nestedsvm: fix interrupt handling

Give the l2 guest a chance to finish the delivery of the last injected
interrupt or exception before we emulate a VMEXIT.
For example after a NPF handled by the host there can be an interrupt
for the l1 guest.

Signed-off-by: Christoph Egger <Christoph.Egger@amd.com>
Committed-by: Keir Fraser <keir@xen.org>

diff --git a/xen/arch/x86/hvm/svm/nestedsvm.c b/xen/arch/x86/hvm/svm/nestedsvm.c
index 0b6ff8867231a39679744a3d09855ed20e1632e3..119589696c16ae5c9180653120ec600c863ceeec 100644 (file)
--- a/xen/arch/x86/hvm/svm/nestedsvm.c
+++ b/xen/arch/x86/hvm/svm/nestedsvm.c
@@ -1164,6 +1164,8 @@ enum hvm_intblk nsvm_intr_blocked(struct vcpu *v)
         return hvm_intblk_svm_gif;
 
     if ( nestedhvm_vcpu_in_guestmode(v) ) {
+        struct vmcb_struct *n2vmcb = nv->nv_n2vmcx;
+
         if ( svm->ns_hostflags.fields.vintrmask )
             if ( !svm->ns_hostflags.fields.rflagsif )
                 return hvm_intblk_rflags_ie;
@@ -1176,6 +1178,14 @@ enum hvm_intblk nsvm_intr_blocked(struct vcpu *v)
          */
         if ( v->arch.hvm_vcpu.hvm_io.io_state != HVMIO_none )
             return hvm_intblk_shadow;
+
+        if ( !nv->nv_vmexit_pending && n2vmcb->exitintinfo.bytes != 0 ) {
+            /* Give the l2 guest a chance to finish the delivery of
+             * the last injected interrupt or exception before we
+             * emulate a VMEXIT (e.g. VMEXIT(INTR) ).
+             */
+            return hvm_intblk_shadow;
+        }
     }
 
     if ( nv->nv_vmexit_pending ) {