Commit 772f254d authored by Maxim Levitsky's avatar Maxim Levitsky Committed by Sean Christopherson

KVM: SVM: add wrappers to enable/disable IRET interception

SEV-ES guests don't use IRET interception for the detection of
an end of a NMI.

Therefore it makes sense to create a wrapper to avoid repeating
the check for the SEV-ES.

No functional change is intended.
Suggested-by: default avatarSean Christopherson <seanjc@google.com>
Signed-off-by: default avatarMaxim Levitsky <mlevitsk@redhat.com>
[Renamed iret intercept API of style svm_{clr,set}_iret_intercept()]
Signed-off-by: default avatarSantosh Shukla <Santosh.Shukla@amd.com>
Link: https://lore.kernel.org/r/20230227084016.3368-5-santosh.shukla@amd.comSigned-off-by: default avatarSean Christopherson <seanjc@google.com>
parent 5d1ec456
...@@ -2490,16 +2490,29 @@ static int task_switch_interception(struct kvm_vcpu *vcpu) ...@@ -2490,16 +2490,29 @@ static int task_switch_interception(struct kvm_vcpu *vcpu)
has_error_code, error_code); has_error_code, error_code);
} }
static void svm_clr_iret_intercept(struct vcpu_svm *svm)
{
if (!sev_es_guest(svm->vcpu.kvm))
svm_clr_intercept(svm, INTERCEPT_IRET);
}
static void svm_set_iret_intercept(struct vcpu_svm *svm)
{
if (!sev_es_guest(svm->vcpu.kvm))
svm_set_intercept(svm, INTERCEPT_IRET);
}
static int iret_interception(struct kvm_vcpu *vcpu) static int iret_interception(struct kvm_vcpu *vcpu)
{ {
struct vcpu_svm *svm = to_svm(vcpu); struct vcpu_svm *svm = to_svm(vcpu);
++vcpu->stat.nmi_window_exits; ++vcpu->stat.nmi_window_exits;
svm->awaiting_iret_completion = true; svm->awaiting_iret_completion = true;
if (!sev_es_guest(vcpu->kvm)) {
svm_clr_intercept(svm, INTERCEPT_IRET); svm_clr_iret_intercept(svm);
if (!sev_es_guest(vcpu->kvm))
svm->nmi_iret_rip = kvm_rip_read(vcpu); svm->nmi_iret_rip = kvm_rip_read(vcpu);
}
kvm_make_request(KVM_REQ_EVENT, vcpu); kvm_make_request(KVM_REQ_EVENT, vcpu);
return 1; return 1;
} }
...@@ -3508,8 +3521,7 @@ static void svm_inject_nmi(struct kvm_vcpu *vcpu) ...@@ -3508,8 +3521,7 @@ static void svm_inject_nmi(struct kvm_vcpu *vcpu)
return; return;
svm->nmi_masked = true; svm->nmi_masked = true;
if (!sev_es_guest(vcpu->kvm)) svm_set_iret_intercept(svm);
svm_set_intercept(svm, INTERCEPT_IRET);
++vcpu->stat.nmi_injections; ++vcpu->stat.nmi_injections;
} }
...@@ -3649,12 +3661,10 @@ static void svm_set_nmi_mask(struct kvm_vcpu *vcpu, bool masked) ...@@ -3649,12 +3661,10 @@ static void svm_set_nmi_mask(struct kvm_vcpu *vcpu, bool masked)
if (masked) { if (masked) {
svm->nmi_masked = true; svm->nmi_masked = true;
if (!sev_es_guest(vcpu->kvm)) svm_set_iret_intercept(svm);
svm_set_intercept(svm, INTERCEPT_IRET);
} else { } else {
svm->nmi_masked = false; svm->nmi_masked = false;
if (!sev_es_guest(vcpu->kvm)) svm_clr_iret_intercept(svm);
svm_clr_intercept(svm, INTERCEPT_IRET);
} }
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment