Changeset 76800 in vbox for trunk/src/VBox/VMM/VMMAll

Timestamp:

Jan 14, 2019 6:33:43 AM (6 years ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

128138

Message:

VMM/IEM: Nested VMX: bugref:9180 Fix intercepting recursive events while injecting an event through VM-entry.

File:

• trunk/src/VBox/VMM/VMMAll/IEMAllCImplVmxInstr.cpp.h (modified) (6 diffs)

trunk/src/VBox/VMM/VMMAll/IEMAllCImplVmxInstr.cpp.h

@@ -2462 +2462 @@
         return iemVmxAbort(pVCpu, VMXABORT_LOAD_HOST_MSR);
     }
-
-    return rcStrict;
+    return VINF_SUCCESS;
 }
 
@@ -2837 +2836 @@
 
     pVmcs->u32RoExitReason = uExitReason;
-
-    /** @todo NSTVMX: IEMGetCurrentXcpt will be VM-exit interruption info. */
-    /** @todo NSTVMX: The source event should be recorded in IDT-vectoring info
-     *        during injection. */
+    Log3(("vmexit: uExitReason=%#RX32 uExitQual=%#RX64\n", uExitReason, pVmcs->u64RoExitQual));
 
     /*
@@ -2874 +2870 @@
     }
 
+    /* Restore the host (outer guest) state. */
     VBOXSTRICTRC rcStrict = iemVmxVmexitLoadHostState(pVCpu, uExitReason);
-    if (RT_FAILURE(rcStrict))
-        LogFunc(("Loading host-state failed. uExitReason=%u rc=%Rrc\n", uExitReason, VBOXSTRICTRC_VAL(rcStrict)));
+    if (RT_SUCCESS(rcStrict))
+    {
+        Assert(rcStrict == VINF_SUCCESS);
+        rcStrict = VINF_VMX_VMEXIT;
+    }
+    else
+        Log3(("vmexit: Loading host-state failed. uExitReason=%u rc=%Rrc\n", uExitReason, VBOXSTRICTRC_VAL(rcStrict)));
 
     /* We're no longer in nested-guest execution mode. */
     pVCpu->cpum.GstCtx.hwvirt.vmx.fInVmxNonRootMode = false;
 
-    Assert(rcStrict == VINF_SUCCESS);
+    /* Revert any IEM-only nested-guest execution policy if any. */
     IEM_VMX_R3_EXECPOLICY_IEM_ALL_DISABLE(pVCpu, "VM-exit");
-    return VINF_VMX_VMEXIT;
+    return rcStrict;
 # endif
 }
@@ -4026 +4028 @@
         {
             if (uVector == X86_XCPT_PF)
+            {
+                Assert(fFlags & IEM_XCPT_FLAGS_CR2);
                 uExitQual = uCr2;
+            }
             else if (uVector == X86_XCPT_DB)
             {
@@ -7087 +7092 @@
     /*
      * Inject events.
+     * The event that is going to be made pending for injection is not subject to VMX intercepts,
+     * thus we flag ignoring of intercepts. However, recursive exceptions if any during delivery
+     * of the current event -are- subject to intercepts, hence this flag will be flipped during
+     * the actually delivery of this event.
+     *
      * See Intel spec. 26.5 "Event Injection".
      */
     PCVMXVVMCS pVmcs = pVCpu->cpum.GstCtx.hwvirt.vmx.CTX_SUFF(pVmcs);
-    uint32_t const uEntryIntInfo = pVCpu->cpum.GstCtx.hwvirt.vmx.CTX_SUFF(pVmcs)->u32EntryIntInfo;
-    if (VMX_ENTRY_INT_INFO_IS_VALID(uEntryIntInfo))
-    {
-        /*
-         * The event that is going to be made pending for injection is not subject to VMX intercepts,
-         * thus we flag ignoring of intercepts. However, recursive exceptions if any during delivery
-         * of the current event -are- subject to intercepts, hence this flag will be flipped during
-         * the actually delivery of this event.
-         */
-        pVCpu->cpum.GstCtx.hwvirt.vmx.fInterceptEvents = false;
-
+    uint32_t const uEntryIntInfo      = pVCpu->cpum.GstCtx.hwvirt.vmx.CTX_SUFF(pVmcs)->u32EntryIntInfo;
+    bool const     fEntryIntInfoValid = VMX_ENTRY_INT_INFO_IS_VALID(uEntryIntInfo);
+
+    pVCpu->cpum.GstCtx.hwvirt.vmx.fInterceptEvents = !fEntryIntInfoValid;
+    if (fEntryIntInfoValid)
+    {
         uint8_t const uType = VMX_ENTRY_INT_INFO_TYPE(uEntryIntInfo);
         if (uType == VMX_ENTRY_INT_INFO_TYPE_OTHER_EVENT)
@@ -7121 +7126 @@
     if (fPendingDbgXcpt)
     {
-        pVCpu->cpum.GstCtx.hwvirt.vmx.fInterceptEvents = true;
         uint32_t const uDbgXcptInfo = RT_BF_MAKE(VMX_BF_ENTRY_INT_INFO_VECTOR, X86_XCPT_DB)
                                     | RT_BF_MAKE(VMX_BF_ENTRY_INT_INFO_TYPE, VMX_ENTRY_INT_INFO_TYPE_HW_XCPT)