• Liran Alon's avatar
    KVM: x86: Fix INIT signal handling in various CPU states · 4b9852f4
    Liran Alon authored
    Commit cd7764fe ("KVM: x86: latch INITs while in system management mode")
    changed code to latch INIT while vCPU is in SMM and process latched INIT
    when leaving SMM. It left a subtle remark in commit message that similar
    treatment should also be done while vCPU is in VMX non-root-mode.
    
    However, INIT signals should actually be latched in various vCPU states:
    (*) For both Intel and AMD, INIT signals should be latched while vCPU
    is in SMM.
    (*) For Intel, INIT should also be latched while vCPU is in VMX
    operation and later processed when vCPU leaves VMX operation by
    executing VMXOFF.
    (*) For AMD, INIT should also be latched while vCPU runs with GIF=0
    or in guest-mode with intercept defined on INIT signal.
    
    To fix this:
    1) Add kvm_x86_ops->apic_init_signal_blocked() such that each CPU vendor
    can define the various CPU states in which INIT signals should be
    blocked and modify kvm_apic_accept_events() to use it.
    2) Modify vmx_check_nested_events() to check for pending INIT signal
    while vCPU in guest-mode. If so, emualte vmexit on
    EXIT_REASON_INIT_SIGNAL. Note that nSVM should have similar behaviour
    but is currently left as a TODO comment to implement in the future
    because nSVM don't yet implement svm_check_nested_events().
    
    Note: Currently KVM nVMX implementation don't support VMX wait-for-SIPI
    activity state as specified in MSR_IA32_VMX_MISC bits 6:8 exposed to
    guest (See nested_vmx_setup_ctls_msrs()).
    If and when support for this activity state will be implemented,
    kvm_check_nested_events() would need to avoid emulating vmexit on
    INIT signal in case activity-state is wait-for-SIPI. In addition,
    kvm_apic_accept_events() would need to be modified to avoid discarding
    SIPI in case VMX activity-state is wait-for-SIPI but instead delay
    SIPI processing to vmx_check_nested_events() that would clear
    pending APIC events and emulate vmexit on SIPI.
    Reviewed-by: default avatarJoao Martins <joao.m.martins@oracle.com>
    Co-developed-by: default avatarNikita Leshenko <nikita.leshchenko@oracle.com>
    Signed-off-by: default avatarNikita Leshenko <nikita.leshchenko@oracle.com>
    Signed-off-by: default avatarLiran Alon <liran.alon@oracle.com>
    Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
    4b9852f4
nested.c 184 KB