According to the Intel SDM, volume 3, section 26.7: VM-Entry Failures
During or After Loading Guest State,
Although this process resembles that of a VM exit, many steps taken
during a VM exit do not occur for these VM-entry failures:
o Most VM-exit information fields are not updated (see step 1
above).
o The valid bit in the VM-entry interruption-information field is
not cleared.
o The guest-state area is not modified.
o No MSRs are saved into the VM-exit MSR-store area.
"Step 1 above" indicates that information about the VM-entry failure
is only recorded in the exit reason and exit qualification fields.
*All other VM-exit information fields are unmodified.*
Moreover, the pseudo-code for VMLAUNCH/VMRESUME in section 30.3
indicates that the launch state of the VMCS is only set to "launched"
when the VM-entry succeeds.
The current nested_vmx_vmexit code does not sufficiently distinguish
VM-entry failure from a normal VM-exit, and therefore gets most of
these things wrong.
Jim Mattson (4):
KVM: nVMX: Sequester all vmcs12 guest-state updates
KVM: nVMX: Introduce update_vmcs12_vm_entry_controls
KVM: nVMX: Introduce record_extra_vmcs12_exit_information
KVM: nVMX: Don't set vmcs12 to "launched" when VMLAUNCH fails
arch/x86/kvm/vmx.c | 112 +++++++++++++++++++++++++++++++++--------------------
1 file changed, 69 insertions(+), 43 deletions(-)
--
2.13.0.219.gdb65acc882-goog
