• Sean Christopherson's avatar
    KVM: nVMX: Properly handle userspace interrupt window request · a1c77abb
    Sean Christopherson authored
    Return true for vmx_interrupt_allowed() if the vCPU is in L2 and L1 has
    external interrupt exiting enabled.  IRQs are never blocked in hardware
    if the CPU is in the guest (L2 from L1's perspective) when IRQs trigger
    VM-Exit.
    
    The new check percolates up to kvm_vcpu_ready_for_interrupt_injection()
    and thus vcpu_run(), and so KVM will exit to userspace if userspace has
    requested an interrupt window (to inject an IRQ into L1).
    
    Remove the @external_intr param from vmx_check_nested_events(), which is
    actually an indicator that userspace wants an interrupt window, e.g.
    it's named @req_int_win further up the stack.  Injecting a VM-Exit into
    L1 to try and bounce out to L0 userspace is all kinds of broken and is
    no longer necessary.
    
    Remove the hack in nested_vmx_vmexit() that attempted to workaround the
    breakage in vmx_check_nested_events() by only filling interrupt info if
    there's an actual interrupt pending.  The hack actually made things
    worse because it caused KVM to _never_ fill interrupt info when the
    LAPIC resides in userspace (kvm_cpu_has_interrupt() queries
    interrupt.injected, which is always cleared by prepare_vmcs12() before
    reaching the hack in nested_vmx_vmexit()).
    
    Fixes: 6550c4df ("KVM: nVMX: Fix interrupt window request with "Acknowledge interrupt on exit"")
    Cc: stable@vger.kernel.org
    Cc: Liran Alon <liran.alon@oracle.com>
    Signed-off-by: default avatarSean Christopherson <sean.j.christopherson@intel.com>
    Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
    a1c77abb
x86.c 273 KB