• Wanpeng Li's avatar
    KVM: nVMX: Fix nested #PF intends to break L1's vmlauch/vmresume · 305d0ab4
    Wanpeng Li authored
    ------------[ cut here ]------------
     WARNING: CPU: 4 PID: 5280 at /home/kernel/linux/arch/x86/kvm//vmx.c:11394 nested_vmx_vmexit+0xc2b/0xd70 [kvm_intel]
     CPU: 4 PID: 5280 Comm: qemu-system-x86 Tainted: G        W  OE   4.13.0+ #17
     RIP: 0010:nested_vmx_vmexit+0xc2b/0xd70 [kvm_intel]
     Call Trace:
      ? emulator_read_emulated+0x15/0x20 [kvm]
      ? segmented_read+0xae/0xf0 [kvm]
      vmx_inject_page_fault_nested+0x60/0x70 [kvm_intel]
      ? vmx_inject_page_fault_nested+0x60/0x70 [kvm_intel]
      x86_emulate_instruction+0x733/0x810 [kvm]
      vmx_handle_exit+0x2f4/0xda0 [kvm_intel]
      ? kvm_arch_vcpu_ioctl_run+0xd2f/0x1c60 [kvm]
      kvm_arch_vcpu_ioctl_run+0xdab/0x1c60 [kvm]
      ? kvm_arch_vcpu_load+0x62/0x230 [kvm]
      kvm_vcpu_ioctl+0x340/0x700 [kvm]
      ? kvm_vcpu_ioctl+0x340/0x700 [kvm]
      ? __fget+0xfc/0x210
      do_vfs_ioctl+0xa4/0x6a0
      ? __fget+0x11d/0x210
      SyS_ioctl+0x79/0x90
      entry_SYSCALL_64_fastpath+0x23/0xc2
    
    A nested #PF is triggered during L0 emulating instruction for L2. However, it
    doesn't consider we should not break L1's vmlauch/vmresme. This patch fixes
    it by queuing the #PF exception instead ,requesting an immediate VM exit from
    L2 and keeping the exception for L1 pending for a subsequent nested VM exit.
    
    This should actually work all the time, making vmx_inject_page_fault_nested
    totally unnecessary.  However, that's not working yet, so this patch can work
    around the issue in the meanwhile.
    
    Cc: Paolo Bonzini <pbonzini@redhat.com>
    Cc: Radim Krčmář <rkrcmar@redhat.com>
    Signed-off-by: default avatarWanpeng Li <wanpeng.li@hotmail.com>
    Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
    305d0ab4
vmx.c 343 KB