KVM: nVMX: Add a helper to identify low-priority #DB traps

Add a helper to identify "low"-priority #DB traps, i.e. trap-like #DBs
that aren't TSS T flag #DBs, and tweak the related code to operate on any
queued exception.  A future commit will separate exceptions that are
intercepted by L1, i.e. cause nested VM-Exit, from those that do NOT
trigger nested VM-Exit.  I.e. there will be multiple exception structs
and multiple invocations of the helpers.

No functional change intended.

Signed-off-by: Sean Christopherson <seanjc@google.com>
Reviewed-by: Maxim Levitsky <mlevitsk@redhat.com>
Link: https://lore.kernel.org/r/20220830231614.3580124-20-seanjc@google.com
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c
index 68533ae52d905ba60fc9bc166707543578a9cb3f..e773f3d8e1880614d4d7688ad7982012fedfd2aa 100644 (file)
--- a/arch/x86/kvm/vmx/nested.c
+++ b/arch/x86/kvm/vmx/nested.c
@@ -3912,14 +3912,24 @@ static void nested_vmx_inject_exception_vmexit(struct kvm_vcpu *vcpu,
  * from the emulator (because such #DBs are fault-like and thus don't trigger
  * actions that fire on instruction retire).
  */
-static inline unsigned long vmx_get_pending_dbg_trap(struct kvm_vcpu *vcpu)
+static unsigned long vmx_get_pending_dbg_trap(struct kvm_queued_exception *ex)
 {
-       if (!vcpu->arch.exception.pending ||
-           vcpu->arch.exception.vector != DB_VECTOR)
+       if (!ex->pending || ex->vector != DB_VECTOR)
                return 0;
 
        /* General Detect #DBs are always fault-like. */
-       return vcpu->arch.exception.payload & ~DR6_BD;
+       return ex->payload & ~DR6_BD;
+}
+
+/*
+ * Returns true if there's a pending #DB exception that is lower priority than
+ * a pending Monitor Trap Flag VM-Exit.  TSS T-flag #DBs are not emulated by
+ * KVM, but could theoretically be injected by userspace.  Note, this code is
+ * imperfect, see above.
+ */
+static bool vmx_is_low_priority_db_trap(struct kvm_queued_exception *ex)
+{
+       return vmx_get_pending_dbg_trap(ex) & ~DR6_BT;
 }
 
 /*
@@ -3931,8 +3941,9 @@ static inline unsigned long vmx_get_pending_dbg_trap(struct kvm_vcpu *vcpu)
  */
 static void nested_vmx_update_pending_dbg(struct kvm_vcpu *vcpu)
 {
-       unsigned long pending_dbg = vmx_get_pending_dbg_trap(vcpu);
+       unsigned long pending_dbg;
 
+       pending_dbg = vmx_get_pending_dbg_trap(&vcpu->arch.exception);
        if (pending_dbg)
                vmcs_writel(GUEST_PENDING_DBG_EXCEPTIONS, pending_dbg);
 }
@@ -4002,7 +4013,7 @@ static int vmx_check_nested_events(struct kvm_vcpu *vcpu)
         * prioritize SMI over MTF and trap-like #DBs.
         */
        if (vcpu->arch.exception.pending &&
-           !(vmx_get_pending_dbg_trap(vcpu) & ~DR6_BT)) {
+           !vmx_is_low_priority_db_trap(&vcpu->arch.exception)) {
                if (block_nested_exceptions)
                        return -EBUSY;
                if (!nested_vmx_check_exception(vcpu, &exit_qual))