On 31.08.2023 12:57, Roger Pau Monné wrote: > On Thu, Aug 31, 2023 at 12:42:58PM +0200, Roger Pau Monné wrote: >> On Fri, Oct 12, 2018 at 09:58:46AM -0600, Jan Beulich wrote: >>> First of all, hvm_intsrc_mce was not considered here at all, yet nothing >>> blocks #MC (other than an already in-progress #MC, but dealing with this >>> is not the purpose of this patch). >>> >>> Additionally STI-shadow only blocks maskable interrupts, but not NMI. >> >> I've found the Table 25-3 on Intel SDM vol3 quite helpful: >> >> "Execution of STI with RFLAGS.IF = 0 blocks maskable interrupts on the >> instruction boundary following its execution.1 Setting this bit >> indicates that this blocking is in effect." >> >> And: >> >> "Execution of a MOV to SS or a POP to SS blocks or suppresses certain >> debug exceptions as well as interrupts (maskable and nonmaskable) on >> the instruction boundary following its execution." >> >> Might be worth adding to the commit message IMO. > > So I've found a further footnote that contains: > > "Nonmaskable interrupts and system-management interrupts may also be > inhibited on the instruction boundary following such an execution of > STI." > > So we want to take the more restrictive implementation of STI-shadow, > and block #NMI there also.
Hmm, that text says "may", not will, and imo STI affecting NMI can at best be viewed as a quirk (quite possibly intentional, for simplifying some internal logic on the processor). Plus I'm not convinced AMD allows similar leeway in SVM; at least I can't spot any similar statement in their PM. Jan
