On 15/04/20 11:49, Vitaly Kuznetsov wrote:
> Not directly related to this series but I just noticed that we have the
> following comment in inject_pending_event():
>
> /* try to inject new event if pending */
> if (vcpu->arch.exception.pending) {
> ...
> if (vcpu->arch.exception.nr == DB_VECTOR) {
> /*
> * This code assumes that nSVM doesn't use
> * check_nested_events(). If it does, the
> * DR6/DR7 changes should happen before L1
> * gets a #VMEXIT for an intercepted #DB in
> * L2. (Under VMX, on the other hand, the
> * DR6/DR7 changes should not happen in the
> * event of a VM-exit to L1 for an intercepted
> * #DB in L2.)
> */
> kvm_deliver_exception_payload(vcpu);
> if (vcpu->arch.dr7 & DR7_GD) {
> vcpu->arch.dr7 &= ~DR7_GD;
> kvm_update_dr7(vcpu);
> }
> }
>
> kvm_x86_ops.queue_exception(vcpu);
> }
>
> As we already implement check_nested_events() on SVM, do we need to do
> anything here? CC: Jim who added the guardian (f10c729ff9652).
It's (still) okay because we don't use check_nested_events() for exceptions.
Regarding this series, I think we should implement the NMI injection
test for VMX and see if it requires the same change as patch 2.
Paolo
