Received: by 2002:a05:6a10:413:0:0:0:0 with SMTP id 19csp801110pxp; Fri, 11 Mar 2022 15:30:43 -0800 (PST) X-Google-Smtp-Source: ABdhPJzJqrJe2c6rFJe3vQt9ywLtqMAgg4wzI7Xv7JwTjE/3OWe9YgJBRDCYFF7bMz0GGEdJsaEr X-Received: by 2002:a17:90a:7d17:b0:1bd:6972:f942 with SMTP id g23-20020a17090a7d1700b001bd6972f942mr13352926pjl.160.1647041443776; Fri, 11 Mar 2022 15:30:43 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1647041443; cv=none; d=google.com; s=arc-20160816; b=HceAhlAngL2UbeEGcZ7KRIcguqa3szEYoSq3q4xWmhPdHbZAnL1r5eE5q3LF41VAi6 wk6dNtK509RkuksdRvmyKPIsqr2ELXMpC8bHgllyCr8EtXkqNa1hcIE1c7OxsdlBHeXx omR3JoyNtJJoorn4OKIsoRms34RkLWCgkeBCZue/3pHomR6kV67XiC7/90pOdirEPtsB Hx4LGZgD20en/yqNEUnqYXO7P6ApmEbrJU5YWHYiCF1vRb+t0KK4YBb4F519Y2iA1rgc SscVcSXz9WFO5NtPGeKE54Wd9fGLJWvqOfq+Jz/5a0uxZD0ddkZPo3pobXISPvP7ZqzZ X4Bg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:references:mime-version :message-id:in-reply-to:date:reply-to:dkim-signature; bh=/e3NuCK6DEBMSiOBllCLklyOmWNes/4L3RuR/tOp3B8=; b=EW4dqBy+pHrcNG9djA+huzMJfnwe5IDS7MqjDnZprJREKBYThpNpZ+zpf4sZwWybmg ROKAyNf2CAItzHs82atJ4UdXfts0yuSLG1XacvgRZ7+sPNsGjyY9zTH1gKkHV5mFhn5N LlG0I958+L6fMzaSTaoKi5JCiCaebeeTgnugswlLmLIchtfnXZLoLCh5UwNVxRro6w85 1LZDzvy0+PI3b1CRSp0Ke7acJLkDJYRzhGwOd19vUubGuwZK6GfbpbmEGwSl2vboqF+w 2Hd1sydSuNevXtnzZFutwoM49UplFPLVrixUmk09dt3XBVCU4hjiJHV6bnYhRUjvRTuB gqKQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=XOLboWLf; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [23.128.96.19]) by mx.google.com with ESMTPS id s1-20020a056a00178100b004f737cdd03fsi10352914pfg.72.2022.03.11.15.30.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 11 Mar 2022 15:30:43 -0800 (PST) Received-SPF: softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) client-ip=23.128.96.19; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=XOLboWLf; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 81AE42335C0; Fri, 11 Mar 2022 14:17:00 -0800 (PST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346118AbiCKDaq (ORCPT + 99 others); Thu, 10 Mar 2022 22:30:46 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44610 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1346137AbiCKDaD (ORCPT ); Thu, 10 Mar 2022 22:30:03 -0500 Received: from mail-pj1-x1049.google.com (mail-pj1-x1049.google.com [IPv6:2607:f8b0:4864:20::1049]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6FF84F65C4 for ; Thu, 10 Mar 2022 19:28:37 -0800 (PST) Received: by mail-pj1-x1049.google.com with SMTP id p8-20020a17090a74c800b001bf257861efso7072786pjl.6 for ; Thu, 10 Mar 2022 19:28:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=/e3NuCK6DEBMSiOBllCLklyOmWNes/4L3RuR/tOp3B8=; b=XOLboWLfFXbX2EXQeMjKwLV6hLREdiguZxYDnuFwBuG0g6/gIna0YR6QYqHT4p1+Ai iuUn2KTOej2omvllKM73JZYbjdxE9EH2tCjvi9lMJi4tpV79z7foRGjphhTiEluZfi32 v7zz4eqgOYJ6sYADUd7RxRMgZDcQveHCFUYvcM667PaA6vbJDeify+PRBuO2MYkw3A9/ EXxs4MwG7h/dawghwislfrsuM2lVM/v/qYmsDiB2dm2BMQ/HkDN7Qk/E+fpqYzqWI2er cbNwr9ZB7LEzUgD3U1/FlnhvlNTrPWhgmTv2u3Fqr82M/xVRU6OPPp8OsAXk7bNyYnAp osIw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=/e3NuCK6DEBMSiOBllCLklyOmWNes/4L3RuR/tOp3B8=; b=p/o3Wq8/gDZkzpuYCKMowSvOP6xsUqeN4RzIXMBoKvMv+nQooTFP7PqTBSHb286oag HBSvN/fur9pvuIScPWuF0MyLjOJ0tLS1E0/tHkinGN6D4Tb8YPqlgUE8b4Aea7vYqvM1 S+AiweqP6s0Nlor2Q5neSaEE5TrHQJJenJPVp+Qh5LmirBuHtwDZFoNuAUrBtS8DWjWj hAq1blKQ5bYVC+rot/VuqHgotHQ7IRhpp0D1gZsJunNrwKnXBiaFuQOvqxW8V5QC5K76 LL9DpKvNXvxZ2ugQnQ4N+OayGoNf0hCbRNnrwxxqhY+el7CrFERIUv+CvG6ESDYySW7m iZxg== X-Gm-Message-State: AOAM531KUPVLbLivjHru3r8r1tWEtemMQEfxNRVH9lFl5JDykl9THyAj RR1P9yPO99kEr+T8HAjfwR+2lB9fJfo= X-Received: from seanjc.