From f96e1469ad06b61796c60193daaeb9f8a96d7458 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Roger=20Pau=20Monn=C3=A9?= Date: Wed, 5 Feb 2020 13:49:09 +0100 Subject: [PATCH] x86/vvmx: fix virtual interrupt injection when Ack on exit control is used MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit When doing a virtual vmexit (ie: a vmexit handled by the L1 VMM) interrupts shouldn't be injected using the virtual interrupt delivery mechanism unless the Ack on exit vmexit control bit isn't set in the nested vmcs. Gate the call to nvmx_update_apicv helper on whether the nested vmcs has the Ack on exit bit set in the vmexit control field. Note that this fixes the usage of x2APIC by the L1 VMM, at least when the L1 VMM is Xen. Signed-off-by: Roger Pau Monné Reviewed-by: Kevin Tian --- xen/arch/x86/hvm/vmx/vvmx.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b/xen/arch/x86/hvm/vmx/vvmx.c index d8ab167d62..3d97a293b2 100644 --- a/xen/arch/x86/hvm/vmx/vvmx.c +++ b/xen/arch/x86/hvm/vmx/vvmx.c @@ -1393,7 +1393,12 @@ static void virtual_vmexit(struct cpu_user_regs *regs) /* updating host cr0 to sync TS bit */ __vmwrite(HOST_CR0, v->arch.hvm.vmx.host_cr0); - if ( cpu_has_vmx_virtual_intr_delivery ) + if ( cpu_has_vmx_virtual_intr_delivery && + /* + * Only inject the vector if the Ack on exit bit is not set, else the + * interrupt will be signaled in the vmcs VM_EXIT_INTR_INFO field. + */ + !(get_vvmcs(v, VM_EXIT_CONTROLS) & VM_EXIT_ACK_INTR_ON_EXIT) ) nvmx_update_apicv(v); nvcpu->nv_vmswitch_in_progress = 0; -- 2.30.2