On Tue, 2022-06-14 at 20:47 +0000, Sean Christopherson wrote:
> Fall through to handling other pending exception/events for L2 if SIPI
> is pending while the CPU is not in Wait-for-SIPI. KVM correctly ignores
> the event, but incorrectly returns immediately, e.g. a SIPI coincident
> with another event could lead to KVM incorrectly routing the event to L1
> instead of L2.
>
> Fixes: bf0cd88ce363 ("KVM: x86: emulate wait-for-SIPI and SIPI-VMExit")
> Signed-off-by: Sean Christopherson <seanjc@xxxxxxxxxx>
> ---
> arch/x86/kvm/vmx/nested.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c
> index e794791a6bdd..d080bfca16ef 100644
> --- a/arch/x86/kvm/vmx/nested.c
> +++ b/arch/x86/kvm/vmx/nested.c
> @@ -3936,10 +3936,12 @@ static int vmx_check_nested_events(struct kvm_vcpu *vcpu)
> return -EBUSY;
>
> clear_bit(KVM_APIC_SIPI, &apic->pending_events);
> - if (vcpu->arch.mp_state == KVM_MP_STATE_INIT_RECEIVED)
> + if (vcpu->arch.mp_state == KVM_MP_STATE_INIT_RECEIVED) {
> nested_vmx_vmexit(vcpu, EXIT_REASON_SIPI_SIGNAL, 0,
> apic->sipi_vector & 0xFFUL);
> - return 0;
> + return 0;
> + }
> + /* Fallthrough, the SIPI is completely ignored. */
> }
>
> /*
Makes sense.
Note that svm_check_nested_events lacks the code to check for SIPI at all,
but SVM lacks SIPI intercept, thus this is likely correct,
the place which delivers SIPI to L1 is I think kvm_apic_accept_events,
and it will ignore it unless the CPU is in INIT state, in which
it will not be in nested mode.
Reviewed-by: Maxim Levitsky <mlevitsk@xxxxxxxxxx>
Best regards,
Maxim Levitsky
