[WIP,14/14] x86/nestedsvm: Note some places for improvement

Message ID	20240626133853.4150731-15-george.dunlap@cloud.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <xen-devel-bounces@lists.xenproject.org> Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org> From: George Dunlap <george.dunlap@cloud.com> To: xen-devel@lists.xenproject.org Cc: George Dunlap <george.dunlap@cloud.com> Subject: [PATCH WIP 14/14] x86/nestedsvm: Note some places for improvement Date: Wed, 26 Jun 2024 14:38:53 +0100 Message-Id: <20240626133853.4150731-15-george.dunlap@cloud.com> In-Reply-To: <20240626133853.4150731-1-george.dunlap@cloud.com> References: <20240626133853.4150731-1-george.dunlap@cloud.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	AMD Nested Virt Preparation \| expand [WIP,00/14] AMD Nested Virt Preparation [WIP,01/14] x86/cpuid-policy: Add AMD SVM CPUID leaf to featureset [WIP,02/14] x86/cpu-policy: HACK Disable PCID when nested virt is enabled [WIP,03/14] xenalyze: Basic nested virt processing [WIP,04/14] xenalyze: Track generic event information when not in summary mode [WIP,05/14] xenalyze: Ignore vmexits where an HVM_HANDLER traces would be redundant [WIP,06/14] xen/svm: Remove redundant HVM_HANDLER trace for EXCEPTION_AC [WIP,07/14] xen/hvm: Don't skip MSR_READ trace record [WIP,08/14] svm: Do NPF trace before calling hvm_hap_nested_page_fault [WIP,09/14] x86/emulate: Don't trace cr reads during emulation [WIP,10/14] xenalyze: Quiet warnings about VMEXIT_IOIO [WIP,11/14] x86/trace: Add trace to xsetbv svm/vmx handler path [WIP,12/14] xenalyze: Basic processing for XSETBV exits and handlers [WIP,13/14] x86/svm: Add a trace for VMEXIT_VMRUN [WIP,14/14] x86/nestedsvm: Note some places for improvement

Message ID

20240626133853.4150731-15-george.dunlap@cloud.com (mailing list archive)

State

New, archived

Headers

Errors-To: xen-devel-bounces@lists.xenproject.org
Precedence: list
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
From: George Dunlap <george.dunlap@cloud.com>
To: xen-devel@lists.xenproject.org
Cc: George Dunlap <george.dunlap@cloud.com>
Subject: [PATCH WIP 14/14] x86/nestedsvm: Note some places for improvement
Date: Wed, 26 Jun 2024 14:38:53 +0100
Message-Id: <20240626133853.4150731-15-george.dunlap@cloud.com>
In-Reply-To: <20240626133853.4150731-1-george.dunlap@cloud.com>
References: <20240626133853.4150731-1-george.dunlap@cloud.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

AMD Nested Virt Preparation | expand

Commit Message

George Dunlap June 26, 2024, 1:38 p.m. UTC

Signed-off-by: George Dunlap <george.dunlap@cloud.com>
---
 xen/arch/x86/hvm/svm/nestedsvm.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/xen/arch/x86/hvm/svm/nestedsvm.c b/xen/arch/x86/hvm/svm/nestedsvm.c
index 35a2cbfd7d..dca06f2a6c 100644
--- a/xen/arch/x86/hvm/svm/nestedsvm.c
+++ b/xen/arch/x86/hvm/svm/nestedsvm.c
@@ -1349,8 +1349,21 @@  nestedsvm_check_intercepts(struct vcpu *v, struct cpu_user_regs *regs,
         return NESTEDHVM_VMEXIT_INJECT;
     case VMEXIT_VMMCALL:
         /* Always let the guest handle VMMCALL/VMCALL */
+        /*
+         * FIXME: This is wrong; if the L1 hasn't set the VMMCALL
+         * intercept and the L2 executes a VMMACALL, it should result
+         * in a #UD, not a VMMCALL exception.
+         */
         return NESTEDHVM_VMEXIT_INJECT;
     default:
+        /*
+         * FIXME: It's not true that any VMEXIT not intercepted by L1
+         * can safely be handled "safely" by L0; VMCALL above is one
+         * such example, but there may be more.  We either need to
+         * combine this switch statement into the one in
+         * nsvm_vmcb_guest_intercepts_exitcode(), or explicitly list
+         * known-safe exits here.
+         */
         break;
     }

[WIP,14/14] x86/nestedsvm: Note some places for improvement

Commit Message

Patch