On Wed, 18 Oct 2023 12:20:21 -0700, Sean Christopherson wrote:
> When vNMI is enabled, rely entirely on hardware to correctly handle NMI
> blocking, i.e. don't intercept IRET to detect when NMIs are no longer
> blocked. KVM already correctly ignores svm->nmi_masked when vNMI is
> enabled, so the effect of the bug is essentially an unnecessary VM-Exit.
>
> KVM intercepts IRET for two reasons:
> - To track NMI masking to be able to know at any point of time if NMI
> is masked.
> - To track NMI windows (to inject another NMI after the guest executes
> IRET, i.e. unblocks NMIs)
>
> [...]
Applied to kvm-x86 svm, thanks!
[1/1] KVM: SVM: Don't intercept IRET when injecting NMI and vNMI is enabled
https://github.com/kvm-x86/linux/commit/72046d0a077a
--
https://github.com/kvm-x86/linux/tree/next
