vcpu->arch.exception currently contains the vmcs02 IDT-vectored info through the entire execution of the vmexit. This makes it harder to keep that information safe when vcpu->arch.exception is reused for an exception (such as a page fault) that happens while L0 handles a vmexit. When this happens, there are two cases: - the exception causes a vmexit to L1; in that case, the exception in the IDT-vectored info is not reinjected; vcpu->arch.exception is reused to build the VM-exit interruption info. - the exception doesn't cause a vmexit to L1; in that case, vcpu->arch.exception is changed to a double fault which is injected normally into L2 via KVM_REQ_EVENT. The fix is easy if the vmcs12 IDT-vectored info is prepared early, in vmx_complete_interrupts (patches 1-2). I wanted to include this in 4.14, but Radim is on vacation and also I'm not sure how this interacts with Wanpeng's other refactoring of nested exceptions, so I'm sending it out only as RFC. I am applying only the first patch to kvm/queue. If I get a review, that one can be put in 4.14. Paolo Paolo Bonzini (4): KVM: nVMX: move vmentry tasks from prepare_vmcs12 to enter_vmx_non_root_mode KVM: nVMX: fill nested IDT-vectored event info on all L2->L0 exits KVM: x86: pass struct kvm_queued_exception to kvm_multiple_exception KVM: x86: allow overwriting L2 reinjected exception with L1 vmexit arch/x86/include/asm/kvm_host.h | 2 + arch/x86/kvm/svm.c | 79 +++++++------- arch/x86/kvm/vmx.c | 224 +++++++++++++++++++++------------------- arch/x86/kvm/x86.c | 86 +++++++++------ 4 files changed, 217 insertions(+), 174 deletions(-) -- 1.8.3.1