|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [PATCH] nestedsvm: Clear GIF when injecting VMEXIT
Le 23/04/2026 à 18:13, Ross Lagerwall a écrit :
> If L1 executes VMRUN with the GIF set and it fails consistency checks,
> Xen will inject a VMEXIT and fail the assert checking the GIF is cleared.
>
> Instead, clear the GIF when injecting a VMEXIT to match what hardware
> does.
>
> Fixes: 9a779e4fc161 ("Implement SVM specific part for Nested Virtualization")
> Signed-off-by: Ross Lagerwall <ross.lagerwall@xxxxxxxxxx>
> ---
> xen/arch/x86/hvm/svm/nestedsvm.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/xen/arch/x86/hvm/svm/nestedsvm.c
> b/xen/arch/x86/hvm/svm/nestedsvm.c
> index ef6fa5d23b67..f89b087a1155 100644
> --- a/xen/arch/x86/hvm/svm/nestedsvm.c
> +++ b/xen/arch/x86/hvm/svm/nestedsvm.c
> @@ -733,9 +733,9 @@ nsvm_vcpu_vmexit_inject(struct vcpu *v, struct
> cpu_user_regs *regs,
> struct vmcb_struct *vmcb = v->arch.hvm.svm.vmcb;
>
> if ( vmcb->_vintr.fields.vgif_enable )
> - ASSERT(vmcb->_vintr.fields.vgif == 0);
> + vmcb->_vintr.fields.vgif = 0;
> else
> - ASSERT(svm->ns_gif == 0);
> + nestedsvm_vcpu_clgi(v);
>
> ns_vmcb = nv->nv_vvmcx;
>
Looks good to me, though I think we are here looking to make a "guest
CLGI" (clear GIF), so the vGIF specific logic should be collapsed into
nestedsvm_vcpu_clgi() instead of having it as the non-vgif-support case.
(as IIUC, vGIF is a hardware accelration for nested GIF handling ?)
(also making me notice that svm_vmexit_do_{stgi,clgi}() seems to lack
vGIF specific logic)
Teddy
--
Teddy Astie | Vates XCP-ng Developer
XCP-ng & Xen Orchestra - Vates solutions
web: https://vates.tech
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |