MFC r273666.

Don't pass the 'error' return from an I/O port handler directly to vm_run().

sys/amd64/vmm/vmm_ioport.c

@@ -106,15 +106,14 @@ emulate_inout_port(struct vm *vm, int vcpuid, struct vm_exit *vmexit,
 	uint32_t mask, val;
 	int error;
 
-	error = 0;
-	*retu = true;
-
-	if (vmexit->u.inout.port >= MAX_IOPORTS)
-		goto done;
-
-	handler = ioport_handler[vmexit->u.inout.port];
-	if (handler == NULL)
-		goto done;
+	/*
+	 * If there is no handler for the I/O port then punt to userspace.
+	 */
+	if (vmexit->u.inout.port >= MAX_IOPORTS ||
+	    (handler = ioport_handler[vmexit->u.inout.port]) == NULL) {
+		*retu = true;
+		return (0);
+	}
 
 	mask = vie_size2mask(vmexit->u.inout.bytes);
 
@@ -124,20 +123,27 @@ emulate_inout_port(struct vm *vm, int vcpuid, struct vm_exit *vmexit,
 
 	error = (*handler)(vm, vcpuid, vmexit->u.inout.in,
 	    vmexit->u.inout.port, vmexit->u.inout.bytes, &val);
-
-	if (!error) {
-		*retu = false;
-		if (vmexit->u.inout.in) {
-			vmexit->u.inout.eax &= ~mask;
-			vmexit->u.inout.eax |= val & mask;
-			error = vm_set_register(vm, vcpuid,
-			    VM_REG_GUEST_RAX, vmexit->u.inout.eax);
-			KASSERT(error == 0, ("emulate_ioport: error %d "
-			    "setting guest rax register", error));
-		}
+	if (error) {
+		/*
+		 * The value returned by this function is also the return value
+		 * of vm_run(). This needs to be a positive number otherwise it
+		 * can be interpreted as a "pseudo-error" like ERESTART.
+		 *
+		 * Enforce this by mapping all errors to EIO.
+		 */
+		return (EIO);
 	}
-done:
-	return (error);
+
+	if (vmexit->u.inout.in) {
+		vmexit->u.inout.eax &= ~mask;
+		vmexit->u.inout.eax |= val & mask;
+		error = vm_set_register(vm, vcpuid, VM_REG_GUEST_RAX,
+		    vmexit->u.inout.eax);
+		KASSERT(error == 0, ("emulate_ioport: error %d setting guest "
+		    "rax register", error));
+	}
+	*retu = false;
+	return (0);
 }
 
 static int