From: Mike Larkin Subject: Re: SEV-ES guest: In vctrap() KASSERT on interrupt enable flag being clear To: tech@openbsd.org Date: Wed, 2 Jul 2025 11:43:08 -0700 On Tue, Jul 01, 2025 at 10:32:37AM +0200, Hans-Jörg Höxer wrote: > Hi, > > as discussed earlier: > > o KASSERT on PSL_I. Interrupts must be off when entering vctrap(). > o explain the general workings of #VC trap handling. > > Take care, > HJ. > ok mlarkin > --------- > commit d10b95bc7f4150140c4de2dcd2f0edd657fda033 > Author: Hans-Joerg Hoexer > Date: Mon Jun 30 13:14:35 2025 +0200 > > SEV-ES guest: In vctrap() KASSERT on interrupt enable flag being clear > > While there, add a comment about the general workings of #VC handling. > Prompted and provided by mlarkin@. > > diff --git a/sys/arch/amd64/amd64/trap.c b/sys/arch/amd64/amd64/trap.c > index 61a3e92f297..f68cb2c90d5 100644 > --- a/sys/arch/amd64/amd64/trap.c > +++ b/sys/arch/amd64/amd64/trap.c > @@ -310,7 +310,7 @@ vctrap(struct trapframe *frame) > struct ghcb_sync syncout, syncin; > struct ghcb_sa *ghcb; > > - intr_disable(); > + KASSERT((read_rflags() & PSL_I) == 0); > > memset(&syncout, 0, sizeof(syncout)); > memset(&syncin, 0, sizeof(syncin)); > @@ -319,6 +319,16 @@ vctrap(struct trapframe *frame) > sw_exitinfo1 = 0; > sw_exitinfo2 = 0; > > + /* > + * The #VC trap occurs when the guest (us) performs an > + * operation which requires sharing data with the host. In > + * order to ascertain which instruction caused the #VC, > + * examine the instruction by reading %rip, Then, sync the > + * appropriate values out (to the host), perform VMGEXIT > + * to request that the host handle the operation which > + * caused the #VC, then sync the returned values back in > + * (from the host). > + */ > switch (sw_exitcode) { > case SVM_VMEXIT_CPUID: > ghcb_sync_val(GHCB_RAX, GHCB_SZ32, &syncout);