Changeset 79528 in vbox

Timestamp:

Jul 4, 2019 2:07:03 PM (6 years ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

131812

Message:

VMM/IEM: Nested VMX: bugref:9180 Clear the VM-entry interruption info. valid bit when also injecting an MTF event.
Clear the VM-entry interruption info. valid bit on VM-exit unconditionally as well, not just when injecting an event
to cover for error VM-exits like invalid-guest state. Added comment about a couple of features that implicitly require
unrestricted guest execution to be present.

Location:

trunk/src/VBox/VMM

Files:

• VMMAll/IEMAllCImplVmxInstr.cpp.h (modified) (5 diffs)
• VMMR3/CPUM.cpp (modified) (2 diffs)

trunk/src/VBox/VMM/VMMAll/IEMAllCImplVmxInstr.cpp.h

@@ -2462 +2462 @@
     IEM_CTX_IMPORT_RET(pVCpu, CPUMCTX_EXTRN_ALL);
 
-    /* Ensure VM-entry interruption information valid bit isn't set. */
-    Assert(!VMX_ENTRY_INT_INFO_IS_VALID(pVmcs->u32EntryIntInfo));
+    /*
+     * Ensure VM-entry interruption information valid bit is cleared.
+     *
+     * We do it here on every VM-exit so that even premature VM-exits (e.g. those caused
+     * by invalid-guest state or machine-check exceptions) also clear this bit.
+     *
+     * See Intel spec. 27.2 "Recording VM-exit Information And Updating VM-entry control fields".
+     */
+    if (VMX_ENTRY_INT_INFO_IS_VALID(pVmcs->u32EntryIntInfo))
+        pVmcs->u32EntryIntInfo &= ~VMX_ENTRY_INT_INFO_VALID;
 
     /*
@@ -2471 +2479 @@
     pVmcs->u32RoExitReason = uExitReason;
     pVmcs->u64RoExitQual.u = u64ExitQual;
+
     Log3(("vmexit: uExitReason=%#RX32 u64ExitQual=%#RX64 cs:rip=%04x:%#RX64\n", uExitReason, pVmcs->u64RoExitQual.u,
           pVCpu->cpum.GstCtx.cs.Sel, pVCpu->cpum.GstCtx.rip));
@@ -7065 +7074 @@
 
     int rc = TRPMAssertTrap(pVCpu, uVector, enmTrapType);
-    AssertRCReturn(rc, rc);
-
-    if (fErrCodeValid)
-        TRPMSetErrorCode(pVCpu, uErrCode);
-
-    if (   enmTrapType == TRPM_TRAP
-        && uVector     == X86_XCPT_PF)
-        TRPMSetFaultAddress(pVCpu, GCPtrFaultAddress);
-    else if (enmTrapType == TRPM_SOFTWARE_INT)
-        TRPMSetInstrLength(pVCpu, cbInstr);
-
-    return VINF_SUCCESS;
+    if (RT_SUCCESS(rc))
+    {
+        if (fErrCodeValid)
+            TRPMSetErrorCode(pVCpu, uErrCode);
+
+        if (   enmTrapType == TRPM_TRAP
+            && uVector     == X86_XCPT_PF)
+            TRPMSetFaultAddress(pVCpu, GCPtrFaultAddress);
+        else if (enmTrapType == TRPM_SOFTWARE_INT)
+            TRPMSetInstrLength(pVCpu, cbInstr);
+    }
+
+    return rc;
 }
 
@@ -7105 +7115 @@
     if (fEntryIntInfoValid)
     {
+        int rc;
         uint8_t const uType = VMX_ENTRY_INT_INFO_TYPE(uEntryIntInfo);
         if (uType == VMX_ENTRY_INT_INFO_TYPE_OTHER_EVENT)
@@ -7110 +7121 @@
             Assert(VMX_ENTRY_INT_INFO_VECTOR(uEntryIntInfo) == VMX_ENTRY_INT_INFO_VECTOR_MTF);
             VMCPU_FF_SET(pVCpu, VMCPU_FF_VMX_MTF);
-            return VINF_SUCCESS;
-        }
-
-        int rc = iemVmxVmentryInjectTrpmEvent(pVCpu, uEntryIntInfo, pVmcs->u32EntryXcptErrCode, pVmcs->u32EntryInstrLen,
+            rc = VINF_SUCCESS;
+        }
+        else
+        {
+            rc = iemVmxVmentryInjectTrpmEvent(pVCpu, uEntryIntInfo, pVmcs->u32EntryXcptErrCode, pVmcs->u32EntryInstrLen,
                                               pVCpu->cpum.GstCtx.cr2);
-        if (RT_SUCCESS(rc))
-        {
-            /*
-             * We need to clear the VM-entry interruption information field's valid bit on VM-exit.
-             *
-             * However, we do it here on VM-entry because while it continues to not be visible to
-             * guest software until VM-exit, when HM looks at the VMCS to continue nested-guest
-             * execution using hardware-assisted VT-x, it can simply copy the VM-entry interruption
-             * information field.
-             *
-             * See Intel spec. 24.8.3 "VM-Entry Controls for Event Injection".
-             */
-            pVmcs->u32EntryIntInfo &= ~VMX_ENTRY_INT_INFO_VALID;
-        }
+        }
+
+        /*
+         * We need to clear the VM-entry interruption information field's valid bit on VM-exit.
+         *
+         * However, we do it here on VM-entry as well because while it isn't visible to guest
+         * software until VM-exit, when and if HM looks at the VMCS to continue nested-guest
+         * execution using hardware-assisted VT-x, it will not be try to inject the event again.
+         *
+         * See Intel spec. 24.8.3 "VM-Entry Controls for Event Injection".
+         */
+        pVmcs->u32EntryIntInfo &= ~VMX_ENTRY_INT_INFO_VALID;
         return rc;
     }

trunk/src/VBox/VMM/VMMR3/CPUM.cpp

@@ -1860 +1860 @@
     EmuFeat.fVmxSecondaryExecCtls     = 1;
     EmuFeat.fVmxVirtApicAccess        = 0;
-    EmuFeat.fVmxEpt                   = 0;
+    EmuFeat.fVmxEpt                   = 0;  /* Cannot be disabled if unrestricted guest is enabled. */
     EmuFeat.fVmxDescTableExit         = 1;
     EmuFeat.fVmxRdtscp                = 1;
@@ -1891 +1891 @@
     EmuFeat.fVmxExitLoadEferMsr       = 1;
     EmuFeat.fVmxSavePreemptTimer      = 0;
-    EmuFeat.fVmxExitSaveEferLma       = 1;
+    EmuFeat.fVmxExitSaveEferLma       = 1;  /* Cannot be disabled if unrestricted guest is enabled. */
     EmuFeat.fVmxIntelPt               = 0;
     EmuFeat.fVmxVmwriteAll            = 0;  /** @todo NSTVMX: enable this when nested VMCS shadowing is enabled. */