Received: by 2002:a6b:fb09:0:0:0:0:0 with SMTP id h9csp1860865iog; Tue, 14 Jun 2022 15:16:18 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzzsUfDZuBLl+dRv2YbCK2xAHcpANSYADcjFVxqrOK+8V7eGY3c86ymRadBJw6mhmLWs7AJ X-Received: by 2002:a05:6402:684:b0:431:503e:76e6 with SMTP id f4-20020a056402068400b00431503e76e6mr8633155edy.308.1655244977929; Tue, 14 Jun 2022 15:16:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1655244977; cv=none; d=google.com; s=arc-20160816; b=G3IgTwKowvGtzTxYQaNGimG0t8nFtQKWgJPhEEYsnfdyitWhvjT6F+UQwFYj7SBlaa 6hAv/2qUZ1eJ42nZbysDWWLjydDE2ywNdfHAI29Duc/qjxPF4snt885lYNVAnrIpeAu0 8vDjDefiI8tqgqaZNRMz3ud6JmMWFV2rfB9PQQbUH9RbwvQ4GwuLZ2Tf3eyIWleJIEP+ yv6To93h+EM1950lgBKdoS8LG4E3+utRuofY6q7qaUOZ4L/pWZk+EkD+ine93IjaviNP amZan9n0LzLmvtRqj+YLu+c0/D5Wz+3QntsaUBQAvjO/3M8D+pDzDFBohaAcEksuCzrA bbFA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:references:mime-version :message-id:in-reply-to:date:reply-to:dkim-signature; bh=mb7FzKFSEgVLobIXf3OdFdCUMJfOed79vFK0Lawhe6g=; b=sPvLqjCd0wFs7qhEpT+IUhkjeO7VBYtsabQubyuuZq1ioLXKqV5cuedqAktdgDZ2Or Il+JAFPkcXepH56ajLn5qjLVJSERdiLQ/0I/aGNxSTBueaCE13NtnqY625q1KPxYPeDi /128FZV1RzAqEtW+vP+vpMqbVzPPDlUyvOFBxzY7bMpNyykkK2Cup8SJ0Y/wO+M19dbh Wl89Vu5MyetHUWwpxXWtBeQJFt5WhWVbW2qIxpcdkJefNleKN8iiSr7iKJ5IuLoWIrc/ hAKdnuYkrU0xpdwReWyn/5mwO7vK7GhWvT3GUgmeWKRydc3uJSnTkmhA5OiQ9pkxMTMO 1kRQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=X6JBA0Ut; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id l6-20020aa7cac6000000b0042dfb2ce9e7si11529055edt.382.2022.06.14.15.15.52; Tue, 14 Jun 2022 15:16:17 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=X6JBA0Ut; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1358538AbiFNUtz (ORCPT + 99 others); Tue, 14 Jun 2022 16:49:55 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37528 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1358279AbiFNUst (ORCPT ); Tue, 14 Jun 2022 16:48:49 -0400 Received: from mail-pg1-x549.google.com (mail-pg1-x549.google.com [IPv6:2607:f8b0:4864:20::549]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B16A63EBAC for ; Tue, 14 Jun 2022 13:48:21 -0700 (PDT) Received: by mail-pg1-x549.google.com with SMTP id h190-20020a636cc7000000b003fd5d5452cfso5491649pgc.8 for ; Tue, 14 Jun 2022 13:48:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=mb7FzKFSEgVLobIXf3OdFdCUMJfOed79vFK0Lawhe6g=; b=X6JBA0UtNYbgdBQp+RD6/GvBM17LkM9xHYl4iWexyTTR2aLmKJkaz8TuNjMuFuVkX2 7zhuFQPJi5Cyc4Zzqs/NFyNQtaUddNt3YHG+37PrMWf/1/JfU67rTgzZseYs3AysvB7D QajCisyV3faBWYp4t07Dt2nUCFmbPnLMId2Bjx6Wx+UIkl7uB25MRVl8w+g4yjd1ll6y vLl7E1S3tlAapCiGmWbWAtxtcarAUTk/aOYnFZ9WXIfh7IFbkgb7FnB3p1HsXlXNnWC4 zW80NyQY2QKlL9IYEqoX2/zvvYwT1FgbG8AlnSEJGbx96c/HdEL6zePosSB3wUe1Hq3z m2CQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=mb7FzKFSEgVLobIXf3OdFdCUMJfOed79vFK0Lawhe6g=; b=VrimuBXZmbkmssobBjFuscrzRqiP9KiQRWnsG0/oBDC3F58pmpx5+y5pNK0sN5H63v S6KyRGcloaOgxqwj+Ax6Up5c+4fAKEpc+vjVM6l4jrAf6kHa4r5SGJ0ZQoqJfqZmfR98 Pvo+brXez8DV7XAQ9S1kke6vh41Z0wp3PPKD7pFhmzkUhU4MNKPv0xN3YnQST0ULULpA vqYwZ6QqunYNilkmx6LRZP1L4pi6eRMPDxg/2L0VXHq6rOmPIdxTs6DpCpS5iUEIVbGw HiCpyl1ValaYihwQqYYtsuDfuUqfgI/zsrRGzBBFg2jGMDlBW0sFDlLQlKhWFDfz+D82 FA5A== X-Gm-Message-State: AJIora9DVqZEwpSDN/W4x9yWZ6W0hTF+rrjUWurbf5aZHzyNgzFSaPVK E2tHZpZmh/f13tXUDdIFIURQykdj1Kk= X-Received: from seanjc.