From patchwork Mon Jun  5 12:19:09 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Wanpeng Li <kernellwp@gmail.com>
X-Patchwork-Id: 9766113
Return-Path: <kvm-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	20CA060364 for <patchwork-kvm@patchwork.kernel.org>;
	Mon,  5 Jun 2017 12:19:30 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 1998920144
	for <patchwork-kvm@patchwork.kernel.org>;
	Mon,  5 Jun 2017 12:19:30 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 0B347205AD; Mon,  5 Jun 2017 12:19:30 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-6.5 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, RCVD_IN_DNSWL_HI,
	RCVD_IN_SORBS_SPAM autolearn=unavailable version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B2F8D20144
	for <patchwork-kvm@patchwork.kernel.org>;
	Mon,  5 Jun 2017 12:19:29 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1751554AbdFEMTP (ORCPT
	<rfc822;patchwork-kvm@patchwork.kernel.org>);
	Mon, 5 Jun 2017 08:19:15 -0400
Received: from mail-pg0-f65.google.com ([74.125.83.65]:33301 "EHLO
	mail-pg0-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1751300AbdFEMTO (ORCPT <rfc822; kvm@vger.kernel.org>);
	Mon, 5 Jun 2017 08:19:14 -0400
Received: by mail-pg0-f65.google.com with SMTP id a70so1253728pge.0;
	Mon, 05 Jun 2017 05:19:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gmail.com; s=20161025;
	h=from:to:cc:subject:date:message-id:mime-version
	:content-transfer-encoding;
	bh=Z8rNOCQsXCum66CPg7+q65eonRpZwdfPk1vVrssIqwo=;
	b=vZAHDPHh/zoMscz98wqg4xik+z9RAKy5ZwlyreSOE/e1/YnDetli5joqp5ldk+IJdh
	tx6Gvye2avRWQmVAR3aqe5wRRznuE45JBYAJF3Nl6FXBvSsE4xG6Ps6gBmofZGU6VHU1
	wBUoIufLTPyU8O2MRhms2ztbQlzjsqh4XagQM58BjajqrfGi/LdMYq27KTSaWdrrPnVP
	dSWjhk+bFhscwonDHWi+2kCl45rsr4NUJDzF/C0YuozLwA/6agxXiYkKopPQ31umLbn5
	r1EMtfPE9skDXy/7yKIRuCklyR0JpQcmOSWen6rwcs5pMXtvFTMK5hZ0aGFVUcmTT1rp
	/DXQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
	:content-transfer-encoding;
	bh=Z8rNOCQsXCum66CPg7+q65eonRpZwdfPk1vVrssIqwo=;
	b=MxgUAQKERgIjQtMsBGMM3IjpIXkoZMPeh2Cme7zfNPP5vcyBOS9SLc8CBGsqON6Z8X
	/twEeEnfAg3lL7IF2q1k3Mopi+zRWD79CqWt6ZTSaBnyn/FYXIf5FxQE0aClsUI4AIcJ
	VjJC4h19eNKs2TL1gZ/vnlDvZpnRgmpOtkuSq3LC3sQl5QWAG6KBqylHzLhEUddEgUSk
	tYPPxbg7oQO9Prti5AxN3wGJxRwrHA1AzndA9s/LopTg1GOJD798lIKXVPOkFQOvmE61
	29aLxsJQXObzHKlJw6WEsvyd9ramKFgqkB1FLeEls427WQh8c3w3SzmUzrOHrWJyjU6a
	OpvA==
X-Gm-Message-State: AODbwcC53AyNlxACUiAh1FqbpLaq9ix46cIPDjBpXEDce3ZvIL5HGon5
	qLSfAQALYIU3DZyv
X-Received: by 10.99.66.5 with SMTP id p5mr20760117pga.107.1496665153513;
	Mon, 05 Jun 2017 05:19:13 -0700 (PDT)
Received: from localhost ([203.205.141.123])
	by smtp.gmail.com with ESMTPSA id
	j11sm61891809pgn.38.2017.06.05.05.19.12
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Mon, 05 Jun 2017 05:19:12 -0700 (PDT)
From: Wanpeng Li <kernellwp@gmail.com>
X-Google-Original-From: Wanpeng Li <wanpeng.li@hotmail.com>
To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Cc: Paolo Bonzini <pbonzini@redhat.com>,
	=?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= <rkrcmar@redhat.com>,
	Wanpeng Li <wanpeng.li@hotmail.com>
Subject: [PATCH v2] KVM: nVMX: Fix exception injection
Date: Mon,  5 Jun 2017 05:19:09 -0700
Message-Id: <1496665149-10191-1-git-send-email-wanpeng.li@hotmail.com>
X-Mailer: git-send-email 2.7.4
MIME-Version: 1.0
Sender: kvm-owner@vger.kernel.org
Precedence: bulk
List-ID: <kvm.vger.kernel.org>
X-Mailing-List: kvm@vger.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

