From mboxrd@z Thu Jan  1 00:00:00 1970
From: Avi Kivity <avi@redhat.com>
Subject: Re: [PATCH 1/1] Disable GUEST_INTR_STATE_STI flag before injecting
 NMI to guest on VMX
Date: Fri, 27 Aug 2010 16:58:50 +0300
Message-ID: <4C77C49A.9000600@redhat.com>
References: <1282853162-16925-1-git-send-email-Jes.Sorensen@redhat.com> <1282853162-16925-2-git-send-email-Jes.Sorensen@redhat.com> <4C7776F9.4070306@siemens.com> <4C7777CA.4010208@redhat.com> <4C7779D2.9090902@siemens.com> <4C77895A.1000708@redhat.com> <4C779C3D.2070700@siemens.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-15;
	format=flowed
Content-Transfer-Encoding: QUOTED-PRINTABLE
Cc: Jes Sorensen <Jes.Sorensen@redhat.com>,
	"kvm@vger.kernel.org" <kvm@vger.kernel.org>,
	"gleb@redhat.com" <gleb@redhat.com>
To: Jan Kiszka <jan.kiszka@siemens.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mx1.redhat.com ([209.132.183.28]:50402 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1751440Ab0H0N6z (ORCPT <rfc822;kvm@vger.kernel.org>);
	Fri, 27 Aug 2010 09:58:55 -0400
In-Reply-To: <4C779C3D.2070700@siemens.com>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

  On 08/27/2010 02:06 PM, Jan Kiszka wrote:
> Avi Kivity wrote:
>>    On 08/27/2010 11:39 AM, Jan Kiszka wrote:
>>> AMD does not differentiate between MOV-SS and STI interrupt shadows=
=2E
>>>
>>> But AMD has its own NMI problems as it does not allow to trap after
>>> IRET-from-NMI and requires magic dances which are partly broken in =
KVM.
>>> I'm leaning towards NMI window emulation via the workaround we use =
for
>>> older Intel CPUs without NMI window trapping as well.
>> Can you elaborate?
> Basically the issues you found regarding our single-step-based
> workaround.

I forgot them already.  What was that, exception during IRET?

> Moreover, we cannot easily prevent that TF set by the NMI
> code leaks onto the guest's stack.
>
> J=F6rg and I stuck heads together about this during LinuxCon. We came=
 to
> the conclusion that we either have to emulate the instruction that
> delays NMIs (ie. _every_ possible instruction for the interrupt shado=
w
> case) or fall back to the VMX workaround based on interrupt window
> trapping and an emergency timeout (much simpler, but not really corre=
ct).

I'd really like to avoid the timer.  But I forgot all the details aroun=
d=20
this, I'll have to re-learn them so I can actually compare the two opti=
ons.

--=20
I have a truly marvellous patch that fixes the bug which this
signature is too narrow to contain.