From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Nadav Har'El" Subject: Re: [PATCH 22/24] Correct handling of idt vectoring info Date: Mon, 20 Sep 2010 12:03:40 +0200 Message-ID: <20100920100340.GB29641@fermat.math.technion.ac.il> References: <1276431753-nyh@il.ibm.com> <201006131233.o5DCXoel013156@rice.haifa.ibm.com> <20100617115803.GP523@redhat.com> <20100920063704.GA29641@fermat.math.technion.ac.il> <20100920093440.GH3008@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: avi@redhat.com, kvm@vger.kernel.org To: Gleb Natapov Return-path: Received: from mailgw12.technion.ac.il ([132.68.225.12]:44350 "EHLO mailgw12.technion.ac.il" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753816Ab0ITKDo (ORCPT ); Mon, 20 Sep 2010 06:03:44 -0400 Content-Disposition: inline In-Reply-To: <20100920093440.GH3008@redhat.com> Sender: kvm-owner@vger.kernel.org List-ID: On Mon, Sep 20, 2010, Gleb Natapov wrote about "Re: [PATCH 22/24] Correct handling of idt vectoring info": > But your code disables normal path even if L0 is the one who should > handle exit and re-inject event into L2. Look at what nested SVM is doing. > It is checking in handle_exit() if vmexit should cause vmexit into L1 > and if so they bypass regular code path by emulating exit instead, but if > L0 should handle the vmexit it uses regular code path. I wish it could be this simple. In vmx.c, we unfortunately don't have one such decision point (of when to exit into L1), but two: one is the exit handling (like in svm), but there's another one in the injection path (vmx_queue_exception): namely, when KVM decides to injects a #PF (because the guest, not it, should have gotten this #PF), we also need to exit to L1, and we only discover this in the entry path, not the exit path. We could have changed the code to do this special PF handling not in the entrance but rather at the point at the exit when this event is being queued. We probably should. But I'm afraid that this would require quite a bit of changes in the non-nested vmx (and possibly x86) code, which we wanted to avoid making. I'm also afraid that I don't understand all the reasons that brought to the current situation :-( > Look at how SVM did it. VMX shouldn't be different. I'm afraid I know very little about the SVM architecture. Does SVM even have a parallel of the IDT_VECTORING_INFO that this patch is trying to address? I agree that the nested SVM's handle_exit() looks cleaner that the parallel code in nested VMX. The root of all evil is that second exit decision point in the injection phase, and I'll think some more if I can find a way to avoid it without rocking the foundations too much. -- Nadav Har'El | Monday, Sep 20 2010, 12 Tishri 5771 nyh@math.technion.ac.il |----------------------------------------- Phone +972-523-790466, ICQ 13349191 |Bore, n.: A person who talks when you http://nadav.harel.org.il |wish him to listen.