Re: [PATCH v5 34/34] KVM: x86/vmx: execute "int $2" to handle NMI in NMI caused VM exits when FRED is enabled

[andrew . cooper3]

On 22/03/2023 5:49 pm, Sean Christopherson wrote:
> On Mon, Mar 06, 2023, Xin Li wrote:
>> Execute "int $2" to handle NMI in NMI caused VM exits when FRED is enabled.
>>
>> Like IRET for IDT, ERETS/ERETU are required to end the NMI handler for FRED
>> to unblock NMI ASAP (w/ bit 28 of CS set).
> That's "CS" on the stack correct?  Is bit 28 set manually by software, or is it
> set automatically by hardware?  If it's set by hardware, does "int $2" actually
> set the bit since it's not a real NMI?

int $2 had better not set it...  This is the piece of state that is
intended to cause everything which isn't a real NMI to nest properly
inside a real NMI.

It is supposed to be set on delivery of an NMI, and act as the trigger
for ERET{U,S} to drop the latch.

Software is can set it manually in a FRED-frame in order to explicitly
unblock NMIs.

~Andrew