Hi Jan, Thank you for your detailed response! That was a great explanation. After digesting that, things make a lot more sense. I’ll also try to implement your suggestions regarding the preemption timer.
I do have a follow-up question: I understand now that the preemption timer is only needed if the NMI arrives while in host mode, not guest mode. So in guest mode, after an NMI causes a VM exit, why is the NMI interrupt vector called via the INT instruction if all it does is enable the preemption timer? This seems redundant, since the preemption timer gets disabled almost immediately after being enabled. However, I can see that it might provide architectural flexibility if the NMI host and NMI guest code paths are somewhat symmetric and both call the NMI interrupt vector. Part of the reason I ask is because the 2014 LWN article seems to be misleading/out of date regarding this (and may have contributed to some of my initial confusion): “When NMI occurs in VM, it exits and Jailhouse re-throws NMI in host mode. The CPU dispatches it through the host IDT and jumps to apic_nmi_handler(). It schedules another VM exit using VMX feature known as preemption timer. vmcs_setup() sets this timer to zero, so if it is enabled, VM exit occurs immediately after VM entry. The reason behind this indirection is serialization: this way, NMIs (which are asynchronous by nature) are always delivered after guest entries.” If an NMI occurs in the VM, after a VM exit Jailhouse does re-throw the NMI in host mode (INT ... NMI_VECTOR). But it *doesn’t* end up scheduling another VM exit with the preemption timer, unlike the article says, because it doesn’t need to. Also, the article seems to imply that NMI serialization is a goal on its own, rather than simply a side effect of making the architectural state simpler when the NMI hits the host. Is it? Thanks for the clarification, Michael -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jailhouse-dev/237ede06-527a-41c9-80c0-52fef792a64d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
