From nobody Mon Apr 6 18:48:56 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2AD81C54EE9 for ; Sat, 3 Sep 2022 00:23:09 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230163AbiICAXH (ORCPT ); Fri, 2 Sep 2022 20:23:07 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53522 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231210AbiICAXC (ORCPT ); Fri, 2 Sep 2022 20:23:02 -0400 Received: from mail-pl1-x649.google.com (mail-pl1-x649.google.com [IPv6:2607:f8b0:4864:20::649]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 54EF5F63D7 for ; Fri, 2 Sep 2022 17:23:01 -0700 (PDT) Received: by mail-pl1-x649.google.com with SMTP id l16-20020a170902f69000b00175138bcd25so2117527plg.2 for ; Fri, 02 Sep 2022 17:23:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date; bh=H/HByp3PJRruswmtBIPALL6gkH9l79nKV7vcOC9XVxY=; b=XOeXnIfKKWrhWxYJPMhiMqXpVXJ3ObDoI8TdggVIQBpsN4K7qSeFXajmY9O2iBTx1w L8lWlNa1T4AhcE1QV5rKSkfbco2RA0SYCndpTR1CCAteGce251GlAlOPWA2fPHK5ogyR okE4b7f9Eo6DSsCJn5+UyZj3wed8oBAZDnoKGRPKNb/bETmW0pGFie/2OwPvhtME++nG qO61P75YrK5vzJBnTWfQoEcpCJoh2NksjeHN7m9yY3gzIuAbB05/9jv8+Uz79cOZucZj qzW8frIU5J/ReHS6by3eUjEGUQNxkSco1HrwZH33OE8hAtce9untgMSPH6eUq4TXhYTR BxGA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date; bh=H/HByp3PJRruswmtBIPALL6gkH9l79nKV7vcOC9XVxY=; b=xqQjkaqOpPUxg2qfHcgBBzAqXEXXek+lbr3vf0PSJ6x79KcRzf7DLKuNaKKknRSHpL LLTbxGwm6ykB53pHBeDwOrHLfpd+0LBlNWm25fi/5BFq+p4l6cWL5MO9QyStL88+p+2B /hyiGVuoOi74rOWZ2FNFgIQo+tAYH1cnsEhxZnvG4NPsL8HSowOrZy5tefredNyV22w0 rH2FC4g22Lod/weXLX73B9rTAgc1AAuXeGYn/xdcPuL4a6LV6YWLjOGM0DttX+cEZISW yPVVT0M1y0Zc08swtsQ+us9U05X8yeRJfeTrGUJsykGE8DtD+IKGlMyyuL5IsaWkeICJ XSaw== X-Gm-Message-State: ACgBeo2JEIQex64h9RC6haDZgvcQC9XPESjJ810Nkv5JDAAWhd4pKfCw IOQuKQThSGFU8lz403ioGLF5epmCy7g= X-Google-Smtp-Source: AA6agR6tsfbR4JIT0tPkHJv92x9iGIm8/9fcY4kKjNcPaJLqPI9czTbJYO3Y65Jvu7K4ZPdA3Iv08+oKkp8= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:903:2003:b0:175:24eb:62b0 with SMTP id s3-20020a170903200300b0017524eb62b0mr19360164pla.60.1662164580907; Fri, 02 Sep 2022 17:23:00 -0700 (PDT) Reply-To: Sean Christopherson Date: Sat, 3 Sep 2022 00:22:32 +0000 In-Reply-To: <20220903002254.2411750-1-seanjc@google.com> Mime-Version: 1.0 References: <20220903002254.2411750-1-seanjc@google.com> X-Mailer: git-send-email 2.37.2.789.g6183377224-goog Message-ID: <20220903002254.2411750-2-seanjc@google.com> Subject: [PATCH v2 01/23] KVM: x86: Purge "highest ISR" cache when updating APICv state From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Suravee Suthikulpanit , Maxim Levitsky , Li RongQing Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Purge the "highest ISR" cache when updating APICv state on a vCPU. The cache must not be used when APICv is active as hardware may emulate EOIs (and other operations) without exiting to KVM. This fixes a bug where KVM will effectively block IRQs in perpetuity due to the "highest ISR" never getting reset if APICv is activated on a vCPU while an IRQ is in-service. Hardware emulates the EOI and KVM never gets a chance to update its cache. Fixes: b26a695a1d78 ("kvm: lapic: Introduce APICv update helper function") Cc: stable@vger.kernel.org Cc: Suravee Suthikulpanit Cc: Maxim Levitsky Signed-off-by: Sean Christopherson Reviewed-by: Paolo Bonzini --- arch/x86/kvm/lapic.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c index 9dda989a1cf0..38e9b8e5278c 100644 --- a/arch/x86/kvm/lapic.c +++ b/arch/x86/kvm/lapic.c @@ -2429,6 +2429,7 @@ void kvm_apic_update_apicv(struct kvm_vcpu *vcpu) */ apic->isr_count =3D count_vectors(apic->regs + APIC_ISR); } + apic->highest_isr_cache =3D -1; } EXPORT_SYMBOL_GPL(kvm_apic_update_apicv); =20 @@ -2485,7 +2486,6 @@ void kvm_lapic_reset(struct kvm_vcpu *vcpu, bool init= _event) kvm_lapic_set_reg(apic, APIC_TMR + 0x10 * i, 0); } kvm_apic_update_apicv(vcpu); - apic->highest_isr_cache =3D -1; update_divide_count(apic); atomic_set(&apic->lapic_timer.pending, 0); =20 @@ -2772,7 +2772,6 @@ int kvm_apic_set_state(struct kvm_vcpu *vcpu, struct = kvm_lapic_state *s) __start_apic_timer(apic, APIC_TMCCT); kvm_lapic_set_reg(apic, APIC_TMCCT, 0); kvm_apic_update_apicv(vcpu); - apic->highest_isr_cache =3D -1; if (apic->apicv_active) { static_call_cond(kvm_x86_apicv_post_state_restore)(vcpu); static_call_cond(kvm_x86_hwapic_irr_update)(vcpu, apic_find_highest_irr(= apic)); --=20 2.37.2.789.g6183377224-goog From nobody Mon Apr 6 18:48:56 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5629BC38145 for ; Sat, 3 Sep 2022 00:23:14 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231303AbiICAXL (ORCPT ); Fri, 2 Sep 2022 20:23:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53532 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231229AbiICAXD (ORCPT ); Fri, 2 Sep 2022 20:23:03 -0400 Received: from mail-pl1-x649.google.com (mail-pl1-x649.google.com [IPv6:2607:f8b0:4864:20::649]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1F69DF63D1 for ; Fri, 2 Sep 2022 17:23:03 -0700 (PDT) Received: by mail-pl1-x649.google.com with SMTP id q8-20020a170902dac800b001753aa66955so2101670plx.5 for ; Fri, 02 Sep 2022 17:23:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date; bh=PIDwOUCtBewPHDMb4tVnQLyazdcuUyhDknKis4oP5e8=; b=b26qyh04/+cVHoGaCuXAqwfdfxKioKFeVh+lEW/sxDvmCTO3oJmQMLOMgwljALZBsD FkreDci/td/b1kRcO0MrT91dOY0G2C7HdUrjl3OuGNSQNupfaqWxDJ1yqXRCs7ZSrQMK 0pJc/1N94lJJtFkXyrDq5C5+VgB/hFB3pyO2vh6Ke/KEijK7zzdp/upEqeBhKF56MwKE NZoLhOnkS1Uk2aT34zv2+SYjCHz4SPgYrJfFkrmrRT/SX9Lnp5aAt0vN7/pAukCI/sMW GvtL2RswZWw+4y3y55nOthTlNDXetxJviFpHoNwQkcO5cLiocnE6UYkq08ei5lETSpTa UzEQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date; bh=PIDwOUCtBewPHDMb4tVnQLyazdcuUyhDknKis4oP5e8=; b=eJjY4Zb0JihFSls899Cn+FApVLLivw9v0qtvpDF3wpkLKEw8RQ1DBD8/73p2MJCgok Zt6EGRKVxTidmqtNM/5F9LNdqXKzkKO6bAvMR4M5s3kivvaWIrdwC1EjjCdsfgBg+Xos C9yrEGIioIo1R+s+lXWh+gj3Y7HNrY/U4fKu4TbbI5AvIPb+5r1gBt3PNXrUpwQoCIfv Si1+Ln4l169kGSUKLZ/PhadsUoFa/udYq32d8NYkVxAWvSWViu/TX+vuQun+rCzg9Ml3 wiH669Q/T+vGTaO6/quM4ReNLFWz17ITTSMEv4L7FqGyfI1Yw9ZAgvhZ4YGENRR+wM8X X9iA== X-Gm-Message-State: ACgBeo1eVO8pA8k9MtGs0L60Sxuh3lhcqwQqVXVse6NtoKrpvzIQHt59 P5IUqibOnnkH9YSFD+gqZFPDtpwjMPw= X-Google-Smtp-Source: AA6agR6zXdocaWASgpB6k/UriiG0R/4kTiatkYonZzlVvfDKIy93ifjp7qYZTXf0H124KMizSG68UQdKvQg= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a62:b519:0:b0:537:9723:5cf2 with SMTP id y25-20020a62b519000000b0053797235cf2mr39060596pfe.15.1662164582631; Fri, 02 Sep 2022 17:23:02 -0700 (PDT) Reply-To: Sean Christopherson Date: Sat, 3 Sep 2022 00:22:33 +0000 In-Reply-To: <20220903002254.2411750-1-seanjc@google.com> Mime-Version: 1.0 References: <20220903002254.2411750-1-seanjc@google.com> X-Mailer: git-send-email 2.37.2.789.g6183377224-goog Message-ID: <20220903002254.2411750-3-seanjc@google.com> Subject: [PATCH v2 02/23] KVM: SVM: Flush the "current" TLB when activating AVIC From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Suravee Suthikulpanit , Maxim Levitsky , Li RongQing Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Flush the TLB when activating AVIC as the CPU can insert into the TLB while AVIC is "locally" disabled. KVM doesn't treat "APIC hardware disabled" as VM-wide AVIC inhibition, and so when a vCPU has its APIC hardware disabled, AVIC is not guaranteed to be inhibited. As a result, KVM may create a valid NPT mapping for the APIC base, which the CPU can cache as a non-AVIC translation. Note, Intel handles this in vmx_set_virtual_apic_mode(). Signed-off-by: Sean Christopherson Reviewed-by: Paolo Bonzini --- arch/x86/kvm/svm/avic.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/arch/x86/kvm/svm/avic.c b/arch/x86/kvm/svm/avic.c index 6919dee69f18..4fbef2af1efc 100644 --- a/arch/x86/kvm/svm/avic.c +++ b/arch/x86/kvm/svm/avic.c @@ -86,6 +86,12 @@ static void avic_activate_vmcb(struct vcpu_svm *svm) /* Disabling MSR intercept for x2APIC registers */ svm_set_x2apic_msr_interception(svm, false); } else { + /* + * Flush the TLB, the guest may have inserted a non-APIC + * mappings into the TLB while AVIC was disabled. + */ + kvm_make_request(KVM_REQ_TLB_FLUSH_CURRENT, &svm->vcpu); + /* For xAVIC and hybrid-xAVIC modes */ vmcb->control.avic_physical_id |=3D AVIC_MAX_PHYSICAL_ID; /* Enabling MSR intercept for x2APIC registers */ --=20 2.37.2.789.g6183377224-goog From nobody Mon Apr 6 18:48:56 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 74C3EC6FA86 for ; Sat, 3 Sep 2022 00:23:19 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231270AbiICAXR (ORCPT ); Fri, 2 Sep 2022 20:23:17 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53560 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231258AbiICAXG (ORCPT ); Fri, 2 Sep 2022 20:23:06 -0400 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 19820F63D8 for ; Fri, 2 Sep 2022 17:23:05 -0700 (PDT) Received: by mail-yb1-xb4a.google.com with SMTP id 66-20020a251145000000b006a7b4a27d04so486718ybr.20 for ; Fri, 02 Sep 2022 17:23:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date; bh=+h9hFic4xRqD7CaF5zm+8f3VON15o9C3RGA1ZshdPjA=; b=VIY/TbrtWcV1Mo1/S9C9/ooDUAQwCY2EVenvilCM17xY2z7HcVKyrGMq7MbCq/YsbQ siznHBRspCkUTfdfCM4nw9V4yV862b98T9el5+/dRkoMacsQQWSc4dYyxs/NyG4h7svs 6GG+wdyLB837ervm9UFYX7lEgguBmymjUWPbbsaNpX2xsprzW+U1xxxcr5w7Hae68VpC BUXLWpmDp9yiykojL+7IrAP3Qz5N/i3VA2oAb6UnPuNxwBnx469NSbWdJB4dFUywEwMw OSutRD83dcIrXWQCmZzW6AOmD5ECutGwK/AtIILwdK86OQxD3Ogb7PcSOBDEXyDxj4Ev 3hOg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date; bh=+h9hFic4xRqD7CaF5zm+8f3VON15o9C3RGA1ZshdPjA=; b=vh5OuCA9hk5OXWCFw/CdACR9kRUuHsx+Go2KEujkylNU78XlOxbASH0umn4z/RMnSX upSMoWyv8deZklND32LYAP2np/Tl1WsutTWLmp6Tgf9h2Vp9jWWlWCII60MMNAeE/Wwt bzIz8DqzWidsel7/ve5TUkt6+0phYEhlM0k1yXszOWKhRcNQ/S/pJv71NzlltRLIEg6x DUh7/q+Fzisj47OHv9TeZGVOAVKKeIegZnNHmKKDTMQygo0ERVmhbWxyRf4AG01AFle9 0MFeaHs7ho1BDx2jqknwT89TJIdsn6/oOzX+Lz1m7V26agmCMxbzE4EwSmfJD8k1S6dJ /wIA== X-Gm-Message-State: ACgBeo2ZqRPSpTKOiq/c4sFpnFUF+uT8VmjbzgvKC358bdtMGnyKaKVY iNtpddM2fHFdIkX9Uq8ECoeaB/aYFX8= X-Google-Smtp-Source: AA6agR4GbUtTJKepW8ZpEGn0B9VdcVEWRT2NeATuIKh3KuJSKUQoCbpifi1rJV2bbFY1fXwJN+4JEVweIgM= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:2416:0:b0:696:4dc5:c6cc with SMTP id k22-20020a252416000000b006964dc5c6ccmr25386145ybk.114.1662164584329; Fri, 02 Sep 2022 17:23:04 -0700 (PDT) Reply-To: Sean Christopherson Date: Sat, 3 Sep 2022 00:22:34 +0000 In-Reply-To: <20220903002254.2411750-1-seanjc@google.com> Mime-Version: 1.0 References: <20220903002254.2411750-1-seanjc@google.com> X-Mailer: git-send-email 2.37.2.789.g6183377224-goog Message-ID: <20220903002254.2411750-4-seanjc@google.com> Subject: [PATCH v2 03/23] KVM: SVM: Process ICR on AVIC IPI delivery failure due to invalid target From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Suravee Suthikulpanit , Maxim Levitsky , Li RongQing Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Emulate ICR writes on AVIC IPI failures due to invalid targets using the same logic as failures due to invalid types. AVIC acceleration fails if _any_ of the targets are invalid, and crucially VM-Exits before sending IPIs to targets that _are_ valid. In logical mode, the destination is a bitmap, i.e. a single IPI can target multiple logical IDs. Doing nothing causes KVM to drop IPIs if at least one target is valid and at least one target is invalid. Fixes: 18f40c53e10f ("svm: Add VMEXIT handlers for AVIC") Cc: stable@vger.kernel.org Signed-off-by: Sean Christopherson Reviewed-by: Maxim Levitsky Reviewed-by: Paolo Bonzini --- arch/x86/kvm/svm/avic.c | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/arch/x86/kvm/svm/avic.c b/arch/x86/kvm/svm/avic.c index 4fbef2af1efc..6a3d225eb02c 100644 --- a/arch/x86/kvm/svm/avic.c +++ b/arch/x86/kvm/svm/avic.c @@ -502,14 +502,18 @@ int avic_incomplete_ipi_interception(struct kvm_vcpu = *vcpu) trace_kvm_avic_incomplete_ipi(vcpu->vcpu_id, icrh, icrl, id, index); =20 switch (id) { + case AVIC_IPI_FAILURE_INVALID_TARGET: case AVIC_IPI_FAILURE_INVALID_INT_TYPE: /* * Emulate IPIs that are not handled by AVIC hardware, which - * only virtualizes Fixed, Edge-Triggered INTRs. The exit is - * a trap, e.g. ICR holds the correct value and RIP has been - * advanced, KVM is responsible only for emulating the IPI. - * Sadly, hardware may sometimes leave the BUSY flag set, in - * which case KVM needs to emulate the ICR write as well in + * only virtualizes Fixed, Edge-Triggered INTRs, and falls over + * if _any_ targets are invalid, e.g. if the logical mode mask + * is a superset of running vCPUs. + * + * The exit is a trap, e.g. ICR holds the correct value and RIP + * has been advanced, KVM is responsible only for emulating the + * IPI. Sadly, hardware may sometimes leave the BUSY flag set, + * in which case KVM needs to emulate the ICR write as well in * order to clear the BUSY flag. */ if (icrl & APIC_ICR_BUSY) @@ -525,8 +529,6 @@ int avic_incomplete_ipi_interception(struct kvm_vcpu *v= cpu) */ avic_kick_target_vcpus(vcpu->kvm, apic, icrl, icrh, index); break; - case AVIC_IPI_FAILURE_INVALID_TARGET: - break; case AVIC_IPI_FAILURE_INVALID_BACKING_PAGE: WARN_ONCE(1, "Invalid backing page\n"); break; --=20 2.37.2.789.g6183377224-goog From nobody Mon Apr 6 18:48:56 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id E89DAC38145 for ; Sat, 3 Sep 2022 00:23:23 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231325AbiICAXV (ORCPT ); Fri, 2 Sep 2022 20:23:21 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53580 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231288AbiICAXH (ORCPT ); Fri, 2 Sep 2022 20:23:07 -0400 Received: from mail-pg1-x549.google.com (mail-pg1-x549.google.com [IPv6:2607:f8b0:4864:20::549]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 88CE0F63E5 for ; Fri, 2 Sep 2022 17:23:06 -0700 (PDT) Received: by mail-pg1-x549.google.com with SMTP id h13-20020a63530d000000b0043087bbf72dso1880181pgb.17 for ; Fri, 02 Sep 2022 17:23:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date; bh=GyZtyI6NBhU9EVA9XTEoU4+oyphkKSWqV6hEaozHlgk=; b=UmNeraoCzh/j9hAdWsAfDCHvbHAQK1rT1jW5eabzEAwj+oR90RJlvvK+ZDXFqqVPWN oimywkE1zOhR7IPXZe5ZUFs4BkFanFJJMgwJSXRda1cLhi8dnnPajRSb6YpezNR+LAtO S/yzF5RaX37/3httan0Pt5Y0WYzA/Gpmz1agA9CZvQNnDL4z+SmR7vvJ3nnby8MiD1/Y 7Gi2pCuVN8aeypmBYiuzfONgO+mPS38yJDNYDqbe4QBbsqT/FmmKd9tID+/4L6X53LBD TkBvmU0QOyPS2LQczV4iFdSowKkCG5zQDggkESnEN372M56OKD+57PsfRvkWWKdiCj4B TpzA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date; bh=GyZtyI6NBhU9EVA9XTEoU4+oyphkKSWqV6hEaozHlgk=; b=J2X4QJqXbZEy3RpSSh76Yz4SFkMSdErBWunSmw8Zxwglq+RaMC2rx2nIfJle75+XtL M180NEaELoV0Ynk0nXcn/x0kObPfGuVc9o7HUAK3Jcw0j/91vO91QsTwpucMu9KYitsK DemQnoL3HOiFZt9c/AG+weMZkGvUxVJaEfoRvo4MpnL1bMeY95lz+TSrpyDEJM9pLS8W YRIl7Rp8xAX9BqAu5/08e2GtSYWek/gh13ZYzw8JWn+bbSdw6CfgH0wB8eA9+IFC6rYm n8BnJBax++Ki7XMMVFlQYDmHHVqXkLLODWun3v2avMjLKHxDp7uPYdOxzBfT6g8rKche lu8w== X-Gm-Message-State: ACgBeo2kiugXWCtciMw1SbIJF9+yof0jKLZgtodiZvcGS9GN4mZEmVEY MjuVmHzIiqGCueBzDl/DUXFWNcZvoc0= X-Google-Smtp-Source: AA6agR5HTMQ+UJMYjax5XO7UY8goDWmKzBzn3wDTAL//6tTCShEzqrb3FKi6aSPtEOwUXN7Rqu4FsGnP+8M= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:902:d4c8:b0:174:a871:152d with SMTP id o8-20020a170902d4c800b00174a871152dmr28136076plg.4.1662164586136; Fri, 02 Sep 2022 17:23:06 -0700 (PDT) Reply-To: Sean Christopherson Date: Sat, 3 Sep 2022 00:22:35 +0000 In-Reply-To: <20220903002254.2411750-1-seanjc@google.com> Mime-Version: 1.0 References: <20220903002254.2411750-1-seanjc@google.com> X-Mailer: git-send-email 2.37.2.789.g6183377224-goog Message-ID: <20220903002254.2411750-5-seanjc@google.com> Subject: [PATCH v2 04/23] KVM: x86: Inhibit AVIC SPTEs if any vCPU enables x2APIC From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Suravee Suthikulpanit , Maxim Levitsky , Li RongQing Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Reintroduce APICV_INHIBIT_REASON_X2APIC as a "partial" inhibit for AMD to fix a bug where the APIC access page is visible to vCPUs that have x2APIC enabled, i.e. shouldn't be able to "see" the xAPIC MMIO region. On AMD, due to its "hybrid" mode where AVIC is enabled when x2APIC is enabled even without x2AVIC support, the bug occurs any time AVIC is enabled as x2APIC is fully emulated by KVM. I.e. hardware isn't aware that the guest is operating in x2APIC mode. Opportunistically drop the "can" while updating avic_activate_vmcb()'s comment, i.e. to state that KVM _does_ support the hybrid mode. Move the "Note:" down a line to conform to preferred kernel/KVM multi-line comment style. Leave Intel as-is for now to avoid a subtle performance regression, even though Intel likely suffers from the same bug. On Intel, in theory the bug rears its head only when vCPUs share host page tables (extremely likely) and x2APIC enabling is not consistent within the guest, i.e. if some vCPUs have x2APIC enabled and other does do not (unlikely to occur except in certain situations, e.g. bringing up APs). Fixes: 0e311d33bfbe ("KVM: SVM: Introduce hybrid-AVIC mode") Cc: stable@vger.kernel.org Suggested-by: Maxim Levitsky Signed-off-by: Sean Christopherson Reviewed-by: Paolo Bonzini --- arch/x86/include/asm/kvm_host.h | 10 ++++++++++ arch/x86/kvm/lapic.c | 4 +++- arch/x86/kvm/mmu/mmu.c | 2 +- arch/x86/kvm/svm/avic.c | 15 +++++++------- arch/x86/kvm/x86.c | 35 +++++++++++++++++++++++++++++---- 5 files changed, 53 insertions(+), 13 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index 2c96c43c313a..1fd1b66ceeb6 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1132,6 +1132,15 @@ enum kvm_apicv_inhibit { * AVIC is disabled because SEV doesn't support it. */ APICV_INHIBIT_REASON_SEV, + + /* + * Due to sharing page tables across vCPUs, the xAPIC memslot must be + * inhibited if any vCPU has x2APIC enabled. Note, this is a "partial" + * inhibit; APICv can still be activated, but KVM mustn't retain/create + * SPTEs for the APIC access page. Like the APIC ID and APIC base + * inhibits, this is sticky for simplicity. + */ + APICV_INHIBIT_REASON_X2APIC, }; =20 struct kvm_arch { @@ -1903,6 +1912,7 @@ gpa_t kvm_mmu_gva_to_gpa_write(struct kvm_vcpu *vcpu,= gva_t gva, gpa_t kvm_mmu_gva_to_gpa_system(struct kvm_vcpu *vcpu, gva_t gva, struct x86_exception *exception); =20 +bool kvm_apicv_memslot_activated(struct kvm *kvm); bool kvm_apicv_activated(struct kvm *kvm); bool kvm_vcpu_apicv_activated(struct kvm_vcpu *vcpu); void kvm_vcpu_update_apicv(struct kvm_vcpu *vcpu); diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c index 38e9b8e5278c..d956cd37908e 100644 --- a/arch/x86/kvm/lapic.c +++ b/arch/x86/kvm/lapic.c @@ -2394,8 +2394,10 @@ void kvm_lapic_set_base(struct kvm_vcpu *vcpu, u64 v= alue) } } =20 - if (((old_value ^ value) & X2APIC_ENABLE) && (value & X2APIC_ENABLE)) + if (((old_value ^ value) & X2APIC_ENABLE) && (value & X2APIC_ENABLE)) { kvm_apic_set_x2apic_id(apic, vcpu->vcpu_id); + kvm_set_apicv_inhibit(vcpu->kvm, APICV_INHIBIT_REASON_X2APIC); + } =20 if ((old_value ^ value) & (MSR_IA32_APICBASE_ENABLE | X2APIC_ENABLE)) { kvm_vcpu_update_apicv(vcpu); diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index e418ef3ecfcb..cea25552869f 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -4150,7 +4150,7 @@ static int kvm_faultin_pfn(struct kvm_vcpu *vcpu, str= uct kvm_page_fault *fault) * when the AVIC is re-enabled. */ if (slot && slot->id =3D=3D APIC_ACCESS_PAGE_PRIVATE_MEMSLOT && - !kvm_apicv_activated(vcpu->kvm)) + !kvm_apicv_memslot_activated(vcpu->kvm)) return RET_PF_EMULATE; } =20 diff --git a/arch/x86/kvm/svm/avic.c b/arch/x86/kvm/svm/avic.c index 6a3d225eb02c..19be5f1afaac 100644 --- a/arch/x86/kvm/svm/avic.c +++ b/arch/x86/kvm/svm/avic.c @@ -72,12 +72,12 @@ static void avic_activate_vmcb(struct vcpu_svm *svm) =20 vmcb->control.int_ctl |=3D AVIC_ENABLE_MASK; =20 - /* Note: - * KVM can support hybrid-AVIC mode, where KVM emulates x2APIC - * MSR accesses, while interrupt injection to a running vCPU - * can be achieved using AVIC doorbell. The AVIC hardware still - * accelerate MMIO accesses, but this does not cause any harm - * as the guest is not supposed to access xAPIC mmio when uses x2APIC. + /* + * Note: KVM supports hybrid-AVIC mode, where KVM emulates x2APIC MSR + * accesses, while interrupt injection to a running vCPU can be + * achieved using AVIC doorbell. KVM disables the APIC access page + * (prevents mapping it into the guest) if any vCPU has x2APIC enabled, + * thus enabling AVIC activates only the doorbell mechanism. */ if (apic_x2apic_mode(svm->vcpu.arch.apic) && avic_mode =3D=3D AVIC_MODE_X2) { @@ -1014,7 +1014,8 @@ bool avic_check_apicv_inhibit_reasons(enum kvm_apicv_= inhibit reason) BIT(APICV_INHIBIT_REASON_BLOCKIRQ) | BIT(APICV_INHIBIT_REASON_SEV) | BIT(APICV_INHIBIT_REASON_APIC_ID_MODIFIED) | - BIT(APICV_INHIBIT_REASON_APIC_BASE_MODIFIED); + BIT(APICV_INHIBIT_REASON_APIC_BASE_MODIFIED) | + BIT(APICV_INHIBIT_REASON_X2APIC); =20 return supported & BIT(reason); } diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index d7374d768296..6ab9088c2531 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -9379,15 +9379,29 @@ static void kvm_pv_kick_cpu_op(struct kvm *kvm, int= apicid) kvm_irq_delivery_to_apic(kvm, NULL, &lapic_irq, NULL); } =20 -bool kvm_apicv_activated(struct kvm *kvm) +bool kvm_apicv_memslot_activated(struct kvm *kvm) { return (READ_ONCE(kvm->arch.apicv_inhibit_reasons) =3D=3D 0); } + +static unsigned long kvm_apicv_get_inhibit_reasons(struct kvm *kvm) +{ + /* + * x2APIC only needs to "inhibit" the MMIO region, all other aspects of + * APICv can continue to be utilized. + */ + return READ_ONCE(kvm->arch.apicv_inhibit_reasons) & ~APICV_INHIBIT_REASON= _X2APIC; +} + +bool kvm_apicv_activated(struct kvm *kvm) +{ + return !kvm_apicv_get_inhibit_reasons(kvm); +} EXPORT_SYMBOL_GPL(kvm_apicv_activated); =20 bool kvm_vcpu_apicv_activated(struct kvm_vcpu *vcpu) { - ulong vm_reasons =3D READ_ONCE(vcpu->kvm->arch.apicv_inhibit_reasons); + ulong vm_reasons =3D kvm_apicv_get_inhibit_reasons(vcpu->kvm); ulong vcpu_reasons =3D static_call(kvm_x86_vcpu_get_apicv_inhibit_reasons= )(vcpu); =20 return (vm_reasons | vcpu_reasons) =3D=3D 0; @@ -10122,7 +10136,15 @@ void __kvm_set_or_clear_apicv_inhibit(struct kvm *= kvm, =20 set_or_clear_apicv_inhibit(&new, reason, set); =20 - if (!!old !=3D !!new) { + /* + * If the overall "is APICv activated" status is unchanged, simply add + * or remove the inihbit from the pile. x2APIC is an exception, as it + * is a partial inhibit (only blocks SPTEs for the APIC access page). + * If x2APIC is the only inhibit in either the old or the new set, then + * vCPUs need to be kicked to transition between partially-inhibited + * and fully-inhibited. + */ + if ((!!old !=3D !!new) || old =3D=3D X2APIC_ENABLE || new =3D=3D X2APIC_E= NABLE) { /* * Kick all vCPUs before setting apicv_inhibit_reasons to avoid * false positives in the sanity check WARN in svm_vcpu_run(). @@ -10137,7 +10159,12 @@ void __kvm_set_or_clear_apicv_inhibit(struct kvm *= kvm, */ kvm_make_all_cpus_request(kvm, KVM_REQ_APICV_UPDATE); kvm->arch.apicv_inhibit_reasons =3D new; - if (new) { + + /* + * Zap SPTEs for the APIC access page if APICv is newly + * inhibited (partially or fully). + */ + if (new && !old) { unsigned long gfn =3D gpa_to_gfn(APIC_DEFAULT_PHYS_BASE); kvm_zap_gfn_range(kvm, gfn, gfn+1); } --=20 2.37.2.789.g6183377224-goog From nobody Mon Apr 6 18:48:56 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id C1579C38145 for ; Sat, 3 Sep 2022 00:23:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231430AbiICAX0 (ORCPT ); Fri, 2 Sep 2022 20:23:26 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53656 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231229AbiICAXN (ORCPT ); Fri, 2 Sep 2022 20:23:13 -0400 Received: from mail-pg1-x54a.google.com (mail-pg1-x54a.google.com [IPv6:2607:f8b0:4864:20::54a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4DCFAF63EC for ; Fri, 2 Sep 2022 17:23:08 -0700 (PDT) Received: by mail-pg1-x54a.google.com with SMTP id 15-20020a63020f000000b0041b578f43f9so1888411pgc.11 for ; Fri, 02 Sep 2022 17:23:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date; bh=JZeHyptfyamN7lZXKlGrbewGaMXcgRQmHfG/o64cPog=; b=T9y5ihH4n9huwf0O2EGKUMPAC1qOYUJkAFO3JWQBaok9tqyIiImayQv5Otbai61XzN F2/Zu5jwnxDVAv/uk1tmzTDDDrDrNvL1eKSRnyt5Ku5B3+DPjIBvK3AtYxAFfcKpznTO 94+bxP0zR8q9OWSJNcasDLE8zI4X9EgvnnK9CMoMRuEHoxaewQr66IgsZmiJKg4OP+in 4aHPEMyEsgL5CW4wt14kum57uXw+kz8LdNIW3T77j5XNpA+PZx7xPqudpXrx8yag8VM0 Ri5cvncocD2yIxBuHC+qH64nHxHuvQ0DG0tFbXfbYjlc/kFH275/nzEgr4kUR9ZkCZkQ a6xA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date; bh=JZeHyptfyamN7lZXKlGrbewGaMXcgRQmHfG/o64cPog=; b=Gevw+mkMZTP7XwipVHFyyHHS2VhZ9arUPRj6uatE+IhgZM5l4kPt9I9oQT0IjgZh7g m0UxXcYj/dtKkq/fkUi0zdNBx++g9Zz6i0uQBGLcFrTjgdqRYo58JLuUydLEF868W7Xh UaGfjQeApePStGYAItW+bh61qQpz84jGLnXj+Yb79gAC6TsyaNQdu7yJfr5ehwk/S/o6 Nb7EH2fcDYhx8vI7iRbPq5wxreGC7DlSzb0r+eSDdUA9VqgfPuKFHwFvgyekwJJsKRhF Vj5vxvUpvYunSiYtIKpGJbP44EgxCh2lqR+jhzyq4rAZvA3i+I0eUmLmBBzE4UDuYxKc nrWQ== X-Gm-Message-State: ACgBeo3SbpkPpwURn7OACENtqphGQBZ9t32sPbj2H+EywZ02TdVJf5bG k2DosC6Z/F/ZkSoyyfiHvUr9naTjQeQ= X-Google-Smtp-Source: AA6agR6vdoeboYtgxxLRIZ616DTlaLOi8pSBgwhAZbgf8WMojNXS2NbATi0Iwzkfe/5VMEc8xQWHy26i5oM= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a63:8bc3:0:b0:42b:1bd2:9a6d with SMTP id j186-20020a638bc3000000b0042b1bd29a6dmr30984651pge.503.1662164587886; Fri, 02 Sep 2022 17:23:07 -0700 (PDT) Reply-To: Sean Christopherson Date: Sat, 3 Sep 2022 00:22:36 +0000 In-Reply-To: <20220903002254.2411750-1-seanjc@google.com> Mime-Version: 1.0 References: <20220903002254.2411750-1-seanjc@google.com> X-Mailer: git-send-email 2.37.2.789.g6183377224-goog Message-ID: <20220903002254.2411750-6-seanjc@google.com> Subject: [PATCH v2 05/23] KVM: SVM: Don't put/load AVIC when setting virtual APIC mode From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Suravee Suthikulpanit , Maxim Levitsky , Li RongQing Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Move the VMCB updates from avic_refresh_apicv_exec_ctrl() into avic_set_virtual_apic_mode() and invert the dependency being said functions to avoid calling avic_vcpu_{load,put}() and avic_set_pi_irte_mode() when "only" setting the virtual APIC mode. avic_set_virtual_apic_mode() is invoked from common x86 with preemption enabled, which makes avic_vcpu_{load,put}() unhappy. Luckily, calling those and updating IRTE stuff is unnecessary as the only reason avic_set_virtual_apic_mode() is called is to handle transitions between xAPIC and x2APIC that don't also toggle APICv activation. And if activation doesn't change, there's no need to fiddle with the physical APIC ID table or update IRTE. The "full" refresh is guaranteed to be called if activation changes in this case as the only call to the "set" path is: kvm_vcpu_update_apicv(vcpu); static_call_cond(kvm_x86_set_virtual_apic_mode)(vcpu); and kvm_vcpu_update_apicv() invokes the refresh if activation changes: if (apic->apicv_active =3D=3D activate) goto out; apic->apicv_active =3D activate; kvm_apic_update_apicv(vcpu); static_call(kvm_x86_refresh_apicv_exec_ctrl)(vcpu); Rename the helper to reflect that it is also called during "refresh". WARNING: CPU: 183 PID: 49186 at arch/x86/kvm/svm/avic.c:1081 avic_vcpu_pu= t+0xde/0xf0 [kvm_amd] CPU: 183 PID: 49186 Comm: stable Tainted: G O 6.0.0-smp--= fcddbca45f0a-sink #34 Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 10.48.0 01/= 27/2022 RIP: 0010:avic_vcpu_put+0xde/0xf0 [kvm_amd] avic_refresh_apicv_exec_ctrl+0x142/0x1c0 [kvm_amd] avic_set_virtual_apic_mode+0x5a/0x70 [kvm_amd] kvm_lapic_set_base+0x149/0x1a0 [kvm] kvm_set_apic_base+0x8f/0xd0 [kvm] kvm_set_msr_common+0xa3a/0xdc0 [kvm] svm_set_msr+0x364/0x6b0 [kvm_amd] __kvm_set_msr+0xb8/0x1c0 [kvm] kvm_emulate_wrmsr+0x58/0x1d0 [kvm] msr_interception+0x1c/0x30 [kvm_amd] svm_invoke_exit_handler+0x31/0x100 [kvm_amd] svm_handle_exit+0xfc/0x160 [kvm_amd] vcpu_enter_guest+0x21bb/0x23e0 [kvm] vcpu_run+0x92/0x450 [kvm] kvm_arch_vcpu_ioctl_run+0x43e/0x6e0 [kvm] kvm_vcpu_ioctl+0x559/0x620 [kvm] Fixes: 05c4fe8c1bd9 ("KVM: SVM: Refresh AVIC configuration when changing AP= IC mode") Cc: stable@vger.kernel.org Cc: Suravee Suthikulpanit Cc: Maxim Levitsky Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/avic.c | 31 +++++++++++++++---------------- arch/x86/kvm/svm/svm.c | 2 +- arch/x86/kvm/svm/svm.h | 2 +- 3 files changed, 17 insertions(+), 18 deletions(-) diff --git a/arch/x86/kvm/svm/avic.c b/arch/x86/kvm/svm/avic.c index 19be5f1afaac..de7fcb3a544b 100644 --- a/arch/x86/kvm/svm/avic.c +++ b/arch/x86/kvm/svm/avic.c @@ -747,18 +747,6 @@ void avic_apicv_post_state_restore(struct kvm_vcpu *vc= pu) avic_handle_ldr_update(vcpu); } =20 -void avic_set_virtual_apic_mode(struct kvm_vcpu *vcpu) -{ - if (!lapic_in_kernel(vcpu) || avic_mode =3D=3D AVIC_MODE_NONE) - return; - - if (kvm_get_apic_mode(vcpu) =3D=3D LAPIC_MODE_INVALID) { - WARN_ONCE(true, "Invalid local APIC state (vcpu_id=3D%d)", vcpu->vcpu_id= ); - return; - } - avic_refresh_apicv_exec_ctrl(vcpu); -} - static int avic_set_pi_irte_mode(struct kvm_vcpu *vcpu, bool activate) { int ret =3D 0; @@ -1101,17 +1089,18 @@ void avic_vcpu_put(struct kvm_vcpu *vcpu) WRITE_ONCE(*(svm->avic_physical_id_cache), entry); } =20 - -void avic_refresh_apicv_exec_ctrl(struct kvm_vcpu *vcpu) +void avic_refresh_virtual_apic_mode(struct kvm_vcpu *vcpu) { struct vcpu_svm *svm =3D to_svm(vcpu); struct vmcb *vmcb =3D svm->vmcb01.ptr; - bool activated =3D kvm_vcpu_apicv_active(vcpu); + + if (!lapic_in_kernel(vcpu) || avic_mode =3D=3D AVIC_MODE_NONE) + return; =20 if (!enable_apicv) return; =20 - if (activated) { + if (kvm_vcpu_apicv_active(vcpu)) { /** * During AVIC temporary deactivation, guest could update * APIC ID, DFR and LDR registers, which would not be trapped @@ -1125,6 +1114,16 @@ void avic_refresh_apicv_exec_ctrl(struct kvm_vcpu *v= cpu) avic_deactivate_vmcb(svm); } vmcb_mark_dirty(vmcb, VMCB_AVIC); +} + +void avic_refresh_apicv_exec_ctrl(struct kvm_vcpu *vcpu) +{ + bool activated =3D kvm_vcpu_apicv_active(vcpu); + + if (!enable_apicv) + return; + + avic_refresh_virtual_apic_mode(vcpu); =20 if (activated) avic_vcpu_load(vcpu, vcpu->cpu); diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index f3813dbacb9f..2aa5069bafb2 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -4807,7 +4807,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata =3D { .enable_nmi_window =3D svm_enable_nmi_window, .enable_irq_window =3D svm_enable_irq_window, .update_cr8_intercept =3D svm_update_cr8_intercept, - .set_virtual_apic_mode =3D avic_set_virtual_apic_mode, + .set_virtual_apic_mode =3D