linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Sean Christopherson <sean.j.christopherson@intel.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: Sean Christopherson <sean.j.christopherson@intel.com>,
	Vitaly Kuznetsov <vkuznets@redhat.com>,
	Wanpeng Li <wanpengli@tencent.com>,
	Jim Mattson <jmattson@google.com>, Joerg Roedel <joro@8bytes.org>,
	kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
	Oliver Upton <oupton@google.com>, Peter Shier <pshier@google.com>
Subject: [PATCH 01/13] KVM: nVMX: Preserve exception priority irrespective of exiting behavior
Date: Wed, 22 Apr 2020 19:25:38 -0700	[thread overview]
Message-ID: <20200423022550.15113-2-sean.j.christopherson@intel.com> (raw)
In-Reply-To: <20200423022550.15113-1-sean.j.christopherson@intel.com>

Short circuit vmx_check_nested_events() if an exception is pending and
needs to be injected into L2, priority between coincident events is not
dependent on exiting behavior.  This fixes a bug where a single-step #DB
that is not intercepted by L1 is incorrectly dropped due to servicing a
VMX Preemption Timer VM-Exit.

Injected exceptions also need to be blocked if nested VM-Enter is
pending or an exception was already injected, otherwise injecting the
exception could overwrite an existing event injection from L1.
Technically, this scenario should be impossible, i.e. KVM shouldn't
inject its own exception during nested VM-Enter.  This will be addressed
in a future patch.

Note, event priority between SMI, NMI and INTR is incorrect for L2, e.g.
SMI should take priority over VM-Exit on NMI/INTR, and NMI that is
injected into L2 should take priority over VM-Exit INTR.  This will also
be addressed in a future patch.

Fixes: b6b8a1451fc4 ("KVM: nVMX: Rework interception of IRQs and NMIs")
Reported-by: Jim Mattson <jmattson@google.com>
Cc: Oliver Upton <oupton@google.com>
Cc: Peter Shier <pshier@google.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
 arch/x86/kvm/vmx/nested.c | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c
index f228339cd0a0..dc7315b31fee 100644
--- a/arch/x86/kvm/vmx/nested.c
+++ b/arch/x86/kvm/vmx/nested.c
@@ -3716,11 +3716,11 @@ static int vmx_check_nested_events(struct kvm_vcpu *vcpu)
 	/*
 	 * Process any exceptions that are not debug traps before MTF.
 	 */
-	if (vcpu->arch.exception.pending &&
-	    !vmx_pending_dbg_trap(vcpu) &&
-	    nested_vmx_check_exception(vcpu, &exit_qual)) {
+	if (vcpu->arch.exception.pending && !vmx_pending_dbg_trap(vcpu)) {
 		if (block_nested_events)
 			return -EBUSY;
+		if (!nested_vmx_check_exception(vcpu, &exit_qual))
+			goto no_vmexit;
 		nested_vmx_inject_exception_vmexit(vcpu, exit_qual);
 		return 0;
 	}
@@ -3733,10 +3733,11 @@ static int vmx_check_nested_events(struct kvm_vcpu *vcpu)
 		return 0;
 	}
 
-	if (vcpu->arch.exception.pending &&
-	    nested_vmx_check_exception(vcpu, &exit_qual)) {
+	if (vcpu->arch.exception.pending) {
 		if (block_nested_events)
 			return -EBUSY;
+		if (!nested_vmx_check_exception(vcpu, &exit_qual))
+			goto no_vmexit;
 		nested_vmx_inject_exception_vmexit(vcpu, exit_qual);
 		return 0;
 	}
@@ -3771,6 +3772,7 @@ static int vmx_check_nested_events(struct kvm_vcpu *vcpu)
 		return 0;
 	}
 
+no_vmexit:
 	vmx_complete_nested_posted_interrupt(vcpu);
 	return 0;
 }
-- 
2.26.0


  reply	other threads:[~2020-04-23  2:25 UTC|newest]

