[PATCH v5 0/5] Use NMI to notify vCPUs with lapic-pt


Kaige Fu
 

ACRN hypervisor needs to kick vCPU off VMX non-root mode to do some
operations in hypervisor, such as interrupt/exception injection, EPT
flush etc. For non lapic-pt vCPUs, we can use IPI to do so. But, it
doesn't work for lapic-pt vCPUs as the IPI will be injected to VMs
directly without vmexit.

Without the way to kick the vCPU off VMX non-root mode to handle pending
request on time, there may be fatal errors triggered.
1). Certain operation may not be carried out on time which may further
lead to fatal errors. Taking the EPT flush request as an example, once we
don't flush the EPT on time and the guest access the out-of-date EPT,
fatal error happens.
2). ACRN now will send an IPI with vector 0xF0 to target vCPU to kick the vCPU
off VMX non-root mode if it wants to do some operations on target vCPU.
However, this way doesn't work for lapic-pt vCPUs. The IPI will be delivered
to the guest directly without vmexit and the guest will receive a unexpected
interrupt. Consequently, if the guest can't handle this interrupt properly,
fatal error may happen.

The NMI can be used as the notification signal to kick the vCPU off VMX
non-root mode for lapic-pt vCPUs. So, this patchset uses NMI as notification signal
to address the above issues for lapic-pt vCPUs.

TODOs:
- Filter out all NMI sources:
* Write ICR with deliver mode NMI
* Program the MSI data with deliver mode NMI
* Program the LVTs with deliver mode NMI
- Implement the smp_call for lapic-pt VMs to facilitate the debug of lapic-pt VMs.

--
v4 -> v5:
- PRed first 3 of v4 patchset
[1/8] https://lists.projectacrn.org/g/acrn-dev/message/26067?p=,,,20,0,0,0::Created,,posterid%3A967719,20,2,0,68149225
[2/8] https://lists.projectacrn.org/g/acrn-dev/message/26069?p=,,,20,0,0,0::Created,,posterid%3A967719,20,2,0,68149227
[3/8] https://lists.projectacrn.org/g/acrn-dev/message/26070?p=,,,20,0,0,0::Created,,posterid%3A967719,20,2,0,68149228

v3 -> v4:
- Add a nmi handler instead of handling it in dispatch_exception.
- Refine commit message in "Use NMI to kick lapic-pt vCPU's thread" to describe the
#2 issue more clearly.
- Don't make the NMI injection request when using NMI to notify vCPU instead of ignoring
NMI injection request in acrn_handle_pending_request.

v2 -> v3:
- Address Like's comment on 4/7: use is_lapic_pt_configured instead of is_lapic_pt_enabled.
- Collect Acks from Eddie.

v1 -> v2:
- Fix wrong comment in patch 1/7.
- Move the 'virtual NMI' enabling codes to switch_apicv_mode_x2apic. So, we only
need to enable 'NMI-window exiting' in nmi handler and disable 'NMI-window
exiting' in nmi window exiting handler.
- Add comment for why acrn don't support vNMI when NMI is used as notification
signal in patch "ignore the NMI injection request for lapic-pt vCPUs".

Kaige Fu (5):
HV: Use NMI to kick lapic-pt vCPU's thread
HV: Don't make NMI injection req when notifying vCPU
HV: Use NMI-window exiting to address req missing issue
HV: Use NMI to replace INIT signal for lapic-pt VMs S5
HV: Remove INIT signal notification related code

hypervisor/arch/x86/guest/virq.c | 25 +++++++++++++++++++++-
hypervisor/arch/x86/guest/vmcs.c | 18 +++++++++++++---
hypervisor/arch/x86/guest/vmexit.c | 32 ++++++++--------------------
hypervisor/arch/x86/irq.c | 31 +++++++++++++++++++++++++--
hypervisor/arch/x86/lapic.c | 20 -----------------
hypervisor/arch/x86/notify.c | 24 +++++++++++++++++++++
hypervisor/common/schedule.c | 24 +++++++++++++++------
hypervisor/include/arch/x86/irq.h | 3 +++
hypervisor/include/arch/x86/lapic.h | 9 --------
hypervisor/include/common/schedule.h | 4 ++--
10 files changed, 123 insertions(+), 67 deletions(-)

--
2.20.0

Join acrn-dev@lists.projectacrn.org to automatically receive all group messages.