From nobody Thu Oct  2 03:27:31 2025
Received: from CY3PR05CU001.outbound.protection.outlook.com
 (mail-westcentralusazon11013043.outbound.protection.outlook.com
 [40.93.201.43])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 07AC378F20;
	Tue, 23 Sep 2025 05:03:51 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=fail smtp.client-ip=40.93.201.43
ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758603833; cv=fail;
 b=Vr3yvOPhA8ZD+rtegwTmETwFIw5Fm8Yv4FXMse4aGKHqwm7TEtW65Mf2P9JME3nCbvKJl5x+5tdJGQAAHXoVcT8c3DAsWF56djqCpRPFQ9kTU2ffUKd7vGlkwgBdtqbLSt6xfRe3pobcYHjHS9Zi1M+N1V8n4b1KN9YLGreu6G4=
ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758603833; c=relaxed/simple;
	bh=2tiWmj5tbWPnqt+KzIU3n8r32FslmLXKDjxgjYgBawc=;
	h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version:Content-Type;
 b=KVJ4UGqXn0dNyTAuEc6qdLmwMENbAbe6QPxMiS5ctzo2J47SjkZyOw/qY5qP0XgWoS3rGi8mIVtiMDMH2SSORnApCY958Ht3F4KE3wRx1mg3rGYcTigMH7aGfrgXC+x6NboV7/sWHxeXUGERBRr1wIfUc9hP/NANBOcMzcpWbuw=
ARC-Authentication-Results: i=2; smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com;
 spf=fail smtp.mailfrom=amd.com;
 dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b=nvvt4s65; arc=fail smtp.client-ip=40.93.201.43
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=fail smtp.mailfrom=amd.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b="nvvt4s65"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
 b=iQAgONYl/EvJLFo9Tw8pm02Dn4BbGi5xuhNjyROHdJ14+3jrm+sGq1+eRl15QwHlDHhRa56GLrV2j2MKtvcUJcYybV0GhP3gvLqYxVbopXInljWT7f2kHzeQ59hm31geyoW5aeGYANzfKLdqwAAcN2k8tohOc78SNnyAr9OXl3DnqW7PZ78wuAAaVjFTBqgS1XVP2Z1GSndEFYmrLbMOOe0MkWg8o9z6ZeOg4nt7GXmLeEHexU+NKZhSMRRngNSrQqNACRiiWghqNfq2xMBKzijE0OZnWdMAU6ymyzwVNZrQJfGPWbL7NTRDpZwFuiMU+W4rGaQUEah7+MBaJv1INw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector10001;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=MOgofAUOqeVeyu/S/Mb2UWuWgCZeSmaKMloA9eXd0Ug=;
 b=DzW2c23hG+HENrZKETZBk5tWJZK5PgulJoTuSQ7qGShOv+CK66EoXlVDkQ4qgz+zCzlic6+9NqyfcmFlo/hDKXz4xMTaK6OjJGf6XdiRjghhPOcFbeKJlor+StOYSxaIIwN2wuZnCJ2TUoJ5loZwFG2z0eZt6IuYz1a1Qjws7znn8Advuo5I1BdFPmle5om9POy8giPE0KV02etaTdgkPb2U433089B/Mdt3c9jPw4VTNGDPVxfAHBndABh6i5Uf4GBQy+4tzek4lceIyoqfdPDs83Lh4FUITip6lr9plIZKLLKC8SogvQb7dzvTzhe/WA5E9SsOFDrld0hs0UtkkA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com;
 dmarc=pass (p=quarantine sp=quarantine pct=100) action=none
 header.from=amd.com; dkim=none (message not signed); arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=MOgofAUOqeVeyu/S/Mb2UWuWgCZeSmaKMloA9eXd0Ug=;
 b=nvvt4s65/RanfojOK3LIZb4fA0HPW56Zk3ZJSAhg5On78xjNMBurq6bItKvbJDhGakfglkgNRBMKobLM/ykSqvMihtFtQ9F1ArCAZLtriv56d92WMV3rkXzPy8mkJtHFaYdaN1GD3kBbzWWcYgrVoHrQknbezdo2HSIGoMubgzE=
Received: from SJ0PR03CA0004.namprd03.prod.outlook.com (2603:10b6:a03:33a::9)
 by CH3PR12MB9028.namprd12.prod.outlook.com (2603:10b6:610:123::20) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9137.19; Tue, 23 Sep
 2025 05:03:47 +0000
Received: from MWH0EPF000971E5.namprd02.prod.outlook.com
 (2603:10b6:a03:33a:cafe::aa) by SJ0PR03CA0004.outlook.office365.com
 (2603:10b6:a03:33a::9) with Microsoft SMTP Server (version=TLS1_3,
 cipher=TLS_AES_256_GCM_SHA384) id 15.20.9137.20 via Frontend Transport; Tue,
 23 Sep 2025 05:03:47 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17)
 smtp.mailfrom=amd.com; dkim=none (message not signed)
 header.d=none;dmarc=pass action=none header.from=amd.com;
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=satlexmb07.amd.com; pr=C
Received: from satlexmb07.amd.com (165.204.84.17) by
 MWH0EPF000971E5.mail.protection.outlook.com (10.167.243.73) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.9137.12 via Frontend Transport; Tue, 23 Sep 2025 05:03:47 +0000
Received: from BLR-L-NUPADHYA.xilinx.com (10.180.168.240) by
 satlexmb07.amd.com (10.181.42.216) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.2.2562.17; Mon, 22 Sep 2025 22:03:42 -0700
From: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
To: <kvm@vger.kernel.org>, <seanjc@google.com>, <pbonzini@redhat.com>
CC: <linux-kernel@vger.kernel.org>, <Thomas.Lendacky@amd.com>,
	<nikunj@amd.com>, <Santosh.Shukla@amd.com>, <Vasant.Hegde@amd.com>,
	<Suravee.Suthikulpanit@amd.com>, <bp@alien8.de>, <David.Kaplan@amd.com>,
	<huibo.wang@amd.com>, <naveen.rao@amd.com>, <tiala@microsoft.com>
Subject: [RFC PATCH v2 01/17] KVM: x86/lapic: Differentiate protected APIC
 interrupt mechanisms
Date: Tue, 23 Sep 2025 10:33:01 +0530
Message-ID: <20250923050317.205482-2-Neeraj.Upadhyay@amd.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
References: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-ClientProxiedBy: satlexmb07.amd.com (10.181.42.216) To satlexmb07.amd.com
 (10.181.42.216)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: MWH0EPF000971E5:EE_|CH3PR12MB9028:EE_
X-MS-Office365-Filtering-Correlation-Id: f47ccb9d-3f1e-482b-46c5-08ddfa5e941b
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: 
	BCL:0;ARA:13230040|376014|82310400026|36860700013|1800799024;
X-Microsoft-Antispam-Message-Info: 
	=?us-ascii?Q?HYbgWipPEV/XB+tmBEXYV7sc4c5jSkxnHLUrsyDe+mlwHPTKtDKW0rNqhJ+9?=
 =?us-ascii?Q?/ILWGgqLWUADIIE5q/8wWON34ve5o4G6lDB6/v/x86TWcOnIeO0+Yh+nzmIG?=
 =?us-ascii?Q?Dh+uNNRPC/7hbQJb+S8zgqvQgqPWxdUHMQN5ALvCQBl2DYmA6L68XGL7jtin?=
 =?us-ascii?Q?2pLygttpM9kqt6biLGvw5QnD0D4BlmfjDufYy+omQYHvohgECW24hEqP2mSm?=
 =?us-ascii?Q?kWup8lkYPAYS2LXKOXNQXeqvSkoc2zJCSSAP5uCGsz5eWAK+CuDxhhGO71mH?=
 =?us-ascii?Q?xSSX8TKpvprL8bBbFujjhDtU12qTihxCEi+q8f0PIZxPM9T8htOT9wqKqG4L?=
 =?us-ascii?Q?yrpiSN6hANj3BXahGWLHswZQ9xtRz1EkZdhTt/leu9Zs+h9DNk/uL1jB4L5V?=
 =?us-ascii?Q?pcZVBu8HenIs18MXu4takvF25V+PPhw+3OrhyrmnHuCvKM2ktnPOwsCGfEFC?=
 =?us-ascii?Q?IM5TzTzjTd+ASKNRJSvoSSlwFyuDaHC0+0UYVoNjqwwHK7uVa3FAcHjw1QWc?=
 =?us-ascii?Q?caYSbcH4wT6OIH8BGWIDBWz7zkaqA9TrAe6hsJ41o2bm5+M6+FOaJ4fyxRVy?=
 =?us-ascii?Q?7xjb80wF4EpmPmLZZepqnwfT9OWH8RLh2I65OkODhc5uaTbZex5RGU0leuTl?=
 =?us-ascii?Q?7WNvOAqvOLolremVUSvrDjF3+NdQI2GnexwAjufbsrCiWKykUOX/OdEtq8lY?=
 =?us-ascii?Q?D42E58J1o7jyDzZFYKH2udlB0tOPoMNAZ0ErAwBher7ZAgrMiDd1cRGMpou/?=
 =?us-ascii?Q?6xBI5wsYb9U1RRJ1AE8zf+VsrVAXcuZkE98UMlDW2J51uVJc3NA1TwPgsf46?=
 =?us-ascii?Q?2xo87qnP5AFUN9zv7K3gCNc9nSdECU2xWGCxFcX/zbYthlx9gKYuqvR+oVPL?=
 =?us-ascii?Q?of6Kl6aIY2KvgZSagO70LAaLo92EJyNph/dMjl13pTHybKKDvSqVVbJzzAws?=
 =?us-ascii?Q?Nkjiok1gK9Cle/nMYgI04RoV16MsSrduUwL+Dz9zHCjw1w/pH0lbN2rKUXX6?=
 =?us-ascii?Q?f9GUnube0z0TEBVUFxR9gdnleFTPvnXmlemXFblyU6a/3goq5fgXl5u+x/mt?=
 =?us-ascii?Q?CH8jrXKIQj1cva8+Cy8VXYE8xJZgYttjzMS33jQwBR9xdGQC3Mtxu66tkcNE?=
 =?us-ascii?Q?TF1aCfaP7/f0F27umm9fbMO2UnJ0mq+ro1BnJHWnLNcKzdbnpvnl2019WpXk?=
 =?us-ascii?Q?D7+CpoRWFGDuB5PYFhBfoZ8Pcu45cQipxHdk1iECpW3H3oLlHS2tp4e0St6W?=
 =?us-ascii?Q?Op0bzpSNRdEtFoIgHkYrWzvhL5wlx48G7oiEvl0e1EIP7iTDsjCJM3XvE6kS?=
 =?us-ascii?Q?shPXw05fKjMKokWifpXYMbXk8RGHMECW9Q+SooowT2Df00qYaBpusWLrpwen?=
 =?us-ascii?Q?iZ2iNAf3TcecVi8d9lAPnBheiCRFI7hQYb/xKhXwFKpJa1pv2hk5/HkWXBmg?=
 =?us-ascii?Q?1dW5NCjFHJtiSdPzyZrjWxXoIuGVcpgmKAKIwDQsA61qFdKoy5Nca4q7DGZR?=
 =?us-ascii?Q?fB+PIdx9j//2QfjReMtXff4eTnBNp0Bkgzux?=
X-Forefront-Antispam-Report: 
	CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:satlexmb07.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(376014)(82310400026)(36860700013)(1800799024);DIR:OUT;SFP:1101;
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Sep 2025 05:03:47.3808
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 f47ccb9d-3f1e-482b-46c5-08ddfa5e941b
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[satlexmb07.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
	MWH0EPF000971E5.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH3PR12MB9028
Content-Type: text/plain; charset="utf-8"

The existing guest_apic_protected boolean flag is insufficient for
handling different protected guest technologies. While both Intel TDX
and AMD SNP (with Secure AVIC) protect the virtual APIC, they use
fundamentally different interrupt delivery mechanisms.

TDX relies on hardware-managed Posted Interrupts, whereas Secure AVIC
requires KVM to perform explicit software-based interrupt injection.
The current flag cannot distinguish between these two models.

To address this, introduce a new flag, prot_apic_intr_inject. This flag
is true for protected guests that require KVM to inject interrupts and
false for those that use a hardware-managed delivery mechanism.

This preparatory change allows subsequent commits to implement the correct
interrupt handling logic for Secure AVIC.

Signed-off-by: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
---
 arch/x86/kvm/lapic.h | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kvm/lapic.h b/arch/x86/kvm/lapic.h
index 72de14527698..f48218fd4638 100644
--- a/arch/x86/kvm/lapic.h
+++ b/arch/x86/kvm/lapic.h
@@ -70,7 +70,10 @@ struct kvm_lapic {
 	bool irr_pending;
 	bool lvt0_in_nmi_mode;
 	/* Select registers in the vAPIC cannot be read/written. */
-	bool guest_apic_protected;
+	struct {
+		bool guest_apic_protected;
+		bool prot_apic_intr_inject;
+	};
 	/* Number of bits set in ISR. */
 	s16 isr_count;
 	/* The highest vector set in ISR; if -1 - invalid, must scan ISR. */
--=20
2.34.1
From nobody Thu Oct  2 03:27:31 2025
Received: from SA9PR02CU001.outbound.protection.outlook.com
 (mail-southcentralusazon11013068.outbound.protection.outlook.com
 [40.93.196.68])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id ECCCD2594B9;
	Tue, 23 Sep 2025 05:04:20 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=fail smtp.client-ip=40.93.196.68
ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758603862; cv=fail;
 b=MnG2iGHsBm9D/Gz0CeEeR0ipXe0vco3YROarusiGOLcZaWOc+dYkYw9Ii/qyNZ3jvDT/i4YvJtsDoerV8ZfvgDcQ48VwK49Pz6JK4KSg8eGdLN0+ItXum94M52koDJEAJE1khA3DeVITjlF3RiKQlqrqYDxPV9fALNYhRH57Ddo=
ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758603862; c=relaxed/simple;
	bh=2HOfSbraWO/t9s373LMC5Wx2tB8tyL2KGdkOkNbYYAQ=;
	h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version:Content-Type;
 b=Y5ChgWhLamH1yrHFEzcV0rXmDG3zx3kslid7QRJgkch+XZC984Bo4Ggoq9hr4c23LpLMIALCR50RmkmT5Xt0z9W7g+XMM+S9sD12QcvPPAVRHT9lyuLcFJvq2n35dJYMw+84W8WNlrcM1S4pG2554ZLzGK4U7Bu0+9Cr0/JD678=
ARC-Authentication-Results: i=2; smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com;
 spf=fail smtp.mailfrom=amd.com;
 dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b=JJ3GsJdS; arc=fail smtp.client-ip=40.93.196.68
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=fail smtp.mailfrom=amd.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b="JJ3GsJdS"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
 b=r0G++0aShtp84MwJX3lozHBmB/uiZZwF04K5uy1d27YZPkveY5OuOkTlTc4v4C6ZB52EsXWs0Z/TqxmipwTzl2u4BrNzlqU6izbZPzVzZckUaLqNkVMnXdGf62WUfUdZX90vg8q1FDVuojjB7M3kSY2Jnzkw5Hq2it2lNsx2xjqVq+WiWjVX66oiE0HKoHDpJZR6T1vHO+ARdaVH+r2XgbxAlGEOASQe5+1a/b0gyavVzamrW5HSkpI5fVqpFY7gSH+lQJYdth5xFv0YIEQYDym+oePC5sJf77f9MWkFkjIUrEzdkjKBGpwoODC5elQCIwKsxov3xb0/qi9QUfcEPw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector10001;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=JqYlm2qNWJG/uD6vhjzrpqGvwXUW2UufEzhkIBnUiK4=;
 b=EsO09uM67clBQfWZGVx4Ae4vU3nNc74RmPAgBbUaKZfs4jLF5yWhkZM3aiuzOkEVLr572m37qZnmCJcuhNS88blSjeUBKif+6d0oyJFJKg/xEPOn+wvy1iD7rqM17tI4jbDk3bfm+qYWUorvNfGXMlL8NXjUg9/3LqswXnVfaG/yI7nmZAlfviJLWQ7fXJhFkO1BTxzaqc/kL4bixF/1Ow9+lTLPlBmI/gXjorZpCNPPDbwTNfseU5V9QQtTGrrUWm1eFOQvZLUcluWceNiYlwmThmpy8w4QVLKVQt2cruPPYK4850l4MB9epwUewARDr1m5MTmw7SQVg1CeUrwuTw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com;
 dmarc=pass (p=quarantine sp=quarantine pct=100) action=none
 header.from=amd.com; dkim=none (message not signed); arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=JqYlm2qNWJG/uD6vhjzrpqGvwXUW2UufEzhkIBnUiK4=;
 b=JJ3GsJdScVATX+GHYBv0M3b2JbEQGFosdpAisBNZVOlEijBjvrIo+m5cldablngrlW+XsbQvuxTZGf+xWREmvmhuR8YDx/RtkH/HHwyEM3K87trWBkrNOtLcCa9k2I2tADkJKDKi04WTUfCdj98edSd7vsbywT4hpypdh2qwZyY=
Received: from BY1P220CA0002.NAMP220.PROD.OUTLOOK.COM (2603:10b6:a03:59d::6)
 by CH3PR12MB8934.namprd12.prod.outlook.com (2603:10b6:610:17a::10) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9137.19; Tue, 23 Sep
 2025 05:04:14 +0000
Received: from MWH0EPF000971E6.namprd02.prod.outlook.com
 (2603:10b6:a03:59d:cafe::c4) by BY1P220CA0002.outlook.office365.com
 (2603:10b6:a03:59d::6) with Microsoft SMTP Server (version=TLS1_3,
 cipher=TLS_AES_256_GCM_SHA384) id 15.20.9137.21 via Frontend Transport; Tue,
 23 Sep 2025 05:04:13 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17)
 smtp.mailfrom=amd.com; dkim=none (message not signed)
 header.d=none;dmarc=pass action=none header.from=amd.com;
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=satlexmb07.amd.com; pr=C
Received: from satlexmb07.amd.com (165.204.84.17) by
 MWH0EPF000971E6.mail.protection.outlook.com (10.167.243.74) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.9137.12 via Frontend Transport; Tue, 23 Sep 2025 05:04:13 +0000
Received: from BLR-L-NUPADHYA.xilinx.com (10.180.168.240) by
 satlexmb07.amd.com (10.181.42.216) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.2.2562.17; Mon, 22 Sep 2025 22:03:59 -0700
From: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
To: <kvm@vger.kernel.org>, <seanjc@google.com>, <pbonzini@redhat.com>
CC: <linux-kernel@vger.kernel.org>, <Thomas.Lendacky@amd.com>,
	<nikunj@amd.com>, <Santosh.Shukla@amd.com>, <Vasant.Hegde@amd.com>,
	<Suravee.Suthikulpanit@amd.com>, <bp@alien8.de>, <David.Kaplan@amd.com>,
	<huibo.wang@amd.com>, <naveen.rao@amd.com>, <tiala@microsoft.com>
Subject: [RFC PATCH v2 02/17] x86/cpufeatures: Add Secure AVIC CPU feature
Date: Tue, 23 Sep 2025 10:33:02 +0530
Message-ID: <20250923050317.205482-3-Neeraj.Upadhyay@amd.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
References: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-ClientProxiedBy: satlexmb07.amd.com (10.181.42.216) To satlexmb07.amd.com
 (10.181.42.216)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: MWH0EPF000971E6:EE_|CH3PR12MB8934:EE_
X-MS-Office365-Filtering-Correlation-Id: 14ed459a-a94e-4c7a-b451-08ddfa5ea395
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: 
	BCL:0;ARA:13230040|36860700013|1800799024|376014|82310400026;
X-Microsoft-Antispam-Message-Info: 
	=?us-ascii?Q?YT9WiT7FpSGcZe4ru8Y0II9u/0+tfzNau6BdGt1NebqI57I4lmZQqgAo56mN?=
 =?us-ascii?Q?P9syu8Jnbd7DO34HMROr0BXxBMt9RSIAPTuB+DK45eCmxo2NswBK381CMfn1?=
 =?us-ascii?Q?yaS4vzzLXKtU8TZuKIcUSlKEh/hL+Wl0EHzDemSmvMfH7kSSjBlLNTxldCwt?=
 =?us-ascii?Q?PLofuS5Kv3SGdXz4mkk0kg8mfVZjhJ9Z26F02UIJ+cCQHRHIYcBXYJDovmMv?=
 =?us-ascii?Q?DHBCHCprRPktHDdq7AH9g+AOvAg6iFR30ULMSc96OK8IOgX+1M7fK+2m1Zn5?=
 =?us-ascii?Q?7F8WsDWHOgFd5RUY+VeCRdQ0C+dY3gMICwduM0udj/PzYjWMt8Zf5a1g1CDF?=
 =?us-ascii?Q?HkbX6AH8EV4sSZxtHDG6CEa60MqoBGTWvBXa0TpEb57R+vTTJ7i/3rWN3aqX?=
 =?us-ascii?Q?SPkkrzOMoBu3k1g5/PaFGTATMDBust8pig/X3uXMSs1+Mw5BvyGaXdDWILRY?=
 =?us-ascii?Q?mw/mmbMfBMywGQwe7p00g4/hyYTJzz9qx3+vU8ZxP0p+QJJU791rXNlmlCYx?=
 =?us-ascii?Q?8z5zFRcS9kMlw+5er22g2rKWUTfoxrAaKq8n59YugLH4+8dHk9yVsafcQfRe?=
 =?us-ascii?Q?agCxconw0wvPgLV6jI1wwsIzqlTXnvfeZg3rKLUykbCQ+ZKYgvO3N4ox6XMh?=
 =?us-ascii?Q?PKN+hlwfLUKNJcj7hwQEiRXYxqxw7GKs1yKT/zXW23iedJ5yokgup7wHXLzU?=
 =?us-ascii?Q?iebE6J7nMyqp0m/U7aL51i4M8pi3DoA2cxrRzHm1UpPVL3scROP6BJWLSAlE?=
 =?us-ascii?Q?Q+m8Jsf7jKYytTVjeKj/XSYWA0A73nCoXZbweHmOllbUR75vMGagKkhtJKfm?=
 =?us-ascii?Q?B4xYO29fnsz8tcu3ec4lZYFu9TTv3h4Exu2FMUMZkHRc1MFB+d7EkyZvbk91?=
 =?us-ascii?Q?rsvfRgob7GrJOk2JGDP1HBj5amAatpF2uDIjgOxJ50uh2aqqN+uRphHMZj50?=
 =?us-ascii?Q?1E4rdcCUzScouAjYoXvLCiXDRB21idmZlL2BElzYPO5MYxVHx7lWI+/bQmay?=
 =?us-ascii?Q?T99622jQIineH2u2mzBrYfce6fRUaiz1XnCjlQzwCs+2hDaYSKamQw/Q6bF/?=
 =?us-ascii?Q?0hP4jNlw1JB1PhV/TUrm5Irq+b9Ioha0NKTgL1cqXWc4HpGlgf76E26juLdn?=
 =?us-ascii?Q?BwSAyOCHixKcsITrCOf7BVQW5Nst3lSYun1rhrPekUPHWPSXWdrRAwofm0Jv?=
 =?us-ascii?Q?7PAIt8GNBDVXG8MPZzgkEp5BaI2W9WLU7sVB74qpUzCXWbrfoNk3MaCQLDSS?=
 =?us-ascii?Q?zDqcen0USyR6pBGzLhv9FGLJvSZ869VdqPGe0YYTG473dSQ72pR4WU7PbM0H?=
 =?us-ascii?Q?ojqYZYlfSc68b7OTl/HnoYIXk/2S2F12gDr7iJP6YhtUeLZxyAlvL9EOW30s?=
 =?us-ascii?Q?OoNhaFnmUoAwLXQcjzvtrsLFMy3uxHfj23m+2cNF1xNwCwsEBhLQcB/zq190?=
 =?us-ascii?Q?8bJQNvK6vZdvDzdhdFnafcugFnC1y5qjPF7yfor2CnzH2EEcSsL4/u9RTjTT?=
 =?us-ascii?Q?I6SVEQ49hPe9UO/IYisustQlNkiWJNc49Jw3?=
X-Forefront-Antispam-Report: 
	CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:satlexmb07.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(36860700013)(1800799024)(376014)(82310400026);DIR:OUT;SFP:1101;
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Sep 2025 05:04:13.3393
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 14ed459a-a94e-4c7a-b451-08ddfa5ea395
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[satlexmb07.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
	MWH0EPF000971E6.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH3PR12MB8934
Content-Type: text/plain; charset="utf-8"

Add CPU feature detection for Secure AVIC. The Secure AVIC feature
provides hardware acceleration for performance sensitive APIC accesses
and support for managing guest-owned APIC state for the SEV-SNP guests.

