Commit 65ec8f01 authored by Sean Christopherson's avatar Sean Christopherson Committed by Paolo Bonzini
Browse files

KVM: VMX: Update MTF and ICEBP comments to document KVM's subtle behavior 



Document the oddities of ICEBP interception (trap-like #DB is intercepted
as a fault-like exception), and how using VMX's inner "skip" helper
deliberately bypasses the pending MTF and single-step #DB logic.

No functional change intended.

Signed-off-by: default avatarSean Christopherson <seanjc@google.com>
Reviewed-by: default avatarMaxim Levitsky <mlevitsk@redhat.com>
Link: https://lore.kernel.org/r/20220830231614.3580124-24-seanjc@google.com


Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
parent 7055fb11

arch/x86/kvm/vmx/vmx.c

+11 −5
Original line number Diff line number Diff line
@@ -1652,9 +1652,13 @@ static void vmx_update_emulated_instruction(struct kvm_vcpu *vcpu) 


	/*

	 * Per the SDM, MTF takes priority over debug-trap exceptions besides

	 * T-bit traps. As instruction emulation is completed (i.e. at the

	 * instruction boundary), any #DB exception pending delivery must be a

	 * debug-trap. Record the pending MTF state to be delivered in

	 * TSS T-bit traps and ICEBP (INT1).  KVM doesn't emulate T-bit traps

	 * or ICEBP (in the emulator proper), and skipping of ICEBP after an

	 * intercepted #DB deliberately avoids single-step #DB and MTF updates

	 * as ICEBP is higher priority than both.  As instruction emulation is

	 * completed at this point (i.e. KVM is at the instruction boundary),

	 * any #DB exception pending delivery must be a debug-trap of lower

	 * priority than MTF.  Record the pending MTF state to be delivered in

	 * vmx_check_nested_events().

	 */

	if (nested_cpu_has_mtf(vmcs12) &&
@@ -5139,8 +5143,10 @@ static int handle_exception_nmi(struct kvm_vcpu *vcpu) 
			 * instruction.  ICEBP generates a trap-like #DB, but

			 * despite its interception control being tied to #DB,

			 * is an instruction intercept, i.e. the VM-Exit occurs

			 * on the ICEBP itself.  Note, skipping ICEBP also

			 * clears STI and MOVSS blocking.

			 * on the ICEBP itself.  Use the inner "skip" helper to

			 * avoid single-step #DB and MTF updates, as ICEBP is

			 * higher priority.  Note, skipping ICEBP still clears

			 * STI and MOVSS blocking.

			 *

			 * For all other #DBs, set vmcs.PENDING_DBG_EXCEPTIONS.BS

			 * if single-step is enabled in RFLAGS and STI or MOVSS