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:3e5]) (user=seanjc job=sendgmr) by 2002:a17:90b:4d81:b0:1bf:8ce4:4f51 with SMTP id oj1-20020a17090b4d8100b001bf8ce44f51mr404271pjb.0.1646969316456; Thu, 10 Mar 2022 19:28:36 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 11 Mar 2022 03:27:59 +0000 In-Reply-To: <20220311032801.3467418-1-seanjc@google.com> Message-Id: <20220311032801.3467418-20-seanjc@google.com> Mime-Version: 1.0 References: <20220311032801.3467418-1-seanjc@google.com> X-Mailer: git-send-email 2.35.1.723.g4982287a31-goog Subject: [PATCH 19/21] KVM: VMX: Update MTF and ICEBP comments to document KVM's subtle behavior From: Sean Christopherson To: Paolo Bonzini Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Oliver Upton , Peter Shier Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-9.5 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Document the oddities of ICEBP interception (trap-like #DB is intercepted as a fault-like exception), and how using VMX's inner "skip" helper deliberately bypasses the pending MTF and single-step #DB logic. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/vmx.c | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 0420bc6d418a..ae88d42289ce 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -1570,9 +1570,13 @@ static void vmx_update_emulated_instruction(struct kvm_vcpu *vcpu) /* * Per the SDM, MTF takes priority over debug-trap exceptions besides - * T-bit traps. As instruction emulation is completed (i.e. at the - * instruction boundary), any #DB exception pending delivery must be a - * debug-trap. Record the pending MTF state to be delivered in + * TSS T-bit traps and ICEBP (INT1). KVM doesn't emulate T-bit traps + * or ICEBP (in the emulator proper), and skipping of ICEBP after an + * intercepted #DB deliberately avoids single-step #DB and MTF updates + * as ICEBP is higher priority than both. As instruction emulation is + * completed at this point (i.e. KVM is at the instruction boundary), + * any #DB exception pending delivery must be a debug-trap of lower + * priority than MTF. Record the pending MTF state to be delivered in * vmx_check_nested_events(). */ if (nested_cpu_has_mtf(vmcs12) && @@ -4924,8 +4928,10 @@ static int handle_exception_nmi(struct kvm_vcpu *vcpu) * instruction. ICEBP generates a trap-like #DB, but * despite its interception control being tied to #DB, * is an instruction intercept, i.e. the VM-Exit occurs - * on the ICEBP itself. Note, skipping ICEBP also - * clears STI and MOVSS blocking. + * on the ICEBP itself. Use the inner "skip" helper to + * avoid single-step #DB and MTF updates, as ICEBP is + * higher priority. Note, skipping ICEBP still clears + * STI and MOVSS blocking. * * For all other #DBs, set vmcs.PENDING_DBG_EXCEPTIONS.BS * if single-step is enabled in RFLAGS and STI or MOVSS -- 2.35.1.723.g4982287a31-goog