Signed-off-by: Kishon Vijay Abraham I <kvijayab@amd.com>
Signed-off-by: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
---
 arch/x86/include/asm/cpufeatures.h | 1 +
 1 file changed, 1 insertion(+)

diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpuf=
eatures.h
index 06fc0479a23f..d855825b1b9e 100644
--- a/arch/x86/include/asm/cpufeatures.h
+++ b/arch/x86/include/asm/cpufeatures.h
@@ -449,6 +449,7 @@
 #define X86_FEATURE_DEBUG_SWAP		(19*32+14) /* "debug_swap" SEV-ES full deb=
ug state swap support */
 #define X86_FEATURE_RMPREAD		(19*32+21) /* RMPREAD instruction */
 #define X86_FEATURE_SEGMENTED_RMP	(19*32+23) /* Segmented RMP support */
+#define X86_FEATURE_SECURE_AVIC		(19*32+26) /* Secure AVIC */
 #define X86_FEATURE_ALLOWED_SEV_FEATURES (19*32+27) /* Allowed SEV Feature=
s */
 #define X86_FEATURE_SVSM		(19*32+28) /* "svsm" SVSM present */
 #define X86_FEATURE_HV_INUSE_WR_ALLOWED	(19*32+30) /* Allow Write to in-us=
e hypervisor-owned pages */
--=20
2.34.1
From nobody Thu Oct  2 03:27:31 2025
Received: from PH0PR06CU001.outbound.protection.outlook.com
 (mail-westus3azon11011057.outbound.protection.outlook.com [40.107.208.57])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id F229026E16F;
	Tue, 23 Sep 2025 05:04:38 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=fail smtp.client-ip=40.107.208.57
ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758603880; cv=fail;
 b=ZXqzpiqv1Orki4BE96mIFjLklM/l63L1FP08ZEV6tVsJ+tPacPQ4MU/YAqSBBX3XXqT6PwZ1HQ4u/Lqi+pbAe2FRKj1CXtYCnj3LzJKh4EMT+CS1OxufL129/BXyRPdIQYUiDEWUTbFn2dD3Que7a/BJrzfHL2/IQzuqMLJGBWA=
ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758603880; c=relaxed/simple;
	bh=f0mjxw/cd34ivXhJ+2eevESt3tC6L3p4fr99YYvaiaE=;
	h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version:Content-Type;
 b=iQihjQbks/6Vc0FcWi5ov3G3C040flzjiT6FQOl8B7E0jAj8+7/ZmLyCbnGSPYmQlQ0KdNLjfqBuLhPjUoytukO2a4mc576qjj5BkS6/9ID1xNbUH2ObvMkwO0iOAqkOBu6EeBPOqioZCUh/dHmeLhkNk7ZZ8SEaduhZzy+DL9w=
ARC-Authentication-Results: i=2; smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com;
 spf=fail smtp.mailfrom=amd.com;
 dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b=b02Ao9Re; arc=fail smtp.client-ip=40.107.208.57
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=fail smtp.mailfrom=amd.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b="b02Ao9Re"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
 b=dHEoK3lexTOQ+FV1naPuOlxgcL9krC9fZnZBG1RbgZ2Mjp1Vkfx8YQRB9ImivFC9SrmPhag7+I1DDsDpA8X1Ag3mlhsqg68TKlE+ZxWxj+P2Y/jPk59YEvGIA0coz/g7DTWbvNYhGQKiFQ+rlQgcUV3rMD6i3tGjXsgcTgp75ZrCGB4t6MPSSVaUbNV82nSBZixz3sundpbM/as6qrz3IE1iHsOURoNmLVLk66NU5Az9U/0HxHpVP/NmYk0ADcmCZqNvmhVwsNlVqTMFlQ+ghKQsj8zrQ7kQJF2dXAFs3iWAx08XOKxTgh2mQHH8KREiZeSz8qvOe24zV215xVD8Mg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector10001;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=gQtivF9Y+lzTdkv2YC/3nMyLJ1YtLEh5+l/yUmeCz8o=;
 b=U0xtUrOElgEWI9zOn+uY1hPitcETS9B5m2XULYZXvRsTdinbUHTnEaECgeLHzJbDtY/n5vTf8DfoirYJSrYbkfi+Q7JUWpY5mUfA9zREQKhqMWylP5JNRNaxCDXYK7ZSd+io8ppK7jU4l7aYlMASEFb1zyDtEFflVoZ3/utbxA4vZ5wRBuPOvz1TD4Y4twjnGVCE0xn8WzxiWasQthCeot/1rYcU5+4rujlqR54BQFkelk8VU97lYR2mPVbzazB8kdsIizGn+G1hFmKyc6zx+1rcpgusbl8jdYt/W36mM1pAJC1FqUpAot+MJ62Vj83tQGQgl/Zc053Ibm7U2CEIug==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com;
 dmarc=pass (p=quarantine sp=quarantine pct=100) action=none
 header.from=amd.com; dkim=none (message not signed); arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=gQtivF9Y+lzTdkv2YC/3nMyLJ1YtLEh5+l/yUmeCz8o=;
 b=b02Ao9RewN4Sq0q/nHBjTlCs649rL0tYc7eWoGuvwexo8LoSmuLZ66FUugFmoGI3cXXNfknMO0hpIeeW8wYYDkSqoL0xywncrMp6svVO+FPI/4vSeuEvYpwowkOoL+wPstylnR+A7uE8dLPI3MIx1l/Q7C0iwQeCsOwf0Jo1hqw=
Received: from SJ0PR03CA0017.namprd03.prod.outlook.com (2603:10b6:a03:33a::22)
 by PH7PR12MB5596.namprd12.prod.outlook.com (2603:10b6:510:136::13) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9137.19; Tue, 23 Sep
 2025 05:04:34 +0000
Received: from MWH0EPF000971E5.namprd02.prod.outlook.com
 (2603:10b6:a03:33a:cafe::4d) by SJ0PR03CA0017.outlook.office365.com
 (2603:10b6:a03:33a::22) with Microsoft SMTP Server (version=TLS1_3,
 cipher=TLS_AES_256_GCM_SHA384) id 15.20.9137.19 via Frontend Transport; Tue,
 23 Sep 2025 05:04:18 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17)
 smtp.mailfrom=amd.com; dkim=none (message not signed)
 header.d=none;dmarc=pass action=none header.from=amd.com;
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=satlexmb07.amd.com; pr=C
Received: from satlexmb07.amd.com (165.204.84.17) by
 MWH0EPF000971E5.mail.protection.outlook.com (10.167.243.73) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.9137.12 via Frontend Transport; Tue, 23 Sep 2025 05:04:34 +0000
Received: from BLR-L-NUPADHYA.xilinx.com (10.180.168.240) by
 satlexmb07.amd.com (10.181.42.216) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.2.2562.17; Mon, 22 Sep 2025 22:04:16 -0700
From: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
To: <kvm@vger.kernel.org>, <seanjc@google.com>, <pbonzini@redhat.com>
CC: <linux-kernel@vger.kernel.org>, <Thomas.Lendacky@amd.com>,
	<nikunj@amd.com>, <Santosh.Shukla@amd.com>, <Vasant.Hegde@amd.com>,
	<Suravee.Suthikulpanit@amd.com>, <bp@alien8.de>, <David.Kaplan@amd.com>,
	<huibo.wang@amd.com>, <naveen.rao@amd.com>, <tiala@microsoft.com>
Subject: [RFC PATCH v2 03/17] KVM: SVM: Add support for Secure AVIC capability
 in KVM
Date: Tue, 23 Sep 2025 10:33:03 +0530
Message-ID: <20250923050317.205482-4-Neeraj.Upadhyay@amd.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
References: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-ClientProxiedBy: satlexmb07.amd.com (10.181.42.216) To satlexmb07.amd.com
 (10.181.42.216)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: MWH0EPF000971E5:EE_|PH7PR12MB5596:EE_
X-MS-Office365-Filtering-Correlation-Id: 91da916c-10f8-4747-6076-08ddfa5eb037
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: 
	BCL:0;ARA:13230040|82310400026|36860700013|1800799024|376014;
X-Microsoft-Antispam-Message-Info: 
	=?us-ascii?Q?IG5QuF6jJE6wmyWMG6i9VY1rbJ9UTcZrUH+0TyQSX+UxlJlRfRpNRXVqg6CJ?=
 =?us-ascii?Q?OY2dapnyIxP3pFLkrwtwkjiFdSH49xytDrhMOQhInbdJ5lRPa3bAetK5Ur3Y?=
 =?us-ascii?Q?I9r5zQnRHkoTtcrPtqDlXmkAGGyw8bIx3nbN2/CswRsvumXpTtotKp//HadQ?=
 =?us-ascii?Q?0dyVibyEErmtJ2igOSX5aIrBZxfEAMrJsLGFHTta/dgfrpTrORak0ITVQ3sw?=
 =?us-ascii?Q?b99wrSktNuF/MoRGkdXvFeQzdvp0G0Zl1wV9YM8NlDHrGmJ7TTcMN4ibvapZ?=
 =?us-ascii?Q?ERbhTEio7GZad8GcCmMB/we5RMykkd3s5tEcu0ig3/lwhJwusTa7wJ3emlMS?=
 =?us-ascii?Q?N7MDPWbfwPEwi2bfC/2Sj/LkZQqP7Pww5JPu9LHqnoc1skRt/kd8fCI4sCxJ?=
 =?us-ascii?Q?7geWk2e+p/jWoDxwT/breKDZPbadKpOSmyBzZcgtrnNbb5KW0JZOIRTTmnuY?=
 =?us-ascii?Q?FroG389nPvDLU00ycme4W4OPE565G/Gj/nIYf4YJu/vMSZzRT88Ps2VsYPI9?=
 =?us-ascii?Q?Tw2yxGOoyNnIxdGadKtaI+fZ49dOTbR/pgBfpxMvUelXg43lrJ7K6A/QlIXi?=
 =?us-ascii?Q?tdZIZ0e6WRsS0wkMMUVOrMXNPxMaDBQ5aEQPg9HSEyhoof/kabl7g8+n+YN9?=
 =?us-ascii?Q?xQ83ek7yEruzdsF8kn0fYK9YPKd4SovLL1UbEyq9owCjNGaCoqmd1Dk/jk80?=
 =?us-ascii?Q?s4L3cUNPrrvGW9mA8mhglTKCNCzISVdWSLcyHkWIjVzK7WBuzV3GYOwSZxfm?=
 =?us-ascii?Q?ICtvLrGwElvVwWMx+zeXVyeQeH1UYOUB/4xJ1i41yGy7tJB2GS7dW1cqKj2Q?=
 =?us-ascii?Q?A6GoCr5Xhlv9LLUVh7uwu3zhLremCfb2jL5KDrxOLvU59Qtohze9YIVuZNOD?=
 =?us-ascii?Q?o/Fa+wc1HMNA4JZghoS4K0jAFk+jE1eVpn6mw2ELbtYLZNTCf4BFLo7vuQg+?=
 =?us-ascii?Q?Wo5oTsnev/svj/vE4Vc2bI10+nfoFCRhGNCLB4+H/S57hG3V/g3nr9PsLbPe?=
 =?us-ascii?Q?7qefHahxw6cuOjWyGfoZgdtDyXA2mZ+MWtx/OWKSYC8azmDjepE5EwuOf7wA?=
 =?us-ascii?Q?FZYz1HRz+I06fvGwchnu34KcsFwnPouhv+hRXrf8PGPdc4twTNe51Q3pWGyX?=
 =?us-ascii?Q?dDg6JXOvvgZN5hsLt4ZG0q3LAAcED7zYau1iL9CEvLHknpqnNWosOovEnIYd?=
 =?us-ascii?Q?BAfIF259tOJrXjDOnc2n2XB0b+Wqn4y/FMur4sBSHtuhbl6ASwYk1pj8iqdz?=
 =?us-ascii?Q?4Y8Fhd8N+sUMxBfxOjykbBQJWIal0HKfIrES/K/2bGAURyHg7L2PKEnDdlfz?=
 =?us-ascii?Q?9RBmZBNXsujoA4OdnE21ZfC5AmFJhjaXURo8dUF0RwCT5eZicbSq882YyK7H?=
 =?us-ascii?Q?iTBX94fU7hPnkxesnP4eqs0eP07QD0f4qbKl5E7nV9d4Lr/Sv153W3F551SF?=
 =?us-ascii?Q?b8iR13+HPJO9dFwdL4Ywi7UhIp/mm897HJtJNZCT48h/jUyIxG4eMQp0tOGf?=
 =?us-ascii?Q?t7dTApYAV6F+rpYAC/0LPc9sCGsZpi87e85w?=
X-Forefront-Antispam-Report: 
	CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:satlexmb07.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(82310400026)(36860700013)(1800799024)(376014);DIR:OUT;SFP:1101;
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Sep 2025 05:04:34.5338
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 91da916c-10f8-4747-6076-08ddfa5eb037
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[satlexmb07.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
	MWH0EPF000971E5.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB5596
Content-Type: text/plain; charset="utf-8"

Add support to KVM for determining if a system is capable of supporting
Secure AVIC feature.

Secure AVIC feature support is determined based on:

- secure_avic module parameter is set.
- X86_FEATURE_SECURE_AVIC CPU feature bit is set.
- SNP feature is supported.

Co-developed-by: Kishon Vijay Abraham I <kvijayab@amd.com>
Signed-off-by: Kishon Vijay Abraham I <kvijayab@amd.com>
Signed-off-by: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
---
 arch/x86/include/asm/svm.h | 1 +
 arch/x86/kvm/svm/sev.c     | 9 +++++++++
 2 files changed, 10 insertions(+)

diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h
index ffc27f676243..ab3d55654c77 100644
--- a/arch/x86/include/asm/svm.h
+++ b/arch/x86/include/asm/svm.h
@@ -299,6 +299,7 @@ static_assert((X2AVIC_MAX_PHYSICAL_ID & AVIC_PHYSICAL_M=
AX_INDEX_MASK) =3D=3D X2AVIC_
 #define SVM_SEV_FEAT_RESTRICTED_INJECTION		BIT(3)
 #define SVM_SEV_FEAT_ALTERNATE_INJECTION		BIT(4)
 #define SVM_SEV_FEAT_DEBUG_SWAP				BIT(5)
+#define SVM_SEV_FEAT_SECURE_AVIC			BIT(16)
=20
 #define VMCB_ALLOWED_SEV_FEATURES_VALID			BIT_ULL(63)
=20
diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index 5bac4d20aec0..b2eae102681c 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -59,6 +59,10 @@ static bool sev_es_debug_swap_enabled =3D true;
 module_param_named(debug_swap, sev_es_debug_swap_enabled, bool, 0444);
 static u64 sev_supported_vmsa_features;
=20
+/* enable/disable SEV-SNP Secure AVIC support */
+bool sev_snp_savic_enabled =3D true;
+module_param_named(secure_avic, sev_snp_savic_enabled, bool, 0444);
+
 #define AP_RESET_HOLD_NONE		0
 #define AP_RESET_HOLD_NAE_EVENT		1
 #define AP_RESET_HOLD_MSR_PROTO		2
@@ -2911,6 +2915,8 @@ void __init sev_set_cpu_caps(void)
 		kvm_cpu_cap_set(X86_FEATURE_SEV_SNP);
 		kvm_caps.supported_vm_types |=3D BIT(KVM_X86_SNP_VM);
 	}
+	if (sev_snp_savic_enabled)
+		kvm_cpu_cap_set(X86_FEATURE_SECURE_AVIC);
 }
=20
 static bool is_sev_snp_initialized(void)
@@ -3075,6 +3081,9 @@ void __init sev_hardware_setup(void)
 	    !cpu_feature_enabled(X86_FEATURE_NO_NESTED_DATA_BP))
 		sev_es_debug_swap_enabled =3D false;
=20
+	if (!sev_snp_supported || !cpu_feature_enabled(X86_FEATURE_SECURE_AVIC))
+		sev_snp_savic_enabled =3D false;
+
 	sev_supported_vmsa_features =3D 0;
 	if (sev_es_debug_swap_enabled)
 		sev_supported_vmsa_features |=3D SVM_SEV_FEAT_DEBUG_SWAP;
--=20
2.34.1
From nobody Thu Oct  2 03:27:31 2025
Received: from BL0PR03CU003.outbound.protection.outlook.com
 (mail-eastusazon11012050.outbound.protection.outlook.com [52.101.53.50])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2AA78274671;
	Tue, 23 Sep 2025 05:04:48 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=fail smtp.client-ip=52.101.53.50
ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758603890; cv=fail;
 b=G+sjkUj0jtm3/b8w9U0K6ZD2XYIX1oOijrIF5XETGQ3DwFbDRPtyvgEMAJ2VPNME/FBw+3aZlkj8iduovkiF0bn0f9bTQdKT+y6ADVZYcUv8gFmM2irQqJjWjxd2F/FO5RMNUxFAtdZyTOeqxnRdaqWWPnsn6ddJIK3kE9DFCvo=
ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758603890; c=relaxed/simple;
	bh=xblGdLMa3qKYbkBs71Rmrmc+MW3lzAAtBMcm8abS0rs=;
	h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version:Content-Type;
 b=pYL7zvNf0elw14aSLnD9TCXZ/Blqj1o86qzEeYoD/Xb+9+8t/UHPhipnP7XjZpCqzotB8XO0CUoJUTg5X3Q3c4FcQcjI0orUpYqBCxzxg+V1m3ABmvGnBdr1hn03ySNwJvfHI/nl84EOIgyDHsiUtlqmgwk5kGHXSeMQFxvjK9I=
ARC-Authentication-Results: i=2; smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com;
 spf=fail smtp.mailfrom=amd.com;
 dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b=gQ+af+3v; arc=fail smtp.client-ip=52.101.53.50
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=fail smtp.mailfrom=amd.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b="gQ+af+3v"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
 b=rCK6sSF1suweFAukFJJ6KIJyyZ4c733P4l6zjAGBams0J5QHAF+VR0jax+UueEiq028/YkI2OhbmA5O1uF/gv4p+ruMsaA5hblZTIjR/hKROJ0/oNGEVUj29+U6xSuyKXSEehuoFm3IaONu/sWWbZ2FDWYsfpHqYXDjeRT+XLKG8LuYvx84ynpSP4zhogbD+ICKZE/9hVfd7n7oqX6TfndjU24Nc8a2wp3+Y0sOBj2aFIilWqybdcZuMK8tkdrUE7WtpyVJDenyd0KZP8uLhLBXjbItARHlVVZcI7USF01FnjOvoV9/UhbFw6zlKspFft2sZ2QhDpHLNMJPGxD+epw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector10001;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=XItqrWyRhxf8pIGHcpQhl6QE0K780EjiWORjSM2FKso=;
 b=Xy8bw1pjVW2uYVB6Q5MEUJnuaeWcuaiuHQszkG1TK9EXtXX0yLh/vmDr3r/aa0ew4CYR2839KGxf2TH4lQv5XJvvNOksr/73FZkDk4GPT5pmoilsAv2OjFfKvC7EWrtlMDccq/YgWfhpP107kOzADl51GD9tBcEJ7qv+RmXzabcj4gi19moi6qFMGTBaHKdwZo04v1DIWCE3asYeT0wGnINs2AOD9DWOkdWYlRYWKiuCIyZKTgVRxZ6+3ExzE77JlWO+biPDO3d8DONidsQ605HT/AQl2eADSTEafSVt/Q77zBcGI3ZD5+Yf1ZeXrOdNklLAASVlRxgehdUvktDihw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com;
 dmarc=pass (p=quarantine sp=quarantine pct=100) action=none
 header.from=amd.com; dkim=none (message not signed); arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=XItqrWyRhxf8pIGHcpQhl6QE0K780EjiWORjSM2FKso=;
 b=gQ+af+3vCVU+AkWjHi8huw92RvF+PQ1qdi1Ne95N8qsAfjkC+WB2cte7JOlShTIiis5DpL4IAe05Zrm5D/9SDN+4YWBiOdOxV/IvzzOkwVsdpoZ9fJo7tC7hQaXYewtoBocej9oHIgYenDmqJpC7ei26ZjMuIqf68J1FQdQbZiQ=
Received: from SJ0PR03CA0001.namprd03.prod.outlook.com (2603:10b6:a03:33a::6)
 by IA0PR12MB8277.namprd12.prod.outlook.com (2603:10b6:208:3de::22) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9137.19; Tue, 23 Sep
 2025 05:04:45 +0000
Received: from MWH0EPF000971E5.namprd02.prod.outlook.com
 (2603:10b6:a03:33a:cafe::ab) by SJ0PR03CA0001.outlook.office365.com
 (2603:10b6:a03:33a::6) with Microsoft SMTP Server (version=TLS1_3,
 cipher=TLS_AES_256_GCM_SHA384) id 15.20.9137.19 via Frontend Transport; Tue,
 23 Sep 2025 05:04:34 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17)
 smtp.mailfrom=amd.com; dkim=none (message not signed)
 header.d=none;dmarc=pass action=none header.from=amd.com;
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=satlexmb07.amd.com; pr=C
Received: from satlexmb07.amd.com (165.204.84.17) by
 MWH0EPF000971E5.mail.protection.outlook.com (10.167.243.73) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.9137.12 via Frontend Transport; Tue, 23 Sep 2025 05:04:44 +0000
Received: from BLR-L-NUPADHYA.xilinx.com (10.180.168.240) by
 satlexmb07.amd.com (10.181.42.216) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.2.2562.17; Mon, 22 Sep 2025 22:04:33 -0700
From: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
To: <kvm@vger.kernel.org>, <seanjc@google.com>, <pbonzini@redhat.com>
CC: <linux-kernel@vger.kernel.org>, <Thomas.Lendacky@amd.com>,
	<nikunj@amd.com>, <Santosh.Shukla@amd.com>, <Vasant.Hegde@amd.com>,
	<Suravee.Suthikulpanit@amd.com>, <bp@alien8.de>, <David.Kaplan@amd.com>,
	<huibo.wang@amd.com>, <naveen.rao@amd.com>, <tiala@microsoft.com>
Subject: [RFC PATCH v2 04/17] KVM: SVM: Set guest APIC protection flags for
 Secure AVIC
Date: Tue, 23 Sep 2025 10:33:04 +0530
Message-ID: <20250923050317.205482-5-Neeraj.Upadhyay@amd.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
References: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-ClientProxiedBy: satlexmb07.amd.com (10.181.42.216) To satlexmb07.amd.com
 (10.181.42.216)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: MWH0EPF000971E5:EE_|IA0PR12MB8277:EE_
X-MS-Office365-Filtering-Correlation-Id: de20d218-9808-460c-2781-08ddfa5eb657
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: 
	BCL:0;ARA:13230040|82310400026|1800799024|36860700013|376014;
X-Microsoft-Antispam-Message-Info: 
	=?us-ascii?Q?BxWFB24V4yaLpHv7JrS7tXGEXHbvsdpj750Ykc9ql5KTuJn5nhV+WbvbUBj9?=
 =?us-ascii?Q?EuqSqprT5aQo96t7cgEIAlWD5SJKEaURryM0MUqqexy2NgFVHgU9oQTpSEaQ?=
 =?us-ascii?Q?P2dUbcwObghoR8PcAj9J+/mAEespskMc+Y2jiR8YR8RuCvWAXBl/ahOzByjK?=
 =?us-ascii?Q?qrxH2eZ3YI5E1o+mVtafW7edhjzlD3QBgy54XgS/IU6OcOxbHgXwbFGv7KzN?=
 =?us-ascii?Q?yMwSGcw+5T7Rexw88VpVgIb+SkFXYmvmC7UVMM03xdQwY/c9o9V+rBnLPHtD?=
 =?us-ascii?Q?uPvBvXG7tx6iGq3qEwo+FHvncqSaXVjv5smA7ZKoOvBUGOkA1w7EIO/M1CC2?=
 =?us-ascii?Q?T3wC9TCLFWlC0G4/L+XZ5lakZdwFpzlHPuWu2lydAqbftBYPzupiwNZgvA2C?=
 =?us-ascii?Q?NObZJSLUvk+1xq35+GQEsi0eiO6/rcfuOhghgEN38OQSLfzkdIIO21aTJcgE?=
 =?us-ascii?Q?gua/Vqh6BJpqjCsTVQaK5NGgdUzrS+J44HzTSaDtqw+md2BLUv3YUsa7qysA?=
 =?us-ascii?Q?I4hEjWz5cHk0HKCOjrR0ysbPEy5kJ3nL3EHxFmBJx5KoWApmprLhX84BrFVq?=
 =?us-ascii?Q?rWmXOjfbysHYJgpe04/HbZq0r/CXXjJ3oPsMapH8RpZo0QPAzpLxRuwiPJFN?=
 =?us-ascii?Q?l76xx5ZyIEdV6muwLdVTb0lSII5zfjcZdRtup9KPAWMgIPHmSrLcoku/CW+v?=
 =?us-ascii?Q?1U1QMOsUVfN4tygbIs0BhRzvRkcAYfti8gwZc5joXEVwX+FTqzA+oexu7cJ1?=
 =?us-ascii?Q?oXZTWOvj/OHI9ckc+pY7OZIelaHalxdYe//aNZ5jRuVo2kJ/1wGB6lfVXwlA?=
 =?us-ascii?Q?NRDgLPSOUayYApwnAkclZOsmEsdU454E7zuSqSueOZsKYXCumbo+dpWpYEh/?=
 =?us-ascii?Q?twI9phQ7Jq+BMT+QD/yB5LqpWk15SdD+h7mZjBUx5t+JIJt4skfkxAnR2pkX?=
 =?us-ascii?Q?RrBhi6IVag+z46vAnvd43VKOw1R94eAx5uu4Kq5kUA92693Ld/x2WeUoYW58?=
 =?us-ascii?Q?Z0/xC4YiG4surv5VJRh6p5mLnOEo2AOLtbnSko6HONDrdKfVmfjZdgkU5tTk?=
 =?us-ascii?Q?3m5rvxHybqrgvg28ZYXGtx85g6EklwXP2UrlLA7anaJatLG99iRyeHEaG1kI?=
 =?us-ascii?Q?6aDvzncAdysuDdZE0rMQLb913F69YiJMqsxrP4YX0l8xCxh3gZ8LxBusQ4KM?=
 =?us-ascii?Q?oVmXZjCLQfJiZpIetDV1gPtsNQd8bQ+mrTsf6Xo76Y8oFEj8f5H0GtxCRZwW?=
 =?us-ascii?Q?P2QERuP1RmRDU7CX52c0PeaQpoujf7x2o5aQshACFVCqvEevBWClXk7Zznva?=
 =?us-ascii?Q?ZPhRQKzKTvTZqoEG+RenOcJGgG8qwueRIeAb/aYFbWDl/MTjqjqlgAEYc4uW?=
 =?us-ascii?Q?Q1b36xl4vg9aZ4CdX4jTgr0HHRV9IlKLwjOIVaOJC79KDocbe/VxUwhTnVKc?=
 =?us-ascii?Q?TuaRmXnNJKKtVfISefo9YRGPhd0IraeeD06BdezAJowL73r8xAQeJdbic0w0?=
 =?us-ascii?Q?8tqe5JgSkCIM6BUajYAM8iCNBIT/ZmG0VqVI?=
X-Forefront-Antispam-Report: 
	CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:satlexmb07.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(82310400026)(1800799024)(36860700013)(376014);DIR:OUT;SFP:1101;
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Sep 2025 05:04:44.8087
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 de20d218-9808-460c-2781-08ddfa5eb657
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[satlexmb07.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
	MWH0EPF000971E5.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA0PR12MB8277
Content-Type: text/plain; charset="utf-8"

Secure AVIC provides a hardware-backed, protected virtual APIC for
SNP guests. When this feature is active, KVM cannot directly access
the virtual APIC state and must use software-based interrupt injection
to deliver interrupts to the guest.

Introduce a helper, sev_savic_active(), to detect when a VM has Secure AVIC
enabled based on its VMSA features.

At vCPU creation time, use this helper to set the appropriate APIC flags:
 - guest_apic_protected is set to true, as the APIC state is not visible
   to KVM.
 - prot_apic_intr_inject is set to true to signal that the software
   injection path must be used for interrupt delivery.

This ensures that the core APIC code can correctly identify and handle
Secure AVIC guests.

This is only an initialization commit and actual support for creating
Secure AVIC enabled guests and injecting interrupts will be added in
later commits.

Signed-off-by: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
---
 arch/x86/kvm/svm/svm.c | 5 +++++
 arch/x86/kvm/svm/svm.h | 5 +++++
 2 files changed, 10 insertions(+)

diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index 8a66e2e985a4..064ec98d7e67 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -1300,6 +1300,11 @@ static int svm_vcpu_create(struct kvm_vcpu *vcpu)
 	if (err)
 		goto error_free_vmsa_page;
=20
+	if (sev_savic_active(vcpu->kvm)) {
+		vcpu->arch.apic->guest_apic_protected =3D true;
+		vcpu->arch.apic->prot_apic_intr_inject =3D true;
+	}
+
 	svm->msrpm =3D svm_vcpu_alloc_msrpm();
 	if (!svm->msrpm) {
 		err =3D -ENOMEM;
diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h
index 70df7c6413cf..1090a48adeda 100644
--- a/arch/x86/kvm/svm/svm.h
+++ b/arch/x86/kvm/svm/svm.h
@@ -869,6 +869,10 @@ void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t en=
d);
 int sev_gmem_max_mapping_level(struct kvm *kvm, kvm_pfn_t pfn, bool is_pri=
vate);
 struct vmcb_save_area *sev_decrypt_vmsa(struct kvm_vcpu *vcpu);
 void sev_free_decrypted_vmsa(struct kvm_vcpu *vcpu, struct vmcb_save_area =
*vmsa);
+static inline bool sev_savic_active(struct kvm *kvm)
+{
+	return to_kvm_sev_info(kvm)->vmsa_features & SVM_SEV_FEAT_SECURE_AVIC;
+}
 #else
 static inline struct page *snp_safe_alloc_page_node(int node, gfp_t gfp)
 {
@@ -899,6 +903,7 @@ static inline int sev_gmem_max_mapping_level(struct kvm=
 *kvm, kvm_pfn_t pfn, boo
 {
 	return 0;
 }
+static inline bool sev_savic_active(struct kvm *kvm) { return false; }
=20
 static inline struct vmcb_save_area *sev_decrypt_vmsa(struct kvm_vcpu *vcp=
u)
 {
--=20
2.34.1
From nobody Thu Oct  2 03:27:31 2025
Received: from BL0PR03CU003.outbound.protection.outlook.com
 (mail-eastusazon11012047.outbound.protection.outlook.com [52.101.53.47])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id A7AF478F20;
	Tue, 23 Sep 2025 05:05:05 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=fail smtp.client-ip=52.101.53.47
ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758603907; cv=fail;
 b=Y4Lf9UZ5eRlMhm9SRyrcwIvh3u9aGiPXS6qy5/LZFJj501Vxqms7E0EwjDZXj1KovOsWJc3nfDLpc0dcbSwoXj6s1ag3w/YcpIq/bZnggaXNXz0d7mKnySTs6RAnSaDSjWdOvZfhyo5S2nHRFEREAoyGLfwy74TUe1TS1w/vHSk=
ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758603907; c=relaxed/simple;
	bh=E/5i9KWQV9bboEW/p6Xwpyby4tpa0it6mA9qjvD5oTo=;
	h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version:Content-Type;
 b=i1OhtMp7uSvcDoiR+lYqupfs1AmgXKHMlQJc+fUjm61RZP5+VAjBF01eYemcsyyOlb+NSqZUDZn1ujXxdmrG4drF8HXUAK9JsRLGRhGRUBmyJu5lg9so+wtYVLkeWVKp+sRrNvzZVdVD7iFkRF1MT0MzgblxC7NTF5OuYU0Lhro=
ARC-Authentication-Results: i=2; smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com;
 spf=fail smtp.mailfrom=amd.com;
 dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b=E6Mm559Q; arc=fail smtp.client-ip=52.101.53.47
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=fail smtp.mailfrom=amd.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b="E6Mm559Q"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
 b=b+jRJY6YQ9qOf9FjVLJcKQGeI2rHUCE5NBKFAegqeU0FXLYlYrIlW7hbwzRZTt1Ne/+I7ufsAvsVWaoHhCGAkesJ7lEdA3Gn29xv04v6PGoWddcWQP+8kjJJ+OpMQWED+UGeJIunWBQ10BAopAb1kz+zNBedokxVvtXStbyroYrW9XicY9OQaCwAVbQoQI7t6y1hfrVAtUTreBByNXjkOzVxT7HWcLaPFigcqQVqdRQYaXwwlxYfp50bwTiwtIJ8EnignaJCwxtN+DGUKi2lqeKlfrhfo5T3uo8grUSqNvBDEmM8Vc6pzL1n+hC8JWfJEJXJBTBCgNyqJ+I5xfwtbQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector10001;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=CcX9QMnVXZlDlu+zVlayyyUhx2obSz/LyuuTIwMvbmU=;
 b=JJJl1eKxpmDoaeElR0Z9/WN/XSN+WKX+u315V4/JVfLZC6S35dseFO7Y5o217/We+EcPLEKoXX5ZV18Xcd55HqdNMjWNI5T6SXzvOnesJRKQh+Y2LA8GYi1RIW6bQfbKNXBSBxNl/Q4d4ZzOalV/dsWO+fxcKm5EsZrQAqYrmOP2OkNLSM8Wu7XvTpWwdbcMAf+Nq9BiWAI7hCsMyp90XCmAF5PM/psikmvMLodjH4Z2GEbuIkEkEsRxkXxOqQWY2o/XTQsqMvIQoyyp9m0jAgifB+YbnqbtbEgbFNWanr22ahJyhbthHAOZsjROi3mCZeFD5IzLNvd1gHnoqOYY/Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com;
 dmarc=pass (p=quarantine sp=quarantine pct=100) action=none
 header.from=amd.com; dkim=none (message not signed); arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=CcX9QMnVXZlDlu+zVlayyyUhx2obSz/LyuuTIwMvbmU=;
 b=E6Mm559QF6g0aSO7CLsl5RIKmADCho9sfK11C2eiICfDDesdxWn+xrzA7DVmuV1YlgRUoYCMKAci/Knf4VTt6MgdaieDgiXFKTNCDZ0yTMiO8Z3E/BBqCZLwxCbL2mdZyDiFMQC4ZICxSQ4G9DFezw7ZQVqqbelWe3DrwrONNdQ=
Received: from SJ0PR05CA0183.namprd05.prod.outlook.com (2603:10b6:a03:330::8)
 by PH7PR12MB6540.namprd12.prod.outlook.com (2603:10b6:510:213::14) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9137.19; Tue, 23 Sep
 2025 05:05:00 +0000
Received: from MWH0EPF000971E8.namprd02.prod.outlook.com
 (2603:10b6:a03:330:cafe::d9) by SJ0PR05CA0183.outlook.office365.com
 (2603:10b6:a03:330::8) with Microsoft SMTP Server (version=TLS1_3,
 cipher=TLS_AES_256_GCM_SHA384) id 15.20.9137.19 via Frontend Transport; Tue,
 23 Sep 2025 05:04:59 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17)
 smtp.mailfrom=amd.com; dkim=none (message not signed)
 header.d=none;dmarc=pass action=none header.from=amd.com;
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=satlexmb07.amd.com; pr=C
Received: from satlexmb07.amd.com (165.204.84.17) by
 MWH0EPF000971E8.mail.protection.outlook.com (10.167.243.68) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.9137.12 via Frontend Transport; Tue, 23 Sep 2025 05:04:59 +0000
Received: from BLR-L-NUPADHYA.xilinx.com (10.180.168.240) by
 satlexmb07.amd.com (10.181.42.216) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.2.2562.17; Mon, 22 Sep 2025 22:04:50 -0700
From: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
To: <kvm@vger.kernel.org>, <seanjc@google.com>, <pbonzini@redhat.com>
CC: <linux-kernel@vger.kernel.org>, <Thomas.Lendacky@amd.com>,
	<nikunj@amd.com>, <Santosh.Shukla@amd.com>, <Vasant.Hegde@amd.com>,
	<Suravee.Suthikulpanit@amd.com>, <bp@alien8.de>, <David.Kaplan@amd.com>,
	<huibo.wang@amd.com>, <naveen.rao@amd.com>, <tiala@microsoft.com>
Subject: [RFC PATCH v2 05/17] KVM: SVM: Do not intercept SECURE_AVIC_CONTROL
 MSR for SAVIC guests
Date: Tue, 23 Sep 2025 10:33:05 +0530
Message-ID: <20250923050317.205482-6-Neeraj.Upadhyay@amd.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
References: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-ClientProxiedBy: satlexmb07.amd.com (10.181.42.216) To satlexmb07.amd.com
 (10.181.42.216)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: MWH0EPF000971E8:EE_|PH7PR12MB6540:EE_
X-MS-Office365-Filtering-Correlation-Id: 556b5140-4cc4-46fe-ae37-08ddfa5ebf2e
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: 
	BCL:0;ARA:13230040|376014|36860700013|82310400026|1800799024;
X-Microsoft-Antispam-Message-Info: 
	=?us-ascii?Q?ctzR5RzBuyWlABXAjhGgcgaEYXcnkcr0h4Ls2jQ8LOfwzyHO6UQ8eaOuswwj?=
 =?us-ascii?Q?DWHSe0Tvj+g5d6qs1U+mXJLLad0qRyRXmw4Iv7ANw3PXsiwpQ0aNSyBJXzCj?=
 =?us-ascii?Q?xUuTWrlMGlgMfPJxDC6trphEfep9AAFbirrkWv7eCwm8+0NpICeC5obF8wXy?=
 =?us-ascii?Q?YeRdZkSZU0C8mdQhgJj7q+47cbGafwbO2aSKB+e0/GD/Vq1Mu94NC+wWL9OO?=
 =?us-ascii?Q?7B3iezpjX52h2K5i0WiizfHRNpyfZADZtkErHHUvxytCAjuq8cYYtDlXakIf?=
 =?us-ascii?Q?/qswAlSMkK5e0oEeJQyM76Oe8fFwwSWsHzr0xxMwLGqxGuCjjI9VWfht9hhe?=
 =?us-ascii?Q?OIlYJN5pi02iJYkHIQF9rEFUomyb1bKKE9/JldmsxKwhwNoNdnUoeB1rl1hJ?=
 =?us-ascii?Q?f+OZ51wjoHx0nnaG6LjxYkddDQQ0e3Ergh4uZKvxxmxG0CnsatWC7z/Dn21Q?=
 =?us-ascii?Q?NrTZrZrR3lfcHKPRIIU5jTA9+C60AxHu1InDgRKmurWoCXWp51gUJPU7wwt3?=
 =?us-ascii?Q?W6UkFTN1sWInVFTe4c2TqXlVH8w16/Yt1EkYPN7GM6sl5TmokOIFskdY4gWO?=
 =?us-ascii?Q?ftsPcTwTqw9nZb1NAQE6YIIVvvBNHBAo+nabk00/6SekJLnY06sH3xDcvXJ7?=
 =?us-ascii?Q?AF/I1rq6mxW/Kj/bltyzF1E9OD6NlsL0bzlUYDubEqnF8VqwPShNuU0tB85j?=
 =?us-ascii?Q?w1eseW14LXY4z+3IqVPcWthgzykHwkOz3ZqdAEnfXzGJ4WvPTVx63FxPHBJF?=
 =?us-ascii?Q?rR/+by2LkDINwLMOU+K7akqEg+4xBAX3T8VJBmkp5jJqLbfKDtNnZc/FpJdh?=
 =?us-ascii?Q?36sf3qLIYqX4iXT2fCKiUIaw0Jg69JVA6Er3N37LaREeffKfM/qroazDXnWS?=
 =?us-ascii?Q?PchPDC+73r7MpaFW9m4Ju46kPAZTnT+dj8UhxTpWKP4pUMdF5WRSnNqsZGqI?=
 =?us-ascii?Q?DWA2f9VmLEFZhjmjVW8KJukAdnBkVm8QZWoB/jpNBQ/MioFCVIMJr+1cU1o0?=
 =?us-ascii?Q?7ywNivXHGomoTFRfsV1OEba8Z/FtEAqAENvxX5uWs/XyMVQhdpqAe4QMJR1e?=
 =?us-ascii?Q?fR+ll3d1r2yT6iBh4PcJeCMtfGQgd56c2xzyNELACc0QmjEUQ+/LhvIx10vK?=
 =?us-ascii?Q?/MOQbYU7Fna1qE6dB0e69VkkEX9c6AdqXC+R7nz1PK/ItC4ltszyBz/7F+RC?=
 =?us-ascii?Q?HuJny6fsRVO1h4iQF85H/k6e5H0ilOJ0eIJJlyoXkWnhdXZyxS6W+HQwoJI7?=
 =?us-ascii?Q?btbiu7Ui72tRfM2rinWJKZvWPhTOGHVRUKPtsHue32YpBZzce7uDrLYK2TAT?=
 =?us-ascii?Q?G9cvnU45I5IZkuP+NJlSP1JJVy/UWRaPEfl3yS0JeRXMEzsuYCEB/Dd8J+5m?=
 =?us-ascii?Q?hdNRkWLON1PFU3SXXbnmTLoC2fAS8HCGtW4q7oruWltOlOhspTQRZnJNka+X?=
 =?us-ascii?Q?vXGCVYTLYho4n3237NdzRWpVxf6Z7nqrByC8Xr/7qcwyh3KrBnxIUhu2K3A/?=
 =?us-ascii?Q?oJCKFaXAs1tV4aHD87hFTcgn/Y5viryjI8df?=
X-Forefront-Antispam-Report: 
	CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:satlexmb07.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(376014)(36860700013)(82310400026)(1800799024);DIR:OUT;SFP:1101;
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Sep 2025 05:04:59.6418
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 556b5140-4cc4-46fe-ae37-08ddfa5ebf2e
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[satlexmb07.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
	MWH0EPF000971E8.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB6540
Content-Type: text/plain; charset="utf-8"

Disable interception for SECURE_AVIC_CONTROL MSR for Secure AVIC
enabled guests. The SECURE_AVIC_CONTROL MSR holds the GPA of the
guest APIC backing page and bitfields to control enablement of Secure
AVIC and whether the guest allows NMIs to be injected by the hypervisor.
This MSR is populated by the guest and can be read by the guest to get
the GPA of the APIC backing page. The MSR can only be accessed in Secure
AVIC mode; accessing it when not in Secure AVIC mode results in #GP. So,
KVM should not intercept it.

Co-developed-by: Kishon Vijay Abraham I <kvijayab@amd.com>
Signed-off-by: Kishon Vijay Abraham I <kvijayab@amd.com>
Signed-off-by: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
---
 arch/x86/include/asm/msr-index.h | 1 +
 arch/x86/kvm/svm/sev.c           | 6 +++++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-in=
dex.h
index b65c3ba5fa14..9f16030dd849 100644
--- a/arch/x86/include/asm/msr-index.h
+++ b/arch/x86/include/asm/msr-index.h
@@ -707,6 +707,7 @@
 #define MSR_AMD64_SEG_RMP_ENABLED_BIT	0
 #define MSR_AMD64_SEG_RMP_ENABLED	BIT_ULL(MSR_AMD64_SEG_RMP_ENABLED_BIT)
 #define MSR_AMD64_RMP_SEGMENT_SHIFT(x)	(((x) & GENMASK_ULL(13, 8)) >> 8)
+#define MSR_AMD64_SAVIC_CONTROL		0xc0010138
=20
 #define MSR_SVSM_CAA			0xc001f000
=20
diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index b2eae102681c..afe4127a1918 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -4487,7 +4487,8 @@ void sev_vcpu_after_set_cpuid(struct vcpu_svm *svm)
=20
 static void sev_es_init_vmcb(struct vcpu_svm *svm)
 {
-	struct kvm_sev_info *sev =3D to_kvm_sev_info(svm->vcpu.kvm);
+	struct kvm_vcpu *vcpu =3D &svm->vcpu;
+	struct kvm_sev_info *sev =3D to_kvm_sev_info(vcpu->kvm);
 	struct vmcb *vmcb =3D svm->vmcb01.ptr;
=20
 	svm->vmcb->control.nested_ctl |=3D SVM_NESTED_CTL_SEV_ES_ENABLE;
@@ -4546,6 +4547,9 @@ static void sev_es_init_vmcb(struct vcpu_svm *svm)
=20
 	/* Can't intercept XSETBV, HV can't modify XCR0 directly */
 	svm_clr_intercept(svm, INTERCEPT_XSETBV);
+
+	if (sev_savic_active(vcpu->kvm))
+		svm_set_intercept_for_msr(vcpu, MSR_AMD64_SAVIC_CONTROL, MSR_TYPE_RW, fa=
lse);
 }
=20
 void sev_init_vmcb(struct vcpu_svm *svm)
--=20
2.34.1
From nobody Thu Oct  2 03:27:31 2025
Received: from PH8PR06CU001.outbound.protection.outlook.com
 (mail-westus3azon11012020.outbound.protection.outlook.com [40.107.209.20])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 421B630EF63;
	Tue, 23 Sep 2025 05:05:20 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=fail smtp.client-ip=40.107.209.20
ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758603922; cv=fail;
 b=rF8mjyOP9Q9XoTDR4U5pst/M3kJZJBmHETDu0V/8RYM2x+GeYMw93hFD1kQxrBM8Q2ImUzzJhMamGNHQkio91iXuCJ+O1DHGHVi7yirPEtIXCOW9A9v5pz/gFLhTFumqyfV0DAUOLocRar4ebT/O2re2SfgF//nGt5ZFUU2RCnw=
ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758603922; c=relaxed/simple;
	bh=HYIgTTA4BACWGyJSb9Kh+LMOeJWmKJnfVtmJQLuUTGs=;
	h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version:Content-Type;
 b=tumEzPCVOzn71ljVaYduDgRuWeIkAR6CYHqtACLQs9EB60ZPHoqo0nai80IPDt0AhyEz4OW0A5zfP/sM4DFYjy38NvoI3Ac32rL0n52KDFGI86clI89q4fZ6b5yaTZhW1V8z7Rh/+z0iqAEIN4wAugIcBWst7DnJezqfQVFV7iU=
ARC-Authentication-Results: i=2; smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com;
 spf=fail smtp.mailfrom=amd.com;
 dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b=U+ybh55x; arc=fail smtp.client-ip=40.107.209.20
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=fail smtp.mailfrom=amd.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b="U+ybh55x"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
 b=mjMWmcrsxfJtZgAWZlYV5fpt9N2kHJ9Jt1HxvYvcwS3jvuZy92DkfAjVDibQdHk388Elejnzt/wOpVTYIYcN9bp/odT2rUBfrTUHxiZ2pYbu7/RnMa1AJA66rA9ykociWSpvU2kmuK6adFHhu4H8jmqSQboAYokxQU8U0+T9aQO98C8cRmvwMD+I9PetAl7z4V8WtIjP595i5Q2mMb0b7VaIgEmC43O28geI8PrSKUvyR2u86M2MfN/pDVnmlIw3iHCnbNfPVicvyH01S6VM9JrZ+oRyn/6drinoptw8rVgkfJFhqpk4xe6rD2ecQTZ+Yf47+L7i42qy2R7npyApRw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector10001;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=s9zO9Xo2vRxy5ZqCH//0hlVkRms/SUPx5dkjCCuLEzA=;
 b=eqBFM8Ywwy50ydUWLSrDiqoZ8rUIqjqFNrXQNmt9pIJcjSWPZ6+FZxkYL/TRe4ODT3VIS95H0+Lj5QFa4PLc74urqWaynD6sv+87ZjDhzpq1PTnbhdPGEW8idTYMRiG3zDLI/V66v9GaSbHMQIoKHwbXmhn+q5lUQtZB5WtGmKTe+d806qq6/DLQJPbHgkOwQ00PUtnQfuTqmGcEsJp87SfU+NUkbpxZkl1YEZkxrfN3ypw+ZK3VMp1rIiPDzwqiABi8YcdqRlaYjxxlknQMH9YQuMD18io1dUaLgyBwo1Euv/oIOYANxFHSRwii8X/dJmYcNGCW+g3ycd+eYGCnJQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com;
 dmarc=pass (p=quarantine sp=quarantine pct=100) action=none
 header.from=amd.com; dkim=none (message not signed); arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=s9zO9Xo2vRxy5ZqCH//0hlVkRms/SUPx5dkjCCuLEzA=;
 b=U+ybh55xAMRZCUk7pE0Q22YFL4wzMRFYA1MWFFBPpn31bLS2t+6I5spwsvy6geAcOUY/qCsX5epH30hER1veRn2Iibn/09liFzu1GZMBvepIafTGY5Du82WWYob27a0PHm4STiXkU8aivSKPB5iyn/5m8i+De+fpY8OHr1f8ClU=
Received: from SJ0PR03CA0011.namprd03.prod.outlook.com (2603:10b6:a03:33a::16)
 by BY5PR12MB4081.namprd12.prod.outlook.com (2603:10b6:a03:20e::21) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9137.19; Tue, 23 Sep
 2025 05:05:16 +0000
Received: from MWH0EPF000971E5.namprd02.prod.outlook.com
 (2603:10b6:a03:33a:cafe::69) by SJ0PR03CA0011.outlook.office365.com
 (2603:10b6:a03:33a::16) with Microsoft SMTP Server (version=TLS1_3,
 cipher=TLS_AES_256_GCM_SHA384) id 15.20.9137.20 via Frontend Transport; Tue,
 23 Sep 2025 05:05:15 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17)
 smtp.mailfrom=amd.com; dkim=none (message not signed)
 header.d=none;dmarc=pass action=none header.from=amd.com;
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=satlexmb07.amd.com; pr=C
Received: from satlexmb07.amd.com (165.204.84.17) by
 MWH0EPF000971E5.mail.protection.outlook.com (10.167.243.73) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.9137.12 via Frontend Transport; Tue, 23 Sep 2025 05:05:15 +0000
Received: from BLR-L-NUPADHYA.xilinx.com (10.180.168.240) by
 satlexmb07.amd.com (10.181.42.216) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.2.2562.17; Mon, 22 Sep 2025 22:05:07 -0700
From: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
To: <kvm@vger.kernel.org>, <seanjc@google.com>, <pbonzini@redhat.com>
CC: <linux-kernel@vger.kernel.org>, <Thomas.Lendacky@amd.com>,
	<nikunj@amd.com>, <Santosh.Shukla@amd.com>, <Vasant.Hegde@amd.com>,
	<Suravee.Suthikulpanit@amd.com>, <bp@alien8.de>, <David.Kaplan@amd.com>,
	<huibo.wang@amd.com>, <naveen.rao@amd.com>, <tiala@microsoft.com>
Subject: [RFC PATCH v2 06/17] KVM: SVM: Implement interrupt injection for
 Secure AVIC
Date: Tue, 23 Sep 2025 10:33:06 +0530
Message-ID: <20250923050317.205482-7-Neeraj.Upadhyay@amd.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
References: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-ClientProxiedBy: satlexmb07.amd.com (10.181.42.216) To satlexmb07.amd.com
 (10.181.42.216)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: MWH0EPF000971E5:EE_|BY5PR12MB4081:EE_
X-MS-Office365-Filtering-Correlation-Id: 489abcfd-5460-4d0e-6452-08ddfa5ec8c1
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: 
	BCL:0;ARA:13230040|1800799024|376014|36860700013|82310400026;
X-Microsoft-Antispam-Message-Info: 
	=?us-ascii?Q?HLO2RxtjoSYlwUrysOnEFin/Y75UAiyaldmfsxIdVZZ+U6ZTgLh2g3vuTKFI?=
 =?us-ascii?Q?GC3uuVpGXTGiOb3lsJKzblZAZ2sIYcLTU2cJS8Fcq8uDUVkQ0kOTVPsjcpFt?=
 =?us-ascii?Q?nISnAnycxWEehir+dGvyftQdMbX8WScF2+XpeFV8zWIE1VkB0T+E32vSPxlM?=
 =?us-ascii?Q?2uou4wG3c3+jz2sjZczsPvGyQZWBVNEOBrnhxkHQ2bbZGKV44WD7Y8EXYx8R?=
 =?us-ascii?Q?umBmencgcK7Wz9vGb1p42v2UssThUqTALXHuXh1JHjH7g2aKSh60Zqwj7hst?=
 =?us-ascii?Q?1QwYqtnKab1fNRiO7bKoXlgLJg1XkfBFHS1axjKtj6isd9uv9gc/ys3ynSsc?=
 =?us-ascii?Q?9wkZDOePZyW6infD0b7u5YWKyy409E2xcpXxQiPatlIOzMVRJlYy4w4fZDwC?=
 =?us-ascii?Q?XVBwg1o3ZdFTCEIWGY9DZ8eU4qt5FiErln9He/xL7aCJ1B5PpCIhamFyfPd1?=
 =?us-ascii?Q?g3OzTdLOvHV6fHGpwVu5m2h1ghAsl7G0/N6UGV2nGCvT9CIyCXukc8qFSvyY?=
 =?us-ascii?Q?OCfVNgL4LV64Ni7VqGV67QnfOXPraP8u85g722R/bjiJnCheosjto62VSVNN?=
 =?us-ascii?Q?LEk7mn7rQlEIQcgDrhw/I0s24fjlWVptswxKY3Swom/ufHThPrI0A3uwIFFA?=
 =?us-ascii?Q?Wl4q1GWi+LL1vSEHDs6fo2taeym9KTGdG+dMXcA0/nm5N1F0uOCo1Qf0HVpm?=
 =?us-ascii?Q?uQN5qCyiN03MoomCMPopiRsYklodnzUPQ3pURaLjFwf8WpoYpqWhuBfi6uSm?=
 =?us-ascii?Q?sttZmeXYX5hDe9MFsv0JFgyYVJGxIyqFkWL7m1DNYOhTX4t1D3Mm2grqzAGk?=
 =?us-ascii?Q?cwuZ74/VsOc8QBD8EJCegsF+FnnigRnn2Vr6kLtEepkS8tGxMREUImsaxCIG?=
 =?us-ascii?Q?vIQteW/eFZkfaJ9YIJvurne4VM5BGwS3kLCYm+tx3hjZwfcpAVv5QqI/akI1?=
 =?us-ascii?Q?2erJcRVdMQrKwm0dESl38VXwJj33bqR4fnaaQ13u+LzNDR2dYAYQS0ktByEL?=
 =?us-ascii?Q?kyqB+xJQYD8jVLs/un4V8QVzHsfLDLmAyj30oimktQ5HdFKuWu6D9tpTm1bQ?=
 =?us-ascii?Q?pUF3GJexBbWCfKLAE0Pb3xJy8hTtTtwRd+WkvgJXqaA1KMY0kMzKh4l8u1yL?=
 =?us-ascii?Q?W9AzFJPAw71NX4oGROVksqzIT7jPbkA6TCdhm23/mQQKjPg92QAMwn0sSZzS?=
 =?us-ascii?Q?RaQt4LENia9cU/w4Hh/ZupRV7tL6znRVea5ljMqpihOdWQaBl8TEwEuTD2H2?=
 =?us-ascii?Q?4zyYZRWKcshwM0NERFOxjqTVv4IvU106roNn0VhZ6BZbPKwrUvdnpRoraJ8a?=
 =?us-ascii?Q?EdrLcTqukE5kD4fo8ugDLKWUuEnbVdq+T4oOZ96Jeqw7T2xr1f9J4SlrfdJQ?=
 =?us-ascii?Q?bK39yQw6FcX9aGwrJdKY2TrCgkoKX5QSoyiE/2fOyn7i4eTBESog8/KiIHLq?=
 =?us-ascii?Q?iEVHbnZ+EEqTWp5Aa8Uo0CDm3Uh5bwUbQ73mOWpexRz9LVPQw61b2MtdqlQI?=
 =?us-ascii?Q?6FwiRBAjED4NMXbi5Jzzobe4JxCkM+m/Zoyl?=
X-Forefront-Antispam-Report: 
	CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:satlexmb07.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(1800799024)(376014)(36860700013)(82310400026);DIR:OUT;SFP:1101;
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Sep 2025 05:05:15.7252
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 489abcfd-5460-4d0e-6452-08ddfa5ec8c1
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[satlexmb07.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
	MWH0EPF000971E5.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR12MB4081
Content-Type: text/plain; charset="utf-8"

For AMD SEV-SNP guests with Secure AVIC, the virtual APIC state is
not visible to KVM and managed by the hardware. This renders the
traditional interrupt injection mechanism, which directly modifies
guest state, unusable. Instead, interrupt delivery must be mediated
through a new interface in the VMCB. Implement support for this
mechanism.

First, new VMCB control fields, requested_irr and update_irr, are
defined to allow KVM to communicate pending interrupts to the hardware
before VMRUN.

Hook the core interrupt injection path, svm_inject_irq(). Instead of
injecting directly, transfer pending interrupts from KVM's software
IRR to the new requested_irr VMCB field and delegate final delivery
to the hardware.

Since the hardware is now responsible for the timing and delivery of
interrupts to the guest (including managing the guest's RFLAGS.IF and
vAPIC state), bypass the standard KVM interrupt window checks in
svm_interrupt_allowed() and svm_enable_irq_window(). Similarly, interrupt
re-injection is handled by the hardware and requires no explicit KVM
involvement.

Finally, update the logic for detecting pending interrupts. Add the
vendor op, protected_apic_has_interrupt(), to check only KVM's software
vAPIC IRR state.

