Re: [PATCH 1/2] kvm: nVMX: Pending debug exceptions trump expired VMX-preemption timer

[Sean Christopherson <sean.j.christopherson@intel.com>]

On Wed, Apr 22, 2020 at 02:27:33PM -0700, Jim Mattson wrote:
> On Wed, Apr 22, 2020 at 2:06 PM Sean Christopherson
> <sean.j.christopherson@intel.com> wrote:
> The KVM code that deals with all of these events is really hard to
> follow. I wish we could take a step back and just implement Table 6-2
> from the SDM volume 3 (augmented with the scattered information about
> VMX events and their priorities relative to their nearest neighbors.
> Lumping priorities 7 - 10 together (faults that we either intercepted
> or synthesized in emulation), I think these are the various things we
> need to check, in this order...
> 
> 0. Is there a fault to be delivered? (In L2, is it intercepted by L1?)
> 1. Is there a RESET or machine check event?
> 2. Is there a trap on task switch?
> 3. Is there an SMI or an INIT?
> 3.5 In L2, is there an MTF VM-exit?
> 4. Is there a #DB trap on the previous instruction? (In L2, is it
> intercepted by L1?)
> 4.3 In L2, has the VMX-preemption timer expired?
> 4.6 In L2, do we need to synthesize an NMI-window VM-exit?
> 5. Is there an NMI? (In L2, is it intercepted by L1?)
> 5.3 In L2 do we need to synthesize an interrupt-window VM-exit?
> 5.6 In L2, do we need to virtualize virtual-interrupt delivery?
> 6. Is there a maskable interrupt? (In L2, is it intercepted by L1?)
> 7. Now, we can enter VMX non-root mode.

100% agreed.  I even tried to go down that path, multiple times, while
sorting this stuff out.  The big problem that isn't easily resolved is
kvm_vcpu_running(), which currently calls .check_nested_events()
even if KVM_REQ_EVENT isn't set.  Its existence makes it annoyingly
difficult to provide a unified single-pass flow for exiting and
non-exiting events, e.g. we'd either have to duplicate a big pile of
logic (eww) or significantly rework the event handling (scary).

Having the INIT and SIPI handling buried in kvm_apic_accept_events() is
also a pain, but that's less scary to change.

In the long term, I absolutely think it'd be worth revamping the event
handling so that it's not scattered all over tarnation, but that's
something that should probably have a full kernel cycle or two of
testing and performance analysis.

If someone does pick up that torch, I think it'd also be worth experimenting
with removing KVM_REQ_EVENT, i.e. processing events on _every_ run.  IMO
that would simplify the code, or at least how one reasons about the code, a
great deal.