Re: [PATCH] KVM: nVMX: Fix exception injection

From: Jim Mattson
Date: Sat Jul 22 2017 - 21:12:09 EST


I think the ancillary data for #DB and #PF should be added to
kvm_queued_exception and plumbed through to where it's needed. Vector
number and error code are not sufficient to describe a #DB or #PF.

On Sat, Jul 22, 2017 at 5:29 PM, Wanpeng Li <kernellwp@xxxxxxxxx> wrote:
> 2017-07-22 22:25 GMT+08:00 Jim Mattson <jmattson@xxxxxxxxxx>:
>> On Fri, Jul 21, 2017 at 1:39 AM, Wanpeng Li <kernellwp@xxxxxxxxx> wrote:
>>> Hi Jim,
>>> 2017-07-21 3:16 GMT+08:00 Jim Mattson <jmattson@xxxxxxxxxx>:
>>>> On Wed, Jul 19, 2017 at 7:31 PM, Wanpeng Li <kernellwp@xxxxxxxxx> wrote:
>>>>> Hi Jim,
>>>>> 2017-07-19 2:47 GMT+08:00 Jim Mattson <jmattson@xxxxxxxxxx>:
>>>>>> Why do we expect the VM_EXIT_INTR_INFO and EXIT_QUALIFICATION fields
>>>>>> of the VMCS to have the correct values for the injected exception?
>>>>>
>>>>> Good point, I think we should synthesize VM_EXIT_INTR_INFO and
>>>>> EXIT_QUALIFICATION manually, I will post a patch for it. Btw, how
>>>>> about setting EXIT_QULIFICATION to vcpu->arch.cr2 for the page fault
>>>>> exception and 0 for other exceptions?
>>>>
>>>> From the SDM, section 27.1:
>>>>
>>>> If an event causes a VM exit directly, it does not update
>>>
>>> I mentioned this in the patch description:
>>>
>>>> However, there is no guarantee the exit reason is exception currently, when there is an external interrupt occurred on host, maybe a time interrupt for host which should not be injected to guest, and somewhere queues an exception, then the function nested_vmx_check_exception() will be called and the vmexit emulation codes will try to emulate the "Acknowledge interrupt on exit" behavior, the warning is triggered.
>>>
>>> If you think the scenario is correct, then it should be an event
>>> causes a VM exit indirectly. So if both the scenario which I mentioned
>>> and "This function
>>> assumes it is called with the exit reason in vmcs02 being a #PF
>>> exception" can happen, then maybe we should figure out how to fix both
>>> scenarios suitable.
>>
>> In the situation you describe, the #PF causes a synthesized VM-exit
>> from L2 to L1 directly, not indirectly. From the SDM:
>>
>> An exception causes a VM exit directly if the bit corresponding to
>> that exception is set in the exception bitmap.
>>
>> Hence, CR2 should not be set yet.
>
> Any idea how to synthesize exit qualification for page fault and debug
> exception?
>
> Regards,
> Wanpeng Li
>
>>
>>>
>>>> architectural state as it would have if it had it not caused the VM
>>>> exit:
>>>> - A debug exception does not update DR6, DR7.GD, or
>>>> IA32_DEBUGCTL.LBR. (Information about the nature of the debug
>>>> exception is saved in the exit qualification field.)
>>>> - A page fault does not update CR2. (The linear address causing
>>>> the page fault is saved in the exit-qualification field.)
>>>>
>>>> This means that vcpu->arch.cr2 should not be set at this point for a
>>>> #PF injection (and vcpu->arch.dr6 should not be set at this point for
>>>> a #DB injection). For all other exceptions, yes, the exit
>>>> qualification should be cleared.
>>>>