Add a #HV exception handler that uses IST stack.
Urgh.. that is entirely insufficient. Like it doesn't even begin to
start to cover things.
The whole existing VC IST stack abuse is already a nightmare and you're
duplicating that.. without any explanation for why this would be needed
and how it is correct.
Please try again.
#HV handler handles both #NMI & #MCE in the guest and nested #HV is
never raised by the hypervisor. Next #HV exception is only raised by the
hypervisor when Guest acknowledges the pending #HV exception by clearing
"NoFurtherSignal” bit in the doorbell page.
There is still protection (please see hv_switch_off_ist()) to gracefully
exit the guest if by any chance a malicious hypervisor sends nested #HV.
This saves with most of the nested IST stack pitfalls with #NMI & #MCE,
also #DB is handled in noinstr code
block(exc_vmm_communication()->vc_is_db {...}) hence avoid any recursive
#DBs.
Do you see anything else needs to be handled in #HV IST handling?
Thanks,
Pankaj
