• Sean Christopherson's avatar
    KVM: nVMX: Morph notification vector IRQ on nested VM-Enter to pending PI · 25bb2cf9
    Sean Christopherson authored
    On successful nested VM-Enter, check for pending interrupts and convert
    the highest priority interrupt to a pending posted interrupt if it
    matches L2's notification vector.  If the vCPU receives a notification
    interrupt before nested VM-Enter (assuming L1 disables IRQs before doing
    VM-Enter), the pending interrupt (for L1) should be recognized and
    processed as a posted interrupt when interrupts become unblocked after
    VM-Enter to L2.
    
    This fixes a bug where L1/L2 will get stuck in an infinite loop if L1 is
    trying to inject an interrupt into L2 by setting the appropriate bit in
    L2's PIR and sending a self-IPI prior to VM-Enter (as opposed to KVM's
    method of manually moving the vector from PIR->vIRR/RVI).  KVM will
    observe the IPI while the vCPU is in L1 context and so won't immediately
    morph it to a posted interrupt for L2.  The pending interrupt will be
    seen by vmx_check_nested_events(), cause KVM to force an immediate exit
    after nested VM-Enter, and eventually be reflected to L1 as a VM-Exit.
    After handling the VM-Exit, L1 will see that L2 has a pending interrupt
    in PIR, send another IPI, and repeat until L2 is killed.
    
    Note, posted interrupts require virtual interrupt deliveriy, and virtual
    interrupt delivery requires exit-on-interrupt, ergo interrupts will be
    unconditionally unmasked on VM-Enter if posted interrupts are enabled.
    
    Fixes: 705699a1 ("KVM: nVMX: Enable nested posted interrupt processing")
    Cc: stable@vger.kernel.org
    Cc: Liran Alon <liran.alon@oracle.com>
    Signed-off-by: default avatarSean Christopherson <sean.j.christopherson@intel.com>
    Message-Id: <20200812175129.12172-1-sean.j.christopherson@intel.com>
    Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
    25bb2cf9
nested.c 201 KB