.c > @@ -3574,6 +3574,10 @@ static bool nested_vmcb_checks(struct vmcb *vmcb) > static void enter_svm_guest_mode(struct vcpu_svm *svm, u64 vmcb_gpa, > struct vmcb *nested_vmcb, struct kvm_host_map *map) > { > + bool evaluate_pending_interrupts = > + is_intercept(svm, INTERCEPT_VINTR) || > + is_intercept(svm, INTERCEPT_IRET); > + > if (kvm_get_rflags(&svm->vcpu) & X86_EFLAGS_IF) > svm->vcpu.arch.hflags |= HF_HIF_MASK; > else > @@ -3660,7 +3664,21 @@ static void enter_svm_guest_mode(struct vcpu_svm *svm, u64 vmcb_gpa, > > svm->nested.vmcb = vmcb_gpa; > > + /* > + * If L1 had a pending IRQ/NMI before executing VMRUN, > + * which wasn't delivered because it was disallowed (e.g. > + * interrupts disabled), L0 needs to evaluate if this pending > + * event should cause an exit from L2 to L1 or be delivered > + * directly to L2. > + * > + * Usually this would be handled by the processor noticing an > + * IRQ/NMI window request. However, VMRUN can unblock interrupts > + * by implicitly setting GIF, so force L0 to perform pending event > + * evaluation by requesting a KVM_REQ_EVENT. > + */ > enable_gif(svm); > + if (unlikely(evaluate_pending_interrupts)) > + kvm_make_request(KVM_REQ_EVENT, &svm->vcpu); > > mark_all_dirty(svm->vmcb); > } >
diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c index 0d773406f7ac..3df62257889a 100644 --- a/arch/x86/kvm/svm.c +++ b/arch/x86/kvm/svm.c @@ -3574,6 +3574,10 @@ static bool nested_vmcb_checks(struct vmcb *vmcb) static void enter_svm_guest_mode(struct vcpu_svm *svm, u64 vmcb_gpa, struct vmcb *nested_vmcb, struct kvm_host_map *map) { + bool evaluate_pending_interrupts = + is_intercept(svm, INTERCEPT_VINTR) || + is_intercept(svm, INTERCEPT_IRET); + if (kvm_get_rflags(&svm->vcpu) & X86_EFLAGS_IF) svm->vcpu.arch.hflags |= HF_HIF_MASK; else @@ -3660,7 +3664,21 @@ static void enter_svm_guest_mode(struct vcpu_svm *svm, u64 vmcb_gpa, svm->nested.vmcb = vmcb_gpa; + /* + * If L1 had a pending IRQ/NMI before executing VMRUN, + * which wasn't delivered because it was disallowed (e.g. + * interrupts disabled), L0 needs to evaluate if this pending + * event should cause an exit from L2 to L1 or be delivered + * directly to L2. + * + * Usually this would be handled by the processor noticing an + * IRQ/NMI window request. However, VMRUN can unblock interrupts + * by implicitly setting GIF, so force L0 to perform pending event + * evaluation by requesting a KVM_REQ_EVENT. + */ enable_gif(svm); + if (unlikely(evaluate_pending_interrupts)) + kvm_make_request(KVM_REQ_EVENT, &svm->vcpu); mark_all_dirty(svm->vmcb); }
This patch reproduces for nSVM the change that was made for nVMX in commit b5861e5cf2fc ("KVM: nVMX: Fix loss of pending IRQ/NMI before entering L2"). While I do not have a test that breaks without it, I cannot see why it would not be necessary since all events are unblocked by VMRUN's setting of GIF back to 1. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> --- arch/x86/kvm/svm.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+)