On 16/02/2026 4:10 pm, Abdelkareem Abdelsaamad wrote: > On 16/02/2026 10:15 am, Andrew Cooper wrote: >> So what happens to the NMI we're trying to inject when NMIs are >> currently blocked? > Ah, I see this... > The handling flow will eventually land on the function svm_enable_intr_window > with HVM_INTR_SHADOW_NMI.
What happens is that you drop the NMI on the floor and discard it. Note how svm_inject_nmi() has no return value, and therefore must not fail. It is buggy to check the blocked bit when injecting using this mechanism. The blocked bit roughly equates to "NMI in progress" in the guest, and it is explicitly possible to queue another NMI while the first is in progress. Both pending and masked being set roughly means "One NMI in progress, and one queued", which is a perfectly fine state to be in. ~Andrew
