[PATCH] KVM: nVMX: Fix injection of PENDING_INTERRUPT and NMI_WINDOW exits to L1

[PATCH] KVM: nVMX: Fix injection of PENDING_INTERRUPT and NMI_WINDOW exits to L1

[Jan Kiszka]

From: Jan Kiszka <jan.kiszka@siemens.com>

The comment was wrong: enable_irq_window might be called after
prepare_vmcs02 when we left L2 to prepare IRQ injecting for L1. Same for
NMIs.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
 arch/x86/kvm/vmx.c |   10 +++-------
 1 files changed, 3 insertions(+), 7 deletions(-)

diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index 81a25de..68a045ae 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -6113,14 +6113,10 @@ static bool nested_vmx_exit_handled(struct kvm_vcpu *vcpu)
 	case EXIT_REASON_TRIPLE_FAULT:
 		return 1;
 	case EXIT_REASON_PENDING_INTERRUPT:
+		return nested_cpu_has(vmcs12, CPU_BASED_VIRTUAL_INTR_PENDING);
 	case EXIT_REASON_NMI_WINDOW:
-		/*
-		 * prepare_vmcs02() set the CPU_BASED_VIRTUAL_INTR_PENDING bit
-		 * (aka Interrupt Window Exiting) only when L1 turned it on,
-		 * so if we got a PENDING_INTERRUPT exit, this must be for L1.
-		 * Same for NMI Window Exiting.
-		 */
-		return 1;
+		return vmcs12->pin_based_vm_exec_control &
+			PIN_BASED_NMI_EXITING;
 	case EXIT_REASON_TASK_SWITCH:
 		return 1;
 	case EXIT_REASON_CPUID:
-- 
1.7.3.4

Re: [PATCH] KVM: nVMX: Fix injection of PENDING_INTERRUPT and NMI_WINDOW exits to L1

[Jan Kiszka]

[-- Attachment #1: Type: text/plain, Size: 1517 bytes --]

On 2013-02-16 12:51, Jan Kiszka wrote:
> From: Jan Kiszka <jan.kiszka@siemens.com>
> 
> The comment was wrong: enable_irq_window might be called after
> prepare_vmcs02 when we left L2 to prepare IRQ injecting for L1. Same for
> NMIs.
> 
> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
> ---
>  arch/x86/kvm/vmx.c |   10 +++-------
>  1 files changed, 3 insertions(+), 7 deletions(-)
> 
> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> index 81a25de..68a045ae 100644
> --- a/arch/x86/kvm/vmx.c
> +++ b/arch/x86/kvm/vmx.c
> @@ -6113,14 +6113,10 @@ static bool nested_vmx_exit_handled(struct kvm_vcpu *vcpu)
>  	case EXIT_REASON_TRIPLE_FAULT:
>  		return 1;
>  	case EXIT_REASON_PENDING_INTERRUPT:
> +		return nested_cpu_has(vmcs12, CPU_BASED_VIRTUAL_INTR_PENDING);
>  	case EXIT_REASON_NMI_WINDOW:
> -		/*
> -		 * prepare_vmcs02() set the CPU_BASED_VIRTUAL_INTR_PENDING bit
> -		 * (aka Interrupt Window Exiting) only when L1 turned it on,
> -		 * so if we got a PENDING_INTERRUPT exit, this must be for L1.
> -		 * Same for NMI Window Exiting.
> -		 */
> -		return 1;
> +		return vmcs12->pin_based_vm_exec_control &
> +			PIN_BASED_NMI_EXITING;
>  	case EXIT_REASON_TASK_SWITCH:
>  		return 1;
>  	case EXIT_REASON_CPUID:
> 

No, this is wrong. I first wrote a patch that ignored enable_irq_window
when the guest is not interested in external IRQs. But then I thought
that wasn't correct. I tend to believe now my first idea was better.

Need to rethink.

Jan


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 263 bytes --]

Re: [PATCH] KVM: nVMX: Fix injection of PENDING_INTERRUPT and NMI_WINDOW exits to L1

[Nadav Har'El]

On Sat, Feb 16, 2013, Jan Kiszka wrote about "Re: [PATCH] KVM: nVMX: Fix injection of PENDING_INTERRUPT and NMI_WINDOW exits to L1":
> No, this is wrong. I first wrote a patch that ignored enable_irq_window
> when the guest is not interested in external IRQs. But then I thought
> that wasn't correct. I tend to believe now my first idea was better.

If you want to make the !PIN_BASED_EXT_INTR_MASK case work correctly,
please also see:

https://bugzilla.kernel.org/show_bug.cgi?id=53711

Nadav.


-- 
Nadav Har'El                        |       Saturday, Feb 16 2013, 6 Adar 5773
nyh@math.technion.ac.il             |-----------------------------------------
Phone +972-523-790466, ICQ 13349191 |Always keep your words soft and sweet,
http://nadav.harel.org.il           |just in case you have to eat them.

Re: [PATCH] KVM: nVMX: Fix injection of PENDING_INTERRUPT and NMI_WINDOW exits to L1

[Jan Kiszka]

[-- Attachment #1: Type: text/plain, Size: 851 bytes --]

On 2013-02-16 15:46, Nadav Har'El wrote:
> On Sat, Feb 16, 2013, Jan Kiszka wrote about "Re: [PATCH] KVM: nVMX: Fix injection of PENDING_INTERRUPT and NMI_WINDOW exits to L1":
>> No, this is wrong. I first wrote a patch that ignored enable_irq_window
>> when the guest is not interested in external IRQs. But then I thought
>> that wasn't correct. I tend to believe now my first idea was better.
> 
> If you want to make the !PIN_BASED_EXT_INTR_MASK case work correctly,
> please also see:
> 
> https://bugzilla.kernel.org/show_bug.cgi?id=53711

Yes, I already realized that there is more broken. Trying to find a way
to fix this ATM. That specifically means deciding when to execute
vmx_complete/cancel_interrupts and when not.

This patch seems correct now, just insufficient to make direct injection
from L0 to L2 work.

Jan



[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 263 bytes --]