leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
4b9852f4f3
linux/arch/x86/kvm/vmx
History
Liran Alon 4b9852f4f3 KVM: x86: Fix INIT signal handling in various CPU states 
Commit cd7764fe9f ("KVM: x86: latch INITs while in system management mode")
changed code to latch INIT while vCPU is in SMM and process latched INIT
when leaving SMM. It left a subtle remark in commit message that similar
treatment should also be done while vCPU is in VMX non-root-mode.

However, INIT signals should actually be latched in various vCPU states:
(*) For both Intel and AMD, INIT signals should be latched while vCPU
is in SMM.
(*) For Intel, INIT should also be latched while vCPU is in VMX
operation and later processed when vCPU leaves VMX operation by
executing VMXOFF.
(*) For AMD, INIT should also be latched while vCPU runs with GIF=0
or in guest-mode with intercept defined on INIT signal.

To fix this:
1) Add kvm_x86_ops->apic_init_signal_blocked() such that each CPU vendor
can define the various CPU states in which INIT signals should be
blocked and modify kvm_apic_accept_events() to use it.
2) Modify vmx_check_nested_events() to check for pending INIT signal
while vCPU in guest-mode. If so, emualte vmexit on
EXIT_REASON_INIT_SIGNAL. Note that nSVM should have similar behaviour
but is currently left as a TODO comment to implement in the future
because nSVM don't yet implement svm_check_nested_events().

Note: Currently KVM nVMX implementation don't support VMX wait-for-SIPI
activity state as specified in MSR_IA32_VMX_MISC bits 6:8 exposed to
guest (See nested_vmx_setup_ctls_msrs()).
If and when support for this activity state will be implemented,
kvm_check_nested_events() would need to avoid emulating vmexit on
INIT signal in case activity-state is wait-for-SIPI. In addition,
kvm_apic_accept_events() would need to be modified to avoid discarding
SIPI in case VMX activity-state is wait-for-SIPI but instead delay
SIPI processing to vmx_check_nested_events() that would clear
pending APIC events and emulate vmexit on SIPI.

Reviewed-by: Joao Martins <joao.m.martins@oracle.com>
Co-developed-by: Nikita Leshenko <nikita.leshchenko@oracle.com>
Signed-off-by: Nikita Leshenko <nikita.leshchenko@oracle.com>
Signed-off-by: Liran Alon <liran.alon@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-09-11 18:11:45 +02:00
..
capabilities.h KVM: VMX: Include architectural defs header in capabilities.h 2019-04-30 21:32:21 +02:00
evmcs.c x86/kvm/nVMX: fix VMCLEAR when Enlightened VMCS is in use 2019-07-02 18:56:00 +02:00
evmcs.h x86/kvm/nVMX: fix VMCLEAR when Enlightened VMCS is in use 2019-07-02 18:56:00 +02:00
nested.c KVM: x86: Fix INIT signal handling in various CPU states 2019-09-11 18:11:45 +02:00
nested.h KVM: nVMX: Use descriptive names for VMCS sync functions and flags 2019-06-18 11:46:06 +02:00
ops.h KVM: VMX: remove unneeded 'asm volatile ("")' from vmcs_write64 2019-06-05 14:14:49 +02:00
pmu_intel.c KVM: x86/vPMU: reset pmc->counter to 0 for pmu fixed_counters 2019-07-17 12:23:20 +02:00
vmcs12.c
vmcs12.h KVM/arm updates for 5.3 2019-07-11 15:14:16 +02:00
vmcs_shadow_fields.h KVM: nVMX: shadow pin based execution controls 2019-06-18 17:10:50 +02:00
vmcs.h KVM: VMX: Leave preemption timer running when it's disabled 2019-06-18 17:10:46 +02:00
vmenter.S KVM: VMX: Fix and tweak the comments for VM-Enter 2019-08-22 10:09:27 +02:00
vmx.c KVM: x86: Fix INIT signal handling in various CPU states 2019-09-11 18:11:45 +02:00
vmx.h KVM: VMX: Change ple_window type to unsigned int 2019-09-10 19:13:20 +02:00