Thread overview: 39+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-04-23  2:25 [PATCH 00/13] KVM: x86: Event fixes and cleanup Sean Christopherson
2020-04-23  2:25 ` Sean Christopherson [this message]
2020-04-28 18:54   ` [PATCH 01/13] KVM: nVMX: Preserve exception priority irrespective of exiting behavior Jim Mattson
2020-04-28 20:07     ` Oliver Upton
2020-04-23  2:25 ` [PATCH 02/13] KVM: nVMX: Open a window for pending nested VMX preemption timer Sean Christopherson
2020-04-28 21:39   ` Jim Mattson
2020-04-23  2:25 ` [PATCH 03/13] KVM: x86: Set KVM_REQ_EVENT if run is canceled with req_immediate_exit set Sean Christopherson
2020-04-28 21:41   ` Jim Mattson
2020-04-23  2:25 ` [PATCH 04/13] KVM: x86: Make return for {interrupt_nmi}_allowed() a bool instead of int Sean Christopherson
2020-04-28 21:42   ` Jim Mattson
2020-04-23  2:25 ` [PATCH 05/13] KVM: nVMX: Move nested_exit_on_nmi() to nested.h Sean Christopherson
2020-04-28 21:44   ` Jim Mattson
2020-04-23  2:25 ` [PATCH 06/13] KVM: nVMX: Report NMIs as allowed when in L2 and Exit-on-NMI is set Sean Christopherson
2020-04-28 21:46   ` Jim Mattson
2020-04-23  2:25 ` [PATCH 07/13] KVM: VMX: Split out architectural interrupt/NMI blocking checks Sean Christopherson
2020-04-28 21:57   ` Jim Mattson
2020-04-23  2:25 ` [PATCH 08/13] KVM: nVMX: Preserve IRQ/NMI priority irrespective of exiting behavior Sean Christopherson
2020-04-28 21:58   ` Jim Mattson
2020-04-23  2:25 ` [PATCH 09/13] KVM: nVMX: Prioritize SMI over nested IRQ/NMI Sean Christopherson
2020-04-28 22:04   ` Jim Mattson
2020-04-28 22:59     ` Sean Christopherson
2020-04-28 23:16       ` Jim Mattson
2020-04-29 14:50         ` Sean Christopherson
2020-04-29 20:06           ` Sean Christopherson
2020-04-28 23:23       ` Jim Mattson
2020-04-23  2:25 ` [PATCH 10/13] KVM: x86: WARN on injected+pending exception even in nested case Sean Christopherson
2020-04-28 22:05   ` Jim Mattson
2020-04-23  2:25 ` [PATCH 11/13] KVM: VMX: Use vmx_interrupt_blocked() directly from vmx_handle_exit() Sean Christopherson
2020-04-28 22:07   ` Jim Mattson
2020-04-23  2:25 ` [PATCH 12/13] KVM: x86: Replace late check_nested_events() hack with more precise fix Sean Christopherson
2020-04-23 11:00   ` Paolo Bonzini
2020-04-28 22:12   ` Jim Mattson
2020-04-28 22:20     ` Sean Christopherson
2020-04-29  8:36       ` Paolo Bonzini
2020-04-29 16:45         ` Sean Christopherson
2020-04-29 16:58           ` Paolo Bonzini
2020-04-29 17:07             ` Sean Christopherson
2020-04-23  2:25 ` [PATCH 13/13] KVM: VMX: Use vmx_get_rflags() to query RFLAGS in vmx_interrupt_blocked() Sean Christopherson
2020-04-28 22:13   ` Jim Mattson

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200423022550.15113-2-sean.j.christopherson@intel.com \
    --to=sean.j.christopherson@intel.com \
    --cc=jmattson@google.com \
    --cc=joro@8bytes.org \
    --cc=kvm@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=oupton@google.com \
    --cc=pbonzini@redhat.com \
    --cc=pshier@google.com \
    --cc=vkuznets@redhat.com \
    --cc=wanpengli@tencent.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).