Co-developed-by: Kishon Vijay Abraham I <kvijayab@amd.com>
Signed-off-by: Kishon Vijay Abraham I <kvijayab@amd.com>
Signed-off-by: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
---
 arch/x86/include/asm/svm.h |  8 +++++--
 arch/x86/kvm/lapic.c       | 17 ++++++++++++---
 arch/x86/kvm/svm/sev.c     | 44 ++++++++++++++++++++++++++++++++++++++
 arch/x86/kvm/svm/svm.c     | 13 +++++++++++
 arch/x86/kvm/svm/svm.h     |  4 ++++
 arch/x86/kvm/x86.c         | 15 ++++++++++++-
 6 files changed, 95 insertions(+), 6 deletions(-)

diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h
index ab3d55654c77..0faf262f9f9f 100644
--- a/arch/x86/include/asm/svm.h
+++ b/arch/x86/include/asm/svm.h
@@ -162,10 +162,14 @@ struct __attribute__ ((__packed__)) vmcb_control_area=
 {
 	u64 vmsa_pa;		/* Used for an SEV-ES guest */
 	u8 reserved_8[16];
 	u16 bus_lock_counter;		/* Offset 0x120 */
-	u8 reserved_9[22];
+	u8 reserved_9[18];
+	u8 update_irr;			/* Offset 0x134 */
+	u8 reserved_10[3];
 	u64 allowed_sev_features;	/* Offset 0x138 */
 	u64 guest_sev_features;		/* Offset 0x140 */
-	u8 reserved_10[664];
+	u8 reserved_11[8];
+	u32 requested_irr[8];		/* Offset 0x150 */
+	u8 reserved_12[624];
 	/*
 	 * Offset 0x3e0, 32 bytes reserved
 	 * for use by hypervisor/software.
diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c
index 5fc437341e03..3199c7c6db05 100644
--- a/arch/x86/kvm/lapic.c
+++ b/arch/x86/kvm/lapic.c
@@ -2938,11 +2938,22 @@ int kvm_apic_has_interrupt(struct kvm_vcpu *vcpu)
 	if (!kvm_apic_present(vcpu))
 		return -1;
=20
-	if (apic->guest_apic_protected)
+	if (!apic->guest_apic_protected) {
+		__apic_update_ppr(apic, &ppr);
+		return apic_has_interrupt_for_ppr(apic, ppr);
+	}
+
+	if (!apic->prot_apic_intr_inject)
 		return -1;
=20
-	__apic_update_ppr(apic, &ppr);
-	return apic_has_interrupt_for_ppr(apic, ppr);
+	/*
+	 * For guest-protected virtual APIC, hardware manages the virtual
+	 * PPR and interrupt delivery to the guest. So, checking the KVM
+	 * managed virtual APIC's APIC_IRR state for any pending vectors
+	 * is the only thing required here.
+	 */
+	return apic_search_irr(apic);
+
 }
 EXPORT_SYMBOL_GPL(kvm_apic_has_interrupt);
=20
diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index afe4127a1918..78cefc14a2ee 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -28,6 +28,7 @@
 #include <asm/debugreg.h>
 #include <asm/msr.h>
 #include <asm/sev.h>
+#include <asm/apic.h>
=20
 #include "mmu.h"
 #include "x86.h"
@@ -35,6 +36,7 @@
 #include "svm_ops.h"
 #include "cpuid.h"
 #include "trace.h"
+#include "lapic.h"
=20
 #define GHCB_VERSION_MAX	2ULL
 #define GHCB_VERSION_DEFAULT	2ULL
@@ -5064,3 +5066,45 @@ void sev_free_decrypted_vmsa(struct kvm_vcpu *vcpu, =
struct vmcb_save_area *vmsa)
=20
 	free_page((unsigned long)vmsa);
 }
+
+void sev_savic_set_requested_irr(struct vcpu_svm *svm, bool reinjected)
+{
+	unsigned int i, vec, vec_pos, vec_start;
+	struct kvm_lapic *apic;
+	bool has_interrupts;
+	u32 val;
+
+	/* Secure AVIC HW takes care of re-injection */
+	if (reinjected)
+		return;
+
+	apic =3D svm->vcpu.arch.apic;
+	has_interrupts =3D false;
+
+	for (i =3D 0; i < ARRAY_SIZE(svm->vmcb->control.requested_irr); i++) {
+		val =3D apic_get_reg(apic->regs, APIC_IRR + i * 0x10);
+		if (!val)
+			continue;
+		has_interrupts =3D true;
+		svm->vmcb->control.requested_irr[i] |=3D val;
+		vec_start =3D i * 32;
+		/*
+		 * Clear each vector one by one to avoid race with concurrent
+		 * APIC_IRR updates from the deliver_interrupt() path.
+		 */
+		do {
+			vec_pos =3D __ffs(val);
+			vec =3D vec_start + vec_pos;
+			apic_clear_vector(vec, apic->regs + APIC_IRR);
+			val =3D val & ~BIT(vec_pos);
+		} while (val);
+	}
+
+	if (has_interrupts)
+		svm->vmcb->control.update_irr |=3D BIT(0);
+}
+
+bool sev_savic_has_pending_interrupt(struct kvm_vcpu *vcpu)
+{
+	return kvm_apic_has_interrupt(vcpu) !=3D -1;
+}
diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index 064ec98d7e67..7811a87bc111 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -52,6 +52,8 @@
 #include "svm.h"
 #include "svm_ops.h"
=20
+#include "lapic.h"
+
 #include "kvm_onhyperv.h"
 #include "svm_onhyperv.h"
=20
@@ -3689,6 +3691,9 @@ static void svm_inject_irq(struct kvm_vcpu *vcpu, boo=
l reinjected)
 	struct vcpu_svm *svm =3D to_svm(vcpu);
 	u32 type;
=20
+	if (sev_savic_active(vcpu->kvm))
+		return sev_savic_set_requested_irr(svm, reinjected);
+
 	if (vcpu->arch.interrupt.soft) {
 		if (svm_update_soft_interrupt_rip(vcpu))
 			return;
@@ -3870,6 +3875,9 @@ static int svm_interrupt_allowed(struct kvm_vcpu *vcp=
u, bool for_injection)
 {
 	struct vcpu_svm *svm =3D to_svm(vcpu);
=20
+	if (sev_savic_active(vcpu->kvm))
+		return 1;
+
 	if (svm->nested.nested_run_pending)
 		return -EBUSY;
=20
@@ -3890,6 +3898,9 @@ static void svm_enable_irq_window(struct kvm_vcpu *vc=
pu)
 {
 	struct vcpu_svm *svm =3D to_svm(vcpu);
=20
+	if (sev_savic_active(vcpu->kvm))
+		return;
+
 	/*
 	 * In case GIF=3D0 we can't rely on the CPU to tell us when GIF becomes
 	 * 1, because that's a separate STGI/VMRUN intercept.  The next time we
@@ -5132,6 +5143,8 @@ static struct kvm_x86_ops svm_x86_ops __initdata =3D {
 	.apicv_post_state_restore =3D avic_apicv_post_state_restore,
 	.required_apicv_inhibits =3D AVIC_REQUIRED_APICV_INHIBITS,
=20
+	.protected_apic_has_interrupt =3D sev_savic_has_pending_interrupt,
+
 	.get_exit_info =3D svm_get_exit_info,
 	.get_entry_info =3D svm_get_entry_info,
=20
diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h
index 1090a48adeda..60dc424d62c4 100644
--- a/arch/x86/kvm/svm/svm.h
+++ b/arch/x86/kvm/svm/svm.h
@@ -873,6 +873,8 @@ static inline bool sev_savic_active(struct kvm *kvm)
 {
 	return to_kvm_sev_info(kvm)->vmsa_features & SVM_SEV_FEAT_SECURE_AVIC;
 }
+void sev_savic_set_requested_irr(struct vcpu_svm *svm, bool reinjected);
+bool sev_savic_has_pending_interrupt(struct kvm_vcpu *vcpu);
 #else
 static inline struct page *snp_safe_alloc_page_node(int node, gfp_t gfp)
 {
@@ -910,6 +912,8 @@ static inline struct vmcb_save_area *sev_decrypt_vmsa(s=
truct kvm_vcpu *vcpu)
 	return NULL;
 }
 static inline void sev_free_decrypted_vmsa(struct kvm_vcpu *vcpu, struct v=
mcb_save_area *vmsa) {}
+static inline void sev_savic_set_requested_irr(struct vcpu_svm *svm, bool =
reinjected) {}
+static inline bool sev_savic_has_pending_interrupt(struct kvm_vcpu *vcpu) =
{ return false; }
 #endif
=20
 /* vmenter.S */
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 33fba801b205..65ebdc6deb92 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -10369,7 +10369,20 @@ static int kvm_check_and_inject_events(struct kvm_=
vcpu *vcpu,
 		if (r < 0)
 			goto out;
 		if (r) {
-			int irq =3D kvm_cpu_get_interrupt(vcpu);
+			int irq;
+
+			/*
+			 * Do not ack the interrupt here for guest-protected VAPIC
+			 * which requires interrupt injection to the guest.
+			 *
+			 * ->inject_irq reads the KVM's VAPIC's APIC_IRR state and
+			 * clears it.
+			 */
+			if (vcpu->arch.apic->guest_apic_protected &&
+			    vcpu->arch.apic->prot_apic_intr_inject)
+				irq =3D kvm_apic_has_interrupt(vcpu);
+			else
+				irq =3D kvm_cpu_get_interrupt(vcpu);
=20
 			if (!WARN_ON_ONCE(irq =3D=3D -1)) {
 				kvm_queue_interrupt(vcpu, irq, false);
--=20
2.34.1
From nobody Thu Oct  2 03:27:31 2025
Received: from BN8PR05CU002.outbound.protection.outlook.com
 (mail-eastus2azon11011057.outbound.protection.outlook.com [52.101.57.57])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 67D0B26E16F;
	Tue, 23 Sep 2025 05:05:33 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=fail smtp.client-ip=52.101.57.57
ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758603935; cv=fail;
 b=eAX3Cq8srk3L7h/xKT3TD8zabLOhXYA+FK11LdBLWWbQyts3YeL1QxoMJUsoDdEQp81/ICCNyKa/Z1QGwo9xgm1H8w6ImpDTJoj8S2jo8mp6BYF4lLCC4KBEk1PXiByLwkjWqriCOYpr73Gc8INTjUOReZPlgouKr4hcdOU4FSc=
ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758603935; c=relaxed/simple;
	bh=HKODIZar39zCpkFbNMNjlDmxs8AKCTHmjogrSvfGx0M=;
	h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version:Content-Type;
 b=MkeohMD3WMaO82lev5J/N4BwrjDaV4C5TNYVSI0lIcAPvPffGG4iceq+1kPQ0beR44qr5RKEvxxmnmsZXVQUeGQE6mTlxPJCZvoVt3rhCzUnH3OHVTLfRc2R1COTcDMZJf8ro1HMyBKq37YpjWZ9cYCnbvRdTQhcRKUBSKXsDUc=
ARC-Authentication-Results: i=2; smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com;
 spf=fail smtp.mailfrom=amd.com;
 dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b=2AX6Zvhi; arc=fail smtp.client-ip=52.101.57.57
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=fail smtp.mailfrom=amd.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b="2AX6Zvhi"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
 b=vn12yZXrJFQGF1VvEzk4JSdDFFDm/AM9BhmfNgfBdwWoNSIWKySCcrfscL32pbt8sprftT900+4v8AQeKt+Ok2TA5Fc2r85kVRIK75xEdWiVQ7iWjwWgvxPJXIkE6qse8QGcUvOkJQ2ht8E2gYusI/A2Rv2bH0eTlD3Y3TUonTw26PZq+Iu5CWyzLTSYeLZBdkZpi+TzhP5PABPdW/HIsSF/8g8XKhS+WaGRuGvTwhOi/jURkmBcBapaaz7qLft+OfWO+2qjDufVtAM8jhDwL0lejH2Z6mEISRNPe9M4U/slwmds/qI3WAuzabaq9bHFLQqCpN/LkpUzYdIfJSYCdQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector10001;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=NCE73AGCuOXtXxSCOnqEwE9MT3d/notlrPsBIm75ryY=;
 b=AZ028MJbmRR/hoEDhoIVnzcuCD4IFNnrzuxC1j1CEbqDZRvEQLt5u+2WX1C7kN4hr7QGV5WkY93/eGbHIBcvuOBkQar9tVHpt1OomZNWWJ6d5/KRMdngeM/fOsNFWdMJPbNcCNuRkqT9iTdW1q5XM+hn1fhOVOOEyJO+hGC2dymxfxevuWUzKLfbs6upZgy6K4JYYGnwbMTPu8W3eKgKIiTsvuJsBQ6XkiB5lE3mPtDfPJX90FaE82eGUlaeJX3I6KV2mfaJayhCspvQy8yvf7Mwor/CBnHM2fbaoBs1PQCJb5zDfg7poSmQ+pXj7Xi25ri1WQ+fWUXDlI71pETDCQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com;
 dmarc=pass (p=quarantine sp=quarantine pct=100) action=none
 header.from=amd.com; dkim=none (message not signed); arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=NCE73AGCuOXtXxSCOnqEwE9MT3d/notlrPsBIm75ryY=;
 b=2AX6Zvhitj57//VM0oEFLcy7GMnc8AlGp2lWRBDT0OJ7i2eBvydGVFCtzA4CvoR9IGM8j5xPeB1GLqsyyV/PgxSyz5KS0wvCjAje6o4uy+4BdUY7DkzJoh2PZ7MFrRc9SDmxAoHNTUKZ5uLmDH0uWd2GiEKVGZwog8Epz0nvS2Q=
Received: from SJ2PR07CA0016.namprd07.prod.outlook.com (2603:10b6:a03:505::16)
 by CH3PR12MB7761.namprd12.prod.outlook.com (2603:10b6:610:153::7) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9137.19; Tue, 23 Sep
 2025 05:05:30 +0000
Received: from SJ5PEPF000001D6.namprd05.prod.outlook.com
 (2603:10b6:a03:505:cafe::47) by SJ2PR07CA0016.outlook.office365.com
 (2603:10b6:a03:505::16) with Microsoft SMTP Server (version=TLS1_3,
 cipher=TLS_AES_256_GCM_SHA384) id 15.20.9137.21 via Frontend Transport; Tue,
 23 Sep 2025 05:05:30 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17)
 smtp.mailfrom=amd.com; dkim=none (message not signed)
 header.d=none;dmarc=pass action=none header.from=amd.com;
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=satlexmb07.amd.com; pr=C
Received: from satlexmb07.amd.com (165.204.84.17) by
 SJ5PEPF000001D6.mail.protection.outlook.com (10.167.242.58) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.9137.12 via Frontend Transport; Tue, 23 Sep 2025 05:05:29 +0000
Received: from BLR-L-NUPADHYA.xilinx.com (10.180.168.240) by
 satlexmb07.amd.com (10.181.42.216) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.2.2562.17; Mon, 22 Sep 2025 22:05:24 -0700
From: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
To: <kvm@vger.kernel.org>, <seanjc@google.com>, <pbonzini@redhat.com>
CC: <linux-kernel@vger.kernel.org>, <Thomas.Lendacky@amd.com>,
	<nikunj@amd.com>, <Santosh.Shukla@amd.com>, <Vasant.Hegde@amd.com>,
	<Suravee.Suthikulpanit@amd.com>, <bp@alien8.de>, <David.Kaplan@amd.com>,
	<huibo.wang@amd.com>, <naveen.rao@amd.com>, <tiala@microsoft.com>
Subject: [RFC PATCH v2 07/17] KVM: SVM: Add IPI Delivery Support for Secure
 AVIC
Date: Tue, 23 Sep 2025 10:33:07 +0530
Message-ID: <20250923050317.205482-8-Neeraj.Upadhyay@amd.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
References: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-ClientProxiedBy: satlexmb07.amd.com (10.181.42.216) To satlexmb07.amd.com
 (10.181.42.216)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: SJ5PEPF000001D6:EE_|CH3PR12MB7761:EE_
X-MS-Office365-Filtering-Correlation-Id: 07590adb-0de4-4c39-629e-08ddfa5ed113
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: 
	BCL:0;ARA:13230040|1800799024|376014|82310400026|36860700013;
X-Microsoft-Antispam-Message-Info: 
	=?us-ascii?Q?yGLwAcRitRK8n9+FMPfnTAVEso8awVgRgLC4eYaRi4VTLP118oZHAXOmfFSs?=
 =?us-ascii?Q?luTflWWwckeeEfNaTbkhKkocm/zn9L0PlByCDpm1aeRXS09cGjJd1EFhSNLA?=
 =?us-ascii?Q?kyUC2oYcAaECHZd8zMLlREbZ6HfoeUlMtZZGTFe9JPjguJQAGuJa7PUWFqEv?=
 =?us-ascii?Q?sujd2PJi8HiQu/txa2i0SBDl/mQcqtYGRyFq+iFmcFJGpOQtfh+DOLfOM4BG?=
 =?us-ascii?Q?6nNISg2bVF88hBcbkd36bjMc55dHpjZ/l3qGplsAhKijQm9kaQEzV8KD0TGn?=
 =?us-ascii?Q?jbM4gMx3NYkNpayKyd2yT6Nj/z66doif9gh8PicLwBGGGtwp8acJuLXZgnRy?=
 =?us-ascii?Q?PPkpbgHFv92RTW/ISy9FLbq73di6UBKXsv939LvWEnQTAUggh3X5CpBLk/3Z?=
 =?us-ascii?Q?MXAfcidl+phKdw7ZXtwjljE+O6uiloNFwyufsPXL/CeRYuzziPluoXrHZ0wr?=
 =?us-ascii?Q?Gj6HscT9SwQKY0AsCdQB5LA/cIKobTS8UByoieYy1SZwbg/o66EgXnhtnNWA?=
 =?us-ascii?Q?65jpI7rXvabEPHdYypqwdCU6yUFSxFMMRAqw4nywdK+33PNaKo/nue9up8qJ?=
 =?us-ascii?Q?C3m8qaZyvqLWmGFvRnRsS91G/zCAHmiP6v9Jc9iE0Jugm2F3Rc54vRTcQ9V/?=
 =?us-ascii?Q?42qRX9wkx/N2k8aH3JnqTsU47NdVsyY5IDeA2RZ+/1LjKeaXZg6FPpO+CWI3?=
 =?us-ascii?Q?BXT2Xz1edlVYxm65fWsArtlJRhpFVDokjHVyQHVSthmyWwDa1CeQ6rXiYGEY?=
 =?us-ascii?Q?8CrTe8y7EhMBsed2OCVdJ8mCNUpYCJDn8aChej9dqbc91sxwuNkYDwne8vSD?=
 =?us-ascii?Q?5u5gLIbifXkK6sl0WTtQDXTTAZEyI4Nvpa2amV3wAWdq1s+fyNBPdvWyr5/5?=
 =?us-ascii?Q?kKr3Xovk2kTeAUNTTJhpudWmDhRjjIj/6IAH0bQL9V05mdzO2oXr7uwVV6sU?=
 =?us-ascii?Q?CtcjFYHxF/Qb/IbwrbRKk/gXUaAIj3WPDseUagA1YW2C5yBC3qHTDQn1up84?=
 =?us-ascii?Q?OCpGJb0S4Wn20mJh84iKBTU/zDb2aTA9AIexaev29Yk2mBjaK3DBHuijljJZ?=
 =?us-ascii?Q?NuAgNI3xAqfOaRFRK8zFoLGAiu6aUFRiSdiLY6QUmxtTRrvXlsf+3jkXaBIm?=
 =?us-ascii?Q?7rmfjDdZPAQK+Sbie+YdkUIZADhOVDhhn0SN0HYn5doDlQD0f8uaFtXKxXHZ?=
 =?us-ascii?Q?bugbS00GLkheuFcVg9yaT0D6zXEJXD6y/ExTL6VHKRVhs/Vnp66HGbul3UvA?=
 =?us-ascii?Q?kWYUCF0r68r7Do+8NWllkHVT3mB5gKb+V9Y/ayX0un0D7cN6+GpziQghpMn6?=
 =?us-ascii?Q?e5gjA71/yf6GU+7ZE1oew6xDhAzEPKvIY3HdKFkO+C/1p6KDT/OT+7giNQ3Q?=
 =?us-ascii?Q?ntKFdw2aTubmAVMoSr3fehrhPbqMuY5KLc2NoRkXrhHJQ1nFHv5a1u+mrsCU?=
 =?us-ascii?Q?vSzCAXEMUkwKdg7nOk0uwW1LEl70YxKP5xeSqwUJo+cntKUyIKlgljyjZ4wL?=
 =?us-ascii?Q?A+SG7kRc4BV4A14rZL5kdTBw53wLTn0qz7Yw?=
X-Forefront-Antispam-Report: 
	CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:satlexmb07.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(1800799024)(376014)(82310400026)(36860700013);DIR:OUT;SFP:1101;
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Sep 2025 05:05:29.6717
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 07590adb-0de4-4c39-629e-08ddfa5ed113
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[satlexmb07.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
	SJ5PEPF000001D6.namprd05.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH3PR12MB7761
Content-Type: text/plain; charset="utf-8"

Secure AVIC hardware only accelerates Self-IPI, i.e. on WRMSR to
APIC_SELF_IPI and APIC_ICR (with destination shorthand equal to "self")
registers, hardware takes care of updating the APIC_IRR in the guest-owned
APIC backing page of the vCPU. For other IPI types (cross-vCPU, broadcast
IPIs), software needs to take care of updating the APIC_IRR state in the
target vCPUs' APIC backing page and to ensure that the target vCPU notices
the new pending interrupt.

To ensure that the remote vCPU notices the new pending interrupt, the guest
sends a APIC_ICR MSR-write GHCB protocol event to the hypervisor.

Handle the APIC_ICR write MSR exits for Secure AVIC guests by either
sending an AVIC doorbell (if the target vCPU is running) or by waking up
the non-running target vCPU thread.

To ensure that the target vCPU observes the new IPI request, introduce a
new per-vcpu flag, sev_savic_has_pending_ipi. This flag acts as a reliable
"sticky bit" that signals a pending IPI, ensuring the event is not lost
even if the primary wakeup mechanism is missed. Update
sev_savic_has_pending_interrupt() to return true if
sev_savic_has_pending_ipi is set. This ensures that when a vCPU is about
to block (in kvm_vcpu_block()), it correctly recognizes that it has work
to do and will not go to sleep.

Clear the sev_savic_has_pending_ipi flag in pre_sev_run() just before the
next VM-entry. This resets the one-shot signal, as the pending interrupt
is now about to be processed by the hardware upon VMRUN.

During APIC_ICR write GHCB request handling, unconditionally set
sev_savic_has_pending_ipi for the target vCPU irrespective of whether the
target vCPU is in guest mode or not. If the target vCPU does not take any
other VMEXIT before taking next hlt exit, the vCPU blocking fails as
sev_savic_has_pending_ipi remains set. The sev_savic_has_pending_ipi is
cleared before next VMRUN and on subsequent hlt exit the vCPU thread
would block.

Following are the race conditions which can occur between target vCPU
doing hlt and the source vCPU's IPI request handling.

a. VMEXIT before HLT when RFLAGS.IF =3D 0 or Interrupt shadow is active.

   #Source-vCPU                          #Target-VCPU

   1. sev_savic_has_pending_ipi =3D true
   2. smp_mb();
                                         3. Disable interrupts
   4. Target vCPU is in guest mode
   5. Raise AVIC doorbell to target
      vCPU's physical APIC_ID
                                         6. VMEXIT
                                         7. sev_savic_has_pending_ipi =3D
                                            false
                                         8. VMRUN
                                         9. HLT
                                        10. VMEXIT
                                        11. kvm_arch_vcpu_runnable()
                                            returns false
                                        12. vCPU thread blocks

   In this scenario IDLE HLT intercept ensures that the target vCPU does
   not take hlt intercept as V_INTR is set (AVIC doorbell by source vCPU
   triggers evaluation of Secure AVIC backing page of the target vCPU
   and sets V_INTR).

b. Target vCPU takes HLT VMEXIT but hasn't cleared IN_GUEST_MODE at the
   time when doorbell write is issued by source CPU.

   #Source-vCPU                          #Target-VCPU

   1. sev_savic_has_pending_ipi =3D true
   2. smp_mb();
   3. Target vCPU is in guest mode
                                         4. HLT
                                         5. VMEXIT
   6. Raise AVIC doorbell to the target
      physical CPU.
                                         7. vcpu->mode =3D
                                              OUTSIDE_GUEST_MODE
                                         8. kvm_cpu_has_interrupt()
                                             protected_..._interrupt()
                                              smp_mb()
                                              sev_savic_has_pending_ipi is
                                              true

   In this case, the smp_mb() barriers at 2, 8 guarantee that the target
   vCPU's thread observes sev_savic_has_pending_ipi is set and returns to
   the guest mode without blocking.

c. For other cases, where the source vCPU thread observes the target vCPU
   to be outside of the guest mode, memory barriers in rcuwait_wake_up()
   (source vCPU thread) and set_current_state() (target vCPU thread)
   provides the required ordering and ensures that read of
   sev_savic_has_pending_ipi in kvm_vcpu_check_block() observes the write
   by the source vCPU.

   #Source-vCPU                          #Target-VCPU

   rcuwait_wake_up()
     smp_mb()
     task =3D rcu_dereference(w->task);
     if (task)
       wake_up_process()
                                        prepare_to_rcuwait()
                                          w->task =3D current
                                        set_current_state(
                                            TASK_INTERRUPTIBLE)
                                          smp_mb()
                                        kvm_vcpu_check_block()
                                          kvm_cpu_has_interrupt()
                                            <Read sev_savic_has_..._ipi>