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:3e5]) (user=seanjc job=sendgmr) by 2002:a17:902:bc85:b0:168:dadd:f86 with SMTP id bb5-20020a170902bc8500b00168dadd0f86mr5968393plb.93.1655239692180; Tue, 14 Jun 2022 13:48:12 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 14 Jun 2022 20:47:28 +0000 In-Reply-To: <20220614204730.3359543-1-seanjc@google.com> Message-Id: <20220614204730.3359543-20-seanjc@google.com> Mime-Version: 1.0 References: <20220614204730.3359543-1-seanjc@google.com> X-Mailer: git-send-email 2.36.1.476.g0c4daa206d-goog Subject: [PATCH v2 19/21] KVM: VMX: Update MTF and ICEBP comments to document KVM's subtle behavior From: Sean Christopherson To: Paolo Bonzini Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Oliver Upton , Peter Shier Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Document the oddities of ICEBP interception (trap-like #DB is intercepted as a fault-like exception), and how using VMX's inner "skip" helper deliberately bypasses the pending MTF and single-step #DB logic. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/vmx.c | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 3591fdf7ecf9..91b8e171f232 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -1578,9 +1578,13 @@ static void vmx_update_emulated_instruction(struct kvm_vcpu *vcpu) /* * Per the SDM, MTF takes priority over debug-trap exceptions besides - * T-bit traps. As instruction emulation is completed (i.e. at the - * instruction boundary), any #DB exception pending delivery must be a - * debug-trap. Record the pending MTF state to be delivered in + * TSS T-bit traps and ICEBP (INT1). KVM doesn't emulate T-bit traps + * or ICEBP (in the emulator proper), and skipping of ICEBP after an + * intercepted #DB deliberately avoids single-step #DB and MTF updates + * as ICEBP is higher priority than both. As instruction emulation is + * completed at this point (i.e. KVM is at the instruction boundary), + * any #DB exception pending delivery must be a debug-trap of lower + * priority than MTF. Record the pending MTF state to be delivered in * vmx_check_nested_events(). */ if (nested_cpu_has_mtf(vmcs12) && @@ -5071,8 +5075,10 @@ static int handle_exception_nmi(struct kvm_vcpu *vcpu) * instruction. ICEBP generates a trap-like #DB, but * despite its interception control being tied to #DB, * is an instruction intercept, i.e. the VM-Exit occurs - * on the ICEBP itself. Note, skipping ICEBP also - * clears STI and MOVSS blocking. + * on the ICEBP itself. Use the inner "skip" helper to + * avoid single-step #DB and MTF updates, as ICEBP is + * higher priority. Note, skipping ICEBP still clears + * STI and MOVSS blocking. * * For all other #DBs, set vmcs.PENDING_DBG_EXCEPTIONS.BS * if single-step is enabled in RFLAGS and STI or MOVSS -- 2.36.1.476.g0c4daa206d-goog