Qemu-Kvm : NMI delivered to the guest L1 instead of VMExit
Posted: Fri Apr 26, 2019 9:25 am
I use Qemu-kvm to run a hypervisor which runs a Linux guest OS.
So a guest OS (Linux in L2) is running on my hypervisor (in L1), which is running on a Linux host (L0) via Qemu-Kvm.
According to Intel SDM
24.6.1 Pin-Based VM-Execution Controls
if an NMI occured during L1's execution, it should be delivered to L1's IDT, but if an NMI occured while L2 is executing, KVM should simulate a VMExit from L2 to L1.
But I noticed that when an NMI occured while the nested guest (L2) is running, KVM delivers it directly to the hypervisor's (L1) IDT instead of triggering a VMExit from the Linux guest; Regardless of the running guest level (L2 or L1)
Has anyone noticed the same?
Is this a desired behavior or a bug?
NB : host CPU : Intel Coreā¢ i5-4300U
So a guest OS (Linux in L2) is running on my hypervisor (in L1), which is running on a Linux host (L0) via Qemu-Kvm.
According to Intel SDM
24.6.1 Pin-Based VM-Execution Controls
So let's say the NMI exiting bit is set.If the NMI exiting bit (3 of Pin-Based VM-Execution Controls) is 1, non-maskable interrupts (NMIs) cause VM exits. Otherwise, they are
delivered normally using descriptor 2 of the IDT.
if an NMI occured during L1's execution, it should be delivered to L1's IDT, but if an NMI occured while L2 is executing, KVM should simulate a VMExit from L2 to L1.
But I noticed that when an NMI occured while the nested guest (L2) is running, KVM delivers it directly to the hypervisor's (L1) IDT instead of triggering a VMExit from the Linux guest; Regardless of the running guest level (L2 or L1)
Has anyone noticed the same?
Is this a desired behavior or a bug?
NB : host CPU : Intel Coreā¢ i5-4300U