Received: by 2002:ac0:da4c:0:0:0:0:0 with SMTP id a12csp1127420imi; Fri, 22 Jul 2022 18:16:24 -0700 (PDT) X-Google-Smtp-Source: AGRyM1sFUNZBMJiTm9xQ/ZQzqf67ycngIBuhbkBLyCX1Clr/60FtRT50edMSM1ED89relY9scr4u X-Received: by 2002:a63:c006:0:b0:411:c33f:b4bb with SMTP id h6-20020a63c006000000b00411c33fb4bbmr2063655pgg.433.1658538983739; Fri, 22 Jul 2022 18:16:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1658538983; cv=none; d=google.com; s=arc-20160816; b=MIa1AA/pGzyMoRKreYdFDU4VoaY1BX2fnTOC7mfQ7+NelA3FUUwgWKVNNVFOZ93Z6y vTwvrMGlViJ6MILuVxH/iWvl+RvNamzAkHKA8vLzwqHUgPfAvIhhwJ6EgHtk4V8cM4jo ITPKAo7MwOLjvXJdhtfArerUc/5dCBADgfR87si8WKW4VxO9ogOYV4psORzQ6C74c58e YLjLJghBqsi4goxr8HNscwS5Yqdf3VhV4azzLomhmnC3VBILPN5Y9FeHbD1+4NmgXc1E f06n2O7hbSk8ZIF0a03HvMNxr6iLQp8dFapf7m7gqiS86/Y6QlNTZKAx+3WXSoQxuWIH nAXA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:references:mime-version :message-id:in-reply-to:date:reply-to:dkim-signature; bh=U+ChLRWvMU/fIzZxpmNafRsKDwWA1g7ApLuxjnHhUZw=; b=d3KcqG/MCClYXxNJ+/+C7phQ/FfH74Qev/BCDYa6LoY/vUyhIFyaFUyKKR7JxDqI8d aNuXNmTLT+q6EcAOdxXTAea9DpCzpFahfkI+QE3pM2GR7UUB8dSI4KQ3hoSqdtTbttcw aWl2iQ0iMquzbMMMxRusGSPLTVGh9ZnSC3cIVs591xn7iS4mjqH5TOTZ6x+3oMzNn50c M1/HvR/0aoEL5BcYEgZxk/mw8lyiI1nG31kEenQwMgGeIddBcN6+YdK8qVjtqiEGSFdo tRJjPi7p5ZZ+CY7Cbi3ZkvtKBgP/iXrf5Cmh7r9ENwJyn9zPwUZQieQ/gM+bFW4CmV0k G24w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=lnvvi6aa; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id z21-20020a63b915000000b00411bbffdeb1si7868940pge.50.2022.07.22.18.16.09; Fri, 22 Jul 2022 18:16:23 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=lnvvi6aa; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236912AbiGWAxF (ORCPT + 99 others); Fri, 22 Jul 2022 20:53:05 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58188 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236679AbiGWAwf (ORCPT ); Fri, 22 Jul 2022 20:52:35 -0400 Received: from mail-pg1-x549.google.com (mail-pg1-x549.google.com [IPv6:2607:f8b0:4864:20::549]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0C7739FE23 for ; Fri, 22 Jul 2022 17:52:03 -0700 (PDT) Received: by mail-pg1-x549.google.com with SMTP id r142-20020a632b94000000b0041a18177a5dso3025425pgr.10 for ; Fri, 22 Jul 2022 17:52:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=U+ChLRWvMU/fIzZxpmNafRsKDwWA1g7ApLuxjnHhUZw=; b=lnvvi6aa7qkzYWZk5ceD+06rKpRg2vHyB1FYeqp/jy3gVBz7Gg5MWxOI5pwtUJUNgF NVGCj2O4ldzkSd/aYhj2n34ZlXaI5SOOfQxeez6k4YQRWHZU2Y1gUQzZFy298fusg7uU Q6XrVS0ST21JcyhFJqqcgFugswcXL5Q1o4PaRsCigS8gEp7xEA5aClFoEC14OiKM6V+h iDRMF8ktBgdsgReZTMKf7kknJYgcAhoChtVSSYOQ3/IuzraPrIqrD6Sgv+aR3zoCogSx 8Zy5AvfslloJ228W8iFuFjqf2NtageRNDCo4Owp8cj43X3RxmT4wG/6IzopxhGaNtoZm SMeA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=U+ChLRWvMU/fIzZxpmNafRsKDwWA1g7ApLuxjnHhUZw=; b=ah4ZGmu4Td0tFy3FsRjp+tcOqWd6slRwuuNmEJwQE/fhm8afEswu6MVJprSUujR8kc QVQ3//oIjtv3u20og48/o5Yy/QkvGpkJ6SGb4AKK4fUfGuRUpEtcd8K3B1P4lHQtMeGB jHbPgA1Ch9mZvGo6q8eXP9IibQvdvgn32JP5CCT8R+FUFpnyH6H1S47S2Wq7YY8YSYdo UZTANDnsW8P4sQOyndAJELikrBuTmuAdF+nylTPAqgZ2L6P2fgxzrJoxc6fZ0FgJTHMx aX1nUsmRmpb0AoYXQ4D5QKHf/gZ1C7RX4wBG/ig6s7cAOtZjvzphmTOy0u+egaksRXRJ M3SA== X-Gm-Message-State: AJIora8tGRStSEXGdxhKekZ3G9M0RLoJoMb7k/2dKyWn9uKaLhcAxvF4 3tw7tmiYQRtmjT/FJQG60AwwnIgvBoc= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:903:2310:b0:16d:38b9:2c78 with SMTP id d16-20020a170903231000b0016d38b92c78mr2086921plh.122.1658537522968; Fri, 22 Jul 2022 17:52:02 -0700 (PDT) Reply-To: Sean Christopherson Date: Sat, 23 Jul 2022 00:51:26 +0000 In-Reply-To: <20220723005137.1649592-1-seanjc@google.com> Message-Id: <20220723005137.1649592-14-seanjc@google.com> Mime-Version: 1.0 References: <20220723005137.1649592-1-seanjc@google.com> X-Mailer: git-send-email 2.37.1.359.gd136c6c3e2-goog Subject: [PATCH v4 13/24] KVM: x86: Formalize blocking of nested pending exceptions From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Jim Mattson , Maxim Levitsky , Oliver Upton , Peter Shier Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Capture nested_run_pending as block_pending_exceptions so that the logic of why exceptions are blocked only needs to be documented once instead of at every place that employs the logic. No functional change intended. Signed-off-by: Sean Christopherson