Commit 1e17a6f
KVM: x86: Don't snapshot pending INIT/SIPI prior to checking nested events
Don't snapshot pending INIT/SIPI events prior to checking nested events,
architecturally there's nothing wrong with KVM processing (dropping) a
SIPI that is received immediately after synthesizing a VM-Exit. Taking
and consuming the snapshot makes the flow way more subtle than it needs
to be, e.g. nVMX consumes/clears events that trigger VM-Exit (INIT/SIPI),
and so at first glance it appears that KVM is double-dipping on pending
INITs and SIPIs. But that's not the case because INIT is blocked
unconditionally in VMX root mode the CPU cannot be in wait-for_SIPI after
VM-Exit, i.e. the paths that truly consume the snapshot are unreachable
if apic->pending_events is modified by kvm_check_nested_events().
nSVM is a similar story as GIF is cleared by the CPU on VM-Exit; INIT is
blocked regardless of whether or not it was pending prior to VM-Exit.
Drop the snapshot logic so that a future fix doesn't create weirdness
when kvm_vcpu_running()'s call to kvm_check_nested_events() is moved to
vcpu_block(). In that case, kvm_check_nested_events() will be called
immediately before kvm_apic_accept_events(), which raises the obvious
question of why that change doesn't break the snapshot logic.
Note, there is a subtle functional change. Previously, KVM would clear
pending SIPIs if and only SIPI was pending prior to VM-Exit, whereas now
KVM clears pending SIPI unconditionally if INIT+SIPI are blocked. The
latter is architecturally allowed, as SIPI is ignored if the CPU is not
in wait-for-SIPI mode (arguably, KVM should be even more aggressive in
dropping SIPIs). It is software's responsibility to ensure the SIPI is
delivered, i.e. software shouldn't be firing INIT-SIPI at a CPU until
it knows with 100% certaining that the target CPU isn't in VMX root mode.
Furthermore, the existing code is extra weird as SIPIs that arrive after
VM-Exit _are_ dropped if there also happened to be a pending SIPI before
VM-Exit.
Signed-off-by: Sean Christopherson <seanjc@google.com>
Message-Id: <20220921003201.1441511-10-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>1 parent ea2f00c commit 1e17a6f
1 file changed
Lines changed: 10 additions & 26 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
3025 | 3025 | | |
3026 | 3026 | | |
3027 | 3027 | | |
3028 | | - | |
3029 | 3028 | | |
3030 | | - | |
3031 | | - | |
3032 | | - | |
3033 | | - | |
3034 | | - | |
3035 | | - | |
3036 | | - | |
3037 | | - | |
3038 | | - | |
| 3029 | + | |
3039 | 3030 | | |
3040 | 3031 | | |
3041 | 3032 | | |
3042 | 3033 | | |
3043 | 3034 | | |
3044 | 3035 | | |
3045 | 3036 | | |
3046 | | - | |
3047 | | - | |
3048 | | - | |
3049 | | - | |
| 3037 | + | |
| 3038 | + | |
| 3039 | + | |
3050 | 3040 | | |
3051 | 3041 | | |
3052 | 3042 | | |
3053 | 3043 | | |
3054 | | - | |
3055 | | - | |
3056 | | - | |
3057 | | - | |
3058 | | - | |
3059 | | - | |
| 3044 | + | |
| 3045 | + | |
| 3046 | + | |
3060 | 3047 | | |
3061 | 3048 | | |
3062 | 3049 | | |
3063 | | - | |
3064 | | - | |
| 3050 | + | |
3065 | 3051 | | |
3066 | 3052 | | |
3067 | 3053 | | |
3068 | | - | |
3069 | | - | |
| 3054 | + | |
3070 | 3055 | | |
3071 | 3056 | | |
3072 | 3057 | | |
3073 | 3058 | | |
3074 | 3059 | | |
3075 | 3060 | | |
3076 | | - | |
3077 | | - | |
| 3061 | + | |
3078 | 3062 | | |
3079 | 3063 | | |
3080 | 3064 | | |
| |||
0 commit comments