avic_refresh_virtual_apic_mode, .refresh_apicv_exec_ctrl =3D avic_refresh_apicv_exec_ctrl, .check_apicv_inhibit_reasons =3D avic_check_apicv_inhibit_reasons, .apicv_post_state_restore =3D avic_apicv_post_state_restore, diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 6a7686bf6900..7a95f50e80e7 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -646,7 +646,7 @@ void avic_vcpu_blocking(struct kvm_vcpu *vcpu); void avic_vcpu_unblocking(struct kvm_vcpu *vcpu); void avic_ring_doorbell(struct kvm_vcpu *vcpu); unsigned long avic_vcpu_get_apicv_inhibit_reasons(struct kvm_vcpu *vcpu); -void avic_set_virtual_apic_mode(struct kvm_vcpu *vcpu); +void avic_refresh_virtual_apic_mode(struct kvm_vcpu *vcpu); =20 =20 /* sev.c */ --=20 2.37.2.789.g6183377224-goog From nobody Mon Apr 6 18:48:56 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 770C7C38145 for ; Sat, 3 Sep 2022 00:23:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231462AbiICAXc (ORCPT ); Fri, 2 Sep 2022 20:23:32 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53670 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231344AbiICAXO (ORCPT ); Fri, 2 Sep 2022 20:23:14 -0400 Received: from mail-pf1-x449.google.com (mail-pf1-x449.google.com [IPv6:2607:f8b0:4864:20::449]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 18EF8F72C1 for ; Fri, 2 Sep 2022 17:23:10 -0700 (PDT) Received: by mail-pf1-x449.google.com with SMTP id y21-20020a056a001c9500b0053817f57e8dso1721859pfw.6 for ; Fri, 02 Sep 2022 17:23:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date; bh=Kx3IG3ZoWEJ93nwNVzD3nD++UrihjFhzPKMLEK+k0c8=; b=Eq+2HWdocGwiCPEnjoFBfKuQEtWfIrv4jJlrD4dm47o7bKopijIRIw7Er0dRFK+k+H Tltwof+sBHYKD1XGoToZbji8bukdmJrsQoJnlW4oWBjWfa+nd4ot+i19xSSkW7LERWhg axaIL/DFSVEcT/HN+cMGqF49hivO9/yQ2nEHn68lCGGPvqd7ouHsxqP0HOV2600KzrXr 7A7l0HQqEn79+I3iAE2usc49JMVhMxIgJDGhlz82NYPbYc3lhzHf/1+36E3EqXmPFajZ YILJlUtsy0Lf29YiEB4dBIQPDIVMPfE4obNWjhpf0/i5L8haQqsZpzvY9diZVdDURHY/ knvw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date; bh=Kx3IG3ZoWEJ93nwNVzD3nD++UrihjFhzPKMLEK+k0c8=; b=SibuBCBv8/N5xNGXMojQrB7RRSFq6e/yvJ6HvEp7fuTt5JkTGr3kmN36ns7u2Gy7df 8Yqm2XR1o59zUcdWXA+wGFl6kz4tazDdmInujbPXAbw0zUkojzVA8JDADgTn6PfBeWCQ y1tbJoINSoILmhaqgmj1ZRFGoCHpaqERIs9Pb6Vx+2vIh62O7lJyUFKY3Hu0E+pOaqoM 0uLSpx00Ks/awa9YeiOADk7TBXXTS+XKNkQIyCJvpSjliP1zzPwFuHhym70MXwTbT9vm wKMgKD00Wg7gNFMgPQg5M0Ls8qUJUyFA8a5Jzdy/8FqgTO+/ja4wDFtNgbNAR8W12TS5 TS4w== X-Gm-Message-State: ACgBeo2HN8Lrkmr8kJFX4Tp11rrQbVaAs95pSSD5HqY7Wp5v7Y8iF7rH GhfK8IjI9ILO8vGdqDO+tbq2socYjqc= X-Google-Smtp-Source: AA6agR4Ts92+AkwUcUZPtJoBrs0hDIJelMYlLMh2y78qNty8SD+rW2ZEqPyeaDMqHyQlHe3PXzHGrUD0UNw= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:902:8503:b0:173:368b:dce3 with SMTP id bj3-20020a170902850300b00173368bdce3mr38018382plb.104.1662164589610; Fri, 02 Sep 2022 17:23:09 -0700 (PDT) Reply-To: Sean Christopherson Date: Sat, 3 Sep 2022 00:22:37 +0000 In-Reply-To: <20220903002254.2411750-1-seanjc@google.com> Mime-Version: 1.0 References: <20220903002254.2411750-1-seanjc@google.com> X-Mailer: git-send-email 2.37.2.789.g6183377224-goog Message-ID: <20220903002254.2411750-7-seanjc@google.com> Subject: [PATCH v2 06/23] KVM: SVM: Replace "avic_mode" enum with "x2avic_enabled" boolean From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Suravee Suthikulpanit , Maxim Levitsky , Li RongQing Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Replace the "avic_mode" enum with a single bool to track whether or not x2AVIC is enabled. KVM already has "apicv_enabled" that tracks if any flavor of AVIC is enabled, i.e. AVIC_MODE_NONE and AVIC_MODE_X1 are redundant and unnecessary noise. No functional change intended. Signed-off-by: Sean Christopherson Reviewed-by: Maxim Levitsky --- arch/x86/kvm/svm/avic.c | 46 +++++++++++++++++++---------------------- arch/x86/kvm/svm/svm.c | 2 +- arch/x86/kvm/svm/svm.h | 9 +------- 3 files changed, 23 insertions(+), 34 deletions(-) diff --git a/arch/x86/kvm/svm/avic.c b/arch/x86/kvm/svm/avic.c index de7fcb3a544b..3022a135c060 100644 --- a/arch/x86/kvm/svm/avic.c +++ b/arch/x86/kvm/svm/avic.c @@ -53,7 +53,7 @@ static DEFINE_HASHTABLE(svm_vm_data_hash, SVM_VM_DATA_HAS= H_BITS); static u32 next_vm_id =3D 0; static bool next_vm_id_wrapped =3D 0; static DEFINE_SPINLOCK(svm_vm_data_hash_lock); -enum avic_modes avic_mode; +bool x2avic_enabled; =20 /* * This is a wrapper of struct amd_iommu_ir_data. @@ -79,8 +79,7 @@ static void avic_activate_vmcb(struct vcpu_svm *svm) * (prevents mapping it into the guest) if any vCPU has x2APIC enabled, * thus enabling AVIC activates only the doorbell mechanism. */ - if (apic_x2apic_mode(svm->vcpu.arch.apic) && - avic_mode =3D=3D AVIC_MODE_X2) { + if (x2avic_enabled && apic_x2apic_mode(svm->vcpu.arch.apic)) { vmcb->control.int_ctl |=3D X2APIC_MODE_MASK; vmcb->control.avic_physical_id |=3D X2AVIC_MAX_PHYSICAL_ID; /* Disabling MSR intercept for x2APIC registers */ @@ -247,8 +246,8 @@ static u64 *avic_get_physical_id_entry(struct kvm_vcpu = *vcpu, u64 *avic_physical_id_table; struct kvm_svm *kvm_svm =3D to_kvm_svm(vcpu->kvm); =20 - if ((avic_mode =3D=3D AVIC_MODE_X1 && index > AVIC_MAX_PHYSICAL_ID) || - (avic_mode =3D=3D AVIC_MODE_X2 && index > X2AVIC_MAX_PHYSICAL_ID)) + if ((!x2avic_enabled && index > AVIC_MAX_PHYSICAL_ID) || + (index > X2AVIC_MAX_PHYSICAL_ID)) return NULL; =20 avic_physical_id_table =3D page_address(kvm_svm->avic_physical_id_table_p= age); @@ -295,8 +294,8 @@ static int avic_init_backing_page(struct kvm_vcpu *vcpu) int id =3D vcpu->vcpu_id; struct vcpu_svm *svm =3D to_svm(vcpu); =20 - if ((avic_mode =3D=3D AVIC_MODE_X1 && id > AVIC_MAX_PHYSICAL_ID) || - (avic_mode =3D=3D AVIC_MODE_X2 && id > X2AVIC_MAX_PHYSICAL_ID)) + if ((!x2avic_enabled && id > AVIC_MAX_PHYSICAL_ID) || + (id > X2AVIC_MAX_PHYSICAL_ID)) return -EINVAL; =20 if (!vcpu->arch.apic->regs) @@ -1094,10 +1093,7 @@ void avic_refresh_virtual_apic_mode(struct kvm_vcpu = *vcpu) struct vcpu_svm *svm =3D to_svm(vcpu); struct vmcb *vmcb =3D svm->vmcb01.ptr; =20 - if (!lapic_in_kernel(vcpu) || avic_mode =3D=3D AVIC_MODE_NONE) - return; - - if (!enable_apicv) + if (!lapic_in_kernel(vcpu) || !enable_apicv) return; =20 if (kvm_vcpu_apicv_active(vcpu)) { @@ -1173,32 +1169,32 @@ bool avic_hardware_setup(struct kvm_x86_ops *x86_op= s) if (!npt_enabled) return false; =20 + /* AVIC is a prerequisite for x2AVIC. */ + if (!boot_cpu_has(X86_FEATURE_AVIC) && !force_avic) { + if (boot_cpu_has(X86_FEATURE_X2AVIC)) { + pr_warn(FW_BUG "Cannot support x2AVIC due to AVIC is disabled"); + pr_warn(FW_BUG "Try enable AVIC using force_avic option"); + } + return false; + } + if (boot_cpu_has(X86_FEATURE_AVIC)) { - avic_mode =3D AVIC_MODE_X1; pr_info("AVIC enabled\n"); } else if (force_avic) { /* * Some older systems does not advertise AVIC support. * See Revision Guide for specific AMD processor for more detail. */ - avic_mode =3D AVIC_MODE_X1; pr_warn("AVIC is not supported in CPUID but force enabled"); pr_warn("Your system might crash and burn"); } =20 /* AVIC is a prerequisite for x2AVIC. */ - if (boot_cpu_has(X86_FEATURE_X2AVIC)) { - if (avic_mode =3D=3D AVIC_MODE_X1) { - avic_mode =3D AVIC_MODE_X2; - pr_info("x2AVIC enabled\n"); - } else { - pr_warn(FW_BUG "Cannot support x2AVIC due to AVIC is disabled"); - pr_warn(FW_BUG "Try enable AVIC using force_avic option"); - } - } + x2avic_enabled =3D boot_cpu_has(X86_FEATURE_X2AVIC); + if (x2avic_enabled) + pr_info("x2AVIC enabled\n"); =20 - if (avic_mode !=3D AVIC_MODE_NONE) - amd_iommu_register_ga_log_notifier(&avic_ga_log_notifier); + amd_iommu_register_ga_log_notifier(&avic_ga_log_notifier); =20 - return !!avic_mode; + return true; } diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 2aa5069bafb2..709f0b3e7a48 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -821,7 +821,7 @@ void svm_set_x2apic_msr_interception(struct vcpu_svm *s= vm, bool intercept) if (intercept =3D=3D svm->x2avic_msrs_intercepted) return; =20 - if (avic_mode !=3D AVIC_MODE_X2 || + if (!x2avic_enabled || !apic_x2apic_mode(svm->vcpu.arch.apic)) return; =20 diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 7a95f50e80e7..29c334a932c3 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -35,14 +35,7 @@ extern u32 msrpm_offsets[MSRPM_OFFSETS] __read_mostly; extern bool npt_enabled; extern int vgif; extern bool intercept_smi; - -enum avic_modes { - AVIC_MODE_NONE =3D 0, - AVIC_MODE_X1, - AVIC_MODE_X2, -}; - -extern enum avic_modes avic_mode; +extern bool x2avic_enabled; =20 /* * Clean bits in VMCB. --=20 2.37.2.789.g6183377224-goog From nobody Mon Apr 6 18:48:56 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id BF84EC54EE9 for ; Sat, 3 Sep 2022 00:23:41 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231510AbiICAXi (ORCPT ); Fri, 2 Sep 2022 20:23:38 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53678 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231365AbiICAXO (ORCPT ); Fri, 2 Sep 2022 20:23:14 -0400 Received: from mail-pj1-x1049.google.com (mail-pj1-x1049.google.com [IPv6:2607:f8b0:4864:20::1049]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2020CF72E7 for ; Fri, 2 Sep 2022 17:23:11 -0700 (PDT) Received: by mail-pj1-x1049.google.com with SMTP id ng1-20020a17090b1a8100b001f4f9f69d48so3857984pjb.4 for ; Fri, 02 Sep 2022 17:23:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date; bh=QGfA0SPabQE2R3mTMEiHM9w7+nZN1T1OVaqiQ+IC3mI=; b=d+a+sPvbty8fX65SGwCSUPdb2VNS1zH1EpY8wQ8K2oklg4QQo3zBa8SiaCHxWnoujz Eex6Q9ikO5sMn4145/38ZNgrliW2qtezfapw3Aj1+HfVvQ8oBx+n/TxwDpa/GZypzuTU xfbvDrp5hJ+sshHLkf25qEE0/GjNE0aRAwtw7SoDyCsLphVJCRUenA2FNocoAFiAazbA Lleh/c6CC0pmX6rYyNu4NNIvTJOmuXwjLCS7lsWTn6OP1ro8/08GIREnjT6BOEQycOzZ cM32tiBDh9KI5+mpvbHZsSSuIG887H+Pg3bAHpiBSQj+RtIyH5nWKgQ1ZfNQgIV6tjQD c4rQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date; bh=QGfA0SPabQE2R3mTMEiHM9w7+nZN1T1OVaqiQ+IC3mI=; b=Yq19cf+F7PZUxXDCP5xxJafQCPrROw/4We8w4I4uFKgXEN/gVFbGofuYrP3ciYVCKs xOFTv2Qzcv5Q5xCwjRXlyYIPDO4Vxp/TqvknrXRX2XM+O7rGmnBZKJJBHxNWtYKo/DDl 8qLO9M0uOHp2eAtdqeTErjnGSTVeL3T6SV1pRkQxnknpjit+6CxgcfU08oN1/51t6h99 2CKeH6olxiO36s+IW4K0EODQhCrTedQ1HVqzLNMd1apBjeshs/UZ53d1d2sOTkCaw7+a YwdGC54G+3gUa7zCQf3RpGF1yjmVg/8StqVn9llyCbnHu3TsVy98mH+Nol+VhHSUDc7D 4nUg== X-Gm-Message-State: ACgBeo0r3pNFR3qUTfkXLBk+BrnO1CwPr8QD62vK/EDInRKXP/wH0gJ0 yQJtWGH1yy717YDUGeMjUiopUGCDAac= X-Google-Smtp-Source: AA6agR7nuG06KNHuOhPwbwIB64qfgB9FAo5CZsNmGvbVnFFWEiJXhkb8QbcPke+ZCjTPA+36UOxjc6ylbt4= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:90a:e558:b0:1fb:c4b7:1a24 with SMTP id ei24-20020a17090ae55800b001fbc4b71a24mr30859pjb.1.1662164591154; Fri, 02 Sep 2022 17:23:11 -0700 (PDT) Reply-To: Sean Christopherson Date: Sat, 3 Sep 2022 00:22:38 +0000 In-Reply-To: <20220903002254.2411750-1-seanjc@google.com> Mime-Version: 1.0 References: <20220903002254.2411750-1-seanjc@google.com> X-Mailer: git-send-email 2.37.2.789.g6183377224-goog Message-ID: <20220903002254.2411750-8-seanjc@google.com> Subject: [PATCH v2 07/23] KVM: SVM: Compute dest based on sender's x2APIC status for AVIC kick From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Suravee Suthikulpanit , Maxim Levitsky , Li RongQing Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Compute the destination from ICRH using the sender's x2APIC status, not each (potential) target's x2APIC status. Fixes: c514d3a348ac ("KVM: SVM: Update avic_kick_target_vcpus to support 32= -bit APIC ID") Cc: Li RongQing Signed-off-by: Sean Christopherson Reviewed-by: Li RongQing Reviewed-by: Maxim Levitsky --- arch/x86/kvm/svm/avic.c | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/arch/x86/kvm/svm/avic.c b/arch/x86/kvm/svm/avic.c index 3022a135c060..50721c9167c4 100644 --- a/arch/x86/kvm/svm/avic.c +++ b/arch/x86/kvm/svm/avic.c @@ -456,6 +456,7 @@ static int avic_kick_target_vcpus_fast(struct kvm *kvm,= struct kvm_lapic *source static void avic_kick_target_vcpus(struct kvm *kvm, struct kvm_lapic *sour= ce, u32 icrl, u32 icrh, u32 index) { + u32 dest =3D apic_x2apic_mode(source) ? icrh : GET_XAPIC_DEST_FIELD(icrh); unsigned long i; struct kvm_vcpu *vcpu; =20 @@ -471,13 +472,6 @@ static void avic_kick_target_vcpus(struct kvm *kvm, st= ruct kvm_lapic *source, * since entered the guest will have processed pending IRQs at VMRUN. */ kvm_for_each_vcpu(i, vcpu, kvm) { - u32 dest; - - if (apic_x2apic_mode(vcpu->arch.apic)) - dest =3D icrh; - else - dest =3D GET_XAPIC_DEST_FIELD(icrh); - if (kvm_apic_match_dest(vcpu, source, icrl & APIC_SHORT_MASK, dest, icrl & APIC_DEST_MASK)) { vcpu->arch.apic->irr_pending =3D true; --=20 2.37.2.789.g6183377224-goog From nobody Mon Apr 6 18:48:56 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id E29F7C38145 for ; Sat, 3 Sep 2022 00:23:41 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231592AbiICAXk (ORCPT ); Fri, 2 Sep 2022 20:23:40 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53680 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231371AbiICAXO (ORCPT ); Fri, 2 Sep 2022 20:23:14 -0400 Received: from mail-pf1-x44a.google.com (mail-pf1-x44a.google.com [IPv6:2607:f8b0:4864:20::44a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 52D17F63F4 for ; Fri, 2 Sep 2022 17:23:13 -0700 (PDT) Received: by mail-pf1-x44a.google.com with SMTP id c142-20020a621c94000000b005324991c5b8so1732206pfc.15 for ; Fri, 02 Sep 2022 17:23:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date; bh=Jc8tRpF99XNZU8n/zffImYz5blGtS9807hd1TKthgTk=; b=d+xh8WQ/+GTZy4U7G4pl3sLVfJ2oq6oyYhl7nGeBkTD6wNGtYwT5zuAushnn3gMO/w aB3GGtJsTSOnvcLV3HyzranfOaWf4ChYJx2OQxbJHlPNBN4K5Syw9PJ+Mm2V0+SnIxMN u2XVaQUxZc/03nQ9bVjDJuGQvW++RG06IY71UXJ9n93kVuQWe/y6Bwq72lKNhS4gMeeH R2B6yW2Lcwo6o1NhzPnBA6HqCPQo/En06xiUG1US56mKmWEgH0SRHjf5PnIVeYxFMdF3 9fnLFi47dEh/cXENyqaFaGyVYbd+7Z9scAmi5t1Mxtpk6RNFMv8TZp5bpBzWXF70iExn pGJQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date; bh=Jc8tRpF99XNZU8n/zffImYz5blGtS9807hd1TKthgTk=; b=MkXL8aiXPUDXMoUlVPOeGx25I5+XU+iTqn+XhcXpy1AfaibdwSjm+XV8I8/A09aPfh 6t7Tl2Y+dLR7eXLhGhGw8dctlDKi4YgTmanhC1x313k1pYihwZRxKDw1Jp7zTYAxGUTy cLLvGvBY37vzHAzatH2PP5/dZxSpciX5xmkgHKDBxeGLlczZS1ZhYmzcEIcyU/g/yxFJ YweCDrm4u4WeywRPdYLuQr5bgix39AutFB/c7hmFn259gl4JuC1lzw2riG7dhBIvnglk IS21UeDRQ6hBdqNWhMzGVZgPyzFgGF8dEuEZ/RfUu4owz6hzk9ZUZKD8Osc+iOhZ4hUx TBDQ== X-Gm-Message-State: ACgBeo1e97v3oDPYrDWMT5UjHJmRu1BTsoizuYplmZTyDYGPJzimf1me Q84uNu9YqRN+2XQAMwkG79bnZXP0LSg= X-Google-Smtp-Source: AA6agR71SBaZCeDyyRaHmxa0LZCa3oA0kjUUtNmD6qTohE8KIzS0YM497vbBYfyrfgAWMl0Fnezg669BY1A= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6a00:1308:b0:53a:9663:1c19 with SMTP id j8-20020a056a00130800b0053a96631c19mr18133933pfu.60.1662164592882; Fri, 02 Sep 2022 17:23:12 -0700 (PDT) Reply-To: Sean Christopherson Date: Sat, 3 Sep 2022 00:22:39 +0000 In-Reply-To: <20220903002254.2411750-1-seanjc@google.com> Mime-Version: 1.0 References: <20220903002254.2411750-1-seanjc@google.com> X-Mailer: git-send-email 2.37.2.789.g6183377224-goog Message-ID: <20220903002254.2411750-9-seanjc@google.com> Subject: [PATCH v2 08/23] KVM: SVM: Fix x2APIC Logical ID calculation for avic_kick_target_vcpus_fast From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Suravee Suthikulpanit , Maxim Levitsky , Li RongQing Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Suravee Suthikulpanit For X2APIC ID in cluster mode, the logical ID is bit [15:0]. Fixes: 603ccef42ce9 ("KVM: x86: SVM: fix avic_kick_target_vcpus_fast") Cc: Maxim Levitsky Signed-off-by: Suravee Suthikulpanit Reviewed-by: Maxim Levitsky Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/avic.