On Mon, May 13, 2019 at 9:28 AM Alexandre Chartre <alexandre.chartre@xxxxxxxxxx> wrote: > > > > On 5/13/19 5:51 PM, Andy Lutomirski wrote: > > On Mon, May 13, 2019 at 7:39 AM Alexandre Chartre > > <alexandre.chartre@xxxxxxxxxx> wrote: > >> > >> From: Liran Alon <liran.alon@xxxxxxxxxx> > >> > >> Next commits will change most of KVM #VMExit handlers to run > >> in KVM isolated address space. Any interrupt handler raised > >> during execution in KVM address space needs to switch back > >> to host address space. > >> > >> This patch makes sure that IRQ handlers will run in full > >> host address space instead of KVM isolated address space. > > > > IMO this needs to be somewhere a lot more central. What about NMI and > > MCE? Or async page faults? Or any other entry? > > > > Actually, I am not sure this is effectively useful because the IRQ > handler is probably faulting before it tries to exit isolation, so > the isolation exit will be done by the kvm page fault handler. I need > to check that. > The whole idea of having #PF exit with a different CR3 than was loaded on entry seems questionable to me. I'd be a lot more comfortable with the whole idea if a page fault due to accessing the wrong data was an OOPS and the code instead just did the right thing directly. --Andy
