KVM: x86: accept userspace interrupt only if no event is injected

Once an exception has been injected, any side effects related to
the exception (such as setting CR2 or DR6) have been taked place.
Therefore, once KVM sets the VM-entry interruption information
field or the AMD EVENTINJ field, the next VM-entry must deliver that
exception.

Pending interrupts are processed after injected exceptions, so
in theory it would not be a problem to use KVM_INTERRUPT when
an injected exception is present.  However, DOSBox is using
run->ready_for_interrupt_injection to detect interrupt windows
and then using KVM_SET_SREGS/KVM_SET_REGS to inject the
interrupt manually.  For this to work, the interrupt window
must be delayed after the completion of the previous event
injection.

Cc: stable@vger.kernel.org
Reported-by: Stas Sergeev <stsp2@yandex.ru>
Tested-by: Stas Sergeev <stsp2@yandex.ru>
Fixes: 71cc849b7093 ("KVM: x86: Fix split-irqchip vs interrupt injection window request")
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
 arch/x86/kvm/x86.c | 3 +++
 1 file changed, 3 insertions(+)

15.07.2021 00:38, Paolo Bonzini пишет:
> Once an exception has been injected, any side effects related to

> the exception (such as setting CR2 or DR6) have been taked


"taken"? Probably a typo.


>   place.

> Therefore, once KVM sets the VM-entry interruption information

> field or the AMD EVENTINJ field, the next VM-entry must deliver that

> exception.

>

> Pending interrupts are processed after injected exceptions, so

> in theory it would not be a problem to use KVM_INTERRUPT when

> an injected exception is present.  However, DOSBox


dosemu2 to be precise.


>   is using

> run->ready_for_interrupt_injection to detect interrupt windows

> and then using KVM_SET_SREGS/KVM_SET_REGS to inject the

> interrupt manually.  For this to work, the interrupt window

> must be delayed after the completion of the previous event

> injection.

>

> Cc: stable@vger.kernel.org

> Reported-by: Stas Sergeev <stsp2@yandex.ru>

> Tested-by: Stas Sergeev <stsp2@yandex.ru>

> Fixes: 71cc849b7093 ("KVM: x86: Fix split-irqchip vs interrupt injection window request")

> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

> ---

>   arch/x86/kvm/x86.c | 3 +++

>   1 file changed, 3 insertions(+)

>

> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c

> index fe3aaf195292..7fbab29b3569 100644

> --- a/arch/x86/kvm/x86.c

> +++ b/arch/x86/kvm/x86.c

> @@ -4342,6 +4342,9 @@ static int kvm_vcpu_ioctl_set_lapic(struct kvm_vcpu *vcpu,

>   

>   static int kvm_cpu_accept_dm_intr(struct kvm_vcpu *vcpu)

>   {

> +	if (kvm_event_needs_reinjection(vcpu))

> +		return false;

> +


kvm_event_needs_reinjection() seems
to miss exception.pending check.
Don't we need it too?

Also perhaps a comment would be good
to have to avoid it from disappearing again,
as obviously kvm devs tend to overlook
the possibility of injecting interrupts by hands.

On 16/07/21 09:27, stsp wrote:
>> +    if (kvm_event_needs_reinjection(vcpu))

>> +        return false;

>> +

> 

> kvm_event_needs_reinjection() seems

> to miss exception.pending check.

> Don't we need it too?


Yes, good point.

Paolo