Co-developed-by: Kishon Vijay Abraham I <kvijayab@amd.com>
Signed-off-by: Kishon Vijay Abraham I <kvijayab@amd.com>
Signed-off-by: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
---
 arch/x86/kvm/svm/sev.c | 218 ++++++++++++++++++++++++++++++++++++++++-
 arch/x86/kvm/svm/svm.h |   2 +
 2 files changed, 219 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index 78cefc14a2ee..a64fcc7637c7 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -3511,6 +3511,89 @@ int pre_sev_run(struct vcpu_svm *svm, int cpu)
 	if (!cpumask_test_cpu(cpu, to_kvm_sev_info(kvm)->have_run_cpus))
 		cpumask_set_cpu(cpu, to_kvm_sev_info(kvm)->have_run_cpus);
=20
+	/*
+	 * It should be safe to clear sev_savic_has_pending_ipi here.
+	 *
+	 * Following are the scenarios possible:
+	 *
+	 * Scenario 1: sev_savic_has_pending_ipi is set before hlt exit of the
+	 * target vCPU.
+	 *
+	 * Source vCPU                     Target vCPU
+	 *
+	 * 1. Set APIC_IRR of target
+	 *    vCPU.
+	 *
+	 * 2. VMGEXIT
+	 *
+	 * 3. Set ...has_pending_ipi
+	 *
+	 * savic_handle_icr_write()
+	 *   ..._has_pending_ipi =3D true
+	 *
+	 * 4. avic_ring_doorbell()
+	 *                            - VS -
+	 *
+	 *				   4. VMEXIT
+	 *
+	 *                                 5. ..._has_pending_ipi =3D false
+	 *
+	 *                                 6. VM entry
+	 *
+	 *                                 7. hlt exit
+	 *
+	 * In this case, any VM exit taken by target vCPU before hlt exit
+	 * clears sev_savic_has_pending_ipi. On hlt exit, idle halt intercept
+	 * would find the V_INTR set and skip hlt exit.
+	 *
+	 * Scenario 2: sev_savic_has_pending_ipi is set when target vCPU
+	 * has taken hlt exit.
+	 *
+	 * Source vCPU                     Target vCPU
+	 *
+	 *                                 1. hlt exit
+	 *
+	 * 2. Set ...has_pending_ipi
+	 *                                 3. kvm_vcpu_has_events() returns true
+	 *                                    and VM is reentered.
+	 *
+	 *                                    vcpu_block()
+	 *                                      kvm_arch_vcpu_runnable()
+	 *                                        kvm_vcpu_has_events()
+	 *                                          <return true as ..._has_pendi=
ng_ipi
+	 *                                           is set>
+	 *
+	 *                                 4. On VM entry, APIC_IRR state is re-e=
valuated
+	 *                                    and V_INTR is set and interrupt is =
delivered
+	 *                                    to vCPU.
+	 *
+	 *
+	 * Scenario 3: sev_savic_has_pending_ipi is set while halt exit is happen=
ing:
+	 *
+	 *
+	 * Source vCPU                        Target vCPU
+	 *
+	 *                                  1. hlt
+	 *                                       Hardware check V_INTR to determi=
ne
+	 *                                       if hlt exit need to be taken. No=
 other
+	 *                                       exit such as intr exit can be ta=
ken
+	 *                                       while this sequence is being exe=
cuted.
+	 *
+	 * 2. Set APIC_IRR of target vCPU.
+	 *
+	 * 3. Set ...has_pending_ipi
+	 *                                  4. hlt exit taken.
+	 *
+	 *                                  5. ...has_pending_ipi being set is ob=
served
+	 *                                     by target vCPU and the vCPU is res=
umed.
+	 *
+	 * In this scenario, hardware ensures that target vCPU does not take any =
exit
+	 * between checking V_INTR state and halt exit. So, sev_savic_has_pending=
_ipi
+	 * remains set when vCPU takes hlt exit.
+	 */
+	if (READ_ONCE(svm->sev_savic_has_pending_ipi))
+		WRITE_ONCE(svm->sev_savic_has_pending_ipi, false);
+
 	/* Assign the asid allocated with this SEV guest */
 	svm->asid =3D asid;
=20
@@ -4281,6 +4364,129 @@ static int sev_handle_vmgexit_msr_protocol(struct v=
cpu_svm *svm)
 	return 0;
 }
=20
+static void savic_handle_icr_write(struct kvm_vcpu *kvm_vcpu, u64 icr)
+{
+	struct kvm *kvm =3D kvm_vcpu->kvm;
+	struct kvm_vcpu *vcpu;
+	u32 icr_low, icr_high;
+	bool in_guest_mode;
+	unsigned long i;
+
+	icr_low =3D lower_32_bits(icr);
+	icr_high =3D upper_32_bits(icr);
+
+	/*
+	 * TODO: Instead of scanning all the vCPUS, get fastpath working which sh=
ould
+	 * look similar to avic_kick_target_vcpus_fast().
+	 */
+	kvm_for_each_vcpu(i, vcpu, kvm) {
+		if (!kvm_apic_match_dest(vcpu, kvm_vcpu->arch.apic, icr_low & APIC_SHORT=
_MASK,
+					 icr_high, icr_low & APIC_DEST_MASK))
+			continue;
+
+		/*
+		 * Setting sev_savic_has_pending_ipi could result in a spurious
+		 * return from hlt (as kvm_cpu_has_interrupt() would return true)
+		 * if destination CPU is in guest mode and the guest takes a hlt
+		 * exit after handling the IPI. sev_savic_has_pending_ipi gets cleared
+		 * on VM entry, so there can be at most one spurious return per IPI.
+		 * For vcpu->mode =3D=3D IN_GUEST_MODE, sev_savic_has_pending_ipi need
+		 * to be set to handle the case where the destination vCPU has taken
+		 * hlt exit and the source CPU has not observed (target)vcpu->mode !=3D
+		 * IN_GUEST_MODE.
+		 */
+		WRITE_ONCE(to_svm(vcpu)->sev_savic_has_pending_ipi, true);
+		/* Order sev_savic_has_pending_ipi write and vcpu->mode read. */
+		smp_mb();
+		/* Pairs with smp_store_release in vcpu_enter_guest. */
+		in_guest_mode =3D (smp_load_acquire(&vcpu->mode) =3D=3D IN_GUEST_MODE);
+		if (in_guest_mode) {
+			/*
+			 * Signal the doorbell to tell hardware to inject the IRQ.
+			 *
+			 * If the vCPU exits the guest before the doorbell chimes,
+			 * below memory ordering guarantees that the destination vCPU
+			 * observes sev_savic_has_pending_ipi =3D=3D true before
+			 * blocking.
+			 *
+			 *   Src-CPU                       Dest-CPU
+			 *
+			 *  savic_handle_icr_write()
+			 *    sev_savic_has_pending_ipi =3D true
+			 *    smp_mb()
+			 *    smp_load_acquire(&vcpu->mode)
+			 *
+			 *                    - VS -
+			 *                              vcpu->mode =3D OUTSIDE_GUEST_MODE
+			 *                              __kvm_emulate_halt()
+			 *                                kvm_cpu_has_interrupt()
+			 *                                  smp_mb()
+			 *                                  if (sev_savic_has_pending_ipi)
+			 *                                      return true;
+			 *
+			 *   [S1]
+			 *     sev_savic_has_pending_ipi =3D true
+			 *
+			 *     SMP_MB
+			 *
+			 *   [L1]
+			 *     vcpu->mode
+			 *                                  [S2]
+			 *                                  vcpu->mode =3D OUTSIDE_GUEST_MODE
+			 *
+			 *
+			 *                                  SMP_MB
+			 *
+			 *                                  [L2] sev_savic_has_pending_ipi =3D=
=3D true
+			 *
+			 *   exists (L1=3DIN_GUEST_MODE /\ L2=3Dfalse)
+			 *
+			 *   Above condition does not exit. So, if the source CPU observes
+			 *   vcpu->mode =3D IN_GUEST_MODE (L1), sev_savic_has_pending_ipi load =
by
+			 *   the destination CPU (L2) should observe the store (S1) from the
+			 *   source CPU.
+			 */
+			avic_ring_doorbell(vcpu);
+		} else {
+			/*
+			 * Wakeup the vCPU if it was blocking.
+			 *
+			 * Memory ordering is provided by smp_mb() in rcuwait_wake_up() on the
+			 * source CPU and smp_mb() in set_current_state() inside kvm_vcpu_block=
()
+			 * on the destination CPU.
+			 */
+			kvm_vcpu_kick(vcpu);
+		}
+	}
+}
+
+static bool savic_handle_msr_exit(struct kvm_vcpu *vcpu)
+{
+	u32 msr, reg;
+
+	msr =3D kvm_rcx_read(vcpu);
+	reg =3D (msr - APIC_BASE_MSR) << 4;
+
+	switch (reg) {
+	case APIC_ICR:
+		/*
+		 * Only APIC_ICR WRMSR requires special handling for Secure AVIC
+		 * guests to wake up destination vCPUs.
+		 */
+		if (to_svm(vcpu)->vmcb->control.exit_info_1) {
+			u64 data =3D kvm_read_edx_eax(vcpu);
+
+			savic_handle_icr_write(vcpu, data);
+			return true;
+		}
+		break;
+	default:
+		break;
+	}
+
+	return false;
+}
+
 int sev_handle_vmgexit(struct kvm_vcpu *vcpu)
 {
 	struct vcpu_svm *svm =3D to_svm(vcpu);
@@ -4419,6 +4625,11 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu)
 			    control->exit_info_1, control->exit_info_2);
 		ret =3D -EINVAL;
 		break;
+	case SVM_EXIT_MSR:
+		if (sev_savic_active(vcpu->kvm) && savic_handle_msr_exit(vcpu))
+			return 1;
+
+		fallthrough;
 	default:
 		ret =3D svm_invoke_exit_handler(vcpu, exit_code);
 	}
@@ -5106,5 +5317,10 @@ void sev_savic_set_requested_irr(struct vcpu_svm *sv=
m, bool reinjected)
=20
 bool sev_savic_has_pending_interrupt(struct kvm_vcpu *vcpu)
 {
-	return kvm_apic_has_interrupt(vcpu) !=3D -1;
+	/*
+	 * See memory ordering description in savic_handle_icr_write().
+	 */
+	smp_mb();
+	return READ_ONCE(to_svm(vcpu)->sev_savic_has_pending_ipi) ||
+		kvm_apic_has_interrupt(vcpu) !=3D -1;
 }
diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h
index 60dc424d62c4..a3edb6e720cd 100644
--- a/arch/x86/kvm/svm/svm.h
+++ b/arch/x86/kvm/svm/svm.h
@@ -335,6 +335,8 @@ struct vcpu_svm {
=20
 	/* Guest GIF value, used when vGIF is not enabled */
 	bool guest_gif;
+
+	bool sev_savic_has_pending_ipi;
 };
=20
 struct svm_cpu_data {
--=20
2.34.1
From nobody Thu Oct  2 03:27:31 2025
Received: from SN4PR2101CU001.outbound.protection.outlook.com
 (mail-southcentralusazon11012059.outbound.protection.outlook.com
 [40.93.195.59])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 41C8D30CB3D;
	Tue, 23 Sep 2025 05:05:50 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=fail smtp.client-ip=40.93.195.59
ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758603952; cv=fail;
 b=GtdwuiWmDpGsJY4VZjDklIBZ0+GYTU/yU5u3N7NsgdFs+pcqfhnEAHPkmQ+dBq66irJQE86G77yr6w0uUzdND7D3O1yVJUhfnh7ZkbVJ++PJrOoNLz8wSLsiKACmUgzDLFVoj1i3vsPvdkwWQLewxBU9+NJ+6zQl+RnwXOj5I9E=
ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758603952; c=relaxed/simple;
	bh=6/b1lDeX2exVWjbByeSPoPUQfYt6O7/NuKtBAwrqcZQ=;
	h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version:Content-Type;
 b=DuQSg2J74eRNFbPejPBFnmpK8IvD9+K0KpPAc5/0Th7wpDR5WSad4lrHDhemDesKrJHKCPfdCcFQvmm+jPDIXuSW/vR5R9ZfFgjHfGbkun0mnFgG8fZKi1Y21ne4O0orvLeyZiOSq5Iq+X3BKWjfCUsNtI8EYADpbSOK1e6L9fg=
ARC-Authentication-Results: i=2; smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com;
 spf=fail smtp.mailfrom=amd.com;
 dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b=Tg7DSd6S; arc=fail smtp.client-ip=40.93.195.59
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=fail smtp.mailfrom=amd.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b="Tg7DSd6S"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
 b=LI9Y0rTOP54lHCqzVx89iP/db57x0TKouevAC/BMk/PjfoU94JnfPDPVBX8TOYElbYzFLvoVLNFIJqYf/n9l6CJmwh2lfViwL/VGDC43I/rEGC7I8wkzcTCN+WprhLVnEaN8zZIcpGv+P7+TaoYamUN1HgiEV1yAwxTWasVVk2lRk2SzLUGQ51yq5RNkWpZxciugCaJhjSHZKp0kDGhnigQuB8xW4Z1mAn+otUqQmnBGn5vAX92pBpYJ6sWb8jTm8cyzSp7dYy0VxJi4Gd1PG+lu7aKKXvAG6bGTEHc8Wygglpp4JkyUWkDSafixdC8XUZPtcyrC0yeXjpE3a6jusg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector10001;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=pJE+iSsxrTqrcf5PHzJt+Wbsh3mVjbXOHAwAj1JRBBs=;
 b=rsAw+o2ng7Y1X/FQMpvkqqIBqNKUKKDpaBuZDyVHoAA22k72oGDwwkc2uCr9HOShElB4jjn0640K3on7In/fdLYggGmTgdTdGpn6fZ/C395sNYpw+MIsxjdumEiGhVNuR5cKTIH0VuKIpHhUwa9NZmTsrAW/bnHaq4B3E6pB5XCxls+gk725hid27xuRVQ7eMrQnvB0MVJOwZ1Nq1EUwDskZWs86pXH6qsFYJPE/r76l+5gj69FB8DTF6lpIcweW6aw+1Sg6PKoR+tiYf3ZUNYh0ywxuM0fDwL9ppYmDrbqvHeOjdChvPQoj4zuExmelAmIMxonTi+7wzwWM75dX0A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com;
 dmarc=pass (p=quarantine sp=quarantine pct=100) action=none
 header.from=amd.com; dkim=none (message not signed); arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=pJE+iSsxrTqrcf5PHzJt+Wbsh3mVjbXOHAwAj1JRBBs=;
 b=Tg7DSd6SXPqr0hrm3braKvIvFafZp5r6NW9m7D3gt145JxRemQa1oaAdvK96Nx+ngi4XcCPKEW5ni8N/tK36AI3gR70N/H0IYLVZT0pEOr3mosBxUSuyIoSOKMNE2ocLm5Jn7OdFSkHVACKMN+NfuxIB2p3CB1mXjkP+NP0G0sI=
Received: from SJ0PR03CA0012.namprd03.prod.outlook.com (2603:10b6:a03:33a::17)
 by IA1PR12MB6433.namprd12.prod.outlook.com (2603:10b6:208:3af::11) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9137.19; Tue, 23 Sep
 2025 05:05:47 +0000
Received: from MWH0EPF000971E5.namprd02.prod.outlook.com
 (2603:10b6:a03:33a:cafe::67) by SJ0PR03CA0012.outlook.office365.com
 (2603:10b6:a03:33a::17) with Microsoft SMTP Server (version=TLS1_3,
 cipher=TLS_AES_256_GCM_SHA384) id 15.20.9137.19 via Frontend Transport; Tue,
 23 Sep 2025 05:05:47 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17)
 smtp.mailfrom=amd.com; dkim=none (message not signed)
 header.d=none;dmarc=pass action=none header.from=amd.com;
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=satlexmb07.amd.com; pr=C
Received: from satlexmb07.amd.com (165.204.84.17) by
 MWH0EPF000971E5.mail.protection.outlook.com (10.167.243.73) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.9137.12 via Frontend Transport; Tue, 23 Sep 2025 05:05:46 +0000
Received: from BLR-L-NUPADHYA.xilinx.com (10.180.168.240) by
 satlexmb07.amd.com (10.181.42.216) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.2.2562.17; Mon, 22 Sep 2025 22:05:41 -0700
From: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
To: <kvm@vger.kernel.org>, <seanjc@google.com>, <pbonzini@redhat.com>
CC: <linux-kernel@vger.kernel.org>, <Thomas.Lendacky@amd.com>,
	<nikunj@amd.com>, <Santosh.Shukla@amd.com>, <Vasant.Hegde@amd.com>,
	<Suravee.Suthikulpanit@amd.com>, <bp@alien8.de>, <David.Kaplan@amd.com>,
	<huibo.wang@amd.com>, <naveen.rao@amd.com>, <tiala@microsoft.com>
Subject: [RFC PATCH v2 08/17] KVM: SVM: Do not inject exception for Secure
 AVIC
Date: Tue, 23 Sep 2025 10:33:08 +0530
Message-ID: <20250923050317.205482-9-Neeraj.Upadhyay@amd.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
References: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-ClientProxiedBy: satlexmb07.amd.com (10.181.42.216) To satlexmb07.amd.com
 (10.181.42.216)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: MWH0EPF000971E5:EE_|IA1PR12MB6433:EE_
X-MS-Office365-Filtering-Correlation-Id: e58eef34-3315-4c31-493d-08ddfa5edb52
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: 
	BCL:0;ARA:13230040|36860700013|376014|1800799024|82310400026;
X-Microsoft-Antispam-Message-Info: 
	=?us-ascii?Q?hQlRHGC22fYetCKI54n5vgoc8ydqRN/xAudwFyrwpZTXWp/AGvAtcG9bzTOJ?=
 =?us-ascii?Q?OnADK87j0ttwoVwoXcc5jECxdOnl438BW/chzfWuUxUutxpNcoN4rt7QCgqz?=
 =?us-ascii?Q?dS/SVTMtdcV39ifp3XG7CcITwsVaVG+hgEqceN2D5X4A3TL2NfnZqODTc02q?=
 =?us-ascii?Q?V/UfTwBKcbY76QcwbnyfjmLqGYRIZ95rHHeEkZ92LZUoi39Ds9FMwjqa/+/Q?=
 =?us-ascii?Q?mbvkIIgHmUEUH8xpuSMhwrGtIuPCjs6B1NCQ5ZRmW6vZedA1+lBMjutNyjvn?=
 =?us-ascii?Q?jdouzgNGix2Jrxh8Fyp9Erm1W1PR6xQxsrVbFPRjNNe84ejTnIFYDPX9hNIv?=
 =?us-ascii?Q?APwG6GNVd1hRHP7X7FsR87KzEQWfk+HGsLR7g6JsMVtAOsqeM297aHEvTMJ7?=
 =?us-ascii?Q?1+4QO9uOLLkXF2vpaMaU3tOupr00/OamMrEqwcad0Wqf6bhTbR0fYvv1kWjh?=
 =?us-ascii?Q?H4yN0fOsgBb7cP4O3OHAjwmblOSUE2fT63oqaWviUdYWqdHAzr5k16sfrHsu?=
 =?us-ascii?Q?Ncd+31Iowh4lui/aGL1bfCM5bplox5V2ru9lNkHrH/VUWLWUAsT9fMbgsPqk?=
 =?us-ascii?Q?S32BnKi/B8aKDeAhcKdQnQvcMimqrW/nJrYMec45UJVUjq+a2D9Mx53iI62N?=
 =?us-ascii?Q?BV4ZLDQbfNbbNW1eyGzfN9td+izQy5dX3NpbJMjypLe6GsEj+335TuJep9wl?=
 =?us-ascii?Q?/wTzSgByobqmUJ9f3ZN6FatGc/zFm9uwTtqMhL3xChmhFjMvP/x0Y/2P/fnj?=
 =?us-ascii?Q?oF/H7mWEH1rZNWlabKOxZSgpJJoJO+fWH2LPFg/eI78XQkUuLBpJi2Kebdf0?=
 =?us-ascii?Q?gSIN2Z1V5k3FjOZ7y72qrpxjs/JOZgugfYTgVPp41yqEUIl+mV2jMlwPxC6l?=
 =?us-ascii?Q?QiRnm+ZxBlbmzMocAT+dxZdOpk1VaNCiTi6aQdwf8Yx7Uzd4+9vsUKPS6Cag?=
 =?us-ascii?Q?ziuSYV5+5KqaNODv7wbwD1c2Y0L7sq8H7ROnmS97hACkRKJLRNj55bUEpaZQ?=
 =?us-ascii?Q?HknfK4Vy/DHlG/y7PfbF4nILY3p8+y1LUCU5Ca20/QEh46nRDczHVa/wxzGu?=
 =?us-ascii?Q?So8aWGdr57GPdW0g5wCt/8UoANGyYZgP71gIkprU+KxdHWbbHGgWmqQDmghT?=
 =?us-ascii?Q?OaaoGVzl+fylkqGHc74fxq1w6gRA/UjrIpgfy7vFldNknO+MezpY5zDvg/52?=
 =?us-ascii?Q?BDP4IfPvRBAbXO92OolGtKZoAeP8xkfxTdftpfdvEwSVQUz1LgOqBccXmeAJ?=
 =?us-ascii?Q?gvatM3I/Jymf6WZYWEioAhfRi9fbgj7gRkscmUB20OlmmdhBjZzSkTwStJEm?=
 =?us-ascii?Q?2z1w/H6hg2IItfGR15qNJ2USmd4Nby5G8EJWbr3BOgGuYOHSf7p+c5KNyaZe?=
 =?us-ascii?Q?qR/xO01xSq1s3Q960xJ6Wg2hCmI7+Xy2MUOqnDtME9rfQT7Wg4KTyP6GV+Cs?=
 =?us-ascii?Q?M9Og5CFgI4N+ti9/Ak+VjqD18Mv9EtYIaAfhyIYbuSb9fyNrAjOXEklm9TC4?=
 =?us-ascii?Q?0RqPSmobLrNiY7DS4fvwAOifOFmuKYF46gYr?=
X-Forefront-Antispam-Report: 
	CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:satlexmb07.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(36860700013)(376014)(1800799024)(82310400026);DIR:OUT;SFP:1101;
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Sep 2025 05:05:46.8508
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 e58eef34-3315-4c31-493d-08ddfa5edb52
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[satlexmb07.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
	MWH0EPF000971E5.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA1PR12MB6433
Content-Type: text/plain; charset="utf-8"

From: Kishon Vijay Abraham I <kvijayab@amd.com>

Secure AVIC does not support injecting exception from the hypervisor.
Take an early return from svm_inject_exception() for Secure AVIC enabled
guests.

Hardware takes care of delivering exceptions initiated by the guest as
well as re-injecting exceptions initiated by the guest (in case there's
an intercept before delivering the exception).

Signed-off-by: Kishon Vijay Abraham I <kvijayab@amd.com>
Signed-off-by: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
---
 arch/x86/kvm/svm/svm.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index 7811a87bc111..fdd612c975ae 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -374,6 +374,9 @@ static void svm_inject_exception(struct kvm_vcpu *vcpu)
 	struct kvm_queued_exception *ex =3D &vcpu->arch.exception;
 	struct vcpu_svm *svm =3D to_svm(vcpu);
=20
+	if (sev_savic_active(vcpu->kvm))
+		return;
+
 	kvm_deliver_exception_payload(vcpu, ex);
=20
 	if (kvm_exception_is_soft(ex->vector) &&
--=20
2.34.1
From nobody Thu Oct  2 03:27:32 2025
Received: from SN4PR2101CU001.outbound.protection.outlook.com
 (mail-southcentralusazon11012070.outbound.protection.outlook.com
 [40.93.195.70])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6FEF2274671;
	Tue, 23 Sep 2025 05:06:13 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=fail smtp.client-ip=40.93.195.70
ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758603974; cv=fail;
 b=tlVfiHWprBi3XZMv/trdnFWP1qy1yWIoE7y1bbD7d1vWQhp/L472aCNXH2E9OnU1E365NXxilAB6quMmTRK9EU+JEb/LWRuUzxSPo50sOiz5s8YaCqIJejngZj96SwvLV6d3zT1/zm1NOSC39IfuGJVYquNwkk7J/GdKW/Asx5w=
ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758603974; c=relaxed/simple;
	bh=QIdR+pPWCwfA4WStVaE174DLrBroidVyv2aRWaoACuA=;
	h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version:Content-Type;
 b=F8IwgdQLSYK+5waM17V9ulsYWaWa3HDv6E/z5/Nn8xMMxOyJP02HmWywAGZe65ywoOcN1zgFc0cviSbAK3p9R9rN+Wn+JCjXRCC+akA2j7oEs0AXQFeiQklaF4nxhIHom/KHrhvuSD5nCrjMe0O1m/iV+HJeRswWQUu8J79Qwc8=
ARC-Authentication-Results: i=2; smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com;
 spf=fail smtp.mailfrom=amd.com;
 dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b=q5cqgBad; arc=fail smtp.client-ip=40.93.195.70
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=fail smtp.mailfrom=amd.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b="q5cqgBad"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
 b=FHuDm/xRt38rltbioZ/+IIe/dPie3AOfKPt7ctjf4rn6bQfV760bXBr9ubmORBYM3mvU9mToQCf8WHCK0jY0vQ3nKqbHk20AOJftw7oc/FJPdfv7k/ZZi3FIysXFnZYFcZMPSD0vIQUmoEnaUnVXn2iI5YZfHhCZslhk1H96HaPjV2zwu8/FqAhgkuF0phur3WS0sHRB7PJxN5N6lBzx0iePe8+xBehZl1S06ubXmgf7etNW2YhPYz4VTKELGABp3H/yoNft0j100lEAhQ5WCMXmVRTprYVWKQNs/OaI7zZpzWaahKVD/dQv1xm3wCNDXxjh7dPmN0IejLX6CwQn9g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector10001;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=HWcD8pjSMZDbeBThKlCrGF0+GLpyAyx4lzkRG2X1Xxg=;
 b=xX8iJLciERnlA9P8IPYOU5qqlupP/4+nOHscz/ChqoeaK5iwo7OaIVNEq43WIlrZLg3rl1gx6c5jZ9AYSPqJq/sQfjO/P+YteO18Bt4pIdx/ensVlRduuRbgrSo2r72CI8LicaNVixGEFRNlIGXUHts8BnhUb70fqZF9Ga4UOuRgAS+PuRjd/guq0c/oftsyhzXxKo8J0AC7E/eDd+HkiuVj6IVdZ4vVJeQUJGs9hQ+cjZtOwHrACSGnloE0AGb7aPsSzb9MZq4dVAIKElD+sI32tLYpvqJDIonsLBII/gGahmOGZhuS51zn2KTgfeHxWNuCxBL9IR+XTry1MutCaQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com;
 dmarc=pass (p=quarantine sp=quarantine pct=100) action=none
 header.from=amd.com; dkim=none (message not signed); arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=HWcD8pjSMZDbeBThKlCrGF0+GLpyAyx4lzkRG2X1Xxg=;
 b=q5cqgBadchEgp+KpYnVyLsmhecasIvh+W9U+rgGbmwtwzEuu9hybEu0tbJEK476/Uj2FogJKFcwNgGlswM6mcLYsuCzfugVKF16614MGDW6xoDKYzgPX7cpokekZF2WeTD7yqQapQ0MJSMJbJv+pqTlc/j2QrkuwxYSZOUm/IHQ=
Received: from BYAPR02CA0013.namprd02.prod.outlook.com (2603:10b6:a02:ee::26)
 by BY5PR12MB4098.namprd12.prod.outlook.com (2603:10b6:a03:205::8) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9137.19; Tue, 23 Sep
 2025 05:06:09 +0000
Received: from MWH0EPF000971E4.namprd02.prod.outlook.com
 (2603:10b6:a02:ee:cafe::c3) by BYAPR02CA0013.outlook.office365.com
 (2603:10b6:a02:ee::26) with Microsoft SMTP Server (version=TLS1_3,
 cipher=TLS_AES_256_GCM_SHA384) id 15.20.9137.20 via Frontend Transport; Tue,
 23 Sep 2025 05:06:09 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17)
 smtp.mailfrom=amd.com; dkim=none (message not signed)
 header.d=none;dmarc=pass action=none header.from=amd.com;
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=satlexmb07.amd.com; pr=C
Received: from satlexmb07.amd.com (165.204.84.17) by
 MWH0EPF000971E4.mail.protection.outlook.com (10.167.243.72) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.9137.12 via Frontend Transport; Tue, 23 Sep 2025 05:06:09 +0000
Received: from BLR-L-NUPADHYA.xilinx.com (10.180.168.240) by
 satlexmb07.amd.com (10.181.42.216) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.2.2562.17; Mon, 22 Sep 2025 22:05:58 -0700
From: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
To: <kvm@vger.kernel.org>, <seanjc@google.com>, <pbonzini@redhat.com>
CC: <linux-kernel@vger.kernel.org>, <Thomas.Lendacky@amd.com>,
	<nikunj@amd.com>, <Santosh.Shukla@amd.com>, <Vasant.Hegde@amd.com>,
	<Suravee.Suthikulpanit@amd.com>, <bp@alien8.de>, <David.Kaplan@amd.com>,
	<huibo.wang@amd.com>, <naveen.rao@amd.com>, <tiala@microsoft.com>
Subject: [RFC PATCH v2 09/17] KVM: SVM: Do not intercept exceptions for Secure
 AVIC guests
Date: Tue, 23 Sep 2025 10:33:09 +0530
Message-ID: <20250923050317.205482-10-Neeraj.Upadhyay@amd.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
References: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-ClientProxiedBy: satlexmb07.amd.com (10.181.42.216) To satlexmb07.amd.com
 (10.181.42.216)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: MWH0EPF000971E4:EE_|BY5PR12MB4098:EE_
X-MS-Office365-Filtering-Correlation-Id: cce6148d-7dec-4efa-ceba-08ddfa5ee896
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: 
	BCL:0;ARA:13230040|82310400026|36860700013|1800799024|376014;
X-Microsoft-Antispam-Message-Info: 
	=?us-ascii?Q?y7FhqbQEL0riFgE6M25m5HAq3fuEH3CtRReVGMzCXJyxqBzZRHuyWWWM8qjp?=
 =?us-ascii?Q?H897iCCloQzKOmFHHH91DJUtTa933I7FJOrrUz/CYJemQQAYEbPZKOdCNAw+?=
 =?us-ascii?Q?75kKcclK32S6DHgjDAv16mgbZV5QFCXzrAG6XUv3jUaZ1qg0OMLEmcYsDKeM?=
 =?us-ascii?Q?vKyf7nYWWpNjeMO0t1/cY9BEnQ+tYeW98O8sSstkFB/KH9pV0wni/4b1htfb?=
 =?us-ascii?Q?F/dIRPhe1kv8l7P3GTEZy0B3AQB/x0ucE1IwIKYm8233GwqmV7Z7Gx1pUxUa?=
 =?us-ascii?Q?HL/72MKZG8+grpqMjYvNPO8PIBcR7P+lYD/CQAYUg9hyaTTJTHVH3GGxXcWL?=
 =?us-ascii?Q?FYTT1ZKbxVrB2uDlip17dXZtxL3lzz3kLuY7qJAa1jEFEEjqUxSf/XHoqby5?=
 =?us-ascii?Q?trpL0fF/Lcb66Ro9vI+o1mddAqUAy/T5Bity3SSLFfnvI4q2V6qj4lP0cyaW?=
 =?us-ascii?Q?i5QLx3+I+boUHo2iNASJXMqVwJcrwFfDFJOg4sRKVwe8DFETlG4ZPL5Fnb8n?=
 =?us-ascii?Q?gJ0zR/sIX6c8de03BbGKr+VHoBf9uM8Vv7MIAX0XT7jukERlx3oY4j1aGcCK?=
 =?us-ascii?Q?2/4+yiVrqU9KHhAs1vzKtlqpW7Uv//Hf4rr0vNAqrV54zFFby++ieyvCj3um?=
 =?us-ascii?Q?YYbKj1x6EN06UpVbzP5BPMKAYZMOKvgaK3tKDd2I/L5XVhxrhnK5W03sjFUj?=
 =?us-ascii?Q?x1Oz2ASoJKYdD/kyy3aS4vIMCGL7BBycD6uYE2wpnZYDdClpYB0h9vOjtmDk?=
 =?us-ascii?Q?/3sLy1Rse9h4HGj8J/e4G/7z9lI2zqyPVerhn4dxSXOaizj7zFqevX/tJ6ae?=
 =?us-ascii?Q?Y+fkj5Yuii9ISLdUS3R+3xa7LyCx3TnlPYVNIqqS4W6fuOlpkXTO3XXrg/B3?=
 =?us-ascii?Q?PvyXj4bOQdSfKtVTi4ROWciYFnPVP4IrVR1z8GXAz+Cjs8c9SM6T3pwyOqy2?=
 =?us-ascii?Q?T/bLYjywWORSjhB8Nff0RwvXwiy5kTBBFKLwBEKCll227wjYXB0dsigCYWwP?=
 =?us-ascii?Q?kLye7gLA8K7di+Ld1MtfV5UjaFnOefiVNQshqDZI5OLFlQU26Pu9qIcLXgh8?=
 =?us-ascii?Q?zmslqJF5tfe7qsUsLtEgiy+5xNpbhmsm3PeDGZAWuV/AXjWSlHCmQ10lFF+A?=
 =?us-ascii?Q?1oivZ3UM7aGmyqPxMnK2hWj6bD1X27oCdLlWq7Wau4BMAtvmpm/gKICK2HbY?=
 =?us-ascii?Q?YtcYHQcYnlmRR6Xqkbi7Yq/APMhJiKJIakzunLc8v0UQ9Rzv4kh59TqJA4Jc?=
 =?us-ascii?Q?AJnxihmVHTBAtFN42csS5dJT/hepBAAe/es+Dam9M18GW03fa5Q/ZxXTXocD?=
 =?us-ascii?Q?QTTtPiNorjgzN73JteLTfSLRnp1bivbdv/8X9cPTnswezP2qenyVQlkliyfb?=
 =?us-ascii?Q?luzW4nbGjI2UhDcFrJ4wQl7UqD3T2Lam2EUUSp1WiSLFRZNbe5g8PgzFRsp/?=
 =?us-ascii?Q?uJRbEZmdqH+UEtW+DRUbw8C2Y2L0E5kKZX6EBAHiTXhPUyLcwF8ZOTA/ikE8?=
 =?us-ascii?Q?IJDvYsMEAI5yGWJrBi6HHrqYxWWaXStuy7lQ?=
X-Forefront-Antispam-Report: 
	CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:satlexmb07.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(82310400026)(36860700013)(1800799024)(376014);DIR:OUT;SFP:1101;
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Sep 2025 05:06:09.1114
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 cce6148d-7dec-4efa-ceba-08ddfa5ee896
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[satlexmb07.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
	MWH0EPF000971E4.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR12MB4098
Content-Type: text/plain; charset="utf-8"

Exceptions cannot be explicitly injected from the hypervisor to
Secure AVIC enabled guests. So, KVM cannot inject exceptions into
a Secure AVIC guest. If KVM were to intercept an exception (e.g., #PF
or #GP), it would be unable to deliver it back to the guest, effectively
dropping the event and leading to guest misbehavior or hangs. So,
clear exception intercepts so that all exceptions are handled directly by
the guest without KVM intervention.