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/avic.c b/arch/x86/kvm/svm/avic.c index 50721c9167c4..163edc42f979 100644 --- a/arch/x86/kvm/svm/avic.c +++ b/arch/x86/kvm/svm/avic.c @@ -383,7 +383,7 @@ static int avic_kick_target_vcpus_fast(struct kvm *kvm,= struct kvm_lapic *source =20 if (apic_x2apic_mode(source)) { /* 16 bit dest mask, 16 bit cluster id */ - bitmap =3D dest & 0xFFFF0000; + bitmap =3D dest & 0xFFFF; cluster =3D (dest >> 16) << 4; } else if (kvm_lapic_get_reg(source, APIC_DFR) =3D=3D APIC_DFR_FLAT) { /* 8 bit dest mask*/ --=20 2.37.2.789.g6183377224-goog From nobody Mon Apr 6 18:48:56 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6A4B7ECAAA1 for ; Sat, 3 Sep 2022 00:23:49 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231518AbiICAXq (ORCPT ); Fri, 2 Sep 2022 20:23:46 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53716 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231388AbiICAXR (ORCPT ); Fri, 2 Sep 2022 20:23:17 -0400 Received: from mail-pf1-x449.google.com (mail-pf1-x449.google.com [IPv6:2607:f8b0:4864:20::449]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C6ACEF63DE for ; Fri, 2 Sep 2022 17:23:14 -0700 (PDT) Received: by mail-pf1-x449.google.com with SMTP id c135-20020a624e8d000000b0053617082770so1719772pfb.8 for ; Fri, 02 Sep 2022 17:23:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date; bh=gdqi7/sisgOJWdb3UjZLC+OFglcO8pjrSzcL6Yf8oaE=; b=qdZ1uwpywN2x8XHJ4BBaMqpMM/TLq88CuwaWUgF7yRNgkIc2u3iavToNk3hjy/g1M1 g38i6uQLHl/N/phr+D80midzVaIBr2r5vezSxLvVEM1lKptWwnyLluSqYep03gNZURsu wWDHbjf241306jJL9GO7WJf34Cbu5X75AdfwLc3eHznK7iRuheBqg0S6Yk+q/gCL+rsh b6Kf6ZyDhrzdfl2V8FXG90fVgQNcMZ4NnLz586ri74P17Un2luWxvVBcuGGwNTwv1N9K mC0CpD9RqNMBMZtS55NVq3lsGeL23Z4jt/5q26+840w2d3v1S0Su1pE7CkXaidk3r7Pr 1qbA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date; bh=gdqi7/sisgOJWdb3UjZLC+OFglcO8pjrSzcL6Yf8oaE=; b=JLnYnOUzkLR1OmdVMIWZiq0BqReNnd541HukBKErrsELryES1es2A2NS+Qm1hf1b2+ Kb0NBRyanwTIT/yruezB+0l63llC3UFupRzd93EYWwb8eLwtLJ7RsPTECCND5KdSrSau nFaE7FhRTAzfPFk0MTsdA6vX58E7/7NZRvNWW1Ac79pCXMyP0FzKDBIToJnxhvcgYddV WPz34tcFBW8uXg9I6IRFO08y+H/0rGYwqCno9hj36vuc5uxqyCLUej+R+pl/U7IXE2R5 UNkVg+o7yx2DRM1gP3IeDZmIZMw3U/2n3+ZqOSj7ZLIXU2KCRaTSgmViE2lbh1nx+lP3 jfiA== X-Gm-Message-State: ACgBeo0Z8DssLFBppbIyF/9XOfxgBTl6QnrbAB2FSRFVERKdjT1jp1Tq T+89uuUkDAL00DH3qbSTeW3XhpA2UvU= X-Google-Smtp-Source: AA6agR6RB/BOIiDbjdEpM8Dns12QouiSyi5WgPSKjeGtgEuZRQsP8v24+Sf8m5p4+sj444ZQ5n6F01wjdkw= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:902:da86:b0:174:cbcf:5f98 with SMTP id j6-20020a170902da8600b00174cbcf5f98mr26500000plx.49.1662164594392; Fri, 02 Sep 2022 17:23:14 -0700 (PDT) Reply-To: Sean Christopherson Date: Sat, 3 Sep 2022 00:22:40 +0000 In-Reply-To: <20220903002254.2411750-1-seanjc@google.com> Mime-Version: 1.0 References: <20220903002254.2411750-1-seanjc@google.com> X-Mailer: git-send-email 2.37.2.789.g6183377224-goog Message-ID: <20220903002254.2411750-10-seanjc@google.com> Subject: [PATCH v2 09/23] Revert "KVM: SVM: Use target APIC ID to complete x2AVIC IRQs when possible" From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Suravee Suthikulpanit , Maxim Levitsky , Li RongQing Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Due to a likely mismerge of patches, KVM ended up with a superfluous commit to "enable" AVIC's fast path for x2AVIC mode. Even worse, the superfluous commit has several bugs and creates a nasty local shadow variable. Rather than fix the bugs piece-by-piece[*] to achieve the same end result, revert the patch wholesale. Opportunistically add a comment documenting the x2AVIC dependencies. This reverts commit 8c9e639da435874fb845c4d296ce55664071ea7a. [*] https://lore.kernel.org/all/YxEP7ZBRIuFWhnYJ@google.com Fixes: 8c9e639da435 ("KVM: SVM: Use target APIC ID to complete x2AVIC IRQs = when possible") Suggested-by: Maxim Levitsky Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/avic.c | 29 +++++++++++------------------ 1 file changed, 11 insertions(+), 18 deletions(-) diff --git a/arch/x86/kvm/svm/avic.c b/arch/x86/kvm/svm/avic.c index 163edc42f979..8259a64c99d6 100644 --- a/arch/x86/kvm/svm/avic.c +++ b/arch/x86/kvm/svm/avic.c @@ -405,7 +405,17 @@ static int avic_kick_target_vcpus_fast(struct kvm *kvm= , struct kvm_lapic *source =20 logid_index =3D cluster + __ffs(bitmap); =20 - if (!apic_x2apic_mode(source)) { + if (apic_x2apic_mode(source)) { + /* + * For x2APIC, the logical APIC ID is a read-only value + * that is derived from the x2APIC ID, thus the x2APIC + * ID can be found by reversing the calculation (done + * above). Note, bits 31:20 of the x2APIC ID are not + * propagated to the logical ID, but KVM limits the + * x2APIC ID limited to KVM_MAX_VCPU_IDS. + */ + l1_physical_id =3D logid_index; + } else { u32 *avic_logical_id_table =3D page_address(kvm_svm->avic_logical_id_table_page); =20 @@ -420,23 +430,6 @@ static int avic_kick_target_vcpus_fast(struct kvm *kvm= , struct kvm_lapic *source =20 l1_physical_id =3D logid_entry & AVIC_LOGICAL_ID_ENTRY_GUEST_PHYSICAL_ID_MASK; - } else { - /* - * For x2APIC logical mode, cannot leverage the index. - * Instead, calculate physical ID from logical ID in ICRH. - */ - int cluster =3D (icrh & 0xffff0000) >> 16; - int apic =3D ffs(icrh & 0xffff) - 1; - - /* - * If the x2APIC logical ID sub-field (i.e. icrh[15:0]) - * contains anything but a single bit, we cannot use the - * fast path, because it is limited to a single vCPU. - */ - if (apic < 0 || icrh !=3D (1 << apic)) - return -EINVAL; - - l1_physical_id =3D (cluster << 4) + apic; } } =20 --=20 2.37.2.789.g6183377224-goog From nobody Mon Apr 6 18:48:56 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 75AD1C54EE9 for ; Sat, 3 Sep 2022 00:23:53 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231680AbiICAXv (ORCPT ); Fri, 2 Sep 2022 20:23:51 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53668 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229995AbiICAXS (ORCPT ); Fri, 2 Sep 2022 20:23:18 -0400 Received: from mail-pf1-x44a.google.com (mail-pf1-x44a.google.com [IPv6:2607:f8b0:4864:20::44a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B4F8CF72C4 for ; Fri, 2 Sep 2022 17:23:16 -0700 (PDT) Received: by mail-pf1-x44a.google.com with SMTP id i74-20020a62874d000000b005381588912bso1741969pfe.0 for ; Fri, 02 Sep 2022 17:23:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date; bh=Rs+EzK2PrcvX75yfJJ7NsfNpP39FoXTyChrPXJ3Dyu4=; b=svQxp/Dk1xxER24u/HvVfK52iBH7DF4YoJEpJhEFJDsvOOH1Qtk/hMBcizYU7vF/Ou 8ecN9f9/le3c74WqGDy8zb3fitBGXAODsCbpJFQKZMBeyE2CHezHQZgDZU3ZJkE5L0vn gtVXJfeKQrJEmLq6Oj+bNe/cThL2jXtOY/de52ZY8TB1qfmu4KFBm2Wox+6U+BR+MAMg kaKkOVRC8XD7E0UixuHKk05kwRnKdlOpWt7UuvYmFzWAKWCRuqBI8zvoSu6JMmX2/uwI q7Q4BAHkRbWLKBe1cRGpijR7j00TXZnb3WZ0q9YSp65fKULni0SybLtiECYFmdSU6Qju GsLg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date; bh=Rs+EzK2PrcvX75yfJJ7NsfNpP39FoXTyChrPXJ3Dyu4=; b=E5ZUVrfxinPZ+7YMaNcMeLDwbpUKm93voDPdpmo3ViNJEGXf7um5HmftsmCojHlE2n G1nfKbZ5EIn/BHy7DeLrLwQdBWGVYDGitm35eGzef2Oi3Wa5QCex0VdfsgDMZyu47pNk ocJwgEytyHVi+ALi3yp70FMV6kYBriPKvtHCvz5otjjBxWqmoGpXusnm+vIcqzNCdsl6 YcTVfyBlB7eUbNMlyNcDOdcp3F8odnVr129iKf/4wFP2RlCqE5pLN/0G/dUaiTa7cuXo IWwPJTg+29XrTw1KaZmsgGvXUZXKoPhgZOsgZFbws666FjCD7jQ1LtxgfEY/dUxHT0Ue KD1A== X-Gm-Message-State: ACgBeo13Afv3BV9Zd3OpRWsfD6ILg1XcgNRqOpqSao+HEI6PPrALT2q/ lh4HlGIWknC9ZS72i58qL5aeKWm597A= X-Google-Smtp-Source: AA6agR5aQ2I+MmONVolgNKJQhCEoOadjOqwmb1ME9GZ2SRe7UhK/yd06TRHsklSl8ULfFfu7fx0vexIihUE= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:aa7:9e4d:0:b0:537:fc95:b736 with SMTP id z13-20020aa79e4d000000b00537fc95b736mr31435090pfq.25.1662164596313; Fri, 02 Sep 2022 17:23:16 -0700 (PDT) Reply-To: Sean Christopherson Date: Sat, 3 Sep 2022 00:22:41 +0000 In-Reply-To: <20220903002254.2411750-1-seanjc@google.com> Mime-Version: 1.0 References: <20220903002254.2411750-1-seanjc@google.com> X-Mailer: git-send-email 2.37.2.789.g6183377224-goog Message-ID: <20220903002254.2411750-11-seanjc@google.com> Subject: [PATCH v2 10/23] KVM: SVM: Document that vCPU ID == APIC ID in AVIC kick fastpatch From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Suravee Suthikulpanit , Maxim Levitsky , Li RongQing Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Document that AVIC is inhibited if any vCPU's APIC ID diverges from its vCPU ID, i.e. that there's no need to check for a destination match in the AVIC kick fast path. Opportunistically tweak comments to remove "guest bug", as that suggests KVM is punting on error handling, which is not the case. Targeting a non-existent vCPU or no vCPUs _may_ be a guest software bug, but whether or not it's a guest bug is irrelevant. Such behavior is architecturally legal and thus needs to faithfully emulated by KVM (and it is). Signed-off-by: Sean Christopherson Reviewed-by: Maxim Levitsky --- arch/x86/kvm/svm/avic.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/arch/x86/kvm/svm/avic.c b/arch/x86/kvm/svm/avic.c index 8259a64c99d6..b4b5f1422db7 100644 --- a/arch/x86/kvm/svm/avic.c +++ b/arch/x86/kvm/svm/avic.c @@ -395,8 +395,8 @@ static int avic_kick_target_vcpus_fast(struct kvm *kvm,= struct kvm_lapic *source cluster =3D (dest >> 4) << 2; } =20 + /* Nothing to do if there are no destinations in the cluster. */ if (unlikely(!bitmap)) - /* guest bug: nobody to send the logical interrupt to */ return 0; =20 if (!is_power_of_2(bitmap)) @@ -424,7 +424,7 @@ static int avic_kick_target_vcpus_fast(struct kvm *kvm,= struct kvm_lapic *source if (WARN_ON_ONCE(index !=3D logid_index)) return -EINVAL; =20 - /* guest bug: non existing/reserved logical destination */ + /* Nothing to do if the logical destination is invalid. */ if (unlikely(!(logid_entry & AVIC_LOGICAL_ID_ENTRY_VALID_MASK))) return 0; =20 @@ -433,9 +433,13 @@ static int avic_kick_target_vcpus_fast(struct kvm *kvm= , struct kvm_lapic *source } } =20 + /* + * KVM inhibits AVIC if any vCPU ID diverges from the vCPUs APIC ID, + * i.e. APIC ID =3D=3D vCPU ID. Once again, nothing to do if the target + * vCPU doesn't exist. + */ target_vcpu =3D kvm_get_vcpu_by_id(kvm, l1_physical_id); if (unlikely(!target_vcpu)) - /* guest bug: non existing vCPU is a target of this IPI*/ return 0; =20 target_vcpu->arch.apic->irr_pending =3D true; --=20 2.37.2.789.g6183377224-goog From nobody Mon Apr 6 18:48:56 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8A39AECAAA1 for ; Sat, 3 Sep 2022 00:24:04 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231736AbiICAYB (ORCPT ); Fri, 2 Sep 2022 20:24:01 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53670 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231401AbiICAXT (ORCPT ); Fri, 2 Sep 2022 20:23:19 -0400 Received: from mail-pj1-x1049.google.com (mail-pj1-x1049.google.com [IPv6:2607:f8b0:4864:20::1049]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7B8FBF63D7 for ; Fri, 2 Sep 2022 17:23:18 -0700 (PDT) Received: by mail-pj1-x1049.google.com with SMTP id a17-20020a17090abe1100b001fda49516e2so3864894pjs.2 for ; Fri, 02 Sep 2022 17:23:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date; bh=iceCiZqUYYalhRNpv9X384KNVicva7F6it80d8wrhy8=; b=edqM6eTlCy2LopEzwgZ1W+ygH/qNwnjBJpOCWfbcUtowcPPJOlQY7mN8CGTLjhbA8B 6xmeKJ4KjinMsoSBkiIVjrGctJR2bcN+JSS4WpZQmD8ddpA3zt4I12GAc06cuYbcwUTA qm+NIFvDq6Ufc93vzJOAGXHs0SMO0Ddtfpnf7Z1dYD/AEExEinTELFztOsAj3tPkj2d1 QC/yLUVYSLHn+AghFa0zqWJ5+08UKuiBc0wWcX0iREvFL8Ea3nZXnpLDZHJ6KUhh6rAz hFGuA6/++f4ixuhH3+k8TLWJ6l6Ks+FdkILZBlGacb6NDhjwS8Z8ESwNTZFXwSq9gzd2 TE5Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date; bh=iceCiZqUYYalhRNpv9X384KNVicva7F6it80d8wrhy8=; b=LXqAt7oCTQIatk8SrdWtlhl4XEmr09j2fkTcocCvSG6IvsJNxRklxaYQTDHTT9cTZw J/NFMHj6emBmPffKpNaxET6vF5hCeoyKqu2Znh85QDy0i2go3hdhuC0QQgY2cma0VLXQ Dakh76aQeEG2Ukf7D/9gRIDpuWFTDSeTiFezYTa3jBc/QMifTwYo3QIucmZb03Zamzam E8Nn1Yeqb2g2yWI1CORPbyaBXqAZb5m7OmolskHpM+E2Y0BXSgvhCX2S1foQApkncSkj mnr5MU3avOaYJIgdwdpIR/i4yZxOflveh4RIdWQC5CBatiakvx5UCjGKimzNsXA2BNGo 7aJA== X-Gm-Message-State: ACgBeo18MYG78ek52u1GZ+WO5YnbYLoOdEwT7FBKq3KELTMfOXuhN6qW SQsUY9lbBgUI7y0kg5pxazK+v581PZM= X-Google-Smtp-Source: AA6agR7ycJmrf38F6f5piy/D0fLpR9q0jyyWVg1fTy47spj87vDBe4t10tqVp1k2Px/2XsdvgWBZlColM+s= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a62:5ac6:0:b0:537:f0fa:4ae1 with SMTP id o189-20020a625ac6000000b00537f0fa4ae1mr33026877pfb.70.1662164598026; Fri, 02 Sep 2022 17:23:18 -0700 (PDT) Reply-To: Sean Christopherson Date: Sat, 3 Sep 2022 00:22:42 +0000 In-Reply-To: <20220903002254.2411750-1-seanjc@google.com> Mime-Version: 1.0 References: <20220903002254.2411750-1-seanjc@google.com> X-Mailer: git-send-email 2.37.2.789.g6183377224-goog Message-ID: <20220903002254.2411750-12-seanjc@google.com> Subject: [PATCH v2 11/23] KVM: SVM: Add helper to perform final AVIC "kick" of single vCPU From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Suravee Suthikulpanit , Maxim Levitsky , Li RongQing Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add a helper to perform the final kick, two instances of the ICR decoding is one too many. No functional change intended. Signed-off-by: Sean Christopherson Reviewed-by: Maxim Levitsky --- arch/x86/kvm/svm/avic.c | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/arch/x86/kvm/svm/avic.c b/arch/x86/kvm/svm/avic.c index b4b5f1422db7..3400046ad0b4 100644 --- a/arch/x86/kvm/svm/avic.c +++ b/arch/x86/kvm/svm/avic.c @@ -344,6 +344,16 @@ void avic_ring_doorbell(struct kvm_vcpu *vcpu) put_cpu(); } =20 + +static void avic_kick_vcpu(struct kvm_vcpu *vcpu, u32 icrl) +{ + vcpu->arch.apic->irr_pending =3D true; + svm_complete_interrupt_delivery(vcpu, + icrl & APIC_MODE_MASK, + icrl & APIC_INT_LEVELTRIG, + icrl & APIC_VECTOR_MASK); +} + /* * A fast-path version of avic_kick_target_vcpus(), which attempts to match * destination APIC ID to vCPU without looping through all vCPUs. @@ -442,11 +452,7 @@ static int avic_kick_target_vcpus_fast(struct kvm *kvm= , struct kvm_lapic *source if (unlikely(!target_vcpu)) return 0; =20 - target_vcpu->arch.apic->irr_pending =3D true; - svm_complete_interrupt_delivery(target_vcpu, - icrl & APIC_MODE_MASK, - icrl & APIC_INT_LEVELTRIG, - icrl & APIC_VECTOR_MASK); + avic_kick_vcpu(target_vcpu, icrl); return 0; } =20 @@ -470,13 +476,8 @@ static void avic_kick_target_vcpus(struct kvm *kvm, st= ruct kvm_lapic *source, */ kvm_for_each_vcpu(i, vcpu, kvm) { if (kvm_apic_match_dest(vcpu, source, icrl & APIC_SHORT_MASK, - dest, icrl & APIC_DEST_MASK)) { - vcpu->arch.apic->irr_pending =3D true; - svm_complete_interrupt_delivery(vcpu, - icrl & APIC_MODE_MASK, - icrl & APIC_INT_LEVELTRIG, - icrl & APIC_VECTOR_MASK); - } + dest, icrl & APIC_DEST_MASK)) + avic_kick_vcpu(vcpu, icrl); } } =20 --=20 2.37.2.789.g6183377224-goog From nobody Mon Apr 6 18:48:56 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8430EC38145 for ; Sat, 3 Sep 2022 00:23:57 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231713AbiICAX4 (ORCPT ); Fri, 2 Sep 2022 20:23:56 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53680 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230173AbiICAXV (ORCPT ); Fri, 2 Sep 2022 20:23:21 -0400 Received: from mail-pf1-x44a.google.com (mail-pf1-x44a.google.com [IPv6:2607:f8b0:4864:20::44a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7930EF63DB for ; Fri, 2 Sep 2022 17:23:20 -0700 (PDT) Received: by mail-pf1-x44a.google.com with SMTP id i3-20020aa78b43000000b005320ac5b724so1729467pfd.4 for ; Fri, 02 Sep 2022 17:23:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date; bh=tz9XFzkzR4iwpvliIXrKjfw6rH6NLo3IRqdjhrYMVRc=; b=MqzieyIBuWuV6MtJvV/l2VvfU+bUyxxlAB2jXhMmb/8OEXHE/+kj8t6rUnbRsdk9ri opzJegfNiPb9BGkxITrQtthYkI4vRiNauhc3IG9/xIrOjzpOMvnMUh4eLdEdNuo/nPAo oWY9pbgskw8qGdSx09c1oYF41O8eM7zxMj/rlIkZ7w0Hp5hy/fmuqGUAVpmy/GYYIheP lFWIP7OXA4391vxIrc0fjwpgX9Q3EULXweFcWP5+okZRt1oyHAtVNmfpINqfxMn4+mO9 dPEK44vkBrdGE9Q2CQ4AZ/58vBkzhq+za1dpNwuQ6W6QEwtQ2DpIIVJSITzjPssGZK52 eW/w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date; bh=tz9XFzkzR4iwpvliIXrKjfw6rH6NLo3IRqdjhrYMVRc=; b=B7E2Wrrk+i+YBLfBkz2FJaWgUyLo3CqhVfKjqy8+qpuyB+ZyrVtUO5r2S3g2AZ9PZv NtjtUY5r3esBvUTwASJnwzR0kBjQQmnYdS4l8XcO9kTxEfIVKYBcQVbnFKYw9+hHk+C0 a843eaFrRSOZ93wB9B95SmunsXtWFNOV29i8KECOAsHVxh8t0K3NOUYsWVwFMeLTbkF8 N5YbTEZrlmX6PW7GxvHDpxaodpwTIJere+y0hw4gUP4raCfx5zk1JFlES55O7jcra3fG R0Q1dxvslpVbJLz9T2KXOKs2ZEtLf2dXMwAXdpvSX5jhThAX6ABpMCOD2lu5WhJ658Ep XeVg== X-Gm-Message-State: ACgBeo2vuw4+GI2NUf1VhInFytWf+2DJ1ymGhs8a2jmu4kSa3ZFQ2ytk pLxTq8DTB52DeSM2L+Yj6PUamm5j8cM= X-Google-Smtp-Source: AA6agR5iW38ydQ1YIgO8Dmri/UpX81zZ5HWPP67gm4Qk2NDFTFy6LgrZ+EPLRZDmpFgE+tKIQxbz9tSCiHs= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:90a:d150:b0:1fd:9336:5db3 with SMTP id t16-20020a17090ad15000b001fd93365db3mr7469743pjw.242.1662164600066; Fri, 02 Sep 2022 17:23:20 -0700 (PDT) Reply-To: Sean Christopherson Date: Sat, 3 Sep 2022 00:22:43 +0000 In-Reply-To: <20220903002254.2411750-1-seanjc@google.com> Mime-Version: 1.0 References: <20220903002254.2411750-1-seanjc@google.com> X-Mailer: git-send-email 2.37.2.789.g6183377224-goog Message-ID: <20220903002254.2411750-13-seanjc@google.com> Subject: [PATCH v2 12/23] KVM: x86: Disable APIC logical map if logical ID covers multiple MDAs From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Suravee Suthikulpanit , Maxim Levitsky , Li RongQing Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Disable the optimized APIC logical map if a logical ID covers multiple MDAs, i.e. if a vCPU has multiple bits set in its ID. In logical mode, events match if "ID & MDA !=3D 0", i.e. creating an entry for only the first bit can cause interrupts to be missed. Note, creating an entry for every bit is also wrong as KVM would generate IPIs for every matching bit. It would be possible to teach KVM to play nice with this edge case, but it is very much an edge case and probably not used in any real world OS, i.e. it's not worth optimizing. Use an impossible value for the "mode" to effectively designate that it's disabled. Don't bother adding a dedicated "invalid" value, the mode handling will be cleaned up in the future and it would take just as much effort to explain what value is "safe" at this time. Fixes: 1e08ec4a130e ("KVM: optimize apic interrupt delivery") Signed-off-by: Sean Christopherson Reviewed-by: Maxim Levitsky --- arch/x86/kvm/lapic.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c index d956cd37908e..6b2f538b8fd0 100644 --- a/arch/x86/kvm/lapic.c +++ b/arch/x86/kvm/lapic.c @@ -300,8 +300,15 @@ void kvm_recalculate_apic_map(struct kvm *kvm) if (!kvm_apic_map_get_logical_dest(new, ldr, &cluster, &mask)) continue; =20 - if (mask) - cluster[ffs(mask) - 1] =3D apic; + if (!mask) + continue; + + if (!is_power_of_2(mask)) { + new->mode =3D KVM_APIC_MODE_XAPIC_FLAT | + KVM_APIC_MODE_XAPIC_CLUSTER; + continue; + } + cluster[ffs(mask) - 1] =3D apic; } out: old =3D rcu_dereference_protected(kvm->arch.apic_map, --=20 2.37.2.789.g6183377224-goog From nobody Mon Apr 6 18:48:56 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id DD563C54EE9 for ; Sat, 3 Sep 2022 00:24:08 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231774AbiICAYH (ORCPT ); Fri, 2 Sep 2022 20:24:07 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53786 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231411AbiICAXX (ORCPT ); Fri, 2 Sep 2022 20:23:23 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6DC7AF72C1 for ; Fri, 2 Sep 2022 17:23:22 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id v8-20020a258488000000b00695847496a4so2761248ybk.19 for ; Fri, 02 Sep 2022 17:23:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date; bh=sRJGbJUfwvTmIt7TCeDCGPl4C7G33IdwBZhsjLxh4VE=; b=Lrtf7dftYWdQobVdgIYPY6rFbIW/t3fpvvyqbmyM3pcHzZa84O+5S96zD5KZw3DiEJ vuPjMZQlr2ppg9GuBQEI9CH5Ih8F7Jm6P3e8qC2UoXHEDYk9jAClPlYuAOtWDlVxSpJJ EPdEItdldlbw0Ap4kJzxKdBMkwm8rZJv6mj44abpH1vu88KMUqD/B3DRHBnaT0H4Z3MD VL4+VWw/fxVq2p3ZDZ3iHnkzulp4D4CfOVq74bGwJintlSIzuIdnlMjR4g5wbCuo8oEa NPCHC5ZpSHWUGf+aqxBNOyVCdHWJwD2nbKyLepN/mRL4AXLiWmuL0AIDdX8QA1XBGhz9 uX8g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date; bh=sRJGbJUfwvTmIt7TCeDCGPl4C7G33IdwBZhsjLxh4VE=; b=cpi992VtjhRagvcDpI6bIvu2/5U+bYaH5s2fANkd1f/32mGL87UH9Fv8CcqcVYZJe4 aQpJlrqS0WhVoOTqfdw1PgrHPw+IFq8HX/twkihkrZmTLgDlbNYnEgOlnXXj9dij019H uRQjOrntAxxwcIAmm68xC2MVxhZCgvTosBQhIBV0MOprlElM0+Pi7ArMsmXlD9aX3tLd UFptdZ0KdfJ5Qj/OF5GDCZjYVH+POIEC6FvCmUX6dQfIietTFt5mouOufoHwARHte6ck d7qQHK2Vtps1j6U3SJbulQW/Rwcy2tgvUnnFYJtNwi+SiaTpYg//s6tCJgdKw2H57hO6 cP0Q== X-Gm-Message-State: ACgBeo0bB/wPH5nydDknyEMEBBjQFUKZmZBs3/4mSU2wHpgAzqDeSios ORCct47Skw7HIryxm7xVvQE0FCI8RLY= X-Google-Smtp-Source: AA6agR6Lvf/iV4NjK3NatuY3tfKZ66unw+gXhNRGQwD51QtjJbXvqUr/zDzU5BLJgHKQONRPn6jy3xdkQ9c= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:9986:0:b0:6a7:29ef:133c with SMTP id p6-20020a259986000000b006a729ef133cmr1686245ybo.479.1662164601696; Fri, 02 Sep 2022 17:23:21 -0700 (PDT) Reply-To: Sean Christopherson Date: Sat, 3 Sep 2022 00:22:44 +0000 In-Reply-To: <20220903002254.2411750-1-seanjc@google.com> Mime-Version: 1.0 References: <20220903002254.2411750-1-seanjc@google.com> X-Mailer: git-send-email 2.37.2.789.g6183377224-goog Message-ID: <20220903002254.2411750-14-seanjc@google.com> Subject: [PATCH v2 13/23] KVM: x86: Disable APIC logical map if vCPUs are aliased in logical mode From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Suravee Suthikulpanit , Maxim Levitsky , Li RongQing Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Disable the optimized APIC logical map if multiple vCPUs are aliased to the same logical ID. Architecturally, all CPUs whose logical ID matches the MDA are supposed to receive the interrupt; overwriting existing map entries can result in missed IPIs. Fixes: 1e08ec4a130e ("KVM: optimize apic interrupt delivery") Signed-off-by: Sean Christopherson Reviewed-by: Maxim Levitsky --- arch/x86/kvm/lapic.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c index 6b2f538b8fd0..75748c380ceb 100644 --- a/arch/x86/kvm/lapic.c +++ b/arch/x86/kvm/lapic.c @@ -303,12 +303,13 @@ void kvm_recalculate_apic_map(struct kvm *kvm) if (!mask) continue; =20 - if (!is_power_of_2(mask)) { + ldr =3D ffs(mask) - 1; + if (!is_power_of_2(mask) || cluster[ldr]) { new->mode =3D KVM_APIC_MODE_XAPIC_FLAT | KVM_APIC_MODE_XAPIC_CLUSTER; continue; } - cluster[ffs(mask) - 1] =3D apic; + cluster[ldr] =3D apic; } out: old =3D rcu_dereference_protected(kvm->arch.apic_map, --=20 2.37.2.789.g6183377224-goog From nobody Mon Apr 6 18:48:56 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9A846ECAAA1 for ; Sat, 3 Sep 2022 00:24:15 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231804AbiICAYN (ORCPT ); Fri, 2 Sep 2022 20:24:13 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53816 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231435AbiICAX0 (ORCPT ); Fri, 2 Sep 2022 20:23:26 -0400 Received: from mail-pg1-x54a.google.com (mail-pg1-x54a.google.com [IPv6:2607:f8b0:4864:20::54a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B5757F63D1 for ; Fri, 2 Sep 2022 17:23:23 -0700 (PDT) Received: by mail-pg1-x54a.google.com with SMTP id 15-20020a63020f000000b0041b578f43f9so1888611pgc.11 for ; Fri, 02 Sep 2022 17:23:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date; bh=PvUdDgcJt2n+rsBljDkGNrBoyU4Rfeywa67YYhOs2Os=; b=hp9UsSaSUQW6/lS6OEq+lgoNM/OAL7afsdN/wWTzCsgzlK076VC8AFsMhM6/hFneDU ztVGZp1AZH4Co9RVgIHkAvQLvWUth/LCfTEBMDyOVqin9kYRLyuANehjIZ536rFUw4eN cgoRNLUtbm8gplTkPvzNcL6PSsJ3qGQhSaJx3vywyL/8uB1qZToCbGGAUsh9xLkK5Vx1 8kw7m+THQnb/knMpULq3URVZT8S8y+94k3f8XzE7BnOWUgyh4d/YOr2Kicwv69r2pO4A Muac4bWq62mNQ9BzKAM3d2mG82E+8zv/VgFy15BCJN5cMHirlAc76BZKGWL1G5GmnL19 KUBA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date; bh=PvUdDgcJt2n+rsBljDkGNrBoyU4Rfeywa67YYhOs2Os=; b=ZDFpwkOLI4fnpqZSK2EEs3Vx5+6b0ZD3eMB+eM7r6/PwMpggErO+trL5pdce2CsPsj cShBJ8fKbKMkXQ/u6E18fcGxGkDUqjJBeOlANbztjOTnyH4AM7O10OTqUaDN//LMO12K bfxbIqisVsBbuQWAgHF56JszuTDAHaOLJyQN+esJ4j/uwcYNCZMDBzSYmjhQZ71PmsX2 Ez2ci5hkyny1cfz7OqJ3tuJycKivbg78OJWHZxK+ngFNCEsrWrS5mPWgP4U4qckCFHNK TpMrH0JIk1FhqOG5zp88IwDRlkUhmExpr7588086TtoF94dAnp3q62AFt1Ym7YzqxjDR RUnQ== X-Gm-Message-State: ACgBeo3zdlXzMas6yicYfvxo2vuawG9dFQkbO5DPXNP5pq/gGZqASbG9 odLNoslxzW42f5dY61I/czQiW9XvIjc= X-Google-Smtp-Source: AA6agR7d9kLZfyjpjnJDkIqPfDKJtru5IjWJBCPmBn2Kv1abPDq9p9t5cjddNhVgcjVy4czww9KyQ/VvxO8= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:90a:e7c2:b0:1f5:85ab:938c with SMTP id kb2-20020a17090ae7c200b001f585ab938cmr7624680pjb.133.1662164603472; Fri, 02 Sep 2022 17:23:23 -0700 (PDT) Reply-To: Sean Christopherson Date: Sat, 3 Sep 2022 00:22:45 +0000 In-Reply-To: <20220903002254.2411750-1-seanjc@google.com> Mime-Version: 1.0 References: <20220903002254.2411750-1-seanjc@google.com> X-Mailer: git-send-email 2.37.2.789.g6183377224-goog Message-ID: <20220903002254.2411750-15-seanjc@google.com> Subject: [PATCH v2 14/23] KVM: x86: Honor architectural behavior for aliased 8-bit APIC IDs From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Suravee Suthikulpanit , Maxim Levitsky , Li RongQing Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Apply KVM's hotplug hack if and only if userspace has enabled 32-bit IDs for x2APIC. If 32-bit IDs are not enabled, disable the optimized map to honor x86 architectural behavior if multiple vCPUs shared a physical APIC ID. As called out in the changelog that added the hack, all CPUs whose (possibly truncated) APIC ID matches the target are supposed to receive the IPI. KVM intentionally differs from real hardware, because real hardware (Knights Landing) does just "x2apic_id & 0xff" to decide whether to accept the interrupt in xAPIC mode and it can deliver one interrupt to more than one physical destination, e.g. 0x123 to 0x123 and 0x23. Applying the hack even when x2APIC is not fully enabled means KVM doesn't correctly handle scenarios where the guest has aliased xAPIC IDs across multiple vCPUs, as only the vCPU with the lowest vCPU ID will receive any interrupts. It's extremely unlikely any real world guest aliase APIC IDs, or even modifies APIC IDs, but KVM's behavior is arbitrary, e.g. the lowest vCPU ID "wins" regardless of which vCPU is "aliasing" and which vCPU is "normal". Furthermore, the hack is _not_ guaranteed to work! The hack works if and only if the optimized APIC map is successfully allocated. If the map allocation fails (unlikely), KVM will fall back to its unoptimized behavior, which _does_ honor the architectural behavior. Pivot on 32-bit x2APIC IDs being enabled as that is required to take advantage of the hotplug hack (see kvm_apic_state_fixup()), i.e. won't break existing setups unless they are way, way off in the weeds. And an entry in KVM's errata to document the hack. Alternatively, KVM could provide an actual x2APIC quirk and document the hack that way, but there's unlikely to ever be a use case for disabling the quirk. Go the errata route to avoid having to validate a quirk no one cares about. Fixes: 5bd5db385b3e ("KVM: x86: allow hotplug of VCPU with APIC ID over 0xf= f") Signed-off-by: Sean Christopherson --- Documentation/virt/kvm/x86/errata.rst | 11 ++++++ arch/x86/kvm/lapic.c | 50 ++++++++++++++++++++++----- 2 files changed, 52 insertions(+), 9 deletions(-) diff --git a/Documentation/virt/kvm/x86/errata.rst b/Documentation/virt/kvm= /x86/errata.rst index 410e0aa63493..49a05f24747b 100644 --- a/Documentation/virt/kvm/x86/errata.rst +++ b/Documentation/virt/kvm/x86/errata.rst @@ -37,3 +37,14 @@ Nested virtualization features ------------------------------ =20 TBD + +x2APIC +------ +When KVM_X2APIC_API_USE_32BIT_IDS is enabled, KVM activates a hack/quirk t= hat +allows sending events to a single vCPU using its x2APIC ID even if the tar= get +vCPU has legacy xAPIC enabled, e.g. to bring up hotplugged vCPUs via INIT-= SIPI +on VMs with > 255 vCPUs. A side effect of the quirk is that, if multiple = vCPUs +have the same physical APIC ID, KVM will deliver events targeting that API= C ID +only to the vCPU with the lowest vCPU ID. If KVM_X2APIC_API_USE_32BIT_IDS= is +not enabled, KVM follows x86 architecture when processing interrupts (all = vCPUs +matching the target APIC ID receive the interrupt). diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c index 75748c380ceb..4c5f49c4d4f1 100644 --- a/arch/x86/kvm/lapic.c +++ b/arch/x86/kvm/lapic.c @@ -260,10 +260,10 @@ void kvm_recalculate_apic_map(struct kvm *kvm) kvm_for_each_vcpu(i, vcpu, kvm) { struct kvm_lapic *apic =3D vcpu->arch.apic; struct kvm_lapic **cluster; + u32 x2apic_id, physical_id; u16 mask; u32 ldr; u8 xapic_id; - u32 x2apic_id; =20 if (!kvm_apic_present(vcpu)) continue; @@ -271,16 +271,48 @@ void kvm_recalculate_apic_map(struct kvm *kvm) xapic_id =3D kvm_xapic_id(apic); x2apic_id =3D kvm_x2apic_id(apic); =20 - /* Hotplug hack: see kvm_apic_match_physical_addr(), ... */ - if ((apic_x2apic_mode(apic) || x2apic_id > 0xff) && - x2apic_id <=3D new->max_apic_id) - new->phys_map[x2apic_id] =3D apic; /* - * ... xAPIC ID of VCPUs with APIC ID > 0xff will wrap-around, - * prevent them from masking VCPUs with APIC ID <=3D 0xff. + * Apply KVM's hotplug hack if userspace has enable 32-bit APIC + * IDs. Allow sending events to vCPUs by their x2APIC ID even + * if the target vCPU is in legacy xAPIC mode, and silently + * ignore aliased xAPIC IDs (the x2APIC ID is truncated to 8 + * bits, causing IDs > 0xff to wrap and collide). + * + * Honor the architectural (and KVM's non-optimized) behavior + * if userspace has not enabled 32-bit x2APIC IDs. Each APIC + * is supposed to process messages independently. If multiple + * vCPUs have the same effective APIC ID, e.g. due to the + * x2APIC wrap or because the guest manually modified its xAPIC + * IDs, events targeting that ID are supposed to be recognized + * by all vCPUs with said ID. */ - if (!apic_x2apic_mode(apic) && !new->phys_map[xapic_id]) - new->phys_map[xapic_id] =3D apic; + if (kvm->arch.x2apic_format) { + /* See also kvm_apic_match_physical_addr(). */ + if ((apic_x2apic_mode(apic) || x2apic_id > 0xff) && + x2apic_id <=3D new->max_apic_id) + new->phys_map[x2apic_id] =3D apic; + + if (!apic_x2apic_mode(apic) && !new->phys_map[xapic_id]) + new->phys_map[xapic_id] =3D apic; + } else { + /* + * Disable the optimized map if the physical APIC ID is + * already mapped, i.e. is aliased to multiple vCPUs. + * The optimized map