On 12/08/2018 20:59, Thomas Gleixner wrote: > --- a/arch/x86/kvm/svm.c > +++ b/arch/x86/kvm/svm.c > @@ -5580,8 +5580,6 @@ static void svm_vcpu_run(struct kvm_vcpu > > clgi(); > > - local_irq_enable(); > - > /* > * If this vCPU has touched SPEC_CTRL, restore the guest's value if > * it's non-zero. Since vmentry is serialising on affected CPUs, there > @@ -5590,6 +5588,8 @@ static void svm_vcpu_run(struct kvm_vcpu > */ > x86_spec_ctrl_set_guest(svm->spec_ctrl, svm->virt_spec_ctrl); > > + local_irq_enable(); > + It is actually a false positive because the clgi() keeps interrupts disabled even if IF=1. (This complication in the AMD virtualization extensions is there because IF=1 tells VMRUN that you should exit in case an interrupt arrives, but they it won't be serviced until the corresponding STGI). Likewise for the call to x86_spec_ctrl_restore_host. Still, the patch is correct and it's a good idea to keep the GIF=0/IF=1 area as small and self-contained as possible. So: Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Paolo