Reviewed-by: Maxim Levitsky --- arch/x86/kvm/svm/nested.c | 26 ++++++++++++++++---------- arch/x86/kvm/vmx/nested.c | 29 ++++++++++++++++++----------- 2 files changed, 34 insertions(+), 21 deletions(-) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index 8f991592d277..a6111392985c 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -1356,10 +1356,22 @@ static inline bool nested_exit_on_init(struct vcpu_svm *svm) static int svm_check_nested_events(struct kvm_vcpu *vcpu) { - struct vcpu_svm *svm = to_svm(vcpu); - bool block_nested_events = - kvm_event_needs_reinjection(vcpu) || svm->nested.nested_run_pending; struct kvm_lapic *apic = vcpu->arch.apic; + struct vcpu_svm *svm = to_svm(vcpu); + /* + * Only a pending nested run blocks a pending exception. If there is a + * previously injected event, the pending exception occurred while said + * event was being delivered and thus needs to be handled. + */ + bool block_nested_exceptions = svm->nested.nested_run_pending; + /* + * New events (not exceptions) are only recognized at instruction + * boundaries. If an event needs reinjection, then KVM is handling a + * VM-Exit that occurred _during_ instruction execution; new events are + * blocked until the instruction completes. + */ + bool block_nested_events = block_nested_exceptions || + kvm_event_needs_reinjection(vcpu); if (lapic_in_kernel(vcpu) && test_bit(KVM_APIC_INIT, &apic->pending_events)) { @@ -1372,13 +1384,7 @@ static int svm_check_nested_events(struct kvm_vcpu *vcpu) } if (vcpu->arch.exception.pending) { - /* - * Only a pending nested run can block a pending exception. - * Otherwise an injected NMI/interrupt should either be - * lost or delivered to the nested hypervisor in the EXITINTINFO - * vmcb field, while delivering the pending exception. - */ - if (svm->nested.nested_run_pending) + if (block_nested_exceptions) return -EBUSY; if (!nested_exit_on_exception(svm)) return 0; diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index 0f5a7aec82a2..361c788a73d5 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -3899,11 +3899,23 @@ static bool nested_vmx_preemption_timer_pending(struct kvm_vcpu *vcpu) static int vmx_check_nested_events(struct kvm_vcpu *vcpu) { - struct vcpu_vmx *vmx = to_vmx(vcpu); - unsigned long exit_qual; - bool block_nested_events = - vmx->nested.nested_run_pending || kvm_event_needs_reinjection(vcpu); struct kvm_lapic *apic = vcpu->arch.apic; + struct vcpu_vmx *vmx = to_vmx(vcpu); + unsigned long exit_qual; + /* + * Only a pending nested run blocks a pending exception. If there is a + * previously injected event, the pending exception occurred while said + * event was being delivered and thus needs to be handled. + */ + bool block_nested_exceptions = vmx->nested.nested_run_pending; + /* + * New events (not exceptions) are only recognized at instruction + * boundaries. If an event needs reinjection, then KVM is handling a + * VM-Exit that occurred _during_ instruction execution; new events are + * blocked until the instruction completes. + */ + bool block_nested_events = block_nested_exceptions || + kvm_event_needs_reinjection(vcpu); if (lapic_in_kernel(vcpu) && test_bit(KVM_APIC_INIT, &apic->pending_events)) { @@ -3942,15 +3954,10 @@ static int vmx_check_nested_events(struct kvm_vcpu *vcpu) * for TSS T flag #DBs). KVM also doesn't save/restore pending MTF * across SMI/RSM as it should; that needs to be addressed in order to * prioritize SMI over MTF and trap-like #DBs. - * - * Note that only a pending nested run can block a pending exception. - * Otherwise an injected NMI/interrupt should either be - * lost or delivered to the nested hypervisor in the IDT_VECTORING_INFO, - * while delivering the pending exception. */ if (vcpu->arch.exception.pending && !(vmx_get_pending_dbg_trap(vcpu) & ~DR6_BT)) { - if (vmx->nested.nested_run_pending) + if (block_nested_exceptions) return -EBUSY; if (!nested_vmx_check_exception(vcpu, &exit_qual)) goto no_vmexit; @@ -3967,7 +3974,7 @@ static int vmx_check_nested_events(struct kvm_vcpu *vcpu) } if (vcpu->arch.exception.pending) { - if (vmx->nested.nested_run_pending) + if (block_nested_exceptions) return -EBUSY; if (!nested_vmx_check_exception(vcpu, &exit_qual)) goto no_vmexit; -- 2.37.1.359.gd136c6c3e2-goog