From: Jan Kiszka Date: Fri, 7 Mar 2014 19:03:14 +0000 (+0100) Subject: KVM: nVMX: Do not inject NMI vmexits when L2 has a pending interrupt X-Git-Tag: firefly_0821_release~176^2~4172^2~30 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=220c56729766444f3dd823f740a147ca6d82c4c6;p=firefly-linux-kernel-4.4.55.git KVM: nVMX: Do not inject NMI vmexits when L2 has a pending interrupt According to SDM 27.2.3, IDT vectoring information will not be valid on vmexits caused by external NMIs. So we have to avoid creating such scenarios by delaying EXIT_REASON_EXCEPTION_NMI injection as long as we have a pending interrupt because that one would be migrated to L1's IDT vectoring info on nested exit. Signed-off-by: Jan Kiszka Signed-off-by: Paolo Bonzini --- diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c index e559675e113f..2c9d21e2d033 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c @@ -8176,7 +8176,8 @@ static int vmx_check_nested_events(struct kvm_vcpu *vcpu, bool external_intr) } if (vcpu->arch.nmi_pending && nested_exit_on_nmi(vcpu)) { - if (vmx->nested.nested_run_pending) + if (vmx->nested.nested_run_pending || + vcpu->arch.interrupt.pending) return -EBUSY; nested_vmx_vmexit(vcpu, EXIT_REASON_EXCEPTION_NMI, NMI_VECTOR | INTR_TYPE_NMI_INTR |