On 8/25/2022 6:15 PM, Maciej S. Szmigiero wrote:
> On 25.08.2022 12:56, Shukla, Santosh wrote:
>> On 8/24/2022 6:26 PM, Maciej S. Szmigiero wrote:
>>> On 24.08.2022 14:13, Shukla, Santosh wrote:
>>>> Hi Maciej,
>>>>
>>>> On 8/11/2022 2:54 AM, Maciej S. Szmigiero wrote:
>>>>> On 10.08.2022 08:12, Santosh Shukla wrote:
>>>>>> Inject the NMI by setting V_NMI in the VMCB interrupt control. processor
>>>>>> will clear V_NMI to acknowledge processing has started and will keep the
>>>>>> V_NMI_MASK set until the processor is done with processing the NMI event.
>>>>>>
>>>>>> Signed-off-by: Santosh Shukla <santosh.shukla@xxxxxxx>
>>>>>> ---
>>>>>> v3:
>>>>>> - Removed WARN_ON check.
>>>>>>
>>>>>> v2:
>>>>>> - Added WARN_ON check for vnmi pending.
>>>>>> - use `get_vnmi_vmcb` to get correct vmcb so to inject vnmi.
>>>>>>
>>>>>> arch/x86/kvm/svm/svm.c | 7 +++++++
>>>>>> 1 file changed, 7 insertions(+)
>>>>>>
>>>>>> diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
>>>>>> index e260e8cb0c81..8c4098b8a63e 100644
>>>>>> --- a/arch/x86/kvm/svm/svm.c
>>>>>> +++ b/arch/x86/kvm/svm/svm.c
>>>>>> @@ -3479,7 +3479,14 @@ static void pre_svm_run(struct kvm_vcpu *vcpu)
>>>>>> static void svm_inject_nmi(struct kvm_vcpu *vcpu)
>>>>>> {
>>>>>> struct vcpu_svm *svm = to_svm(vcpu);
>>>>>> + struct vmcb *vmcb = NULL;
>>>>>> + if (is_vnmi_enabled(svm)) {
>>>>>
>>>>> I guess this should be "is_vnmi_enabled(svm) && !svm->nmi_l1_to_l2"
>>>>> since if nmi_l1_to_l2 is true then the NMI to be injected originally
>>>>> comes from L1's VMCB12 EVENTINJ field.
>>>>>
>>>>
>>>> Not sure if I understood the case fully.. so trying to sketch scenario here -
>>>> if nmi_l1_to_l2 is true then event is coming from EVTINJ. .which could
>>>> be one of following case -
>>>> 1) L0 (vnmi enabled) and L1 (vnmi disabled)
>>>
>>> As far as I can see in this case:
>>> is_vnmi_enabled() returns whether VMCB02's int_ctl has V_NMI_ENABLE bit set.
>>>
>>
>> For L1 with vnmi disabled case - is_vnmi_enabled()->get_vnmi_vmcb() will return false so the
>> execution path will opt EVTINJ model for re-injection.
>
> I guess by "get_vnmi_vmcb() will return false" you mean it will return NULL,
> since this function returns a pointer, not a bool.
>
Yes, I meant is_vnmi_enabled() will return false if vnmi param is unset.
> I can't see however, how this will happen:
>> static inline struct vmcb *get_vnmi_vmcb(struct vcpu_svm *svm)
>> {
>> if (!vnmi)
>> return NULL;
> ^ "vnmi" variable controls whether L0 uses vNMI,
> so this variable is true in our case
>
No.
In L1 case (vnmi disabled) - vnmi param will be false.
In L0 case (vnmi enabled) - vnmi param will be true.
So in L1 case, is_vnmi_enabled() will return false and
in L0 case will return true.
Thanks,
Santosh
>>
>> if (is_guest_mode(&svm->vcpu))
>> return svm->nested.vmcb02.ptr;
> ^ this should be always non-NULL.
>
> So get_vnmi_vmcb() will return VMCB02 pointer in our case, not NULL...
>
>>
>> Thanks,
>> Santosh
>>
>>> This field in VMCB02 comes from nested_vmcb02_prepare_control() which
>>> in the !nested_vnmi_enabled() case (L1 is not using vNMI) copies these bits
>>> from VMCB01:
>>>> int_ctl_vmcb01_bits |= (V_NMI_PENDING | V_NMI_ENABLE | V_NMI_MASK);
>>>
>>> So in this case (L0 uses vNMI) V_NMI_ENABLE will be set in VMCB01, right?
>>>
>>> This bit will then be copied to VMCB02
>
> ... and due to the above is_vnmi_enabled() will return true, so
> re-injection will attempt to use vNMI instead of EVTINJ (wrong).
>
>>>> 2) L0 & L1 both vnmi disabled.
>>>
>>> This case is ok.
>>>
>>>>
>>>> In both cases the vnmi check will fail for L1 and execution path
>>>> will fall back to default - right?
>>>>
>>>> Thanks,
>>>> Santosh
>>>
>
> Thanks,
> Maciej
