diff options
| author | Paolo Bonzini <pbonzini@redhat.com> | 2020-11-05 11:20:49 -0500 |
|---|---|---|
| committer | Paolo Bonzini <pbonzini@redhat.com> | 2020-11-15 09:49:08 -0500 |
| commit | 1c96dcceaeb3a99aaf0d548eef2223e0b02a7e40 (patch) | |
| tree | ab8b7e8b8783bbdea64cc86b53ae50b893baa066 /arch/x86/kvm/vmx/vmx.c | |
| parent | 7a873e4555679a0e749422db071c142b57f80be9 (diff) | |
| download | lwn-1c96dcceaeb3a99aaf0d548eef2223e0b02a7e40.tar.gz lwn-1c96dcceaeb3a99aaf0d548eef2223e0b02a7e40.zip | |
KVM: x86: fix apic_accept_events vs check_nested_events
vmx_apic_init_signal_blocked is buggy in that it returns true
even in VMX non-root mode. In non-root mode, however, INITs
are not latched, they just cause a vmexit. Previously,
KVM was waiting for them to be processed when kvm_apic_accept_events
and in the meanwhile it ate the SIPIs that the processor received.
However, in order to implement the wait-for-SIPI activity state,
KVM will have to process KVM_APIC_SIPI in vmx_check_nested_events,
and it will not be possible anymore to disregard SIPIs in non-root
mode as the code is currently doing.
By calling kvm_x86_ops.nested_ops->check_events, we can force a vmexit
(with the side-effect of latching INITs) before incorrectly injecting
an INIT or SIPI in a guest, and therefore vmx_apic_init_signal_blocked
can do the right thing.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'arch/x86/kvm/vmx/vmx.c')
| -rw-r--r-- | arch/x86/kvm/vmx/vmx.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 39ff7600b0af..fd70bdf63844 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -7558,7 +7558,7 @@ static void enable_smi_window(struct kvm_vcpu *vcpu) static bool vmx_apic_init_signal_blocked(struct kvm_vcpu *vcpu) { - return to_vmx(vcpu)->nested.vmxon; + return to_vmx(vcpu)->nested.vmxon && !is_guest_mode(vcpu); } static void vmx_migrate_timers(struct kvm_vcpu *vcpu) |