On 2015-11-10 07:22, Paolo Bonzini wrote:
Yes, these can happen.  The issue is that benign exceptions are
delivered serially, but two of them (#DB and #AC) can also happen
during exception delivery itself.  The subsequent infinite stream
of exceptions causes the processor to never exit guest mode.


Eric Northup (1):
   KVM: x86: work around infinite loop in microcode when #AC is delivered

Paolo Bonzini (2):
   KVM: svm: unconditionally intercept #DB
   KVM: x86: rename update_db_bp_intercept to update_bp_intercept

  arch/x86/include/asm/kvm_host.h |  2 +-
  arch/x86/include/uapi/asm/svm.h |  1 +
  arch/x86/kvm/svm.c              | 22 +++++++++++-----------
  arch/x86/kvm/vmx.c              |  7 +++++--
  arch/x86/kvm/x86.c              |  2 +-
  5 files changed, 19 insertions(+), 15 deletions(-)

I just finished running a couple of tests in a KVM instance running nested on a Xen HVM instance, and found no issues, so for the set as a whole:

Tested-by: Austin S. Hemmelgarn <ahferro...@gmail.com>

Now to hope the equivalent fix for Xen gets into the Gentoo repositories soon, as the issue propagates down through nested virtualization and ties up the CPU regardless (and in turn triggers the watchdog).

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to