Signed-off-by: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
---
 arch/x86/kvm/svm/sev.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index a64fcc7637c7..837ab55a3330 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -4761,8 +4761,17 @@ static void sev_es_init_vmcb(struct vcpu_svm *svm)
 	/* Can't intercept XSETBV, HV can't modify XCR0 directly */
 	svm_clr_intercept(svm, INTERCEPT_XSETBV);
=20
-	if (sev_savic_active(vcpu->kvm))
+	if (sev_savic_active(vcpu->kvm)) {
 		svm_set_intercept_for_msr(vcpu, MSR_AMD64_SAVIC_CONTROL, MSR_TYPE_RW, fa=
lse);
+
+		/* Clear all exception intercepts. */
+		clr_exception_intercept(svm, PF_VECTOR);
+		clr_exception_intercept(svm, UD_VECTOR);
+		clr_exception_intercept(svm, MC_VECTOR);
+		clr_exception_intercept(svm, AC_VECTOR);
+		clr_exception_intercept(svm, DB_VECTOR);
+		clr_exception_intercept(svm, GP_VECTOR);
+	}
 }
=20
 void sev_init_vmcb(struct vcpu_svm *svm)
--=20
2.34.1
From nobody Thu Oct  2 03:27:32 2025
Received: from CY7PR03CU001.outbound.protection.outlook.com
 (mail-westcentralusazon11010016.outbound.protection.outlook.com
 [40.93.198.16])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0A19630E0F7;
	Tue, 23 Sep 2025 05:06:23 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=fail smtp.client-ip=40.93.198.16
ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758603985; cv=fail;
 b=VckCvNcXcT1Z4WNfB+Nl57d3PKbBJr+j9e+MB25MLjATq7JuPdLKlAZ+7Hkr2s+2CTvLh/cTJovN/VJWSMsYZ392lYszFzJAoyY/SQ5vrXvDXu5d0hGRSAiYHn3L7EHYKiWvtXcdoTnxVnD8CiPr6Vla/9h8fSnNjZtZGqvPVsc=
ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758603985; c=relaxed/simple;
	bh=aARKfMFuixWbmbGswMqgX0cH9S6FOi9sn+SSXn5e6NQ=;
	h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version:Content-Type;
 b=lXQxNEj7cDd8d3WDpgSSvBpDcFmHt34pBGyMYbycDbcOUxJp73vItxxB/4OfVgHiYJFcfOAg6ojiOghexQGggL7IUMBVgCTspbSluLU59Lu+5UxJ+6/N0xMLGFMGCz5A+Do1UDRGlfvoiaJ64v8HzhlqzoGodSryUDTHBfLNpDI=
ARC-Authentication-Results: i=2; smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com;
 spf=fail smtp.mailfrom=amd.com;
 dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b=Hrw+0XSb; arc=fail smtp.client-ip=40.93.198.16
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=fail smtp.mailfrom=amd.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b="Hrw+0XSb"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
 b=ZMPOFLXDdM10t25touqNDoSN1HTSUED+hQRvUd04CFVTVj3pg53vIbMZMWMFsXqHwRYkz8WTjuq654itNmxGePMbZgNECoqYt6BZmUza974aM2O442L9lN+fFIIKke5y1+LfvamHnyfPpuf475FIL8CimK2hF9s6dM9s8OVudpdddmFPWuSpbU6KGxBbzwFI3X+q9/MA7/nobfzjwftApEBq6JLAqCqzdb0/HnpLgN+Te3PG59J4DVVQhFffz4mhib2ygsQQOtfy80eBoe3mXgsd8lj45EIna/OMAP3jPyIwqpe09HUzCiVbJ6/AoIYbyJduwMdiB1xLPC92EcOIGw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector10001;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=AQoCDSd0jZErkZvsv3suwuSpp8XBuAW7PMsHWt43O3Y=;
 b=ureZx5VbUtPOrR5HfIfr1NpPm7RD38uYu5gPc8pAhAu6sqUSb0gdN+O/qf9Ev3hU95RDqaNFYP0QXnCcwJdObmdxZVtlseDkiHxBa7TQ+h+s1fwCHestvsTxD4ABuYGpdkExV5XvFPsVhgdx/poij6yHYoVrgNgoCBvyCUjz3t7qvTobZzl7qHtj9wB1DIHT2zWKs7AzXRh2aQS1LQqQle2MwC/nsG8GKrLKWSEpHrCxoYKPjUhtJL0mi5wIKrU/TzrGGDlmJpq0MJm370ay1oov0Vxi99j1I3tBoZVXd4mkPpdTjhTenXyGtTFthARycOdxe9QhtpNBtmTQsm8Q1w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com;
 dmarc=pass (p=quarantine sp=quarantine pct=100) action=none
 header.from=amd.com; dkim=none (message not signed); arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=AQoCDSd0jZErkZvsv3suwuSpp8XBuAW7PMsHWt43O3Y=;
 b=Hrw+0XSbOJy+TS3f/21NDUazY10GfP6sXHbnVJQ2y0bQ4T3JQ/6FqsZJBh/7F8h608vL0TK8ISif734sJ/by/R+CP7e9toez6fLHhVTpQqfUpLJ8TORLvIIBkNvMPT5Ifl6/K8PjZPjXC3d56+aiScE2MITxzn3cypsquPggyv0=
Received: from BYAPR02CA0016.namprd02.prod.outlook.com (2603:10b6:a02:ee::29)
 by SA3PR12MB8802.namprd12.prod.outlook.com (2603:10b6:806:314::18) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9137.19; Tue, 23 Sep
 2025 05:06:20 +0000
Received: from MWH0EPF000971E4.namprd02.prod.outlook.com
 (2603:10b6:a02:ee:cafe::b4) by BYAPR02CA0016.outlook.office365.com
 (2603:10b6:a02:ee::29) with Microsoft SMTP Server (version=TLS1_3,
 cipher=TLS_AES_256_GCM_SHA384) id 15.20.9137.20 via Frontend Transport; Tue,
 23 Sep 2025 05:06:20 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17)
 smtp.mailfrom=amd.com; dkim=none (message not signed)
 header.d=none;dmarc=pass action=none header.from=amd.com;
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=satlexmb07.amd.com; pr=C
Received: from satlexmb07.amd.com (165.204.84.17) by
 MWH0EPF000971E4.mail.protection.outlook.com (10.167.243.72) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.9137.12 via Frontend Transport; Tue, 23 Sep 2025 05:06:19 +0000
Received: from BLR-L-NUPADHYA.xilinx.com (10.180.168.240) by
 satlexmb07.amd.com (10.181.42.216) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.2.2562.17; Mon, 22 Sep 2025 22:06:15 -0700
From: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
To: <kvm@vger.kernel.org>, <seanjc@google.com>, <pbonzini@redhat.com>
CC: <linux-kernel@vger.kernel.org>, <Thomas.Lendacky@amd.com>,
	<nikunj@amd.com>, <Santosh.Shukla@amd.com>, <Vasant.Hegde@amd.com>,
	<Suravee.Suthikulpanit@amd.com>, <bp@alien8.de>, <David.Kaplan@amd.com>,
	<huibo.wang@amd.com>, <naveen.rao@amd.com>, <tiala@microsoft.com>
Subject: [RFC PATCH v2 10/17] KVM: SVM: Set VGIF in VMSA area for Secure AVIC
 guests
Date: Tue, 23 Sep 2025 10:33:10 +0530
Message-ID: <20250923050317.205482-11-Neeraj.Upadhyay@amd.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
References: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-ClientProxiedBy: satlexmb07.amd.com (10.181.42.216) To satlexmb07.amd.com
 (10.181.42.216)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: MWH0EPF000971E4:EE_|SA3PR12MB8802:EE_
X-MS-Office365-Filtering-Correlation-Id: d8658dba-d3f6-426a-3dca-08ddfa5eeef5
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: 
	BCL:0;ARA:13230040|1800799024|376014|82310400026|36860700013;
X-Microsoft-Antispam-Message-Info: 
	=?us-ascii?Q?WedGPH8BkqoLskNQqeRdTKYc3f9hdMvRIMFfGq5XU1uaAC9JLUm+aOdOt1VQ?=
 =?us-ascii?Q?ZAuTvvUtQvSMUYnDZbcA+wrd6JxS+sp4MkVUwiazFtZekePqB6EF585pIDhW?=
 =?us-ascii?Q?sIrYBs0aY2dDEkFiq6iR3U2QmMXW3CEPjWWCrfZbmcmH/oqHFBXy0rEoVjHW?=
 =?us-ascii?Q?I1zDaQpnYlAd3VyZ42TKKblP4H5HTSPeZ0FVf3qCa7svrIspPsebESiMVuKy?=
 =?us-ascii?Q?yHm0I/iPBlx8RdTJHL396h6TSYooLkwJbxWgFqkQGx1KsFVA4oqeZ20QnQp+?=
 =?us-ascii?Q?pV88j022ff+/XqVZeTW4n+lf2++0yH4xBQrKj+0MTmoQEjqEG+g6uMs0HJSQ?=
 =?us-ascii?Q?K0kl6ANl7kl82AR249rjteK/B7rWJDmAf7GsT43pWYHtwQ8YSrJP+Gn0UwYm?=
 =?us-ascii?Q?/cQsgwdditRUjjzErCiT156quntS1f3/NtPtr6YA8c5LTbUSQ8AdzcFwNa4X?=
 =?us-ascii?Q?eJSDd1f/QXi22G7/cYNwnOQWw6hkn3/FgCNrSpWNl6WdCCD90Br0bYJVxPbH?=
 =?us-ascii?Q?wDJFTh92qC1C9cgFP+vrJmhFLKL6svjXOZaGbMI0a9OKSh1xmz9gnwobkxpn?=
 =?us-ascii?Q?7peKpGxPzHoQq9sLJfo23w5HvQZR+IOcsWRNFJ0sFqxE1fch6yQg92QezlaA?=
 =?us-ascii?Q?gDW3aXLO25uFt/4WfNb0mtnsXZ/YFkkjFER8ZumeGybgXFWLfTyysOUCYcjZ?=
 =?us-ascii?Q?W81uTUsVMpdI88so30DVXfIFQYGdWRo7q/E7BsejjUlB9IX0lxl3hoDDO9h4?=
 =?us-ascii?Q?vrA/17EkzOTZDJe33FzkzQCLQ9FKNxPGkW+90Isn+LOie2aY+McgbF3thbPu?=
 =?us-ascii?Q?84ce7ETDVcXIQj0Z/HNtjE7zYYfJg+ZniZ4V6bKPDbUI+DSrTSTkH5m80vs8?=
 =?us-ascii?Q?9DCNGJFf7CxgDXNRwRzZuadC2/h3Id6tfyFd8rO23TZaOM8AFIcRHCSqDUVJ?=
 =?us-ascii?Q?SzAJHU6T2e95saVj5BqUlmlkmXEDS0KmKLTR8WG0m0FIjktAQ7ouku5+piUh?=
 =?us-ascii?Q?mkWovlz+cs2VN81M6HR1LJQliWjTA6wgvut7x/hNL9csuZd535cvmEw+5prt?=
 =?us-ascii?Q?V7OZqoFElIwgWgAsFfjKEWh2RZfZ/proiNbLxpXUbnzEyMK7vwrsZQik+f4A?=
 =?us-ascii?Q?GYJmReEM7lf3ACm+qeCxnjpObBtsv4ese4mFL5/j212MWgZfw+jNvUpyOM3d?=
 =?us-ascii?Q?eeEPzpDrdXBiWkaAJAQrscYUSd0+uxPrwzw9bcdglLvBXt6JWADcL6z/PU43?=
 =?us-ascii?Q?DwdOFNdX2GgkAdpndwi7JU6lPuUT9zUUlca5zeX72umCFyEr/xauxYA9KHB7?=
 =?us-ascii?Q?naHZwBQIVjoD8q4Jhax3fpWHYZvFkPzm6Fd4ZaTUbpFrqINo+Cenrx+4F8Ug?=
 =?us-ascii?Q?N/Gish/N/oOqMraXSo1ssXwSUOd6zFVT/vwxD3Qf5uTXtwbaB320ITO7zPGt?=
 =?us-ascii?Q?6IcW4nb0VWNjo8UsRPSIPhcidW+H95w3l0hClDCeYJavsSmz3Ig7aMfI9K5G?=
 =?us-ascii?Q?TW2pbNObaEuqZ8YrhIZeQhfnTHhck+4aZgt2?=
X-Forefront-Antispam-Report: 
	CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:satlexmb07.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(1800799024)(376014)(82310400026)(36860700013);DIR:OUT;SFP:1101;
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Sep 2025 05:06:19.7950
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 d8658dba-d3f6-426a-3dca-08ddfa5eeef5
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[satlexmb07.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
	MWH0EPF000971E4.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA3PR12MB8802
Content-Type: text/plain; charset="utf-8"

From: Kishon Vijay Abraham I <kvijayab@amd.com>

Unlike standard SVM which uses the V_GIF (Virtual Global Interrupt Flag)
bit in the VMCB, Secure AVIC ignores this field.

Instead, the hardware requires an equivalent V_GIF bit to be set within
the vintr_ctrl field of the VMSA (Virtual Machine Save Area). Failure
to set this bit will cause the hardware to block all interrupt delivery,
rendering the guest non-functional.

To enable interrupts for Secure AVIC guests, modify sev_es_sync_vmsa()
to unconditionally set the V_GIF_MASK in the VMSA's vintr_ctrl field
whenever Secure AVIC is active. This ensures the hardware correctly
identifies the guest as interruptible.

Signed-off-by: Kishon Vijay Abraham I <kvijayab@amd.com>
Signed-off-by: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
---
 arch/x86/kvm/svm/sev.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index 837ab55a3330..2dee210efb37 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -884,6 +884,9 @@ static int sev_es_sync_vmsa(struct vcpu_svm *svm)
=20
 	save->sev_features =3D sev->vmsa_features;
=20
+	if (sev_savic_active(vcpu->kvm))
+		save->vintr_ctrl |=3D V_GIF_MASK;
+
 	/*
 	 * Skip FPU and AVX setup with KVM_SEV_ES_INIT to avoid
 	 * breaking older measurements.
--=20
2.34.1
From nobody Thu Oct  2 03:27:32 2025
Received: from SA9PR02CU001.outbound.protection.outlook.com
 (mail-southcentralusazon11013017.outbound.protection.outlook.com
 [40.93.196.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6AFB12E92B7;
	Tue, 23 Sep 2025 05:06:42 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=fail smtp.client-ip=40.93.196.17
ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758604004; cv=fail;
 b=dMkm4CxtWC3BRhrXu4NM1ZGQ+oMCJEziB8sqHDoWyuYwdleJDjq1IQD/wHoLv2Z+dYgXiK138FKgl6Ixu/9VTkBUGfY57tPfvPpqQVwyJJndoy/2oDVM5z75MACirNsTTHop3QPmxDH/WCmqdIoKDhbaUQq7OciCe7r5A30oa60=
ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758604004; c=relaxed/simple;
	bh=TeWPuk0TUJut70gAkOurJIzmitTXMMGLc05Z+yGtsW0=;
	h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version:Content-Type;
 b=VvNwsmUqx/TUNXGxSmg83egwO+l0+X/KgCZHKj/1BFc+KFIgqpKtrQ1ticIwVqleoQkCGF4gLMQVMwc7AhotRY4rfAdCi5Y6qKT0aK8PyvDFaCoYOv9vVz9sCO0hs9EoguJtTVz5ApNvvi53ZXG5qemc2pv4zZjU3FiT26tWanQ=
ARC-Authentication-Results: i=2; smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com;
 spf=fail smtp.mailfrom=amd.com;
 dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b=Ykt2bH8I; arc=fail smtp.client-ip=40.93.196.17
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=fail smtp.mailfrom=amd.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b="Ykt2bH8I"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
 b=dTZAtfaQ5yq9lCg/qbwYwxDa/VDcmtBYPYejdnH3ozD9/hTsxprxWkmCd1VE2eJwwOoCFPUcO45A6K1rYebt5mi8B2r/UIm4RLDmRqVFXDp4h8HCovWlC6H3HigQx1xpatl4+5JEaKa4ptmvtrxe+b0qoxwxL8jRDUk73LSBB1njnU8YkuMB6rnOffdKSmzVAlvqNFIIwkj5AiOlohzoFyK2ktbmBvME4N30QwToodB6Iy8SVoX09vQvrg2z3rYzRfLKds76C14dh+U0+e7MGZNsOl84j246pDszCxYNo0Xw5A0wKVrnjyonvmqywwxudIMJ/y1dAzGtk5DLHr4OkQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector10001;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=FIYbWGfhksNgEuvETdaP1VgCmzc8I+cAQqfxmFT1HoQ=;
 b=vQIacIotWFVxFJR/WdK9D+kBFFzc9GDprK/9HxqXzll2xI3z/RfpmHQR0Y9tVoJndGl+JzDOmriTxInC5HOYlfUFLWMW3FLTz5hAPsZfu/YVRNkpz8mL12gNij3i+Veawxl1VMjGF3pth2GnyGInAbEqSEC5l968xkcW2C7GaxPJ+MTrBynuIoAUl5wUWaSvQBlC9ipatP71xCgoLJZcZnuwuB/WCOL/hXzLrLTe7KAHclx2NtrJtCTj07fqhQAeLLdyKy8wRNDcEtpqXWMatYH2FLmE79DWVrZsvl3I8HFouB4SAJxRpZtq1rDFxpNggOlSP78leRNBknO7jQV3pQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com;
 dmarc=pass (p=quarantine sp=quarantine pct=100) action=none
 header.from=amd.com; dkim=none (message not signed); arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=FIYbWGfhksNgEuvETdaP1VgCmzc8I+cAQqfxmFT1HoQ=;
 b=Ykt2bH8I7PXKHBKcUehqoy/ihVI67jpXfTqxLiUoUTSJOtTaOqGqg05CacsWrK2SogfJJ5CZDWY2UbR5KbfACTvCaB2wvcKyG216RvilL6LF1I63bzwfY+vAAevfzw57ecuHJ1sYKCXLYQllbH9dYmTr0oO0iC0M3OyGzBEbBZY=
Received: from SJ0P220CA0010.NAMP220.PROD.OUTLOOK.COM (2603:10b6:a03:41b::14)
 by DM3PR12MB9434.namprd12.prod.outlook.com (2603:10b6:0:4b::18) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9137.20; Tue, 23 Sep
 2025 05:06:37 +0000
Received: from MWH0EPF000971E9.namprd02.prod.outlook.com
 (2603:10b6:a03:41b:cafe::fb) by SJ0P220CA0010.outlook.office365.com
 (2603:10b6:a03:41b::14) with Microsoft SMTP Server (version=TLS1_3,
 cipher=TLS_AES_256_GCM_SHA384) id 15.20.9137.20 via Frontend Transport; Tue,
 23 Sep 2025 05:06:37 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17)
 smtp.mailfrom=amd.com; dkim=none (message not signed)
 header.d=none;dmarc=pass action=none header.from=amd.com;
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=satlexmb07.amd.com; pr=C
Received: from satlexmb07.amd.com (165.204.84.17) by
 MWH0EPF000971E9.mail.protection.outlook.com (10.167.243.71) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.9137.12 via Frontend Transport; Tue, 23 Sep 2025 05:06:36 +0000
Received: from BLR-L-NUPADHYA.xilinx.com (10.180.168.240) by
 satlexmb07.amd.com (10.181.42.216) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.2.2562.17; Mon, 22 Sep 2025 22:06:32 -0700
From: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
To: <kvm@vger.kernel.org>, <seanjc@google.com>, <pbonzini@redhat.com>
CC: <linux-kernel@vger.kernel.org>, <Thomas.Lendacky@amd.com>,
	<nikunj@amd.com>, <Santosh.Shukla@amd.com>, <Vasant.Hegde@amd.com>,
	<Suravee.Suthikulpanit@amd.com>, <bp@alien8.de>, <David.Kaplan@amd.com>,
	<huibo.wang@amd.com>, <naveen.rao@amd.com>, <tiala@microsoft.com>
Subject: [RFC PATCH v2 11/17] KVM: SVM: Enable NMI support for Secure AVIC
 guests
Date: Tue, 23 Sep 2025 10:33:11 +0530
Message-ID: <20250923050317.205482-12-Neeraj.Upadhyay@amd.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
References: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-ClientProxiedBy: satlexmb07.amd.com (10.181.42.216) To satlexmb07.amd.com
 (10.181.42.216)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: MWH0EPF000971E9:EE_|DM3PR12MB9434:EE_
X-MS-Office365-Filtering-Correlation-Id: e59d6341-6f80-4958-46b5-08ddfa5ef92d
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: 
	BCL:0;ARA:13230040|36860700013|1800799024|376014|82310400026;
X-Microsoft-Antispam-Message-Info: 
	=?us-ascii?Q?IUsyz/KaMuiWZiT+e0ylMVBFSWXRGTkcaoKMw4QIOm9dnX6tiNClzV5wPkkv?=
 =?us-ascii?Q?Mfuppcr4LWlrzjo88iY8fMujUvyBTTJOSvl/Ye74rc6cQUa14L4aalJrZf/P?=
 =?us-ascii?Q?c1lsFhtq3stBhFgCyFq7nwpgCIwmZvehBHcyLci/HkRXSotHF2IrjUnA2JOq?=
 =?us-ascii?Q?DVvegFSNjkKYiQU2Q4u+5HLIKYp6eTW3D5qYdPENKfsM4m2aSzOR4u1OFiL/?=
 =?us-ascii?Q?JDpz5ROS7lDtUVhx79jNOjp2TcgsYFvftCCRhFucaY580kueIu5qNG07mn8l?=
 =?us-ascii?Q?1OR67qLxhT3hx0Jer2pgUFwxlutwAceRKPY9bK+jhbRLgHD7Ws7xFF82KOQu?=
 =?us-ascii?Q?0ZL2KH2yt2agSa66K77BrN/UQETftA30ZqpJ70K/XtVKoAKuwkVWQiuugrc0?=
 =?us-ascii?Q?ksOzugZu/DC8JrNnHJIJDuNkAcP4JRYDrDmOjJp8W/ygtccnwQa8SC26HgCw?=
 =?us-ascii?Q?RaVC8m/ZwcJY8CLIo6AftOiLF0UX1vRV1vf/rODYYWBW4O9gJSUAvDBkDaLz?=
 =?us-ascii?Q?vRYgC1LRZOjm2RZ1X2342H1DrRMOFbtMYroErR/c3z/oORFBK2TI4NmG+Oxq?=
 =?us-ascii?Q?TTWLXJXkp4+Dh8mv2O0uVoyhry+cqjtG/v3vX59Z2cCrtxO5JVLBvwafceiF?=
 =?us-ascii?Q?+eFJS9YWiR/yUlaBellg44Wv6sGt6Pa9oxwXYh4RXXDlun/IuuSAkpvdgaDb?=
 =?us-ascii?Q?3GcmHiarwedtJbyWI+T0Gri/h1rLSTmyRIECBXVphID9v6OkyMPHd9dAFB32?=
 =?us-ascii?Q?sbO8DclFtRzjq0+Mm7Km0SLrJz9u0w/UIpG9FoPKkJNMM7NLcbpHLvaSFOSA?=
 =?us-ascii?Q?CcejNDoWtyBWZN0o2/Nb7LFr38X9ll4uxryHJRWYmb3s0JHTUtLC78bwl0Ni?=
 =?us-ascii?Q?ruwyj8WDNkk/vMnqrF4EO+7+5KbcEJp5hrX6Fm1SZdzoNjX9gUDTiLUm4UWK?=
 =?us-ascii?Q?oPEcPjbGiQiFNJeea4NGbmeD/MI8Zdxvo929KsDic94QGT/Zf6IemfKou1Lp?=
 =?us-ascii?Q?nR05iIqBM1Oy+4x/aH+4Opv4IQdToJBOICuUtGH872DyYP8kT10mLHUSrsAC?=
 =?us-ascii?Q?VTxBOVMGYHGBLy567rbxg9lx3C3+TkDWNFZH9Io6sPXg80QOTzArCIY3dIwF?=
 =?us-ascii?Q?qYB7AHJpn8wVt8/+q8yX2ih21+1MygbgOc+S3808Jqay1NULLANGDlUoIDHO?=
 =?us-ascii?Q?eW4hEZEy9gFoLznRZ6S8PKL7yAQv4qHZ/emEtBkGFNBORrHl+gGqfaihmR1a?=
 =?us-ascii?Q?KPwKNIKXql67NYy6lQyeYM13HVfJhh0H9+Qyq6t65pt+oMvf/OPuZy7+KyDs?=
 =?us-ascii?Q?+MSPNikxLWD3FBSPdrS4JxdSe7Qr1uinavpAqiSplLMgL0PxsNANYUjjc4aC?=
 =?us-ascii?Q?mAaMaeAbENrdMda1pkq56QoOSp6OhmbrGQUvo1aRSxH2mk4Xfb/aLn1FanvF?=
 =?us-ascii?Q?pcYMgyoZXUZaLtY/dQaKuchvOqzuyNjftSRV7ea665nIPKl5ACubS6npa7qd?=
 =?us-ascii?Q?Eim48TNeJUZqkyrmFWpOSVFOKjFXYmn9fvTf?=
X-Forefront-Antispam-Report: 
	CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:satlexmb07.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(36860700013)(1800799024)(376014)(82310400026);DIR:OUT;SFP:1101;
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Sep 2025 05:06:36.9475
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 e59d6341-6f80-4958-46b5-08ddfa5ef92d
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[satlexmb07.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
	MWH0EPF000971E9.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM3PR12MB9434
Content-Type: text/plain; charset="utf-8"

The Secure AVIC hardware introduces a new model for handling Non-Maskable
Interrupts (NMIs). This model differs significantly from standard SVM, as
guest NMI state is managed by the hardware and is not visible to KVM.

Consequently, KVM can no longer use the generic EVENT_INJ mechanism and
must not track NMI masking state in software. Instead, it must adopt the
vNMI (Virtual NMI) flow, which is the only mechanism supported by
Secure AVIC.

Enable NMI support by making three key changes:

1.  Enable NMI in VMSA: Set the V_NMI_ENABLE_MASK bit in the VMSA's
    vintr_ctr field. This is a hardware prerequisite to enable the
    vNMI feature for the guest.

2.  Use vNMI for Injection: Modify svm_inject_nmi() to use the vNMI
    flow for Secure AVIC guests. When an NMI is requested, set the
    V_NMI_PENDING_MASK in the VMCB instead of using EVENT_INJ.

3.  Update NMI Windowing: Modify svm_nmi_allowed() to reflect that
    hardware now manages NMI blocking. KVM's only responsibility is to
    avoid queuing a new vNMI if one is already pending. The check is
    now simplified to whether V_NMI_PENDING_MASK is already set.