requires a strict 1:1 mapping + * between IDs and vCPUs. + */ + if (apic_x2apic_mode(apic)) + physical_id =3D x2apic_id; + else + physical_id =3D xapic_id; + + if (new->phys_map[physical_id]) { + kvfree(new); + new =3D NULL; + goto out; + } + new->phys_map[physical_id] =3D apic; + } =20 if (!kvm_apic_sw_enabled(apic)) continue; --=20 2.37.2.789.g6183377224-goog From nobody Mon Apr 6 18:48:56 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 56CE0C38145 for ; Sat, 3 Sep 2022 00:24:21 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231819AbiICAYS (ORCPT ); Fri, 2 Sep 2022 20:24:18 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53834 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231446AbiICAX3 (ORCPT ); Fri, 2 Sep 2022 20:23:29 -0400 Received: from mail-pg1-x549.google.com (mail-pg1-x549.google.com [IPv6:2607:f8b0:4864:20::549]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 57DA7F72CB for ; Fri, 2 Sep 2022 17:23:25 -0700 (PDT) Received: by mail-pg1-x549.google.com with SMTP id g63-20020a636b42000000b004305794e112so1883970pgc.20 for ; Fri, 02 Sep 2022 17:23:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date; bh=rrxOj6R3JsP7X4wJ2mvKJ8fJICeKlQtKiWhKFMrI/6A=; b=NBi9qTeOVZwGZ2FRXHHFz8I1zP6pGuyNlhLOF624Zr12agQ9NWuXfFJij00PH/7VVj 1h6YB+Rez+4fdqYZhPmUEiz0HYfEUOgNFUiiq7ZdodUOzlCDYJKhShfmNGxCgsDeCgA9 tScO/gj2x9FsBgLZI/X1cuWxXWneOffco610sof+4hKLLG9dxyNs8ZaWIm5HEEDqGZ1V VG2ik8ozpsdYJ6CUZfhpPqEYCA0jgtW8hNx+HwYVCFKiKL6FBosXy9yZ5kjY5MU6+mC9 pbgnE1U68KC3L4+8V1TvP9vPuD+BT730kswD2IEVHR1HS6AI9IcD3LWWgsXOUq70LLZZ PPRQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date; bh=rrxOj6R3JsP7X4wJ2mvKJ8fJICeKlQtKiWhKFMrI/6A=; b=RWwqOxl3W3K0BzDRqyVCbcaX05cvDsamQvQKOWGf1FuSPfA51wdJUWvQ7SlVJRfcLo Dp6ouBxxERUOknZZajFfD8ScX/hyVX0gFlfPgVcIkXJ4R/jI6ydwsVulM2gK4Dwl/8H3 S5WGG0lO3VEj7Qwsvpm5PMCtcvMJcd4ayww1IzEMqd2qQHjEgmno19LnNYcr92WIuZkU MQ1TOBzCN+s5A9MV6d4fJNzhQg4PodH7k0Ek04A05IHzL081Z1Xqm0we/6DQLvMfq5S3 cPTjIb6753UMI9xUn7XnY5Gt8hoc5rzzjBhN93JBCu9rJKdP5yLmofKdrV55v9gEkKeL echA== X-Gm-Message-State: ACgBeo32K0bb5PAfsj5JucC8ifLIAy3AzG7L3y1u2mvmLgFF/lZrBK7C qtUJpwXVSsoVWnQUw7PdTFGb+H+/uV0= X-Google-Smtp-Source: AA6agR7p3xJPJyvc0VRdWacDfZgNOR5e2m+iY8o4EhTdk4RsPO6f24uT0PUztUqNwwZPfym5fpn++e/VXkk= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6a00:10c7:b0:53b:5eb3:4648 with SMTP id d7-20020a056a0010c700b0053b5eb34648mr3677753pfu.67.1662164604937; Fri, 02 Sep 2022 17:23:24 -0700 (PDT) Reply-To: Sean Christopherson Date: Sat, 3 Sep 2022 00:22:46 +0000 In-Reply-To: <20220903002254.2411750-1-seanjc@google.com> Mime-Version: 1.0 References: <20220903002254.2411750-1-seanjc@google.com> X-Mailer: git-send-email 2.37.2.789.g6183377224-goog Message-ID: <20220903002254.2411750-16-seanjc@google.com> Subject: [PATCH v2 15/23] KVM: x86: Explicitly skip adding vCPU to optimized logical map if LDR==0 From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Suravee Suthikulpanit , Maxim Levitsky , Li RongQing Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Explicitly skip adding a vCPU to the optimized map of logical IDs if the the vCPU's LDR is '0', i.e. if the vCPU will never response to logical mode interrupts. KVM already skips the vCPU in this case, but relies on kvm_apic_map_get_logical_dest() to generate mask=3D=3D0. KVM still needs t= he mask=3D0 check as a non-zero LDR can yield mask=3D=3D0 depending on the mod= e, but explicitly handling the LDR will make it simpler to clean up the logical mode tracking in the future. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/kvm/lapic.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c index 4c5f49c4d4f1..80528d86f010 100644 --- a/arch/x86/kvm/lapic.c +++ b/arch/x86/kvm/lapic.c @@ -318,10 +318,12 @@ void kvm_recalculate_apic_map(struct kvm *kvm) continue; =20 ldr =3D kvm_lapic_get_reg(apic, APIC_LDR); + if (!ldr) + continue; =20 if (apic_x2apic_mode(apic)) { new->mode |=3D KVM_APIC_MODE_X2APIC; - } else if (ldr) { + } else { ldr =3D GET_APIC_LOGICAL_ID(ldr); if (kvm_lapic_get_reg(apic, APIC_DFR) =3D=3D APIC_DFR_FLAT) new->mode |=3D KVM_APIC_MODE_XAPIC_FLAT; --=20 2.37.2.789.g6183377224-goog From nobody Mon Apr 6 18:48:56 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 504B4C38145 for ; Sat, 3 Sep 2022 00:24:33 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231639AbiICAYa (ORCPT ); Fri, 2 Sep 2022 20:24:30 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53718 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231472AbiICAXd (ORCPT ); Fri, 2 Sep 2022 20:23:33 -0400 Received: from mail-pg1-x549.google.com (mail-pg1-x549.google.com [IPv6:2607:f8b0:4864:20::549]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 89D50F72DA for ; Fri, 2 Sep 2022 17:23:27 -0700 (PDT) Received: by mail-pg1-x549.google.com with SMTP id q14-20020a6557ce000000b0041da9c3c244so1873942pgr.22 for ; Fri, 02 Sep 2022 17:23:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date; bh=dsW89dfckTQ7U6+iEAzjnMXnoFtieG6da3C1L59fgMo=; b=M+li2tgSgjLklpIjOA9VfDwPNm+OKNxfpflwRzPHIRwKx/FgUX/G18HXpTtFxWXJtg DsuSNy9p5JpwaF4X1yz/CMs6OOhZV5jNFdhB1X3YXGyMXj/P5rYHPc49uNaKWCqe/pc0 5dMWxYR1SeJ18Fm5c+lr/ip8+9dbYeqTxU1zN35gj10f5J0JEAJ9203X6Jrs87E1JoAK kGdPfPq9wtKlALrTfFcYoQOpiWrfz3O62XPjYSxC/RsbtS+rn4qwxdfz2VOt1H832Wgq DEJpp6qfdl89RHXUGuoq2ZuZNfwMKS174uWnm057Nk0JntqGcTTRuCb1+kuX8yaxAbM/ DCUg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date; bh=dsW89dfckTQ7U6+iEAzjnMXnoFtieG6da3C1L59fgMo=; b=tUqCgcU+TJ7n2cQ2l5FaO72R2K2dt2mfXOOIpGMGn74wgq3xzIAqTEONOVAGu+u8Gl XKC+TSUy2J2uP9SD4+tXwJUQXrjHBQ/EUCfYQfIe/k038n/MJM9eqxm5EPlCBCxxmXK8 KEL7k/O0+ay63VJL/gEu+hGbvHRjh8G4P8eqV4ximYB6APHZNdLNa+peB/ejGerlX1w6 QArGupA2PVTkMzROWSZynWjvn8SVRoqGTVjJytFhfzriVSNjwG8auVsbKoxvBTaAIDcR rKxOZDV+Q5Z57ytQX0MreIEPBCUOtFKL7eHi5Saj55zY9xdb8cUbwv28sAJC5J+ZgRPK kGlA== X-Gm-Message-State: ACgBeo0X9qRoNJOpuuYBmnE729ZtftXT5n0B2mOrDSo8L05Wg2MwYCnN evJO+aLDg+r8cYIH/2SGOroX/Y31MvM= X-Google-Smtp-Source: AA6agR4h06+UGnMuEU1Wnc3kO/LfJikOi7PtbuVfPGKo83ROZVVtfae6ZECKmpyETJvdvT4HDAsG7+jOQzk= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:90a:d343:b0:1fd:b437:7ae9 with SMTP id i3-20020a17090ad34300b001fdb4377ae9mr7759560pjx.73.1662164606644; Fri, 02 Sep 2022 17:23:26 -0700 (PDT) Reply-To: Sean Christopherson Date: Sat, 3 Sep 2022 00:22:47 +0000 In-Reply-To: <20220903002254.2411750-1-seanjc@google.com> Mime-Version: 1.0 References: <20220903002254.2411750-1-seanjc@google.com> X-Mailer: git-send-email 2.37.2.789.g6183377224-goog Message-ID: <20220903002254.2411750-17-seanjc@google.com> Subject: [PATCH v2 16/23] KVM: x86: Explicitly track all possibilities for APIC map's logical modes From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Suravee Suthikulpanit , Maxim Levitsky , Li RongQing Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Track all possibilities for the optimized APIC map's logical modes instead of overloading the pseudo-bitmap and treating any "unknown" value as "invalid". As documented by the now-stale comment above the mode values, the values did have meaning when the optimized map was originally added. That dependent logical was removed by commit e45115b62f9a ("KVM: x86: use physical LAPIC array for logical x2APIC"), but the obfuscated behavior and its comment were left behind. Opportunistically rename "mode" to "logical_mode", partly to make it clear that the "disabled" case applies only to the logical map, but also to prove that there is no lurking code that expects "mode" to be a bitmap. Functionally, this is a glorified nop. Signed-off-by: Sean Christopherson --- arch/x86/include/asm/kvm_host.h | 21 ++++++++++-------- arch/x86/kvm/lapic.c | 38 ++++++++++++++++++++++++--------- 2 files changed, 40 insertions(+), 19 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index 1fd1b66ceeb6..13dadc96d9ac 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -955,19 +955,22 @@ struct kvm_arch_memory_slot { }; =20 /* - * We use as the mode the number of bits allocated in the LDR for the - * logical processor ID. It happens that these are all powers of two. - * This makes it is very easy to detect cases where the APICs are - * configured for multiple modes; in that case, we cannot use the map and - * hence cannot use kvm_irq_delivery_to_apic_fast either. + * Track the mode of the optimized logical map, as the rules for decoding = the + * destination vary per mode. Enabling the optimized logical map requires= all + * software-enabled local APIs to be in the same mode, each addressable AP= IC to + * be mapped to only one MDA, and each MDA to map to at most one APIC. */ -#define KVM_APIC_MODE_XAPIC_CLUSTER 4 -#define KVM_APIC_MODE_XAPIC_FLAT 8 -#define KVM_APIC_MODE_X2APIC 16 +enum kvm_apic_logical_mode { + KVM_APIC_MODE_SW_DISABLED, + KVM_APIC_MODE_XAPIC_CLUSTER, + KVM_APIC_MODE_XAPIC_FLAT, + KVM_APIC_MODE_X2APIC, + KVM_APIC_MODE_MAP_DISABLED, +}; =20 struct kvm_apic_map { struct rcu_head rcu; - u8 mode; + enum kvm_apic_logical_mode logical_mode; u32 max_apic_id; union { struct kvm_lapic *xapic_flat_map[8]; diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c index 80528d86f010..407e933eb073 100644 --- a/arch/x86/kvm/lapic.c +++ b/arch/x86/kvm/lapic.c @@ -168,7 +168,12 @@ static bool kvm_use_posted_timer_interrupt(struct kvm_= vcpu *vcpu) =20 static inline bool kvm_apic_map_get_logical_dest(struct kvm_apic_map *map, u32 dest_id, struct kvm_lapic ***cluster, u16 *mask) { - switch (map->mode) { + switch (map->logical_mode) { + case KVM_APIC_MODE_SW_DISABLED: + /* Arbitrarily use the flat map so that @cluster isn't NULL. */ + *cluster =3D map->xapic_flat_map; + *mask =3D 0; + return true; case KVM_APIC_MODE_X2APIC: { u32 offset =3D (dest_id >> 16) * 16; u32 max_apic_id =3D map->max_apic_id; @@ -193,8 +198,10 @@ static inline bool kvm_apic_map_get_logical_dest(struc= t kvm_apic_map *map, *cluster =3D map->xapic_cluster_map[(dest_id >> 4) & 0xf]; *mask =3D dest_id & 0xf; return true; + case KVM_APIC_MODE_MAP_DISABLED: + return false; default: - /* Not optimized. */ + WARN_ON_ONCE(1); return false; } } @@ -256,10 +263,12 @@ void kvm_recalculate_apic_map(struct kvm *kvm) goto out; =20 new->max_apic_id =3D max_id; + new->logical_mode =3D KVM_APIC_MODE_SW_DISABLED; =20 kvm_for_each_vcpu(i, vcpu, kvm) { struct kvm_lapic *apic =3D vcpu->arch.apic; struct kvm_lapic **cluster; + enum kvm_apic_logical_mode logical_mode; u32 x2apic_id, physical_id; u16 mask; u32 ldr; @@ -314,7 +323,8 @@ void kvm_recalculate_apic_map(struct kvm *kvm) new->phys_map[physical_id] =3D apic; } =20 - if (!kvm_apic_sw_enabled(apic)) + if (new->logical_mode =3D=3D KVM_APIC_MODE_MAP_DISABLED || + !kvm_apic_sw_enabled(apic)) continue; =20 ldr =3D kvm_lapic_get_reg(apic, APIC_LDR); @@ -322,25 +332,33 @@ void kvm_recalculate_apic_map(struct kvm *kvm) continue; =20 if (apic_x2apic_mode(apic)) { - new->mode |=3D KVM_APIC_MODE_X2APIC; + logical_mode =3D KVM_APIC_MODE_X2APIC; } else { ldr =3D GET_APIC_LOGICAL_ID(ldr); if (kvm_lapic_get_reg(apic, APIC_DFR) =3D=3D APIC_DFR_FLAT) - new->mode |=3D KVM_APIC_MODE_XAPIC_FLAT; + logical_mode =3D KVM_APIC_MODE_XAPIC_FLAT; else - new->mode |=3D KVM_APIC_MODE_XAPIC_CLUSTER; + logical_mode =3D KVM_APIC_MODE_XAPIC_CLUSTER; } + if (new->logical_mode !=3D KVM_APIC_MODE_SW_DISABLED && + new->logical_mode !=3D logical_mode) { + new->logical_mode =3D KVM_APIC_MODE_MAP_DISABLED; + continue; + } + new->logical_mode =3D logical_mode; =20 - if (!kvm_apic_map_get_logical_dest(new, ldr, &cluster, &mask)) + if (WARN_ON_ONCE(!kvm_apic_map_get_logical_dest(new, ldr, + &cluster, &mask))) { + new->logical_mode =3D KVM_APIC_MODE_MAP_DISABLED; continue; + } =20 if (!mask) continue; =20 ldr =3D ffs(mask) - 1; if (!is_power_of_2(mask) || cluster[ldr]) { - new->mode =3D KVM_APIC_MODE_XAPIC_FLAT | - KVM_APIC_MODE_XAPIC_CLUSTER; + new->logical_mode =3D KVM_APIC_MODE_MAP_DISABLED; continue; } cluster[ldr] =3D apic; @@ -993,7 +1011,7 @@ static bool kvm_apic_is_broadcast_dest(struct kvm *kvm= , struct kvm_lapic **src, { if (kvm->arch.x2apic_broadcast_quirk_disabled) { if ((irq->dest_id =3D=3D APIC_BROADCAST && - map->mode !=3D KVM_APIC_MODE_X2APIC)) + map->logical_mode !=3D KVM_APIC_MODE_X2APIC)) return true; if (irq->dest_id =3D=3D X2APIC_BROADCAST) return true; --=20 2.37.2.789.g6183377224-goog From nobody Mon Apr 6 18:48:56 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id EFC05ECAAA1 for ; Sat, 3 Sep 2022 00:24:26 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231617AbiICAYY (ORCPT ); Fri, 2 Sep 2022 20:24:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53656 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231464AbiICAXc (ORCPT ); Fri, 2 Sep 2022 20:23:32 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8AF73107C4D for ; Fri, 2 Sep 2022 17:23:28 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id k126-20020a253d84000000b0068bb342010dso2791035yba.1 for ; Fri, 02 Sep 2022 17:23:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date; bh=hPKVqX/qKnbg4wtZZoqH1v9WwL48+nuyy8M1K1yFn+Q=; b=NCUtkesuJSiUM6spxe/b4OJyxwM4vl24hU8ZXa6374IknbrY5QqWmqKMebFz1qDW96 2n9Gepnfn4gmaDx383mdo1EsfgdC22ScVDQZJEvcGVyvbBDYhc0s1Z3YOVR+gjhh1Loo +sX/Ggp2y3ceBJIVtzuZYvEiRtvPLXUOgirVn4+/IFDCHZ6UlLd0QXF3AWoCUnXY8qNx 2vQXT+gyc/3XYYo14X9e8v+QEPdZRqM3ED89N68rdRs2gySaYeiS0/Tq05DkE5b4jBve VdGk5JR8FwmLqV18faUMvvbC/JIAhIyub67JqnML0SqMIA2F7cx8plclbpFUgcAhOhCh 22kg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date; bh=hPKVqX/qKnbg4wtZZoqH1v9WwL48+nuyy8M1K1yFn+Q=; b=zBTnHaEGhkiHTzsrqSpQQw0MvJN3dF7HkC7sDO/JiXkxfNrIaIqWduR7SiJF7ysRBQ MWPW4U1n3WDlXvLcY1mhjEGuliQeUx8MECQPrrrhxQYL6bYwjEfOdwVgCCfbnO3B8su3 OyrKbIta8sELZbnc5fgz4bVeWpPqnME/SFL6Rmckb6GpqoEtfllxkAq0zK3Sjy80Uwh+ 9KYm3xGq97UIY9hQ9oNVcYmyjkj3LvwoF5YDOTrAPzd4PVuMn3kQt92rX8hY/zMR7toK 1TJiGUpxDqGjvQCncV7W1dP3P9+RC6sS4d4Hdh7V1X0Wf3iLjdcMqVJ2YChx7Bn5rw5H D0PA== X-Gm-Message-State: ACgBeo2p31gm0jo4ornY3QLLje2qcK1kdkRRPD0xkNDh8PeSlaBH3iiH gPG6+xpD5dNIQqmhABNq4K2VrEE9rT8= X-Google-Smtp-Source: AA6agR4AaMlxF/lgiWVv9UUSOZdreD17ciJY/4ExZuNkD+3dtrVHtCNRS9VPhDGPrWRp8mglAoCyQWRhppU= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a81:8502:0:b0:340:a7fc:ddb2 with SMTP id v2-20020a818502000000b00340a7fcddb2mr31888545ywf.378.1662164608243; Fri, 02 Sep 2022 17:23:28 -0700 (PDT) Reply-To: Sean Christopherson Date: Sat, 3 Sep 2022 00:22:48 +0000 In-Reply-To: <20220903002254.2411750-1-seanjc@google.com> Mime-Version: 1.0 References: <20220903002254.2411750-1-seanjc@google.com> X-Mailer: git-send-email 2.37.2.789.g6183377224-goog Message-ID: <20220903002254.2411750-18-seanjc@google.com> Subject: [PATCH v2 17/23] KVM: SVM: Inhibit AVIC if vCPUs are aliased in logical mode From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Suravee Suthikulpanit , Maxim Levitsky , Li RongQing Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Inhibit SVM's AVIC if multiple vCPUs are aliased to the same logical ID. Architecturally, all CPUs whose logical ID matches the MDA are supposed to receive the interrupt; overwriting existing entries in AVIC's logical=3D>physical map can result in missed IPIs. Fixes: 18f40c53e10f ("svm: Add VMEXIT handlers for AVIC") Signed-off-by: Sean Christopherson --- arch/x86/include/asm/kvm_host.h | 6 ++++++ arch/x86/kvm/lapic.c | 5 +++++ arch/x86/kvm/svm/avic.c | 3 ++- 3 files changed, 13 