releases/3.18.137/kvm-nsvm-clear-events-pending-from-svm_complete_inte.patch

   1 From d3ddfbe09bd96a949db509972e83ab4c33599bb1 Mon Sep 17 00:00:00 2001
   2 From: Vitaly Kuznetsov <vkuznets@redhat.com>
   3 Date: Mon, 7 Jan 2019 19:44:51 +0100
   4 Subject: KVM: nSVM: clear events pending from svm_complete_interrupts() when
   5  exiting to L1
   6
   7 [ Upstream commit 619ad846fc3452adaf71ca246c5aa711e2055398 ]
   8
   9 kvm-unit-tests' eventinj "NMI failing on IDT" test results in NMI being
  10 delivered to the host (L1) when it's running nested. The problem seems to
  11 be: svm_complete_interrupts() raises 'nmi_injected' flag but later we
  12 decide to reflect EXIT_NPF to L1. The flag remains pending and we do NMI
  13 injection upon entry so it got delivered to L1 instead of L2.
  14
  15 It seems that VMX code solves the same issue in prepare_vmcs12(), this was
  16 introduced with code refactoring in commit 5f3d5799974b ("KVM: nVMX: Rework
  17 event injection and recovery").
  18
  19 Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
  20 Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
  21 Signed-off-by: Sasha Levin <sashal@kernel.org>
  22 ---
  23  arch/x86/kvm/svm.c | 8 ++++++++
  24  1 file changed, 8 insertions(+)
  25
  26 diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
  27 index 2e0c64a08549c..a29d59e205d39 100644
  28 --- a/arch/x86/kvm/svm.c
  29 +++ b/arch/x86/kvm/svm.c
  30 @@ -2431,6 +2431,14 @@ static int nested_svm_vmexit(struct vcpu_svm *svm)
  31         kvm_mmu_reset_context(&svm->vcpu);
  32         kvm_mmu_load(&svm->vcpu);
  33
  34 +       /*
  35 +        * Drop what we picked up for L2 via svm_complete_interrupts() so it
  36 +        * doesn't end up in L1.
  37 +        */
  38 +       svm->vcpu.arch.nmi_injected = false;
  39 +       kvm_clear_exception_queue(&svm->vcpu);
  40 +       kvm_clear_interrupt_queue(&svm->vcpu);
  41 +
  42         return 0;
  43  }
  44
  45 --
  46 2.19.1
  47