Co-developed-by: Kishon Vijay Abraham I <kvijayab@amd.com>
Signed-off-by: Kishon Vijay Abraham I <kvijayab@amd.com>
Signed-off-by: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
---
 arch/x86/kvm/svm/sev.c |  2 +-
 arch/x86/kvm/svm/svm.c | 56 ++++++++++++++++++++++++++----------------
 2 files changed, 36 insertions(+), 22 deletions(-)

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index 2dee210efb37..7c66aefe428a 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -885,7 +885,7 @@ static int sev_es_sync_vmsa(struct vcpu_svm *svm)
 	save->sev_features =3D sev->vmsa_features;
=20
 	if (sev_savic_active(vcpu->kvm))
-		save->vintr_ctrl |=3D V_GIF_MASK;
+		save->vintr_ctrl |=3D V_GIF_MASK | V_NMI_ENABLE_MASK;
=20
 	/*
 	 * Skip FPU and AVX setup with KVM_SEV_ES_INIT to avoid
diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index fdd612c975ae..a945bc094c1a 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -3635,27 +3635,6 @@ static int pre_svm_run(struct kvm_vcpu *vcpu)
 	return 0;
 }
=20
-static void svm_inject_nmi(struct kvm_vcpu *vcpu)
-{
-	struct vcpu_svm *svm =3D to_svm(vcpu);
-
-	svm->vmcb->control.event_inj =3D SVM_EVTINJ_VALID | SVM_EVTINJ_TYPE_NMI;
-
-	if (svm->nmi_l1_to_l2)
-		return;
-
-	/*
-	 * No need to manually track NMI masking when vNMI is enabled, hardware
-	 * automatically sets V_NMI_BLOCKING_MASK as appropriate, including the
-	 * case where software directly injects an NMI.
-	 */
-	if (!is_vnmi_enabled(svm)) {
-		svm->nmi_masked =3D true;
-		svm_set_iret_intercept(svm);
-	}
-	++vcpu->stat.nmi_injections;
-}
-
 static bool svm_is_vnmi_pending(struct kvm_vcpu *vcpu)
 {
 	struct vcpu_svm *svm =3D to_svm(vcpu);
@@ -3689,6 +3668,33 @@ static bool svm_set_vnmi_pending(struct kvm_vcpu *vc=
pu)
 	return true;
 }
=20
+static void svm_inject_nmi(struct kvm_vcpu *vcpu)
+{
+	struct vcpu_svm *svm =3D to_svm(vcpu);
+
+	if (sev_savic_active(vcpu->kvm)) {
+		svm_set_vnmi_pending(vcpu);
+		++vcpu->stat.nmi_injections;
+		return;
+	}
+
+	svm->vmcb->control.event_inj =3D SVM_EVTINJ_VALID | SVM_EVTINJ_TYPE_NMI;
+
+	if (svm->nmi_l1_to_l2)
+		return;
+
+	/*
+	 * No need to manually track NMI masking when vNMI is enabled, hardware
+	 * automatically sets V_NMI_BLOCKING_MASK as appropriate, including the
+	 * case where software directly injects an NMI.
+	 */
+	if (!is_vnmi_enabled(svm)) {
+		svm->nmi_masked =3D true;
+		svm_set_iret_intercept(svm);
+	}
+	++vcpu->stat.nmi_injections;
+}
+
 static void svm_inject_irq(struct kvm_vcpu *vcpu, bool reinjected)
 {
 	struct vcpu_svm *svm =3D to_svm(vcpu);
@@ -3836,6 +3842,14 @@ bool svm_nmi_blocked(struct kvm_vcpu *vcpu)
 static int svm_nmi_allowed(struct kvm_vcpu *vcpu, bool for_injection)
 {
 	struct vcpu_svm *svm =3D to_svm(vcpu);
+
+	/* Secure AVIC only support V_NMI based NMI injection. */
+	if (sev_savic_active(vcpu->kvm)) {
+		if (svm->vmcb->control.int_ctl & V_NMI_PENDING_MASK)
+			return 0;
+		return 1;
+	}
+
 	if (svm->nested.nested_run_pending)
 		return -EBUSY;
=20
--=20
2.34.1
From nobody Thu Oct  2 03:27:32 2025
Received: from SA9PR02CU001.outbound.protection.outlook.com
 (mail-southcentralusazon11013039.outbound.protection.outlook.com
 [40.93.196.39])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 974B52E92B7;
	Tue, 23 Sep 2025 05:06:56 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=fail smtp.client-ip=40.93.196.39
ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758604018; cv=fail;
 b=MNPJf5dVRs/m1QD0ohBh/wOXWPFij/RDxryq2r3AFDkw9uJdJyLIeI2MbcHxatNDBaQ9t5sSxyaLiNNvAvKun1+GxM08uir3N0s5iQ2zJBIQWBODXZfaUX8haR+wnX5f0daQc9P0XGfS0HFT5jgLxwsbfYyug+cZ3OcKjVJFuhs=
ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758604018; c=relaxed/simple;
	bh=64kHogy/YABlqQwTI5grlwJemy/Za1wCMyFHoGNb/2k=;
	h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version:Content-Type;
 b=esZymjiGrb1w2LEWQQ1gNEbJl/vgsWGtrGYVes9XuF8+2JzYL2zKtfnFvjy6a69Pog//dWUEU07NXMv+7/UjMHGTRCf+DjUs+2IoaJPA8G8pJ2kgtnHFBwyj6tB74zshUjHKbK6heaRK0K2r55C10PBd4WJrCA/F0NsjTM4knVw=
ARC-Authentication-Results: i=2; smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com;
 spf=fail smtp.mailfrom=amd.com;
 dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b=erO2fGlr; arc=fail smtp.client-ip=40.93.196.39
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=fail smtp.mailfrom=amd.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b="erO2fGlr"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
 b=Og/bPiUtco3i+aaiY3TwdutZEV3WH9CjQflHCe7b8vxgJpvOjVKMUDZFbnCjxFt5ozywQa60AOPLc/HXDiMnbXOgMPaZZtwncxXo4culq1reWCfIZiUsaVvITEd71kHv3rkkkzIn0zJCjYWdbCNyDP/oE0m6UVej9PDxu+W40o9O88doRSkUYjcYPHXJQc82VXDZZlgbU0suojOVOvoiG+w7KJtBY+w7hTDQKHgeImqTbeaMB385eFnQQBmwj8zc6rAzO2PIFzpxe0Yi6LEK3cp0ybiXKCouIuqwBTKWo23Kdtk6+qd6SvrpxdKRd33M138ioDhwp+hJStg8JSv/Cg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector10001;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=Z6i5RBEz+0BF6uagM6tzXM8ZWojBa8cfZrv6rUABUEE=;
 b=VidtGiOoOqC7gBP+jzn+F4FQeyQ9OfJHMJG6EtaCuQdafCdLZMnhZcJSQGe35bFwCCjSjePoGYdH6p1H77HsRFMwCrrRLRCM9fYm8l0gSE09CeqPxcx+PHpW6M4jyFXvQUG1XO+ptRVVwIFWzvOtfqW6kowz1IcH+qUuJC+/M+oOUbdKeUBrghY7OfBI0ZMtdLxm569bf/xd8/18aNBdynquhNE38UkbX+cuCbeyOXxmIf6U1cFexcPqbnU1UZHfGKqRMEvln88cCXDfplE1/FB1qKvMrR2VZYpVnpNW4lhSgDWdU797dZ1HO7am9gc5GJdKsfkhK+EgBE8HV9tPGA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com;
 dmarc=pass (p=quarantine sp=quarantine pct=100) action=none
 header.from=amd.com; dkim=none (message not signed); arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=Z6i5RBEz+0BF6uagM6tzXM8ZWojBa8cfZrv6rUABUEE=;
 b=erO2fGlrTpXIRn9Erz0A4f6Vzh/WLSPxWgOF23BFPsUbnI5QWZJTrCpP8soAab7s3/G3hYGSuQ+G1dpjFXqpCsV16SNuyTA5e0d3mOdj9twCPADgyItQKcp6KkTTvRzvxO1QAwP2KoVY4kNhencbjGsR44BZx58jidIREitynbA=
Received: from BY3PR03CA0029.namprd03.prod.outlook.com (2603:10b6:a03:39a::34)
 by IA1PR12MB8263.namprd12.prod.outlook.com (2603:10b6:208:3f8::9) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9137.19; Tue, 23 Sep
 2025 05:06:54 +0000
Received: from MWH0EPF000971E2.namprd02.prod.outlook.com
 (2603:10b6:a03:39a:cafe::85) by BY3PR03CA0029.outlook.office365.com
 (2603:10b6:a03:39a::34) with Microsoft SMTP Server (version=TLS1_3,
 cipher=TLS_AES_256_GCM_SHA384) id 15.20.9137.19 via Frontend Transport; Tue,
 23 Sep 2025 05:06:53 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17)
 smtp.mailfrom=amd.com; dkim=none (message not signed)
 header.d=none;dmarc=pass action=none header.from=amd.com;
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=satlexmb07.amd.com; pr=C
Received: from satlexmb07.amd.com (165.204.84.17) by
 MWH0EPF000971E2.mail.protection.outlook.com (10.167.243.69) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.9137.12 via Frontend Transport; Tue, 23 Sep 2025 05:06:53 +0000
Received: from BLR-L-NUPADHYA.xilinx.com (10.180.168.240) by
 satlexmb07.amd.com (10.181.42.216) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.2.2562.17; Mon, 22 Sep 2025 22:06:49 -0700
From: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
To: <kvm@vger.kernel.org>, <seanjc@google.com>, <pbonzini@redhat.com>
CC: <linux-kernel@vger.kernel.org>, <Thomas.Lendacky@amd.com>,
	<nikunj@amd.com>, <Santosh.Shukla@amd.com>, <Vasant.Hegde@amd.com>,
	<Suravee.Suthikulpanit@amd.com>, <bp@alien8.de>, <David.Kaplan@amd.com>,
	<huibo.wang@amd.com>, <naveen.rao@amd.com>, <tiala@microsoft.com>
Subject: [RFC PATCH v2 12/17] KVM: SVM: Add VMGEXIT handler for Secure AVIC
 backing page
Date: Tue, 23 Sep 2025 10:33:12 +0530
Message-ID: <20250923050317.205482-13-Neeraj.Upadhyay@amd.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
References: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-ClientProxiedBy: satlexmb07.amd.com (10.181.42.216) To satlexmb07.amd.com
 (10.181.42.216)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: MWH0EPF000971E2:EE_|IA1PR12MB8263:EE_
X-MS-Office365-Filtering-Correlation-Id: 5c7cf22a-f3cf-4b0d-f294-08ddfa5f0322
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: 
	BCL:0;ARA:13230040|1800799024|376014|82310400026|36860700013;
X-Microsoft-Antispam-Message-Info: 
	=?us-ascii?Q?LdwqZ0dce2bR7/nh+6fwTHtqkZV2iBnfNuafOlHr5W1vYR8He1wgG66id9N9?=
 =?us-ascii?Q?TLZdxR8KMgbmoQs2W2bdZh3wymzj7r/UI4N9f1+PaCnrmmXeOnmKh1jm8/Fs?=
 =?us-ascii?Q?r1ao1vBanwCRMsgNtfDdE0QHRfW/02TPi/f22U8LlSa6sRCCN9zBJMAVuH1S?=
 =?us-ascii?Q?ZKL2MTe/fSUQ1nJZfb1aQRaUtOybbNl60G8/95P4NSq5uIBQEzktGNuaKSqB?=
 =?us-ascii?Q?QYad8P9IvYsxNJ6smORl4JfNFbDjDd1zE3Vgm7yresAf5m1d0i0z419/+tlP?=
 =?us-ascii?Q?a3VIb4EqK8ZExXThE4a1V3OrYfUYiFsm/Uk4L6f1ep0egHP+U0ihKY7PuWBo?=
 =?us-ascii?Q?3zdl+Nid0meUzCB2/A0SesXCASBrVTCYOxL7XY5EAge9YIJmkPWSXjyjkxeW?=
 =?us-ascii?Q?6/eiFdyrgUKSGztoMrxG/JX+d5/IlrHxvmT/YSLFJ6wJjeMKpLWZUqUYVCBP?=
 =?us-ascii?Q?a56jdk5bU3T76NV07KJnWcdE+rYh19yLQ2NDlaCNknljMQUwI8/k+VhjoIc5?=
 =?us-ascii?Q?+ksqV/b55BHJz1LDb9tNbtbnmNX931JRWUZMjLiv63SfD49OFTQdfmXwOVbx?=
 =?us-ascii?Q?K6+mpdxbO7oL2JMvb5NNz5OeIrIxMAn+bbci+C5xcxxJHONVgKUIMbha4IU6?=
 =?us-ascii?Q?X79DBY5KNboRmFxP2wBtUT4OEfXKPhDXvv+Wmiuo0FeMtLMtzh99edDLlsDw?=
 =?us-ascii?Q?eARp6+cQ+6E7rkxwEa663lSNNQ3KPI7E+ie98psx2iCSikCNPGNpdR2Bt1EN?=
 =?us-ascii?Q?dWbztLRSP6L7G2At50Dev8NYJBZSBL3RapbtIzi0P39m3abIY/IPLsEqmFJ9?=
 =?us-ascii?Q?lolZLWpWv//FT3C1OtSUSQsTJWfwnywhZhhJ/b9++nxdNAF7LtHFs28UgXRK?=
 =?us-ascii?Q?dwa+XU4AgnUrYWF1kqvABx1bzF+mQumCUJ1at8eFVi6CtBd/cQoy+ANxKqve?=
 =?us-ascii?Q?vmZ/OU5DPYik5elzdfYuiLP/NVxoRgE8K+SvPZ9d9kpXrSUnlG81sQqBZJRK?=
 =?us-ascii?Q?xoRpW1I0hhvJ45scLOxMTWXGaskYp/IRCzr6qvYS5TBIh8UHrFDZLjZLtOa0?=
 =?us-ascii?Q?JluOnnVE7ADnPHceD75KHf8emZ0Tameot2rshvJqA3lRi9JuDUf3L2H+tl4W?=
 =?us-ascii?Q?0nk+uI5cnC+ciNrmtBMNqf2MCa49VEu+ubu2VqPTJ9i+vlxy+pqX9hVdFkcQ?=
 =?us-ascii?Q?kjiTexHrvtZRQXioCH6Vki1Shc9bUlHh6XbMKyboDtk3kadAcfXtYAc6bhCJ?=
 =?us-ascii?Q?Af0nlJyrjlE3wWmexoyiw//zNEuFd/v2Wfsciu6pLKGQXiuGQP7rTWW3ZtKZ?=
 =?us-ascii?Q?KtYcuWqe0FG8hFFUiwpK4XzRmXHauzSkHtNbCh/88bBfHsswlQCyGWHzp3uU?=
 =?us-ascii?Q?7UuMYZtWf4P4ADRm4HSwpjprUAVV3cCcHYmD0Sp2nPuPGV8AkYyPEQwg1KPV?=
 =?us-ascii?Q?0EwvSzpWvKRhh8gEKhnTwvwmckMtGRuTaStcXuYCogE0WIThq0gqM7X3xM4n?=
 =?us-ascii?Q?APXBG8bdZtaAZFbToHPdZKVkScjkqEF7DczZ?=
X-Forefront-Antispam-Report: 
	CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:satlexmb07.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(1800799024)(376014)(82310400026)(36860700013);DIR:OUT;SFP:1101;
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Sep 2025 05:06:53.6316
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 5c7cf22a-f3cf-4b0d-f294-08ddfa5f0322
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[satlexmb07.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
	MWH0EPF000971E2.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA1PR12MB8263
Content-Type: text/plain; charset="utf-8"

The Secure AVIC hardware requires uninterrupted access to the guest's
APIC backing page. If this page is not present in the Nested Page Table
(NPT) during a hardware access, a non-recoverable nested page fault
occurs. This sets a BUSY flag in the VMSA and causes subsequent
VMRUNs to fail with an unrecoverable VMEXIT_BUSY, effectively
killing the vCPU.

This situation can arise if the backing page resides within a 2MB large
page in the NPT. If other parts of that large page are modified (e.g.,
memory state changes), KVM would split the 2MB NPT entry into 4KB
entries. This process can temporarily zap the PTE for the backing page,
creating a window for the fatal hardware access.

Introduce a new GHCB VMGEXIT protocol, SVM_VMGEXIT_SECURE_AVIC, to
allow the guest to explicitly inform KVM of the APIC backing page's
location, thereby enabling KVM to guarantee its presence in the NPT.

Implement two actions for this protocol:

- SVM_VMGEXIT_SAVIC_REGISTER_BACKING_PAGE:
  On this request, KVM receives the GPA of the backing page. To prevent
  the 2MB page-split issue, immediately perform a PSMASH on the GPA by
  calling sev_handle_rmp_fault(). This proactively breaks any
  containing 2MB NPT entry into 4KB pages, isolating the backing page's
  PTE and guaranteeing its presence. Store the GPA for future reference.

- SVM_VMGEXIT_SAVIC_UNREGISTER_BACKING_PAGE:
  On this request, clear the stored GPA, releasing KVM from its
  obligation to maintain the NPT entry. Return the previously
  registered GPA to the guest.

This mechanism ensures the stability of the APIC backing page mapping,
which is critical for the correct operation of Secure AVIC.

Co-developed-by: Kishon Vijay Abraham I <kvijayab@amd.com>
Signed-off-by: Kishon Vijay Abraham I <kvijayab@amd.com>
Signed-off-by: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
---
 arch/x86/include/uapi/asm/svm.h |  3 ++
 arch/x86/kvm/svm/sev.c          | 59 +++++++++++++++++++++++++++++++++
 arch/x86/kvm/svm/svm.h          |  1 +
 3 files changed, 63 insertions(+)

diff --git a/arch/x86/include/uapi/asm/svm.h b/arch/x86/include/uapi/asm/sv=
m.h
index 9c640a521a67..f1ef52e0fab1 100644
--- a/arch/x86/include/uapi/asm/svm.h
+++ b/arch/x86/include/uapi/asm/svm.h
@@ -118,6 +118,9 @@
 #define SVM_VMGEXIT_AP_CREATE			1
 #define SVM_VMGEXIT_AP_DESTROY			2
 #define SVM_VMGEXIT_SNP_RUN_VMPL		0x80000018
+#define SVM_VMGEXIT_SECURE_AVIC			0x8000001a
+#define SVM_VMGEXIT_SAVIC_REGISTER_BACKING_PAGE	0
+#define SVM_VMGEXIT_SAVIC_UNREGISTER_BACKING_PAGE	1
 #define SVM_VMGEXIT_HV_FEATURES			0x8000fffd
 #define SVM_VMGEXIT_TERM_REQUEST		0x8000fffe
 #define SVM_VMGEXIT_TERM_REASON(reason_set, reason_code)	\
diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index 7c66aefe428a..3e9cc50f2705 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -3399,6 +3399,15 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *=
svm)
 		    !kvm_ghcb_rcx_is_valid(svm))
 			goto vmgexit_err;
 		break;
+	case SVM_VMGEXIT_SECURE_AVIC:
+		if (!sev_savic_active(vcpu->kvm))
+			goto vmgexit_err;
+		if (!kvm_ghcb_rax_is_valid(svm))
+			goto vmgexit_err;
+		if (svm->vmcb->control.exit_info_1 =3D=3D SVM_VMGEXIT_SAVIC_REGISTER_BAC=
KING_PAGE)
+			if (!kvm_ghcb_rbx_is_valid(svm))
+				goto vmgexit_err;
+		break;
 	case SVM_VMGEXIT_MMIO_READ:
 	case SVM_VMGEXIT_MMIO_WRITE:
 		if (!kvm_ghcb_sw_scratch_is_valid(svm))
@@ -4490,6 +4499,53 @@ static bool savic_handle_msr_exit(struct kvm_vcpu *v=
cpu)
 	return false;
 }
=20
+static int sev_handle_savic_vmgexit(struct vcpu_svm *svm)
+{
+	struct kvm_vcpu *vcpu =3D NULL;
+	u64 apic_id;
+
+	apic_id =3D kvm_rax_read(&svm->vcpu);
+
+	if (apic_id =3D=3D -1ULL) {
+		vcpu =3D &svm->vcpu;
+	} else {
+		vcpu =3D kvm_get_vcpu_by_id(vcpu->kvm, apic_id);
+		if (!vcpu)
+			goto savic_request_invalid;
+	}
+
+	switch (svm->vmcb->control.exit_info_1) {
+	case SVM_VMGEXIT_SAVIC_REGISTER_BACKING_PAGE:
+		gpa_t gpa;
+
+		gpa =3D kvm_rbx_read(&svm->vcpu);
+		if (!PAGE_ALIGNED(gpa))
+			goto savic_request_invalid;
+
+		/*
+		 * sev_handle_rmp_fault() invocation would result in PSMASH if
+		 * NPTE size is 2M.
+		 */
+		sev_handle_rmp_fault(vcpu, gpa, 0);
+		to_svm(vcpu)->sev_savic_gpa =3D gpa;
+		break;
+	case SVM_VMGEXIT_SAVIC_UNREGISTER_BACKING_PAGE:
+		kvm_rbx_write(&svm->vcpu, to_svm(vcpu)->sev_savic_gpa);
+		to_svm(vcpu)->sev_savic_gpa =3D 0;
+		break;
+	default:
+		goto savic_request_invalid;
+	}
+
+	return 1;
+
+savic_request_invalid:
+	ghcb_set_sw_exit_info_1(svm->sev_es.ghcb, 2);
+	ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, GHCB_ERR_INVALID_INPUT);
+
+	return 1;
+}
+
 int sev_handle_vmgexit(struct kvm_vcpu *vcpu)
 {
 	struct vcpu_svm *svm =3D to_svm(vcpu);
@@ -4628,6 +4684,9 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu)
 			    control->exit_info_1, control->exit_info_2);
 		ret =3D -EINVAL;
 		break;
+	case SVM_VMGEXIT_SECURE_AVIC:
+		ret =3D sev_handle_savic_vmgexit(svm);
+		break;
 	case SVM_EXIT_MSR:
 		if (sev_savic_active(vcpu->kvm) && savic_handle_msr_exit(vcpu))
 			return 1;
diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h
index a3edb6e720cd..8043833a1a8c 100644
--- a/arch/x86/kvm/svm/svm.h
+++ b/arch/x86/kvm/svm/svm.h
@@ -337,6 +337,7 @@ struct vcpu_svm {
 	bool guest_gif;
=20
 	bool sev_savic_has_pending_ipi;
+	gpa_t sev_savic_gpa;
 };
=20
 struct svm_cpu_data {
--=20
2.34.1
From nobody Thu Oct  2 03:27:32 2025
Received: from SN4PR0501CU005.outbound.protection.outlook.com
 (mail-southcentralusazon11011064.outbound.protection.outlook.com
 [40.93.194.64])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id BBA71274671;
	Tue, 23 Sep 2025 05:07:23 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=fail smtp.client-ip=40.93.194.64
ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758604045; cv=fail;
 b=PUZ27ffOlbPMmfv09OgGwF/lmNeAv8pn5QmmUYKTs7LGN3mOOAg9wtRjGJcGCVuWrE25wxoPcyLLmjVXv6eb37GVW7LCB+JWnDPPlKX3AzywGRnX3vX1hcsTUOlci7fpTM1RjkpEv/ZSQMKIASRkOw7+kbkJ9CBTLHTINaWvR1o=
ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758604045; c=relaxed/simple;
	bh=7IKsL1KobhI9qkuQjiA428S6QL2vg20cCr2yh71LFQI=;
	h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version:Content-Type;
 b=rZD/Td1Hd8Km2Sam/vQAzzCXHf1gkYdQ8tS6IHW7G9KrJcjP5QnBfaXM0PzKzKFUX7Z4iiG9ZtPTCmDAUnPttyZIVVAu/OTFzpcoxkRHSGkifQ1nPCT9MFlhAX1LIL5FYFSuopzwbS60uN9mVEISM7NeG7q2GgRZIm3+qv1GUtg=
ARC-Authentication-Results: i=2; smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com;
 spf=fail smtp.mailfrom=amd.com;
 dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b=neHdPyhE; arc=fail smtp.client-ip=40.93.194.64
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=fail smtp.mailfrom=amd.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b="neHdPyhE"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
 b=MVlfrUpAISMVXHvomZKbzatPW8USJOt6470hWnY2jcxjvSFa1h2F+MLV+nfb/HO5xOAu2I4GzVmRUMtCi89WyBmTfkQWTX2AXes9FgLcE8Y6LG10MP6H8lu5EuDCW7MiBvoHDLUdbKFpGHJCXgJda0fppH/MtbZKaEupxed4n69FLfmKMhTd4Mx0gI42uUjpbru+i4QhkOwxyZsb0wfSz3ZJnygJI7170nceFuWxkUmersEF6j9InLhWRgi4I2WdoT6E5XwvxdFLrsZNewFxWA3wWgyzMjYcl7NgRAGN0vwaRNlrt0+r6FlS815v44SBtFVShUQnmGhgyWtOIAK3OQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector10001;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=RW7tibedqbZLSbfUOG2RXN+VRNgmwCoNIHbQZ64xeYI=;
 b=KT7SrkqhXRs4xheaczEP04dr4Br7AC2kdS0Fz2CwmRV35N17lJpLLy2BFcHG9/TxPRg2ppqzBMStZ5RljPfCN12fwSy4dAUSeAsPiIXFZ8MwzWRMp3YZnjGwKB9H9PzNiLh+TDZYcxcJHDYeqkbymywOnV+L/dGq0RiD7KrPEnDYMkaNtTHiPF2XF3pXwOywmxy2JyjjsVGkxPGJ6bpTI5PHDZ3CMdTvE82UJilv8af3dkF2ngN8ZCjZCZLHi+NYpr1WYcKcSt3cY+XuMbIQH0wiPXBbnkeUcY2rvxNoPNZGRTaXQGIeZxbqnxdF4HPolyjuwDnqUGdL694OapRxPA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com;
 dmarc=pass (p=quarantine sp=quarantine pct=100) action=none
 header.from=amd.com; dkim=none (message not signed); arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=RW7tibedqbZLSbfUOG2RXN+VRNgmwCoNIHbQZ64xeYI=;
 b=neHdPyhEKVNx/WlWERHpYpkw4Glh+x39xByENH9K76H9CnSBXNVQ2E7aW9EYNjGqB2zVHzuX9Sz45UGhvym5F/7llHL6UYN81Z1aOztmqzl2ibGFJN31Ro7T8H5wyBRGvaZBRzwDhqlGU5x14QxghtmFrjmRYtC6DnT5nfsfT9E=
Received: from BY3PR05CA0007.namprd05.prod.outlook.com (2603:10b6:a03:254::12)
 by IA0PPFDC28CEE69.namprd12.prod.outlook.com (2603:10b6:20f:fc04::be8) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9137.16; Tue, 23 Sep
 2025 05:07:11 +0000
Received: from MWH0EPF000971E6.namprd02.prod.outlook.com
 (2603:10b6:a03:254:cafe::4e) by BY3PR05CA0007.outlook.office365.com
 (2603:10b6:a03:254::12) with Microsoft SMTP Server (version=TLS1_3,
 cipher=TLS_AES_256_GCM_SHA384) id 15.20.9137.20 via Frontend Transport; Tue,
 23 Sep 2025 05:07:11 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17)
 smtp.mailfrom=amd.com; dkim=none (message not signed)
 header.d=none;dmarc=pass action=none header.from=amd.com;
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=satlexmb07.amd.com; pr=C
Received: from satlexmb07.amd.com (165.204.84.17) by
 MWH0EPF000971E6.mail.protection.outlook.com (10.167.243.74) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.9137.12 via Frontend Transport; Tue, 23 Sep 2025 05:07:10 +0000
Received: from BLR-L-NUPADHYA.xilinx.com (10.180.168.240) by
 satlexmb07.amd.com (10.181.42.216) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.2.2562.17; Mon, 22 Sep 2025 22:07:06 -0700
From: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
To: <kvm@vger.kernel.org>, <seanjc@google.com>, <pbonzini@redhat.com>
CC: <linux-kernel@vger.kernel.org>, <Thomas.Lendacky@amd.com>,
	<nikunj@amd.com>, <Santosh.Shukla@amd.com>, <Vasant.Hegde@amd.com>,
	<Suravee.Suthikulpanit@amd.com>, <bp@alien8.de>, <David.Kaplan@amd.com>,
	<huibo.wang@amd.com>, <naveen.rao@amd.com>, <tiala@microsoft.com>
Subject: [RFC PATCH v2 13/17] KVM: SVM: Add IOAPIC EOI support for Secure AVIC
 guests
Date: Tue, 23 Sep 2025 10:33:13 +0530
Message-ID: <20250923050317.205482-14-Neeraj.Upadhyay@amd.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
References: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-ClientProxiedBy: satlexmb07.amd.com (10.181.42.216) To satlexmb07.amd.com
 (10.181.42.216)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: MWH0EPF000971E6:EE_|IA0PPFDC28CEE69:EE_
X-MS-Office365-Filtering-Correlation-Id: 1cf72620-ff5a-48a2-b721-08ddfa5f0d6d
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: 
	BCL:0;ARA:13230040|1800799024|82310400026|376014|36860700013;
X-Microsoft-Antispam-Message-Info: 
	=?us-ascii?Q?h77f3iSJgv8hgGVxhRm5ct1+vE9YnI78Rm3LS1iVwu4pszcF2K/l1NieAlqo?=
 =?us-ascii?Q?3FVuAjictZkvW8s621oRWoKiSw9Ppo3z9x/4huezm0kVWwKtYV0HbpDABOuC?=
 =?us-ascii?Q?l5CkgabBnCyuYjjAekFX9zJyWZq/cw4uh8OjHixlPUMOeE7nRY7np58QuUbP?=
 =?us-ascii?Q?XS9IBvR+t3xvLwQizuNUeWMPCskZLYhxpMjJ+doMHsfdp/WUCOqS61edToNz?=
 =?us-ascii?Q?2kOjNRoIsx8fumhvoEpTurZdPkswaco1Co9eGpvyjItLmPMxlVj8YZCJi/Aj?=
 =?us-ascii?Q?AZ87A7c4kBhMrbBislRsX09oW59VjcCNlifwpgreyMChOZEuWiyys9meybnG?=
 =?us-ascii?Q?2aTZB9wi/aPYS/jfR3jUZAPAPQ/xRe3AlOLGAaa/eogH+wk8s1hILorQ9SZX?=
 =?us-ascii?Q?IPLHmvX2F+37rh+K3/RdMBcrLyxbr4v71LSEUHRgwyHWxfTpqxjrYAK4wd+i?=
 =?us-ascii?Q?t2hlTDawiPc5/WBxDDMW1ldCHY9ziAFnpZPou0LJubvfNOduOhY85YYAxs6b?=
 =?us-ascii?Q?mLqQtw/J/Zx8nQSDn20ptTCpQ7EqZswQcmQ89+f6hlMJ2N0PlAR+Kpq/BJZC?=
 =?us-ascii?Q?Bv+CTnD7pxLWL0ifxjBb0xQ2KkcdKjAepiCm7edSZ66o/Dnb8kIosDkzADYH?=
 =?us-ascii?Q?7/RsmcSSqEcBaN8YoNgmknCQfr7knRlZs7OHSUDWEJ95t592MH31P1Kpp6Zn?=
 =?us-ascii?Q?+3Er+rX/XVL6zqx4NPsBk0xXV2+QrAYk8mcm/mMXsDFEcVHbOVvdxhDbOX6v?=
 =?us-ascii?Q?1S7//kGqvV09mtwsej13/aU8dUGvCV5Qj0LxSOVJoZ+gsVdczntm3Objytlw?=
 =?us-ascii?Q?ejhWFhuAnnfF6qIa58Go7YnkJwKHT2pLkogPJA0UpHAoIwAhaYOWZuGeF+2b?=
 =?us-ascii?Q?FIeCYCCPVHjl8Zie5WIU7FiAga6PaZGyAKr2gplQ3MZid6S/Y62BcQeAywyw?=
 =?us-ascii?Q?qOqlmRrcNW9P950dmevtp4cYD3MadvT9HmlGS2XGWSUxQscd4sogJaAix+IV?=
 =?us-ascii?Q?rEYWlbvahdyDPkUDKq2wdMMd0BO8owPIXpyUAaOHLUIdd+83oBpsoUdRbH0m?=
 =?us-ascii?Q?MsjTc131XJupzRRmDqzvKXPtHRD2VWP9P9vS1gQfClG8T6KD13VKUa1XLfpa?=
 =?us-ascii?Q?hRA6lnPSNopakigEUcyKg+XsdzMaJnzwBKQvslDmUMNmJuewD7IrxxbrRF32?=
 =?us-ascii?Q?ztRr7+dSnkEx8wUKMEVc2bv6cHh15eLyMHJRsQ7h5RLer84cR/bG8U+UVcPZ?=
 =?us-ascii?Q?XovS0Bp8mBDn0VyuQU3cw4cyHWmRrSKW+kCWR2zh4qPdvOBzXtSf+KkCrSi7?=
 =?us-ascii?Q?IV9KdSKYolukO+KJJF+QuMwt3So9ejY8fXFT5QGhjnZIpUF8yOlhT+e3xp8B?=
 =?us-ascii?Q?hkEw+ZEb2XCCI24ISL0rjMYFgQ7zGFA8yvwPVgTlYruNNAYy3YRbqb8jdQ3x?=
 =?us-ascii?Q?8nuVAVDf7CBlsRKlu8Kff1mhmHyNxHBv0qXLGbgHcYhnzqT+nOuZp89A+M9L?=
 =?us-ascii?Q?iFU815Z3xT94ur3I77XZLjxGIJuOIcr078gF?=
X-Forefront-Antispam-Report: 
	CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:satlexmb07.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(1800799024)(82310400026)(376014)(36860700013);DIR:OUT;SFP:1101;
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Sep 2025 05:07:10.9160
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 1cf72620-ff5a-48a2-b721-08ddfa5f0d6d
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[satlexmb07.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
	MWH0EPF000971E6.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA0PPFDC28CEE69
Content-Type: text/plain; charset="utf-8"

While Secure AVIC hardware accelerates End-of-Interrupt (EOI) processing
for edge-triggered interrupts, it requires hypervisor assistance for
level-triggered interrupts originating from the IOAPIC. For these
interrupts, a guest write to the EOI MSR triggers a VM-Exit.

