* [PATCH RFC] KVM: nSVM: remove useless kvm_clear_*_queue
@ 2021-08-02 12:56 Paolo Bonzini
2021-08-02 13:10 ` Maxim Levitsky
0 siblings, 1 reply; 2+ messages in thread
From: Paolo Bonzini @ 2021-08-02 12:56 UTC (permalink / raw)
To: linux-kernel, kvm; +Cc: mlevitsk
For an event to be in injected state when nested_svm_vmrun executes,
it must have come from exitintinfo when svm_complete_interrupts ran:
vcpu_enter_guest
static_call(kvm_x86_run) -> svm_vcpu_run
svm_complete_interrupts
// now the event went from "exitintinfo" to "injected"
static_call(kvm_x86_handle_exit) -> handle_exit
svm_invoke_exit_handler
vmrun_interception
nested_svm_vmrun
However, no event could have been in exitintinfo before a VMRUN
vmexit. The code in svm.c is a bit more permissive than the one
in vmx.c:
if (is_external_interrupt(svm->vmcb->control.exit_int_info) &&
exit_code != SVM_EXIT_EXCP_BASE + PF_VECTOR &&
exit_code != SVM_EXIT_NPF && exit_code != SVM_EXIT_TASK_SWITCH &&
exit_code != SVM_EXIT_INTR && exit_code != SVM_EXIT_NMI)
but in any case, a VMRUN instruction would not even start to execute
during an attempted event delivery.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
arch/x86/kvm/svm/nested.c | 5 -----
1 file changed, 5 deletions(-)
diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c
index 61738ff8ef33..5e13357da21e 100644
--- a/arch/x86/kvm/svm/nested.c
+++ b/arch/x86/kvm/svm/nested.c
@@ -659,11 +659,6 @@ int nested_svm_vmrun(struct kvm_vcpu *vcpu)
goto out;
}
-
- /* Clear internal status */
- kvm_clear_exception_queue(vcpu);
- kvm_clear_interrupt_queue(vcpu);
-
/*
* Since vmcb01 is not in use, we can use it to store some of the L1
* state.
--
2.27.0
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH RFC] KVM: nSVM: remove useless kvm_clear_*_queue
2021-08-02 12:56 [PATCH RFC] KVM: nSVM: remove useless kvm_clear_*_queue Paolo Bonzini
@ 2021-08-02 13:10 ` Maxim Levitsky
0 siblings, 0 replies; 2+ messages in thread
From: Maxim Levitsky @ 2021-08-02 13:10 UTC (permalink / raw)
To: Paolo Bonzini, linux-kernel, kvm
On Mon, 2021-08-02 at 08:56 -0400, Paolo Bonzini wrote:
> For an event to be in injected state when nested_svm_vmrun executes,
> it must have come from exitintinfo when svm_complete_interrupts ran:
>
> vcpu_enter_guest
> static_call(kvm_x86_run) -> svm_vcpu_run
> svm_complete_interrupts
> // now the event went from "exitintinfo" to "injected"
> static_call(kvm_x86_handle_exit) -> handle_exit
> svm_invoke_exit_handler
> vmrun_interception
> nested_svm_vmrun
>
> However, no event could have been in exitintinfo before a VMRUN
> vmexit. The code in svm.c is a bit more permissive than the one
> in vmx.c:
>
> if (is_external_interrupt(svm->vmcb->control.exit_int_info) &&
> exit_code != SVM_EXIT_EXCP_BASE + PF_VECTOR &&
> exit_code != SVM_EXIT_NPF && exit_code != SVM_EXIT_TASK_SWITCH &&
> exit_code != SVM_EXIT_INTR && exit_code != SVM_EXIT_NMI)
>
> but in any case, a VMRUN instruction would not even start to execute
> during an attempted event delivery.
>
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> ---
> arch/x86/kvm/svm/nested.c | 5 -----
> 1 file changed, 5 deletions(-)
>
> diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c
> index 61738ff8ef33..5e13357da21e 100644
> --- a/arch/x86/kvm/svm/nested.c
> +++ b/arch/x86/kvm/svm/nested.c
> @@ -659,11 +659,6 @@ int nested_svm_vmrun(struct kvm_vcpu *vcpu)
> goto out;
> }
>
> -
> - /* Clear internal status */
> - kvm_clear_exception_queue(vcpu);
> - kvm_clear_interrupt_queue(vcpu);
> -
> /*
> * Since vmcb01 is not in use, we can use it to store some of the L1
> * state.
100% agree.
As I say, Intel's architects weren't crazy enough to implement an VM IDT gate
(switch to a VM on interrupt....), and so indeed that this isn't possible.
They do have a task gate... thankfully it is legacy.
I would still keep a WARN_ON_ONCE here just in case.
Note that in theory one can force an injected/queued exception with KVM_SET_VCPU_EVENTS
on RIP that points to VMRUN instruction. Its user fault though.
Reviewed-by: Maxim Levitsky <mlevitsk@redhat.com>
Best regards,
Maxim Levitsky
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-08-02 13:10 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-08-02 12:56 [PATCH RFC] KVM: nSVM: remove useless kvm_clear_*_queue Paolo Bonzini
2021-08-02 13:10 ` Maxim Levitsky
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).