On Mon, 2021-12-13 at 14:15 +0100, Paolo Bonzini wrote: > On 12/13/21 14:07, Maxim Levitsky wrote: > > > Right, another case is when CLGI is not trapped and the guest therefore > > > runs with GIF=0. I think that means that a similar change has to be > > > done in all the *_allowed functions. > > > > I think that SVM sets real GIF to 1 on VMentry regardless if it is trapped or not. > > Yes, the issue is only when CLGI is not trapped (and vGIF is disabled). Yes, but I just wanted to clarify that GIF is initially enabled on VM entry regardless if it is trapped or not, after that the guest can indeed disable the GIF if CLGI/STGI is not trapped and vGIF disabled. > > > However if not trapped, and neither EFLAGS.IF is trapped, one could enter a guest > > that has EFLAGS.IF == 0, then the guest could disable GIF, enable EFLAGS.IF, > > and then enable GIF, but then GIF enablement should trigger out interrupt window > > VINTR as well. > > While GIF=0 you have svm_nmi_blocked returning true and svm_nmi_allowed > returning -EBUSY; that's wrong isn't it? Yes, 100% agree, patch (and unit test for this as well) is on the way! Best regards. Maxim Levitsky > > Paolo >
