Intel® ISA Extensions
Use hardware-based isolation and memory encryption to provide more code protection in your solutions.
Announcements
The Intel sign-in experience has changed to support enhanced security controls. If you sign in, click here for more information.
1076 Discussions

what type of NMI can trigger VMX NMI exiting

Tao_W_
Beginner
‎02-16-2017 08:39 PM
387 Views

I am trying to test the VM-Exit from NMI exiting.

the NMI exiting bit is 1 in VM-EXECUTION-control of VMCS.

In guest VM, i used 'int $2' to trigger a NMI, the guest NMI handler is called, but i did NOT get the VM-exit from this NMI.

so, is there anything i missed, or 'int $2' in guest VM could NOT trigger the NMI exiting? if so, what type of NMI can trigger NMI-Exiting?

Thanks,

0 Kudos

Link Copied

3 Replies
McCalpinJohn
Black Belt
‎02-27-2017 10:47 AM
387 Views

Section 6.3.3 of Volume 3 of the Intel Architectures Software Developer's Manual says that a software-generated INT 2 will call the NMI interrupt handler, but will NOT activate the processor's NMI interrupt handling hardware.  Section 6.7 repeats this information.   This failure to activate the hardware NMI handler probably explains the difference.

On all of my systems, the reported number of NMIs exactly matches the reported number of PMIs (Performance Monitor Interrupts), which tells me that the performance monitoring interrupts are delivered as NMIs via the APIC mechanism.   Most operating systems have facilities to set up performance monitoring interrupts, but I have never looked at any of the corresponding interrupt handling code....

0 Kudos
Copy link
Tao_W_
Beginner
‎02-28-2017 05:46 PM
387 Views

Thank Dr for the reply. It is really helpful
I checked the LAPIC settings in my VM, and found that the offset 0x340 (0xFEE00340) is set to 0x400 by default.
And the MSR 0x38d is 0xB0, MSR 0x38F is 0x70000000F, so the Fixed1 PMC is enabled and running.
The /proc/interrupts also shows PMI/NMI are the same and non-zero. It means the PMI is delivered to the Linux kernel as NMI.
But the LVT for PMI is 0x400, it means the vector is '0', so, how could this setting make PMI be delivered to Linux kernel?
I also wrote a kernel module to dump 256 entries of IRQ handler of Linux, the handler at index 0 is for divided by zero error.
(In my VM, there is only vCPU). Did i miss another important thing?

Thanks,

-Tao

0 Kudos
Copy link
Tao_W_
Beginner
‎03-01-2017 12:36 AM
387 Views

Per my own testing, I think for the NMI interrupt delivered by LAPIC, it does NOT need to set vector field in LVT of LAPIC.

So, I think by now, I have understand the NMI delivery in the VM.

Thanks,

-Tao

0 Kudos
Copy link
Reply

For more complete information about compiler optimizations, see our Optimization Notice.