> Organization aside, this seems to defeat the purpose of _not_ unconditionally > unmasking NMIs on ERET since the kernel assumes any random "int $2" is coming > from KVM after an NMI VM-Exit. I'm a bit confused. KVM VMX is the only component needing to execute "int $2" and it surely has NMI blocked after an NMI VM-exit. > Eww, and "int $2" doesn't even go directly to fred_exc_nmi(), it trampolines > through fred_sw_interrupt_kernel() first. Looks like "int $2" from userspace gets > routed to a #GP, so at least that bit is handled. FRED does a 2-level dispatch, unless an event handler is on a hot path, we don't promote its handling. NMI seems not a frequent event. > I'm not dead set against the proposed approach, but IMO it's not obviously better > than a bit of assembly to have a more direct call into the NMI handler. I will give it a shot.