From: Wanpeng Li <wanpeng.li@hotmail.com>

 WARNING: CPU: 3 PID: 2840 at arch/x86/kvm/vmx.c:10966 nested_vmx_vmexit+0xdcd/0xde0 [kvm_intel]
 CPU: 3 PID: 2840 Comm: qemu-system-x86 Tainted: G           OE   4.12.0-rc3+ #23
 RIP: 0010:nested_vmx_vmexit+0xdcd/0xde0 [kvm_intel]
 Call Trace:
  ? kvm_check_async_pf_completion+0xef/0x120 [kvm]
  ? rcu_read_lock_sched_held+0x79/0x80
  vmx_queue_exception+0x104/0x160 [kvm_intel]
  ? vmx_queue_exception+0x104/0x160 [kvm_intel]
  kvm_arch_vcpu_ioctl_run+0x1171/0x1ce0 [kvm]
  ? kvm_arch_vcpu_load+0x47/0x240 [kvm]
  ? kvm_arch_vcpu_load+0x62/0x240 [kvm]
  kvm_vcpu_ioctl+0x384/0x7b0 [kvm]
  ? kvm_vcpu_ioctl+0x384/0x7b0 [kvm]
  ? __fget+0xf3/0x210
  do_vfs_ioctl+0xa4/0x700
  ? __fget+0x114/0x210
  SyS_ioctl+0x79/0x90
  do_syscall_64+0x81/0x220
  entry_SYSCALL64_slow_path+0x25/0x25

This is triggered occasionally by running both win7 and win2016 in L2, in 
addition, EPT is disabled on both L1 and L2. It can't be reproduced easily.

Commit 0b6ac343fc (KVM: nVMX: Correct handling of exception injection) mentioned 
that "KVM wants to inject page-faults which it got to the guest. This function 
assumes it is called with the exit reason in vmcs02 being a #PF exception". 
Commit e011c663 (KVM: nVMX: Check all exceptions for intercept during delivery to 
L2) allows to check all exceptions for intercept during delivery to L2. However, 
there is no guarantee the exit reason is exception currently, when there is an 
external interrupt occurred on host, maybe a time interrupt for host which should 
not be injected to guest, and somewhere queues an exception, then the function 
nested_vmx_check_exception() will be called and the vmexit emulation codes will 
try to emulate the "Acknowledge interrupt on exit" behavior, the warning is 
triggered.

This patch fixes it by confirming to inject exception to the guest when the exit 
reason in vmcs02 is exception. 

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: Wanpeng Li <wanpeng.li@hotmail.com>
---
v1 -> v2:
 * pass EXIT_REASON_EXCEPTION_NMI instead of reusing to_vmx(vcpu)->exit_reason

 arch/x86/kvm/vmx.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index 9b4b5d6..ca5d2b9 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -2425,7 +2425,7 @@ static int nested_vmx_check_exception(struct kvm_vcpu *vcpu, unsigned nr)
 	if (!(vmcs12->exception_bitmap & (1u << nr)))
 		return 0;
 
-	nested_vmx_vmexit(vcpu, to_vmx(vcpu)->exit_reason,
+	nested_vmx_vmexit(vcpu, EXIT_REASON_EXCEPTION_NMI,
 			  vmcs_read32(VM_EXIT_INTR_INFO),
 			  vmcs_readl(EXIT_QUALIFICATION));
 	return 1;