From patchwork Sun Feb 14 17:51:15 2010
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jan Kiszka <jan.kiszka@web.de>
X-Patchwork-Id: 79308
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by demeter.kernel.org (8.14.3/8.14.3) with ESMTP id o1EHpRHI022076
	for <patchwork-kvm@patchwork.kernel.org>;
	Sun, 14 Feb 2010 17:51:27 GMT
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752449Ab0BNRvZ (ORCPT
	<rfc822;patchwork-kvm@patchwork.kernel.org>);
	Sun, 14 Feb 2010 12:51:25 -0500
Received: from fmmailgate02.web.de ([217.72.192.227]:46392 "EHLO
	fmmailgate02.web.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1752372Ab0BNRvZ (ORCPT <rfc822; kvm@vger.kernel.org>);
	Sun, 14 Feb 2010 12:51:25 -0500
Received: from smtp06.web.de (fmsmtp06.dlan.cinetic.de [172.20.5.172])
	by fmmailgate02.web.de (Postfix) with ESMTP id 07B5A14E12731;
	Sun, 14 Feb 2010 18:51:24 +0100 (CET)
Received: from [88.65.42.158] (helo=[192.168.1.10])
	by smtp06.web.de with asmtp (TLSv1:AES256-SHA:256)
	(WEB.DE 4.110 #314)
	id 1Ngicm-0003Bp-00; Sun, 14 Feb 2010 18:51:16 +0100
Message-ID: <4B783813.8000400@web.de>
Date: Sun, 14 Feb 2010 18:51:15 +0100
From: Jan Kiszka <jan.kiszka@web.de>
User-Agent: Mozilla/5.0 (X11; U; Linux i686 (x86_64); de;
	rv:1.8.1.12) Gecko/20080226 SUSE/2.0.0.12-1.1
	Thunderbird/2.0.0.12 Mnenhy/0.7.5.666
MIME-Version: 1.0
To: Gleb Natapov <gleb@redhat.com>
CC: kvm <kvm@vger.kernel.org>
Subject: [RFC][PATCH] KVM: SVM: Defer NMI injection after IRET via interrupt
X-Enigmail-Version: 0.95.7
X-Sender: jan.kiszka@web.de
X-Provags-ID: V01U2FsdGVkX1/ulhTFZQENddg/bwx5zhLluwex9AVMUULIOAG4
	ubSEp6KnHKZMummt+HnraJFTRTetmU6d1ccR9uMuPNH0mUE0q9 9qeHLTaTo=
Sender: kvm-owner@vger.kernel.org
Precedence: bulk
List-ID: <kvm.vger.kernel.org>
X-Mailing-List: kvm@vger.kernel.org
X-Greylist: IP, sender and recipient auto-whitelisted, not delayed by
	milter-greylist-4.2.3 (demeter.kernel.org [140.211.167.41]);
	Sun, 14 Feb 2010 17:51:27 +0000 (UTC)


diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index 52f78dd..f355dc6 100644
--- a/arch/x86/kvm/svm.c
+++ b/arch/x86/kvm/svm.c
@@ -107,8 +107,6 @@ struct vcpu_svm {
 	u32 *msrpm;
 
 	struct nested_state nested;
-
-	bool nmi_singlestep;
 };
 
 /* enable NPT for AMD64 and X86 with PAE */
@@ -1075,9 +1073,6 @@ static void update_db_intercept(struct kvm_vcpu *vcpu)
 	svm->vmcb->control.intercept_exceptions &=
 		~((1 << DB_VECTOR) | (1 << BP_VECTOR));
 
-	if (svm->nmi_singlestep)
-		svm->vmcb->control.intercept_exceptions |= (1 << DB_VECTOR);
-
 	if (vcpu->guest_debug & KVM_GUESTDBG_ENABLE) {
 		if (vcpu->guest_debug &
 		    (KVM_GUESTDBG_SINGLESTEP | KVM_GUESTDBG_USE_HW_BP))
@@ -1213,20 +1208,11 @@ static int db_interception(struct vcpu_svm *svm)
 	struct kvm_run *kvm_run = svm->vcpu.run;
 
 	if (!(svm->vcpu.guest_debug &
-	      (KVM_GUESTDBG_SINGLESTEP | KVM_GUESTDBG_USE_HW_BP)) &&
-		!svm->nmi_singlestep) {
+	      (KVM_GUESTDBG_SINGLESTEP | KVM_GUESTDBG_USE_HW_BP))) {
 		kvm_queue_exception(&svm->vcpu, DB_VECTOR);
 		return 1;
 	}
 
-	if (svm->nmi_singlestep) {
-		svm->nmi_singlestep = false;
-		if (!(svm->vcpu.guest_debug & KVM_GUESTDBG_SINGLESTEP))
-			svm->vmcb->save.rflags &=
-				~(X86_EFLAGS_TF | X86_EFLAGS_RF);
-		update_db_intercept(&svm->vcpu);
-	}
-
 	if (svm->vcpu.guest_debug &
 	    (KVM_GUESTDBG_SINGLESTEP | KVM_GUESTDBG_USE_HW_BP)){
 		kvm_run->exit_reason = KVM_EXIT_DEBUG;
@@ -2471,6 +2457,17 @@ static void svm_inject_nmi(struct kvm_vcpu *vcpu)
 {
 	struct vcpu_svm *svm = to_svm(vcpu);
 
+	if (svm->vcpu.arch.hflags & HF_IRET_MASK) {
+		/*
+		 * Inject the NMI before IRET completed, but defer delivery
+		 * by one instruction with the help of the interrupt shadow.
+		 * Works at least as long as the IRET does not trigger an
+		 * exception.
+		 */
+		svm->vcpu.arch.hflags &= ~HF_IRET_MASK;
+		svm->vmcb->control.int_state |= SVM_INTERRUPT_SHADOW_MASK;
+	}
+
 	svm->vmcb->control.event_inj = SVM_EVTINJ_VALID | SVM_EVTINJ_TYPE_NMI;
 	vcpu->arch.hflags |= HF_NMI_MASK;
 	svm->vmcb->control.intercept |= (1UL << INTERCEPT_IRET);
@@ -2576,18 +2573,7 @@ static void enable_irq_window(struct kvm_vcpu *vcpu)
 
 static void enable_nmi_window(struct kvm_vcpu *vcpu)
 {
-	struct vcpu_svm *svm = to_svm(vcpu);
-
-	if ((svm->vcpu.arch.hflags & (HF_NMI_MASK | HF_IRET_MASK))
-	    == HF_NMI_MASK)
-		return; /* IRET will cause a vm exit */
-
-	/* Something prevents NMI from been injected. Single step over
-	   possible problem (IRET or exception injection or interrupt
-	   shadow) */
-	svm->nmi_singlestep = true;
-	svm->vmcb->save.rflags |= (X86_EFLAGS_TF | X86_EFLAGS_RF);
-	update_db_intercept(vcpu);
+	/* VM exit on IRET was already armed on injection */
 }
 
 static int svm_set_tss_addr(struct kvm *kvm, unsigned int addr)