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index 13dadc96d9ac..042dcdf987d2 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1144,6 +1144,12 @@ enum kvm_apicv_inhibit { * inhibits, this is sticky for simplicity. */ APICV_INHIBIT_REASON_X2APIC, + + /* + * AVIC is disabled because not all vCPUs with a valid LDR have a 1:1 + * mapping between logical ID and vCPU. + */ + APICV_INHIBIT_REASON_LOGICAL_ID_ALIASED, }; =20 struct kvm_arch { diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c index 407e933eb073..4cebbdd3431b 100644 --- a/arch/x86/kvm/lapic.c +++ b/arch/x86/kvm/lapic.c @@ -364,6 +364,11 @@ void kvm_recalculate_apic_map(struct kvm *kvm) cluster[ldr] =3D apic; } out: + if (!new || new->logical_mode =3D=3D KVM_APIC_MODE_MAP_DISABLED) + kvm_set_apicv_inhibit(kvm, APICV_INHIBIT_REASON_LOGICAL_ID_ALIASED); + else + kvm_clear_apicv_inhibit(kvm, APICV_INHIBIT_REASON_LOGICAL_ID_ALIASED); + old =3D rcu_dereference_protected(kvm->arch.apic_map, lockdep_is_held(&kvm->arch.apic_map_lock)); rcu_assign_pointer(kvm->arch.apic_map, new); diff --git a/arch/x86/kvm/svm/avic.c b/arch/x86/kvm/svm/avic.c index 3400046ad0b4..efb0632d7457 100644 --- a/arch/x86/kvm/svm/avic.c +++ b/arch/x86/kvm/svm/avic.c @@ -994,7 +994,8 @@ bool avic_check_apicv_inhibit_reasons(enum kvm_apicv_in= hibit reason) BIT(APICV_INHIBIT_REASON_SEV) | BIT(APICV_INHIBIT_REASON_APIC_ID_MODIFIED) | BIT(APICV_INHIBIT_REASON_APIC_BASE_MODIFIED) | - BIT(APICV_INHIBIT_REASON_X2APIC); + BIT(APICV_INHIBIT_REASON_X2APIC) | + BIT(APICV_INHIBIT_REASON_LOGICAL_ID_ALIASED); =20 return supported & BIT(reason); } --=20 2.37.2.789.g6183377224-goog From nobody Mon Apr 6 18:48:56 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8DDCEC38145 for ; Sat, 3 Sep 2022 00:24:37 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231898AbiICAYg (ORCPT ); Fri, 2 Sep 2022 20:24:36 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53680 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231542AbiICAXj (ORCPT ); Fri, 2 Sep 2022 20:23:39 -0400 Received: from mail-pg1-x54a.google.com (mail-pg1-x54a.google.com [IPv6:2607:f8b0:4864:20::54a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6A02010A9DA for ; Fri, 2 Sep 2022 17:23:30 -0700 (PDT) Received: by mail-pg1-x54a.google.com with SMTP id n28-20020a63a51c000000b0042b7f685f05so1875642pgf.13 for ; Fri, 02 Sep 2022 17:23:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date; bh=FKxxPsJ5vR3fIywfmzwGgyolr5i3fnsaWf12rApRz8g=; b=UXaApoi52dJO+xyTKxC2+2kg/UewN03QjIy0Nd0nJst0xu5IAzECG7a1aK2lsqi67I qpECMyZxVre85JIU9pG3CirR125Baq1NfyEw4FlwiAN1L1bPZaZDmaJGj3jGonnXwxyn p3KeAf2NeBH5tMBEbK4yD9DHpywWkfxBbrSbeAisDgRjgN54EgbraREJQYyI8bzdbt/e QTIGTw+jkNYv+Ze3ETmbB9LLj7+369lqqWSU/aEHf6UoB1XlXcpZvu03o7kUUIjKb/vT UIgmfZQY0s1tpARNcMc+NeJtMAAG7VsMM/3+C/BDQJ2xcCvo2q1rO2lRgpbIrHzmUNWY cMxQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date; bh=FKxxPsJ5vR3fIywfmzwGgyolr5i3fnsaWf12rApRz8g=; b=eXC0gkaL5guOIDj1Cp5kMpEDRbjklw6bx6P76lyDrkNCszCfOISzEDmV/vjlX2mXzE VDKqNVxrtWpu6Ivfp+VFOXCWMWWjNrwYDMIvu4bBPotNr+qKdqqf8I356CEmlD22nXKM t3Ou4qyqa9VCoXpEXMl2N+sRLxrXRjs2PtIl8RMBxhYvlMhhJBdLIbNwrdUS3Cof/7eC 9NKEl7sU7gwij980hl26/eDg1r3MhoEX80wSKmKlFy6hTglKpNVdP3U1KwTMmU6szaMQ 7i2sHV/ojFMudir8Gi3/5BWDNNPfTG5YzO8/Ayqhm5ZEaL7X9NHjQqyVxtxQNPiXyBiK UOww== X-Gm-Message-State: ACgBeo2peJLAPiucyhypkJehtB9EmNsO1kkMgmQApXZUE45gJsIGVz5P tmAlGAZOWm1F0mM4Ull9AKnQ1g1N3Ws= X-Google-Smtp-Source: AA6agR4ArxeF5HbQAJ9kNwzOn0+zznSMHqk4d/8x42sxkQ3MBzsRpKGyRlzolWqzHHEoP0EgMVzveQSO2gg= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:90a:e558:b0:1fb:c4b7:1a24 with SMTP id ei24-20020a17090ae55800b001fbc4b71a24mr30906pjb.1.1662164609500; Fri, 02 Sep 2022 17:23:29 -0700 (PDT) Reply-To: Sean Christopherson Date: Sat, 3 Sep 2022 00:22:49 +0000 In-Reply-To: <20220903002254.2411750-1-seanjc@google.com> Mime-Version: 1.0 References: <20220903002254.2411750-1-seanjc@google.com> X-Mailer: git-send-email 2.37.2.789.g6183377224-goog Message-ID: <20220903002254.2411750-19-seanjc@google.com> Subject: [PATCH v2 18/23] KVM: SVM: Always update local APIC on writes to logical dest register From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Suravee Suthikulpanit , Maxim Levitsky , Li RongQing Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Update the vCPU's local (virtual) APIC on LDR writes even if the write "fails". The APIC needs to recalc the optimized logical map even if the LDR is invalid or zero, e.g. if the guest clears its LDR, the optimized map will be left as is and the vCPU will receive interrupts using its old LDR. Fixes: 18f40c53e10f ("svm: Add VMEXIT handlers for AVIC") Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/avic.c | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/arch/x86/kvm/svm/avic.c b/arch/x86/kvm/svm/avic.c index efb0632d7457..456f24378961 100644 --- a/arch/x86/kvm/svm/avic.c +++ b/arch/x86/kvm/svm/avic.c @@ -600,7 +600,7 @@ static void avic_invalidate_logical_id_entry(struct kvm= _vcpu *vcpu) clear_bit(AVIC_LOGICAL_ID_ENTRY_VALID_BIT, (unsigned long *)entry); } =20 -static int avic_handle_ldr_update(struct kvm_vcpu *vcpu) +static void avic_handle_ldr_update(struct kvm_vcpu *vcpu) { int ret =3D 0; struct vcpu_svm *svm =3D to_svm(vcpu); @@ -609,10 +609,10 @@ static int avic_handle_ldr_update(struct kvm_vcpu *vc= pu) =20 /* AVIC does not support LDR update for x2APIC */ if (apic_x2apic_mode(vcpu->arch.apic)) - return 0; + return; =20 if (ldr =3D=3D svm->ldr_reg) - return 0; + return; =20 avic_invalidate_logical_id_entry(vcpu); =20 @@ -621,8 +621,6 @@ static int avic_handle_ldr_update(struct kvm_vcpu *vcpu) =20 if (!ret) svm->ldr_reg =3D ldr; - - return ret; } =20 static void avic_handle_dfr_update(struct kvm_vcpu *vcpu) @@ -644,8 +642,7 @@ static int avic_unaccel_trap_write(struct kvm_vcpu *vcp= u) =20 switch (offset) { case APIC_LDR: - if (avic_handle_ldr_update(vcpu)) - return 0; + avic_handle_ldr_update(vcpu); break; case APIC_DFR: avic_handle_dfr_update(vcpu); --=20 2.37.2.789.g6183377224-goog From nobody Mon Apr 6 18:48:56 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id A7E89ECAAA1 for ; Sat, 3 Sep 2022 00:25:07 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232021AbiICAZF (ORCPT ); Fri, 2 Sep 2022 20:25:05 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54686 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231695AbiICAXw (ORCPT ); Fri, 2 Sep 2022 20:23:52 -0400 Received: from mail-pl1-x64a.google.com (mail-pl1-x64a.google.com [IPv6:2607:f8b0:4864:20::64a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 309F710F0BB for ; Fri, 2 Sep 2022 17:23:32 -0700 (PDT) Received: by mail-pl1-x64a.google.com with SMTP id d6-20020a170902cec600b00174be1616c4so2116432plg.22 for ; Fri, 02 Sep 2022 17:23:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date; bh=IBvO4qkKDFwYqm7S6fXdHOVkKag46t3/GGPLwUice6c=; b=nIs4eo4iqErAuI6XAFNgX6K77AZBYZYcdGu5RBfi6rLgj8zJaVKBGiFUF4jy+f2znL k+qC3Efd6cGYqYiNAJBp29RDUUSv2MhLCeTShr4/p8PfeNBoFjjm1pmgLwA7N9MnAr3z qjFin8J5UL85YT7wnMqEQ+7lLJUPh2RbQka0MzvYphGjsD/IksqIhauUYX33X0QJRmi0 IGsDmQ7WWt9MjzqOY+Kej5U6HJ1a3rr93F0KVIHfiaR0OGq94W+RVMqdNdJtOTMqRc/M UQpkYD+AfhWjSEyTBzdmd1UHeb0n2VLqGhCI0ia5FE6PIyWOr/KtgRP61b6mOmSw4yYk hdQQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date; bh=IBvO4qkKDFwYqm7S6fXdHOVkKag46t3/GGPLwUice6c=; b=fuG08FjDQkK0omlWYr1tg73UKNtFsgN40o+6Xs2E9nNuf7YRemcS1H5Ds/ezHu93Cc hW75DohjTZcNaJxVa74sv4Fr0uB+uo7lEqFysFFbkh75GcwXVMsfVjyVaBzxAJg8ESbz N+/vHJGjqvU4fRXLzLw5jRAvX0kpfdwg8iRrosIr6E4MApGko2jAI8YbfECzFS8vppqO lnxav58TDXKdu7wTzhklMN1Q2yjqU/hMKlaI48VOiBzquw9yQDUlNjzML2OSamvu162t mBJk/lN1rR9hsLNlos0WA5Fk0V2q8H1iGG2QGG4pVdYCwmssatqbsVJoPqGKaubf4Kn4 CixQ== X-Gm-Message-State: ACgBeo1AJP5PR/8DPqpvHN5QacR8pJb25e2FhKJ3AkhRMT5oBoj5tshE IJcvNEvWzgYLVkSfxaIdV0fNPYA61hk= X-Google-Smtp-Source: AA6agR5KdEl4pFQ/8xGmdvMSfiM+U4GcrEKxOndZDwfISDdUasj0qKYxoDZRKwWyveAWxdAekfFTP/avhg8= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:903:22c7:b0:175:3682:9cf5 with SMTP id y7-20020a17090322c700b0017536829cf5mr17164030plg.150.1662164611463; Fri, 02 Sep 2022 17:23:31 -0700 (PDT) Reply-To: Sean Christopherson Date: Sat, 3 Sep 2022 00:22:50 +0000 In-Reply-To: <20220903002254.2411750-1-seanjc@google.com> Mime-Version: 1.0 References: <20220903002254.2411750-1-seanjc@google.com> X-Mailer: git-send-email 2.37.2.789.g6183377224-goog Message-ID: <20220903002254.2411750-20-seanjc@google.com> Subject: [PATCH v2 19/23] KVM: SVM: Update svm->ldr_reg cache even if LDR is "bad" From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Suravee Suthikulpanit , Maxim Levitsky , Li RongQing Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Update SVM's cache of the LDR even if the new value is "bad". Leaving stale information in the cache can result in KVM missing updates and/or invalidating the wrong entry, e.g. if avic_invalidate_logical_id_entry() is triggered after a different vCPU has "claimed" the old LDR. Fixes: 18f40c53e10f ("svm: Add VMEXIT handlers for AVIC") Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/avic.c | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/arch/x86/kvm/svm/avic.c b/arch/x86/kvm/svm/avic.c index 456f24378961..894d0afd761b 100644 --- a/arch/x86/kvm/svm/avic.c +++ b/arch/x86/kvm/svm/avic.c @@ -566,23 +566,24 @@ static u32 *avic_get_logical_id_entry(struct kvm_vcpu= *vcpu, u32 ldr, bool flat) return &logical_apic_id_table[index]; } =20 -static int avic_ldr_write(struct kvm_vcpu *vcpu, u8 g_physical_id, u32 ldr) +static void avic_ldr_write(struct kvm_vcpu *vcpu, u8 g_physical_id, u32 ld= r) { bool flat; u32 *entry, new_entry; =20 + if (!ldr) + return; + flat =3D kvm_lapic_get_reg(vcpu->arch.apic, APIC_DFR) =3D=3D APIC_DFR_FLA= T; entry =3D avic_get_logical_id_entry(vcpu, ldr, flat); if (!entry) - return -EINVAL; + return; =20 new_entry =3D READ_ONCE(*entry); new_entry &=3D ~AVIC_LOGICAL_ID_ENTRY_GUEST_PHYSICAL_ID_MASK; new_entry |=3D (g_physical_id & AVIC_LOGICAL_ID_ENTRY_GUEST_PHYSICAL_ID_M= ASK); new_entry |=3D AVIC_LOGICAL_ID_ENTRY_VALID_MASK; WRITE_ONCE(*entry, new_entry); - - return 0; } =20 static void avic_invalidate_logical_id_entry(struct kvm_vcpu *vcpu) @@ -602,7 +603,6 @@ static void avic_invalidate_logical_id_entry(struct kvm= _vcpu *vcpu) =20 static void avic_handle_ldr_update(struct kvm_vcpu *vcpu) { - int ret =3D 0; struct vcpu_svm *svm =3D to_svm(vcpu); u32 ldr =3D kvm_lapic_get_reg(vcpu->arch.apic, APIC_LDR); u32 id =3D kvm_xapic_id(vcpu->arch.apic); @@ -616,11 +616,8 @@ static void avic_handle_ldr_update(struct kvm_vcpu *vc= pu) =20 avic_invalidate_logical_id_entry(vcpu); =20 - if (ldr) - ret =3D avic_ldr_write(vcpu, id, ldr); - - if (!ret) - svm->ldr_reg =3D ldr; + svm->ldr_reg =3D ldr; + avic_ldr_write(vcpu, id, ldr); } =20 static void avic_handle_dfr_update(struct kvm_vcpu *vcpu) --=20 2.37.2.789.g6183377224-goog From nobody Mon Apr 6 18:48:56 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4382AC54EE9 for ; Sat, 3 Sep 2022 00:24:43 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231927AbiICAYk (ORCPT ); Fri, 2 Sep 2022 20:24:40 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53954 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231621AbiICAXm (ORCPT ); Fri, 2 Sep 2022 20:23:42 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CF87E10F94D for ; Fri, 2 Sep 2022 17:23:34 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id f3-20020a056902038300b00696588a0e87so2790235ybs.3 for ; Fri, 02 Sep 2022 17:23:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date; bh=mbHk1vkw63VQJwpK5v7OYSHF5DuBwhkzqDp695B1D9E=; b=Am/ejqk+FXEoTdqA6s2ljphu1EM0595EUQYpOwC6lvm+KgrWBOIESYOdvlI13rVCPZ Vyi+6UUz2mfrA2rVOJSNVOKI3qA+J8gMPcEaeBitIxso8rJXNGznyswNq1LAm/wsV10n MSKiH3Q0nAksWQ2VqG2wE58WzWg88snpUMaDHItO4Egu8fVBUhx5nNuxWMUliI6+jOiI MBPOk1DctspVhiTN9Nbz9xYS/nO7y+mw9NG6cE/zu2LF4j0nWjFPuKm29jlhEKJqdkqo qAORYwnGOGgK7alkjsAgIaJ28v1W1M0g1xa6oVtijvyRmMWxTm3jxfdwsyPJZHw7eyP9 BIYw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date; bh=mbHk1vkw63VQJwpK5v7OYSHF5DuBwhkzqDp695B1D9E=; b=aRoX/PZY97FTHmGsP1PWLBeUUo23N7N7gYVkZ9RE8VBIaorHXexJ41cea07NybS9Wj ZgMVrB44rAgr9VLeLdNnAWfjcFTCTDIyE+MtZY7E1h+/Zy40b4CL6boRAcbIwD75geRD q5GX6tc/RoJri0TMSwixn+35JmkHYiBA7RaSWI5GYuPqBRJbLqFPRz2XgYnEmAa067bF shuyyYIoQ6jZrn07cODbxsk1qvoGQNspvMqJQKQLWhQL3E5cym+5mOg49K1IKREePJn5 grqpYue0kbm2T//b+VqPHSSJkdtkjyMil90wGSWkLeZitaWdH0VSAZvCss4iW+EHxO4l jcCQ== X-Gm-Message-State: ACgBeo18m/1ssYU804y9CBlwI28zPOozfa8g8G0uBTbZum+Dy8m2i6JE eloQTX+9h5MYRPQjzaLnOt8mcuqbhtw= X-Google-Smtp-Source: AA6agR78lhCJtcYdGkURpNKpNyVQm/bS5YisWK7p8gjPFbOehg4PIXtAlB4cJGGV/ylcAYQsbRZCRdb2N2E= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a5b:7c6:0:b0:6a7:509e:f13e with SMTP id t6-20020a5b07c6000000b006a7509ef13emr1382020ybq.302.1662164613075; Fri, 02 Sep 2022 17:23:33 -0700 (PDT) Reply-To: Sean Christopherson Date: Sat, 3 Sep 2022 00:22:51 +0000 In-Reply-To: <20220903002254.2411750-1-seanjc@google.com> Mime-Version: 1.0 References: <20220903002254.2411750-1-seanjc@google.com> X-Mailer: git-send-email 2.37.2.789.g6183377224-goog Message-ID: <20220903002254.2411750-21-seanjc@google.com> Subject: [PATCH v2 20/23] KVM: SVM: Require logical ID to be power-of-2 for AVIC entry From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Suravee Suthikulpanit , Maxim Levitsky , Li RongQing Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Do not modify AVIC's logical ID table if the logical ID portion of the LDR is not a power-of-2, i.e. if the LDR has multiple bits set. Taking only the first bit means that KVM will fail to match MDAs that intersect with "higher" bits in the "ID" The "ID" acts as a bitmap, but is referred to as an ID because theres an implicit, unenforced "requirement" that software only set one bit. This edge case is arguably out-of-spec behavior, but KVM cleanly handles it in all other cases, e.g. the optimized logical map (and AVIC!) is also disabled in this scenario. Refactor the code to consolidate the checks, and so that the code looks more like avic_kick_target_vcpus_fast(). Fixes: 18f40c53e10f ("svm: Add VMEXIT handlers for AVIC") Cc: Suravee Suthikulpanit Cc: Maxim Levitsky Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/avic.c | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/arch/x86/kvm/svm/avic.c b/arch/x86/kvm/svm/avic.c index 894d0afd761b..e34b9baa9ee0 100644 --- a/arch/x86/kvm/svm/avic.c +++ b/arch/x86/kvm/svm/avic.c @@ -540,26 +540,26 @@ unsigned long avic_vcpu_get_apicv_inhibit_reasons(str= uct kvm_vcpu *vcpu) static u32 *avic_get_logical_id_entry(struct kvm_vcpu *vcpu, u32 ldr, bool= flat) { struct kvm_svm *kvm_svm =3D to_kvm_svm(vcpu->kvm); - int index; u32 *logical_apic_id_table; - int dlid =3D GET_APIC_LOGICAL_ID(ldr); + u32 cluster, index; =20 - if (!dlid) - return NULL; + ldr =3D GET_APIC_LOGICAL_ID(ldr); =20 - if (flat) { /* flat */ - index =3D ffs(dlid) - 1; - if (index > 7) + if (flat) { + cluster =3D 0; + } else { + cluster =3D (ldr >> 4) << 2; + if (cluster >=3D 0xf) return NULL; - } else { /* cluster */ - int cluster =3D (dlid & 0xf0) >> 4; - int apic =3D ffs(dlid & 0x0f) - 1; - - if ((apic < 0) || (apic > 7) || - (cluster >=3D 0xf)) - return NULL; - index =3D (cluster << 2) + apic; + ldr &=3D 0xf; } + if (!ldr || !is_power_of_2(ldr)) + return NULL; + + index =3D __ffs(ldr); + if (WARN_ON_ONCE(index > 7)) + return NULL; + index +=3D (cluster << 2); =20 logical_apic_id_table =3D (u32 *) page_address(kvm_svm->avic_logical_id_t= able_page); =20 --=20 2.37.2.789.g6183377224-goog From nobody Mon Apr 6 18:48:56 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1E506ECAAA1 for ; Sat, 3 Sep 2022 00:24:53 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231675AbiICAYs (ORCPT ); Fri, 2 Sep 2022 20:24:48 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54384 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231636AbiICAXp (ORCPT ); Fri, 2 Sep 2022 20:23:45 -0400 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1037110F96C for ; Fri, 2 Sep 2022 17:23:35 -0700 (PDT) Received: by mail-yb1-xb4a.google.com with SMTP id j11-20020a05690212cb00b006454988d225so1054550ybu.10 for ; Fri, 02 Sep 2022 17:23:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date; bh=Zm90K09ne4e+KMG+4RuK61bWsd6nJ7QXAeTLqBpvVKg=; b=mnZUE54Z/G4mfi0uThKROZg2Mw0moevDWMe5bIDSd9ESsoSjRYJM1aW8wEa7arTHZD bh/cJ5WCgLS5nz5NfcuiU/XLoPAX52XphItmc9mbD3dtTuOpD92Q1SXSvLVLXiedK/K7 LkY2CrlD/CKUjM73F0/7xYr7tRbKKHuvtqQqZR42Ot4igwIGRknNqEsf+0SdDz+xMjtf iUEaXw7NDc8BdDWbdeXp7WN76qiMGgg6VVHqRFlvxx6M7JJ40zol9lJ8tXr6GY1EiKgB y/OehpJK/CNqi3v9vVNX8+zc6rCPWbvwXsvTOaZEY9i+xnNDU+vylkniiVG5bnf+uTLH FJ4A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date; bh=Zm90K09ne4e+KMG+4RuK61bWsd6nJ7QXAeTLqBpvVKg=; b=OZeyCpy4t+W0rDC8YdC2omhI2UiSNm7CIIVAC0+xNERezgZF5ZYqMTfWHxsK+oe33n rUyXFHHsUIq2MQkvDGOnO1qB6llXPlczFtE6Y+wG3Gktf5IQIurINpoxXgkzq7ztP48l qQtMQSzIuP8k49l5+IwqlhMGlVvEYvfEAkd9VZjfuxK1BacZ9rSXQEPy79cEvmf7jtDi wxhJhI/c4IpylvFKTzAGyId8dr+jJh2BYFsjFxFxwxoWgLLddB1fGMIbY68N+2gPaQpL jps1nQ+979EIeraxP6jcIsWkPetS9eiF+xtSmfRCKS3q8m28DkoI571edv/XKZ7prIUS zK+w== X-Gm-Message-State: ACgBeo32BZ+t8zLIH+rnzOz/gELrjmiLFVhnG3DlMmPtDqe054AArhBF 90aBPLZnH6zv43aHTmwcVSeI1B/jYmM= X-Google-Smtp-Source: AA6agR4JUP9HO/T94ylnDwrrzZGAMzLP2uvpdPfOm6Hmvv1aHumDUXYr27jV8Lcu9iSJ+n8+41gLJtUcJdA= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:e401:0:b0:66e:280a:98cd with SMTP id b1-20020a25e401000000b0066e280a98cdmr24309232ybh.540.1662164614572; Fri, 02 Sep 2022 17:23:34 -0700 (PDT) Reply-To: Sean Christopherson Date: Sat, 3 Sep 2022 00:22:52 +0000 In-Reply-To: <20220903002254.2411750-1-seanjc@google.com> Mime-Version: 1.0 References: <20220903002254.2411750-1-seanjc@google.com> X-Mailer: git-send-email 2.37.2.789.g6183377224-goog Message-ID: <20220903002254.2411750-22-seanjc@google.com> Subject: [PATCH v2 21/23] KVM: SVM: Handle multiple logical targets in AVIC kick fastpath From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Suravee Suthikulpanit , Maxim Levitsky , Li RongQing Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Iterate over all target logical IDs in the AVIC kick fastpath instead of bailing if there is more than one target. Now that KVM inhibits AVIC if vCPUs aren't mapped 1:1 with logical IDs, each bit in the destination is guaranteed to match to at most one vCPU, i.e. iterating over the bitmap is guaranteed to kick each valid target exactly once. Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/avic.c | 112 ++++++++++++++++++++++------------------ 1 file changed, 63 insertions(+), 49 deletions(-) diff --git a/arch/x86/kvm/svm/avic.c b/arch/x86/kvm/svm/avic.c index e34b9baa9ee0..39b367a14a8c 100644 --- a/arch/x86/kvm/svm/avic.c +++ b/arch/x86/kvm/svm/avic.c @@ -354,6 +354,50 @@ static void avic_kick_vcpu(struct kvm_vcpu *vcpu, u32 = icrl) icrl & APIC_VECTOR_MASK); } =20 +static void avic_kick_vcpu_by_physical_id(struct kvm *kvm, u32 physical_id, + u32 icrl) +{ + /* + * KVM inhibits AVIC if any vCPU ID diverges from the vCPUs APIC ID, + * i.e. APIC ID =3D=3D vCPU ID. + */ + struct kvm_vcpu *target_vcpu =3D kvm_get_vcpu_by_id(kvm, physical_id); + + /* Once again, nothing to do if the target vCPU doesn't exist. */ + if (unlikely(!target_vcpu)) + return; + + avic_kick_vcpu(target_vcpu, icrl); +} + +static void avic_kick_vcpu_by_logical_id(struct kvm *kvm, u32 *avic_logica= l_id_table, + u32 logid_index, u32 icrl) +{ + u32 physical_id; + + if (avic_logical_id_table) { + u32 logid_entry =3D avic_logical_id_table[logid_index]; + + /* Nothing to do if the logical destination is invalid. */ + if (unlikely(!(logid_entry & AVIC_LOGICAL_ID_ENTRY_VALID_MASK))) + return; + + physical_id =3D logid_entry & + AVIC_LOGICAL_ID_ENTRY_GUEST_PHYSICAL_ID_MASK; + } else { + /* + * For x2APIC, the logical APIC ID is a read-only value that is + * derived from the x2APIC ID, thus the x2APIC ID can be found + * by reversing the calculation (stored in logid_index). Note, + * bits 31:20 of the x2APIC ID aren't propagated to the logical + * ID, but KVM limits the x2APIC ID limited to KVM_MAX_VCPU_IDS. + */ + physical_id =3D logid_index; + } + + avic_kick_vcpu_by_physical_id(kvm, physical_id, icrl); +} + /* * A fast-path version of avic_kick_target_vcpus(), which attempts to match * destination APIC ID to vCPU without looping through all vCPUs. @@ -361,11 +405,10 @@ static void avic_kick_vcpu(struct kvm_vcpu *vcpu, u32= icrl) static int avic_kick_target_vcpus_fast(struct kvm *kvm, struct kvm_lapic *= source, u32 icrl, u32 icrh, u32 index) { - u32 l1_physical_id, dest; - struct kvm_vcpu *target_vcpu; int dest_mode =3D icrl & APIC_DEST_MASK; int shorthand =3D icrl & APIC_SHORT_MASK; struct kvm_svm *kvm_svm =3D to_kvm_svm(kvm); + u32 dest; =20 if (shorthand !=3D APIC_DEST_NOSHORT) return -EINVAL; @@ -382,14 +425,14 @@ static int avic_kick_target_vcpus_fast(struct kvm *kv= m, struct kvm_lapic *source if (!apic_x2apic_mode(source) && dest =3D=3D APIC_BROADCAST) return -EINVAL; =20 - l1_physical_id =3D dest; - - if (WARN_ON_ONCE(l1_physical_id !=3D index)) + if (WARN_ON_ONCE(dest !=3D index)) return -EINVAL; =20 + avic_kick_vcpu_by_physical_id(kvm, dest, icrl); } else { - u32 bitmap, cluster; - int logid_index; + u32 *avic_logical_id_table; + unsigned long bitmap, i; + u32 cluster; =20 if (apic_x2apic_mode(source)) { /* 16 bit dest mask, 16 bit cluster id */ @@ -409,50 +452,21 @@ static int avic_kick_target_vcpus_fast(struct kvm *kv= m, struct kvm_lapic *source if (unlikely(!bitmap)) return 0; =20 - if (!is_power_of_2(bitmap)) - /* multiple logical destinations, use slow path */ - return -EINVAL; - - logid_index =3D cluster + __ffs(bitmap); - - if (apic_x2apic_mode(source)) { - /* - * For x2APIC, the logical APIC ID is a read-only value - * that is derived from the x2APIC ID, thus the x2APIC - * ID can be found by reversing the calculation (done - * above). Note, bits 31:20 of the x2APIC ID are not - * propagated to the logical ID, but KVM limits the - * x2APIC ID limited to KVM_MAX_VCPU_IDS. - */ - l1_physical_id =3D logid_index; - } else { - u32 *avic_logical_id_table =3D - page_address(kvm_svm->avic_logical_id_table_page); - - u32 logid_entry =3D avic_logical_id_table[logid_index]; - - if (WARN_ON_ONCE(index !=3D logid_index)) - return -EINVAL; - - /* Nothing to do if the logical destination is invalid. */ - if (unlikely(!(logid_entry & AVIC_LOGICAL_ID_ENTRY_VALID_MASK))) - return 0; - - l1_physical_id =3D logid_entry & - AVIC_LOGICAL_ID_ENTRY_GUEST_PHYSICAL_ID_MASK; - } + if (apic_x2apic_mode(source)) + avic_logical_id_table =3D NULL; + else + avic_logical_id_table =3D page_address(kvm_svm->avic_logical_id_table_p= age); + + /* + * AVIC is inhibited if vCPUs aren't mapped 1:1 with logical + * IDs, thus each bit in the destination is guaranteed to map + * to at most one vCPU. + */ + for_each_set_bit(i, &bitmap, 16) + avic_kick_vcpu_by_logical_id(kvm, avic_logical_id_table, + cluster + i, icrl); } =20 - /* - * KVM inhibits AVIC if any vCPU ID diverges from the vCPUs APIC ID, - * i.e. APIC ID =3D=3D vCPU ID. Once again, nothing to do if the target - * vCPU doesn't exist. - */ - target_vcpu =3D kvm_get_vcpu_by_id(kvm, l1_physical_id); - if (unlikely(!target_vcpu)) - return 0; - - avic_kick_vcpu(target_vcpu, icrl); return 0; } =20 --=20 2.37.2.789.g6183377224-goog From nobody Mon Apr 6 18:48:56 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 52C77C38145 for ; Sat, 3 Sep 2022 00:25:34 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232054AbiICAZb (ORCPT ); Fri, 2 Sep 2022 20:25:31 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54474 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231646AbiICAYd (ORCPT ); Fri, 2 Sep 2022 20:24:33 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F16881114ED for ; Fri, 2 Sep 2022 17:23:53 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id i6-20020a259786000000b0069648392979so2772590ybo.11 for ; Fri, 02 Sep 2022 17:23:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date; bh=LdiXi7ZmRYWfAPERNLf/gz/Xml73VY2Moq9FlK1+JBc=; b=gVjWhAQcAI+bfNHz4uTVmIx3nAkEmZPbWE9B7vVyZy+8Tjn5vubmdisoN87VgqcXAU J/ZZFScLpXNbdE9gcLCv4qVgU4wyDTfEQR0rRpYqI4ySU1BJlDWuiEJdpHJQghuT7nC1 78zCwkkBSnLluOvdD24yDgEGPzjYTqVqZgL8nNUfcpPKtKD2NuIfJXXHV3Q99qZgkfQA 4AezuVeI6wEX9TexV0/N1o2EOwN9niYMB/rhYN9wZ00jYw3zkePsVEjvy5MrFeJG+pqV jTqlCJmphQU3DmJtdw983qzAhF39W+UclFY53a9GNg2fN/6uHQ1AhN+TGVAg/DAKHtpt iN1Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date; bh=LdiXi7ZmRYWfAPERNLf/gz/Xml73VY2Moq9FlK1+JBc=; b=3l35PwZVYwjd5x9obE48IeA0pDkPRKJHAySwqtak5VlktAy817em6SJzG4j50jLBDY b7cCdTVBg1AVM8Ry3N+klNtZGc8abn4l6AgSOYNamhsYwcxU8a7iV06KWNCmwmhr8eSH G8FbtfseBnQXlsMSWWmqePmBVc3CR+H9k31VPfNaeEtd0hqvvZ5Az7BZ/cHadWEgF1TA UsutB3UEW9wbdjFTxiOcfCT+rT/i4ix1IQ1F8UIGdbTSr3pokrQE6ujzJJ4JmzBAgyOg i8WFx4hTfLHARLaW7DjYQt3l3CKLCRyIGP7yPINOUdYSrLGOi1VssJgQKCZa4qMMO1L/ rb5A== X-Gm-Message-State: ACgBeo3/wguvV0gfz0jx6mvv5PitT2iiw6EKaoHluJwoj7HphGDLi3GA hv/oXaVatmJ8Yw8fYkiC/M26confPTE= X-Google-Smtp-Source: AA6agR4Wlh7daQ+R0dhwpkQy+xCElmTBe/vKQcUjkr8uz9o2uhmDKQhgDfFFicXMqktQ8vLCwNZ3KrpAEPE= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a0d:df92:0:b0:340:b90d:fb75 with SMTP id i140-20020a0ddf92000000b00340b90dfb75mr28814158ywe.149.1662164616127; Fri, 02 Sep 2022 17:23:36 -0700 (PDT) Reply-To: Sean Christopherson Date: Sat, 3 Sep 2022 00:22:53 +0000 In-Reply-To: <20220903002254.2411750-1-seanjc@google.com> Mime-Version: 1.0 References: <20220903002254.2411750-1-seanjc@google.com> X-Mailer: git-send-email 2.37.2.789.g6183377224-goog Message-ID: <20220903002254.2411750-23-seanjc@google.com> Subject: [PATCH v2 22/23] KVM: SVM: Ignore writes to Remote Read Data on AVIC write traps From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Suravee Suthikulpanit , Maxim Levitsky , Li RongQing Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Drop writes to APIC_RRR, a.k.a. Remote Read Data Register, on AVIC unaccelerated write traps. The register is read-only and isn't emulated by KVM. Sending the register through kvm_apic_write_nodecode() will result in screaming when x2APIC is enabled due to the unexpected failure to retrieve the MSR (KVM expects that only "legal" accesses will trap). Fixes: 4d1d7942e36a ("KVM: SVM: Introduce logic to (de)activate x2AVIC mode= ") Signed-off-by: Sean Christopherson Reviewed-by: Maxim Levitsky --- arch/x86/kvm/svm/avic.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/x86/kvm/svm/avic.c b/arch/x86/kvm/svm/avic.c index 39b367a14a8c..17c78051f3ea 100644 --- a/arch/x86/kvm/svm/avic.c +++ b/arch/x86/kvm/svm/avic.c @@ -658,6 +658,9 @@ static int avic_unaccel_trap_write(struct kvm_vcpu *vcp= u) case APIC_DFR: avic_handle_dfr_update(vcpu); break; + case APIC_RRR: + /* Ignore writes to Read Remote Data, it's read-only. */ + return 1; default: break; } --=20 2.37.2.789.g6183377224-goog From nobody Mon Apr 6 18:48:56 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4C1DAC38145 for ; Sat, 3 Sep 2022 00:25:27 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231905AbiICAZX (ORCPT ); Fri, 2 Sep 2022 20:25:23 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54462 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231879AbiICAY2 (ORCPT ); Fri, 2 Sep 2022 20:24:28 -0400 Received: from mail-pj1-x1049.google.com (mail-pj1-x1049.google.com [IPv6:2607:f8b0:4864:20::1049]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 578D310F0A8 for ; Fri, 2 Sep 2022 17:23:59 -0700 (PDT) Received: by mail-pj1-x1049.google.com with SMTP id gg12-20020a17090b0a0c00b001fbc6ba91bbso1683452pjb.4 for ; Fri, 02 Sep 2022 17:23:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date; bh=yq8rKHnlAx/4DWABYX1mFX9uFU/+PCTlIPB312439UQ=; b=TKFhg3LAJMrV16A/4dAGF27lXzJUSFetR+f3A80VfApjg2+P9tJXoDm6Z4U9IUeY30 8jYY5yBOQWSFVC4BZ8MG9yoVBTSaBi7zNiArYlzrQLsEVTNjAzJVGoZr1Jl4sRa/1U/9 +VTq3+oQ/it6ZH+V3BCoPWC+XRGMG2N7F7hTW+vz6yq0GaP5GcqC+Io0VDVELUt/ntC7 MFlXLZEQpFQuO1akDGR9LdSbdY/5kt4hqBh6wmak0PO0cNrqVz1wyIsuPlvI7rwQX8oF KNf3vHYei0aZVGJgxZer2NGpWwoFt4lToHld1QfOSsl48RHmZpkn5Ho8BnKridvsT9d5 zxHQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date; bh=yq8rKHnlAx/4DWABYX1mFX9uFU/+PCTlIPB312439UQ=; b=wuaiNFkBRyeYLaN8DId+CST/qaHbLDySE/05mW39KhCHqXNLtafNv41RcjTNg0lFyb OwJkaJEiRmv5qJRMn24pj604Fu5eQ0GiUIqbYPq0ZUMVzKMkfOguI2wUsRast8yhRRjI Dz2wFEz8jdFCO7cvAmW1YdJ0ViLvgD7KTGk2AAgcZ4ST1UPCsUYQJAYSNa51o8vQ8Jeb BVR3u5HSOic19oUW4X9LIyj0WN0ZO1kf0bUZqyxvNSIetGMyVY/weMLko0wlSrb6ze+x HwjafM/iZidgnvJORBqaLCWn3M3Z1H+zho6mEala/qFIaMMVy2dv7eUM8phSc7sqZVFI V9oA== X-Gm-Message-State: ACgBeo3cDq5ASH3nxv5NNdwhJloGj4u6mWUQLXUr779mI1+OZkLDbObk z4sZ/q2GYGN48lq83QFxMJLByUR4tOU= X-Google-Smtp-Source: AA6agR4Bc9TlcFnkBSJ7Ifwme04Amv5NR4xxJxrKUpqAqHbGDTd3OghEmb9cnpUzT3+MkQMR6v4nBPcxnmk= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6a00:150e:b0:537:e2f5:dc87 with SMTP id q14-20020a056a00150e00b00537e2f5dc87mr34332719pfu.44.1662164617809; Fri, 02 Sep 2022 17:23:37 -0700 (PDT) Reply-To: Sean Christopherson Date: Sat, 3 Sep 2022 00:22:54 +0000 In-Reply-To: <20220903002254.2411750-1-seanjc@google.com> Mime-Version: 1.0 References: <20220903002254.2411750-1-seanjc@google.com> X-Mailer: git-send-email 2.37.2.789.g6183377224-goog Message-ID: <20220903002254.2411750-24-seanjc@google.com> Subject: [PATCH v2 23/23] Revert "KVM: SVM: Do not throw warning when calling avic_vcpu_load on a running vcpu" From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Suravee Suthikulpanit , Maxim Levitsky , Li RongQing Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Turns out that some warnings exist for good reasons. Restore the warning in avic_vcpu_load() that guards against calling avic_vcpu_load() on a running vCPU now that KVM avoids doing so when switching between x2APIC and xAPIC. The entire point of the WARN is to highlight that KVM should not be reloading an AVIC. Opportunistically convert the WARN_ON() to WARN_ON_ONCE() to avoid spamming the kernel if it does fire. This reverts commit c0caeee65af3944b7b8abbf566e7cc1fae15c775. Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/avic.c | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/x86/kvm/svm/avic.c b/arch/x86/kvm/svm/avic.c index 17c78051f3ea..a13279205df3 100644 --- a/arch/x86/kvm/svm/avic.c +++ b/arch/x86/kvm/svm/avic.c @@ -1064,6 +1064,7 @@ void avic_vcpu_load(struct kvm_vcpu *vcpu, int cpu) return; =20 entry =3D READ_ONCE(*(svm->avic_physical_id_cache)); + WARN_ON_ONCE(entry & AVIC_PHYSICAL_ID_ENTRY_IS_RUNNING_MASK); =20 entry &=3D ~AVIC_PHYSICAL_ID_ENTRY_HOST_PHYSICAL_ID_MASK; entry |=3D (h_physical_id & AVIC_PHYSICAL_ID_ENTRY_HOST_PHYSICAL_ID_MASK); --=20 2.37.2.789.g6183377224-goog