Changeset 70379 in vbox for trunk/src

Timestamp:

Dec 29, 2017 9:53:09 AM (7 years ago)

Author:

vboxsync

Message:

VMM/HMSVMR0: Nested Hw.virt: Fix a bug that caused an event to be injected twice.

File:

• trunk/src/VBox/VMM/VMMR0/HMSVMR0.cpp (modified) (4 diffs)

trunk/src/VBox/VMM/VMMR0/HMSVMR0.cpp

@@ -3017 +3017 @@
     NOREF(pVCpu); NOREF(pCtx);
 
+    Assert(!pVmcb->ctrl.EventInject.n.u1Valid);
     pVmcb->ctrl.EventInject.u = pEvent->u;
     STAM_COUNTER_INC(&pVCpu->hm.s.paStatInjectedIrqsR0[pEvent->n.u8Vector & MASK_INJECT_IRQ_STAT]);
@@ -3493 +3494 @@
     Assert(!VMMRZCallRing3IsEnabled(pVCpu));
 
-    bool const fIntShadow = hmR0SvmIsIntrShadowActive(pVCpu, pCtx);
-
-    /*
-     * When executing the nested-guest, we avoid assertions on whether the
-     * event injection is valid purely based on EFLAGS, as V_INTR_MASKING
-     * affects the interpretation of interruptibility (see CPUMCanSvmNstGstTakePhysIntr).
-     */
-#ifndef VBOX_WITH_NESTED_HWVIRT
-    bool const fBlockInt  = !(pCtx->eflags.u32 & X86_EFL_IF);
-#endif
-
-    if (pVCpu->hm.s.Event.fPending)                                /* First, inject any pending HM events. */
+    bool const fIsNestedGuest = CPUMIsGuestInSvmNestedHwVirtMode(pCtx);
+    bool const fIntShadow     = hmR0SvmIsIntrShadowActive(pVCpu, pCtx);
+    bool const fBlockInt      = !fIsNestedGuest ? !(pCtx->eflags.u32 & X86_EFL_IF) : CPUMCanSvmNstGstTakePhysIntr(pVCpu, pCtx);
+
+    if (pVCpu->hm.s.Event.fPending)
     {
         SVMEVENT Event;
@@ -3510 +3504 @@
         Assert(Event.n.u1Valid);
 
-#ifndef VBOX_WITH_NESTED_HWVIRT
+        /*
+         * Validate event injection pre-conditions.
+         */
         if (Event.n.u3Type == SVM_EVENT_EXTERNAL_IRQ)
         {
@@ -3519 +3515 @@
             Assert(!fIntShadow);
         NOREF(fBlockInt);
-#else
-        Assert(!pVmcb->ctrl.EventInject.n.u1Valid);
-#endif
-
+
+        /*
+         * Inject it (update VMCB for injection by the hardware).
+         */
         Log4(("Injecting pending HM event\n"));
         hmR0SvmInjectEventVmcb(pVCpu, pVmcb, pCtx, &Event);
         pVCpu->hm.s.Event.fPending = false;
 
-#ifdef VBOX_WITH_STATISTICS
         if (Event.n.u3Type == SVM_EVENT_EXTERNAL_IRQ)
             STAM_COUNTER_INC(&pVCpu->hm.s.StatInjectInterrupt);
         else
             STAM_COUNTER_INC(&pVCpu->hm.s.StatInjectXcpt);
+    }
+    else
+    {
+#ifdef VBOX_WITH_NESTED_HWVIRT
+        /*
+         * If IEM emulated VMRUN and injected an event it would not clear the EVENTINJ::Valid bit
+         * as a physical CPU clears it as part of the #VMEXIT. However, now we are continuing
+         * nested-guest execution using hardware-assisted SVM, so we need to clear this field
+         * otherwise we will inject the event twice, see @bugref{7243#78}.
+         */
+        if (CPUMIsGuestInSvmNestedHwVirtMode(pCtx))
+            pVmcb->ctrl.EventInject.n.u1Valid = 0;
 #endif
+        Assert(pVmcb->ctrl.EventInject.n.u1Valid == 0);
     }