kernel: Support restricted injection #338
Conversation
|
Hey @msft-jlange, can you please rebase these changes to the latest main branch? I merged it locally and it booted fine, so I will merge it after the update. There is one follow-on request: Can you please submit an additional PR (or include it when updating this one) adding a comment with pseudo-code describing the flow of the HV handling assembly? That will make it easier to understand the code when someone needs to touch it in the future. |
Removing the exception vector from the exception context makes it possible to capture an exception register context separately from the vector that is invoking the handler - or even invoking a handler with a NULL register context. Both of these are required to support restricted injection, where receipt of #HV establishes a register context without identifying the vector being invoked, and where interrupt delivery may occur outside of an exception handler. Signed-off-by: Jon Lange <jlange@microsoft.com>
…tive The use of restricted injection requires a #HV doorbell page to be registered with the hypervisor, so if restricted injection is detected, a page must be allocated and registered. Signed-off-by: Jon Lange <jlange@microsoft.com>
When restricted injection is enabled, interrupts will be presented via the #HV doorbell page. This change implements the #HV handler such that interrupts received via #HV can be dispatched when interrupts are not masked at the time of #HV delivery. Signed-off-by: Jon Lange <jlange@microsoft.com>
It is possible for a #HV event to arrive while the kernel is in the process of preparing to transition to a lower VMPL. Since this transition flow executes with interrupts disabled, the #HV event would not be dispatched immediately. However, such an #HV event may prompt a change to the state that needs to be presented to the lower VMPL, so when an #HV event does arrive in this window, it should inhibit the VMPL transition so the SVSM can process the #HV event properly and can reevaluate the transition to the lower VMPL. Signed-off-by: Jon Lange <jlange@microsoft.com>
It is possible for an #HV event to be delivered during the IRET flow, as registers are being restored in preparation for a return to the point of the exception or interrupt. This code executes with interrupts disabled, so any #HV event that arrives during this window will be deferred. If the point to which the IRET flow will return has interrupts enabled, this will cause the pending #HV event to deferred for an unbounded amount of time, which could cause issues with timely processing. This change detects cases where an #HV arrives during the path of returning via IRET to a context that has interrupts enabled, and if such a case is detected, it continues to process the #HV event. To prevent unbounded stack consumption, the #HV handler will "take over" the stack frame of the original event, such that the return from the #HV handler will be the one that returns directly to the original point. Signed-off-by: Jon Lange <jlange@microsoft.com>
Execution in user mode should not block the prompt handling of interrupts that may be presented while user mode is executing. Signed-off-by: Jon Lange <jlange@microsoft.com>
msft-jlange
force-pushed
the
irq_restr_inj
branch
from
27b40d5 to
6075f23
Compare
Done. Hopefully the merge didn't break anything.
I've expanded the comments as part of this PR. Hopefully they add the clarity you are looking for. It's not pseudocode, but it is a much more detailed explanation of what the code is trying to do. |
|
Thanks @msft-jlange. With the comments it becomes a lot easier to maintain. Testing on my side was also successful. |
Hi @joergroedel , Could you share the details that how did you do the testing for it? |
I did not test the functionality itself, as support in KVM is still missing. I tested it in my environment without restricted injection support and made sure there are no regressions. |
This PR adds the required logic to support restricted injection of interrupts via the #HV protocol. No interrupt handlers are defined in this PR.