On Mon, 2021-08-02 at 08:56 -0400, Paolo Bonzini wrote: > For an event to be in injected state when nested_svm_vmrun executes, > it must have come from exitintinfo when svm_complete_interrupts ran: > > vcpu_enter_guest > static_call(kvm_x86_run) -> svm_vcpu_run > svm_complete_interrupts > // now the event went from "exitintinfo" to "injected" > static_call(kvm_x86_handle_exit) -> handle_exit > svm_invoke_exit_handler > vmrun_interception > nested_svm_vmrun > > However, no event could have been in exitintinfo before a VMRUN > vmexit. The code in svm.c is a bit more permissive than the one > in vmx.c: > > if (is_external_interrupt(svm->vmcb->control.exit_int_info) && > exit_code != SVM_EXIT_EXCP_BASE + PF_VECTOR && > exit_code != SVM_EXIT_NPF && exit_code != SVM_EXIT_TASK_SWITCH && > exit_code != SVM_EXIT_INTR && exit_code != SVM_EXIT_NMI) > > but in any case, a VMRUN instruction would not even start to execute > during an attempted event delivery. > > Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> > --- > arch/x86/kvm/svm/nested.c | 5 ----- > 1 file changed, 5 deletions(-) > > diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c > index 61738ff8ef33..5e13357da21e 100644 > --- a/arch/x86/kvm/svm/nested.c > +++ b/arch/x86/kvm/svm/nested.c > @@ -659,11 +659,6 @@ int nested_svm_vmrun(struct kvm_vcpu *vcpu) > goto out; > } > > - > - /* Clear internal status */ > - kvm_clear_exception_queue(vcpu); > - kvm_clear_interrupt_queue(vcpu); > - > /* > * Since vmcb01 is not in use, we can use it to store some of the L1 > * state. 100% agree. As I say, Intel's architects weren't crazy enough to implement an VM IDT gate (switch to a VM on interrupt....), and so indeed that this isn't possible. They do have a task gate... thankfully it is legacy. I would still keep a WARN_ON_ONCE here just in case. Note that in theory one can force an injected/queued exception with KVM_SET_VCPU_EVENTS on RIP that points to VMRUN instruction. Its user fault though. Reviewed-by: Maxim Levitsky <mlevitsk@xxxxxxxxxx> Best regards, Maxim Levitsky
