KVM: SVM: add wrappers to enable/disable IRET interception (772f254d) · Commits · EulixOS / Software / Kernel

arch/x86/kvm/svm/svm.c

+19 −9

Original line number	Diff line number	Diff line
		@@ -2490,16 +2490,29 @@ static int task_switch_interception(struct kvm_vcpu *vcpu)
		has_error_code, error_code);
		}

		static void svm_clr_iret_intercept(struct vcpu_svm *svm)
		{
		if (!sev_es_guest(svm->vcpu.kvm))
		svm_clr_intercept(svm, INTERCEPT_IRET);
		}

		static void svm_set_iret_intercept(struct vcpu_svm *svm)
		{
		if (!sev_es_guest(svm->vcpu.kvm))
		svm_set_intercept(svm, INTERCEPT_IRET);
		}

		static int iret_interception(struct kvm_vcpu *vcpu)
		{
		struct vcpu_svm *svm = to_svm(vcpu);

		++vcpu->stat.nmi_window_exits;
		svm->awaiting_iret_completion = true;
		if (!sev_es_guest(vcpu->kvm)) {
		svm_clr_intercept(svm, INTERCEPT_IRET);

		svm_clr_iret_intercept(svm);
		if (!sev_es_guest(vcpu->kvm))
		svm->nmi_iret_rip = kvm_rip_read(vcpu);
		}

		kvm_make_request(KVM_REQ_EVENT, vcpu);
		return 1;
		}
		@@ -3508,8 +3521,7 @@ static void svm_inject_nmi(struct kvm_vcpu *vcpu)
		return;

		svm->nmi_masked = true;
		if (!sev_es_guest(vcpu->kvm))
		svm_set_intercept(svm, INTERCEPT_IRET);
		svm_set_iret_intercept(svm);
		++vcpu->stat.nmi_injections;
		}

		@@ -3649,12 +3661,10 @@ static void svm_set_nmi_mask(struct kvm_vcpu *vcpu, bool masked)

		if (masked) {
		svm->nmi_masked = true;
		if (!sev_es_guest(vcpu->kvm))
		svm_set_intercept(svm, INTERCEPT_IRET);
		svm_set_iret_intercept(svm);
		} else {
		svm->nmi_masked = false;
		if (!sev_es_guest(vcpu->kvm))
		svm_clr_intercept(svm, INTERCEPT_IRET);
		svm_clr_iret_intercept(svm);
		}
		}