The primary challenge in handling this exit is that the guest's real
In-Service Register (ISR) is not visible to KVM. When KVM receives an EOI,
it has no direct way of knowing which interrupt vector is being
acknowledged.

To solve this, use KVM's software vAPIC state as a shadow tracking
mechanism for active, level-triggered interrupts.

The implementation follows this flow:

1.  On interrupt injection (sev_savic_set_requested_irr), check KVM's
    software vAPIC Trigger Mode Register (TMR) to identify if the
    interrupt is level-triggered.

2.  If it is, set the corresponding vector in KVM's software shadow ISR.
    This marks the interrupt as "in-service" from KVM's perspective.

3.  When the guest later issues an EOI, the APIC_EOI MSR write exit
    handler finds the highest vector set in this shadow ISR.

4.  The handler then clears the vector from the shadow ISR and calls
    kvm_apic_set_eoi_accelerated() to propagate the EOI to the virtual
    IOAPIC, allowing it to de-assert the interrupt line.

This enables correct EOI handling for level-triggered interrupts in
Secure AVIC guests, despite the hardware-enforced opacity of the guest's
APIC state.

Signed-off-by: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
---
 arch/x86/kvm/svm/sev.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index 3e9cc50f2705..5be2956fb812 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -4474,7 +4474,9 @@ static void savic_handle_icr_write(struct kvm_vcpu *k=
vm_vcpu, u64 icr)
=20
 static bool savic_handle_msr_exit(struct kvm_vcpu *vcpu)
 {
+	struct kvm_lapic *apic;
 	u32 msr, reg;
+	int vec;
=20
 	msr =3D kvm_rcx_read(vcpu);
 	reg =3D (msr - APIC_BASE_MSR) << 4;
@@ -4492,6 +4494,12 @@ static bool savic_handle_msr_exit(struct kvm_vcpu *v=
cpu)
 			return true;
 		}
 		break;
+	case APIC_EOI:
+		apic =3D vcpu->arch.apic;
+		vec =3D apic_find_highest_vector(apic->regs + APIC_ISR);
+		apic_clear_vector(vec, apic->regs + APIC_ISR);
+		kvm_apic_set_eoi_accelerated(vcpu, vec);
+		return true;
 	default:
 		break;
 	}
@@ -5379,6 +5387,8 @@ void sev_savic_set_requested_irr(struct vcpu_svm *svm=
, bool reinjected)
 			vec =3D vec_start + vec_pos;
 			apic_clear_vector(vec, apic->regs + APIC_IRR);
 			val =3D val & ~BIT(vec_pos);
+			if (apic_test_vector(vec, apic->regs + APIC_TMR))
+				apic_set_vector(vec, apic->regs + APIC_ISR);
 		} while (val);
 	}
=20
--=20
2.34.1
From nobody Thu Oct  2 03:27:32 2025
Received: from CY7PR03CU001.outbound.protection.outlook.com
 (mail-westcentralusazon11010011.outbound.protection.outlook.com
 [40.93.198.11])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id B61E730DEA0;
	Tue, 23 Sep 2025 05:07:32 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=fail smtp.client-ip=40.93.198.11
ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758604054; cv=fail;
 b=rDkvb9mZtt621+VdUbMys5/+CEfFxu05ikd7EittCV3RP4yyJHRzuneSCl4KsIl2Foehzr8mQiQpgtSutVc43IN9VDUwUxCvKMCrhPUn01lR4B5srSAGwvz2gXaFwuWHWPnsVOyXKQgGodf7GnmSRHa0ULb/xHAKKKCjHuzhqyE=
ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758604054; c=relaxed/simple;
	bh=L8Dsym2d5MqA+M6GYvdfAmwhJj2bY7kJUmTnWz4NDR0=;
	h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version:Content-Type;
 b=qhqGsSHucU/YYIHxQGD8QrUkeFMPGKusHrviRmsRenZ6ppYKjz4D1HHKL2ub7lEMKTR+5hQJLdAIk47UDUkafrKDt0zh/tawhZ+afDCyf/K+8sKyuHxtkAZCKoJStI11PyBfP8dwDC1sZUfqQJ/58jk0pfWSCsV21BDgX6HIbUQ=
ARC-Authentication-Results: i=2; smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com;
 spf=fail smtp.mailfrom=amd.com;
 dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b=z/zD6DAl; arc=fail smtp.client-ip=40.93.198.11
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=fail smtp.mailfrom=amd.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b="z/zD6DAl"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
 b=vjf6BlufTH+aN/hkl8KsXyNNJ7/gfATi8G/t7L0ijdkYOv2wSEsIFeTstSjvnuvBjmVZbjAFJD27OBHq96WInBZ/HNZChp8q1VvFs+mBdkvh7jxW3wxdZxaM+111B8CLCJP+g6/mr27eldkQE+wTn4p9HC3/85AvbMTI3GPCQ0+UzWkD6NIKFl73PzssZLykdcQ8jLiuOrT6EBQZ2wIyXd+FsfxU4u5JZq0t0nRsEDeNcN2cuU4APQYXNv8ImYUvwE2EN15yjplHnnWiHefBcOEbiLVLvk45wcZTUOVlvAq/3RDZgQoOdWV3rhl0yqyf8DoGoDobBOc16qYoelC0UA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector10001;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=PH427d0zB5Ivt4t8pB2VVSJ8AfCk1mUzKUyjjJr3bLs=;
 b=SE1PNGf42xoSHIrGIfQZFkkl8ePctfPNUrc4JeXsTJ5e1Q5npr88UkJphaS5kbCsmeQRLjvl6UbbuzqYIE+SbN8bH9fW3Cugzf2Wo0Pwo265fKder+AOKA41wc5e3zjm+Gh1pvHBM+VNcORJUrER6l6uZhRiDDa3av7l6UDIFFde6ctQeAYx3zPeFkYX/yMO3CrVuvxMPTycYJv7JrTZxl1JWP0CG2FTz7A3YMu0pswV7jHX9/cexzrjLSwLQ/t0E3TRqNhyRM/zS1IjD0v8ck1NHpaTLIlFb1Sjx3Z2jkiltMAcB7pIKqVeBgg1zCUd9g2m/MZBZqT08E/NQ4SmWg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com;
 dmarc=pass (p=quarantine sp=quarantine pct=100) action=none
 header.from=amd.com; dkim=none (message not signed); arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=PH427d0zB5Ivt4t8pB2VVSJ8AfCk1mUzKUyjjJr3bLs=;
 b=z/zD6DAl3Oo8TfxOylg1TXi2iR//DlhGTnmRGb4GSD7qGO29KzJkEXFIOfr4Mks7Gqi0cYlgA32yc0izeWbljEwTgu23zvWqb1b3D1350r1xIMRyszmO9Z2G2YFZpa+GuOtljv20y14oqDCYcJE4KpSvV4r+vD8VwGTvfd9RxbA=
Received: from SJ0PR03CA0029.namprd03.prod.outlook.com (2603:10b6:a03:33a::34)
 by CH2PR12MB4104.namprd12.prod.outlook.com (2603:10b6:610:a4::12) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9137.19; Tue, 23 Sep
 2025 05:07:28 +0000
Received: from MWH0EPF000971E7.namprd02.prod.outlook.com
 (2603:10b6:a03:33a:cafe::51) by SJ0PR03CA0029.outlook.office365.com
 (2603:10b6:a03:33a::34) with Microsoft SMTP Server (version=TLS1_3,
 cipher=TLS_AES_256_GCM_SHA384) id 15.20.9137.20 via Frontend Transport; Tue,
 23 Sep 2025 05:07:28 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17)
 smtp.mailfrom=amd.com; dkim=none (message not signed)
 header.d=none;dmarc=pass action=none header.from=amd.com;
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=satlexmb07.amd.com; pr=C
Received: from satlexmb07.amd.com (165.204.84.17) by
 MWH0EPF000971E7.mail.protection.outlook.com (10.167.243.75) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.9137.12 via Frontend Transport; Tue, 23 Sep 2025 05:07:27 +0000
Received: from BLR-L-NUPADHYA.xilinx.com (10.180.168.240) by
 satlexmb07.amd.com (10.181.42.216) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.2.2562.17; Mon, 22 Sep 2025 22:07:23 -0700
From: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
To: <kvm@vger.kernel.org>, <seanjc@google.com>, <pbonzini@redhat.com>
CC: <linux-kernel@vger.kernel.org>, <Thomas.Lendacky@amd.com>,
	<nikunj@amd.com>, <Santosh.Shukla@amd.com>, <Vasant.Hegde@amd.com>,
	<Suravee.Suthikulpanit@amd.com>, <bp@alien8.de>, <David.Kaplan@amd.com>,
	<huibo.wang@amd.com>, <naveen.rao@amd.com>, <tiala@microsoft.com>
Subject: [RFC PATCH v2 14/17] KVM: x86/ioapic: Disable RTC EOI tracking for
 protected APIC guests
Date: Tue, 23 Sep 2025 10:33:14 +0530
Message-ID: <20250923050317.205482-15-Neeraj.Upadhyay@amd.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
References: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-ClientProxiedBy: satlexmb07.amd.com (10.181.42.216) To satlexmb07.amd.com
 (10.181.42.216)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: MWH0EPF000971E7:EE_|CH2PR12MB4104:EE_
X-MS-Office365-Filtering-Correlation-Id: 8ead4741-3bfe-4c34-3c47-08ddfa5f1798
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: 
	BCL:0;ARA:13230040|36860700013|376014|1800799024|82310400026;
X-Microsoft-Antispam-Message-Info: 
	=?us-ascii?Q?4PJc2fRW76TekVYr/FB0vred8+9hE/3mzIt68BD8Q+Q0GoxpL/w9IBdWdKVD?=
 =?us-ascii?Q?KlRBB+bzdS9g8VW2He+ebpgvDq0+amXzuK7723zOH1yp+2Cc8dBvtzD3kSvD?=
 =?us-ascii?Q?fK4mqeAICLoMUm/SUdz0PkqnuNi5emBWzjZ5dU9O5OezO7w+uxe239VlKkeR?=
 =?us-ascii?Q?sNDBDOnNYn6M3HX3Eqh1CPV6Etm8LpAIeHwp9FJOshVJ+6FgUoezRrtcwEAo?=
 =?us-ascii?Q?I7qrLsuq1nMOkFLF6jmVyjoutppx5TtesSKfpJfDFNulj6TSs/VI+/e+9kHz?=
 =?us-ascii?Q?6UBiBTlCj+bB9/cew2M+BrHoDDxFxUTMkgMjy+TVxAdPFDAWH0Kv3qh5rse2?=
 =?us-ascii?Q?T8DPqriqM+NQOI+JiGY8OxV9EUtFRJC58oOqgTfcxeoWoaxqId0RoCKM6qlY?=
 =?us-ascii?Q?gDFAksrB2hkE7uZljD6oqVQqOFv7HyEmOXBRJ/7HECagBvJnMuaghT9v8MbC?=
 =?us-ascii?Q?Th7YP+NbH85Ck64roz84UvEoIfeKP/rb62KiPaNWtSjClvmKPymiZLfNyMX2?=
 =?us-ascii?Q?+fmWuffp6sQwTTmHpq948n6rqLGy7zJKO5U4W9vCwvlM0XTCBIm3QtU3ncyt?=
 =?us-ascii?Q?FpCMga8TSBDuMkzh7rD/mZ3V1vYfnTLN2Kqe5PNiA5u+MJfeN2+q4YFS+45d?=
 =?us-ascii?Q?Xg5WwOkdNRTXvDGdLkIfP2eiqHVfEP5d9Vy8xv8G5iPpAjIx8m884SqqLYuF?=
 =?us-ascii?Q?ozugUXTs6iM9/Aq2OPAMBPmUzznhNawnu3yOylhtjCORVlx+diGXCcaU4GM8?=
 =?us-ascii?Q?u/rf2cKFGD+jE8xFkZlsvb0RYPyizU+G1gU3DIWuik9fOchPD+KcJxJ4Eo9e?=
 =?us-ascii?Q?6TOoMCb7v580uG638bTB4LLiHe9vhiARwYq08Wc0KjU+ekoRGtyiv4kSOYq3?=
 =?us-ascii?Q?7YyzZYKko3rQ8W9UmNmD8B/KiudAVwqM5obMmeRQZkbfieERQtTQ/u7TE5Ph?=
 =?us-ascii?Q?3Abl4ezvYc+o62KOTKBJTTwSiAq39R0s1A5WYLQNORth4Ia2FwP5kXkwH+Us?=
 =?us-ascii?Q?D63iynJaYBrNdAl5vI7ayqzR9pEAsNfWhP6LbM2p+aS9Iq9gxn7UVucyAyrN?=
 =?us-ascii?Q?cDAYm7wT5WB7NCSMmEq+Hw4ktCHzAYk+f6tYCicHdYNOiagFk9A7udiU6TN6?=
 =?us-ascii?Q?6wS8xHSHp4Ru76FiSJDxXdbXZRS77h2a/SUwyW0ZKiMEQZR68VfOm1hiaWH9?=
 =?us-ascii?Q?CxUYOkt6z2tiF2NdNDZYUNY9oTIyU8HuzZLyHJ9hubvaAdhzxeCt8KkagD3s?=
 =?us-ascii?Q?S1AwPQWXxf1mhWwoqWKpd3EoKjMOMyq5+luBwdRCYrH0nI4EgEIQ03nfc+ap?=
 =?us-ascii?Q?QB0oeS0y+vmiNCgkEQpctt5JOAwVBO2l/OQD7+MCCw0JxKagzrc5JKwV2mUG?=
 =?us-ascii?Q?4gSN1UfiVEiuV3YZ8LJWSA/U6nafCL7l02/DZNqcqO0P2txIgGvRUr6CQHY4?=
 =?us-ascii?Q?VZLfQD2aShmh7Z3XkTaZAWye9JVeUmsA7x/DqU4VSjcuDT1JHJd+zzLWERYf?=
 =?us-ascii?Q?dO5Nk+U42SoQc3VhNlXs1O+EQVnSk0Nw4ac5?=
X-Forefront-Antispam-Report: 
	CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:satlexmb07.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(36860700013)(376014)(1800799024)(82310400026);DIR:OUT;SFP:1101;
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Sep 2025 05:07:27.9548
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 8ead4741-3bfe-4c34-3c47-08ddfa5f1798
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[satlexmb07.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
	MWH0EPF000971E7.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB4104
Content-Type: text/plain; charset="utf-8"

KVM tracks End-of-Interrupts (EOIs) for the legacy RTC interrupt (GSI 8)
to detect and report coalesced interrupts to userspace. This mechanism
fundamentally relies on KVM having visibility into the guest's interrupt
acknowledgment state.

This assumption is invalid for guests with a protected APIC (e.g., Secure
AVIC) for two main reasons:

a. The guest's true In-Service Register (ISR) is not visible to KVM,
   making it impossible to know if the previous interrupt is still active.
   So, lazy pending EOI checks cannot be done.

b. The RTC interrupt is edge-triggered, and its EOI is accelerated by the
   hardware without a VM-Exit. KVM never sees the EOI event.

Since KVM can observe neither the interrupt's service status nor its EOI,
the tracking logic is invalid. So, disable this feature for all protected
APIC guests. This change means that userspace will no longer be able to
detect coalesced RTC interrupts for these specific guest types.

Signed-off-by: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
---
 arch/x86/kvm/ioapic.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kvm/ioapic.c b/arch/x86/kvm/ioapic.c
index 2b5d389bca5f..308778ba4f58 100644
--- a/arch/x86/kvm/ioapic.c
+++ b/arch/x86/kvm/ioapic.c
@@ -113,6 +113,9 @@ static void __rtc_irq_eoi_tracking_restore_one(struct k=
vm_vcpu *vcpu)
 	struct dest_map *dest_map =3D &ioapic->rtc_status.dest_map;
 	union kvm_ioapic_redirect_entry *e;
=20
+	if (vcpu->arch.apic->guest_apic_protected)
+		return;
+
 	e =3D &ioapic->redirtbl[RTC_GSI];
 	if (!kvm_apic_match_dest(vcpu, NULL, APIC_DEST_NOSHORT,
 				 e->fields.dest_id,
@@ -476,6 +479,7 @@ static int ioapic_service(struct kvm_ioapic *ioapic, in=
t irq, bool line_status)
 {
 	union kvm_ioapic_redirect_entry *entry =3D &ioapic->redirtbl[irq];
 	struct kvm_lapic_irq irqe;
+	struct kvm_vcpu *vcpu;
 	int ret;
=20
 	if (entry->fields.mask ||
@@ -505,7 +509,9 @@ static int ioapic_service(struct kvm_ioapic *ioapic, in=
t irq, bool line_status)
 		BUG_ON(ioapic->rtc_status.pending_eoi !=3D 0);
 		ret =3D kvm_irq_delivery_to_apic(ioapic->kvm, NULL, &irqe,
 					       &ioapic->rtc_status.dest_map);
-		ioapic->rtc_status.pending_eoi =3D (ret < 0 ? 0 : ret);
+		vcpu =3D kvm_get_vcpu(ioapic->kvm, 0);
+		if (!vcpu->arch.apic->guest_apic_protected)
+			ioapic->rtc_status.pending_eoi =3D (ret < 0 ? 0 : ret);
 	} else
 		ret =3D kvm_irq_delivery_to_apic(ioapic->kvm, NULL, &irqe, NULL);
=20
--=20
2.34.1
From nobody Thu Oct  2 03:27:32 2025
Received: from PH0PR06CU001.outbound.protection.outlook.com
 (mail-westus3azon11011007.outbound.protection.outlook.com [40.107.208.7])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7E41E30DEA0;
	Tue, 23 Sep 2025 05:07:49 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=fail smtp.client-ip=40.107.208.7
ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758604071; cv=fail;
 b=D3VttVvoYiRbsH2Ejz//G2F8LWXXXVqONAUoldedjR2hkqCrdmLwjiOl7om5e38rtwmo0GAvmTb1APmDkatsJvf/HfiX1YA+KllUnh8+c42diT6D6mxGxszmpbFNGj16boZUvnz4tGYwy/xNJmQTUvc2wu1QxCBPhH2Tdr5Hvr0=
ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758604071; c=relaxed/simple;
	bh=JI/bOwD+fKHHYiz0MYmJj1x3/jcZI5D+3Z7eBRm4htU=;
	h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version:Content-Type;
 b=X9wXGQ11OVEdbdtp1j/c7BFh7hpXloJO/32akeUCrZtApO+u9zMbXDLayNGVi5FI8Cn1fl67DxtEKVLKyguhabh2O3AgG2vJb6FD9uK4uQwTW9i+iTt93+41g6vb3HrzEitECzQIGfzCDQ6uFulNLZuq8wuF9/PWXdNfo5gIEEo=
ARC-Authentication-Results: i=2; smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com;
 spf=fail smtp.mailfrom=amd.com;
 dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b=iQN00Mjy; arc=fail smtp.client-ip=40.107.208.7
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=fail smtp.mailfrom=amd.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b="iQN00Mjy"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
 b=S5elVMbDa+YHGJcAeYaAvuO2J8FGQrff76Rv6VmPUlf0enSW113dkLj0MyX1+1nz2MeUpryvCYF57ETtAiNODhlbJ7B1ZDohAx1/C1tflcJKAHdzhPRkiuQZ6/jF62xx1QGvhm8oPB8kn7fBpfHbs9APUZl3wOqW5qTWO051D/mjdwAnsC6/CY06p1LjjQvBlLbPye03M99R2rvme4cZy5aFAAtZwoZLzRY+SJMMqhyRFlNwRgJFL9k9iEHNboPq+Tv88Iq3/7Ouo5j1ym5ZgIQLEoviaKuYq5PfUrglZ74xJVUgdpgHNhGJ4T1xZgN/DoCPupnItvF9GCYjRIV70Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector10001;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=iZICnsgUWu3rHAzppHhpQNnMLJCrsQ5n/hHqVvrf3/c=;
 b=rYEMh707bo6uEFnQhCTPDp0EVRzKE2N89b+HhkRTwycaD1PhCEfZydqd2SUcXl9BTeeu5KgTBM+z8rteZnF5U+MAvoXZw+UGF6LSwnWYWyB+PzFocSTM7485k2D1AP3Yipk3ydt/wmfIcy632ToesFpgaFlCNxjTw6v8h0qq/dsyVCcY6D8E+wV7PjKzzgOeeUOMtQuJ4ff7wyV0vpNHKqXvU7yyf+QIVesB9bd9v3ttfzw3Nr6FBnkvK36LdLNKODVMoxtMZunCWHUzQy0JmRbgDv8TeZYFXvS5TrKcWo9uoEafG4BPXExcTt8sDk5rE926WkVKNphj5vFSZGCQMw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com;
 dmarc=pass (p=quarantine sp=quarantine pct=100) action=none
 header.from=amd.com; dkim=none (message not signed); arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=iZICnsgUWu3rHAzppHhpQNnMLJCrsQ5n/hHqVvrf3/c=;
 b=iQN00Mjyuaq6TOH7mmWULmp2lhW2CMMnKt+RtzO2g28SlW+adpglANrVZ1IOJZJ9brmAWLZKS9CKtJilCxxhKeGZYhkCneM55a8OoTPik6cIoMJZJUeoL+4nKKe7gfc82nJXpDvDiJHR2mCbxkdKIg9FcBSgw2Rt98WL0hyjzIg=
Received: from SJ0P220CA0003.NAMP220.PROD.OUTLOOK.COM (2603:10b6:a03:41b::34)
 by IA0PR12MB8894.namprd12.prod.outlook.com (2603:10b6:208:483::21) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9137.20; Tue, 23 Sep
 2025 05:07:45 +0000
Received: from MWH0EPF000971E9.namprd02.prod.outlook.com
 (2603:10b6:a03:41b:cafe::9c) by SJ0P220CA0003.outlook.office365.com
 (2603:10b6:a03:41b::34) with Microsoft SMTP Server (version=TLS1_3,
 cipher=TLS_AES_256_GCM_SHA384) id 15.20.9137.20 via Frontend Transport; Tue,
 23 Sep 2025 05:07:45 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17)
 smtp.mailfrom=amd.com; dkim=none (message not signed)
 header.d=none;dmarc=pass action=none header.from=amd.com;
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=satlexmb07.amd.com; pr=C
Received: from satlexmb07.amd.com (165.204.84.17) by
 MWH0EPF000971E9.mail.protection.outlook.com (10.167.243.71) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.9137.12 via Frontend Transport; Tue, 23 Sep 2025 05:07:44 +0000
Received: from BLR-L-NUPADHYA.xilinx.com (10.180.168.240) by
 satlexmb07.amd.com (10.181.42.216) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.2.2562.17; Mon, 22 Sep 2025 22:07:40 -0700
From: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
To: <kvm@vger.kernel.org>, <seanjc@google.com>, <pbonzini@redhat.com>
CC: <linux-kernel@vger.kernel.org>, <Thomas.Lendacky@amd.com>,
	<nikunj@amd.com>, <Santosh.Shukla@amd.com>, <Vasant.Hegde@amd.com>,
	<Suravee.Suthikulpanit@amd.com>, <bp@alien8.de>, <David.Kaplan@amd.com>,
	<huibo.wang@amd.com>, <naveen.rao@amd.com>, <tiala@microsoft.com>
Subject: [RFC PATCH v2 15/17] KVM: SVM: Check injected timers for Secure AVIC
 guests
Date: Tue, 23 Sep 2025 10:33:15 +0530
Message-ID: <20250923050317.205482-16-Neeraj.Upadhyay@amd.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
References: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-ClientProxiedBy: satlexmb07.amd.com (10.181.42.216) To satlexmb07.amd.com
 (10.181.42.216)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: MWH0EPF000971E9:EE_|IA0PR12MB8894:EE_
X-MS-Office365-Filtering-Correlation-Id: baadc375-30fa-450d-417a-08ddfa5f21b9
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: 
	BCL:0;ARA:13230040|1800799024|376014|82310400026|36860700013;
X-Microsoft-Antispam-Message-Info: 
	=?us-ascii?Q?OAPcXCOTjug9uyiSg+tptK5vn7wu61iw8t0n8VRljfTAwd4ZSYw/htR/5tRs?=
 =?us-ascii?Q?7ofa1MDngiAtosNy614nMfRmvHP93y/vRISQ2ozPnLaCS5EeNMHYSQuFXmAN?=
 =?us-ascii?Q?CqGeN1tusbYYyWD2upcCFfdtBOxAo6ofFsvA86v/uUXGaHj0ehGy2Se7sXRG?=
 =?us-ascii?Q?3XYtx3CaMtrjWfNubgyiIxwK/UrWtFXmmN9xiIBryqWTGdIym7kpOEA4nR1v?=
 =?us-ascii?Q?d8kMmuw3bi72imZ2D4GWj7S1itZYaTFw8V49Tbpzst8zUQIAgTtPCIkUxaq5?=
 =?us-ascii?Q?lGmjueBhFmuJF5yklWVim+WmPYX2OaoIED8i2syNpHareK49Frm2BZ7jZe6H?=
 =?us-ascii?Q?tWCv/xPd+wJEKDIwEfPpS3cuSM2d3oiL1A3Mtoq9gqwbDuIH6IcTePTnSbNO?=
 =?us-ascii?Q?YQcxRl3cHWVHqXA0aUQpjOOu42rKrPgw073421wNFZ1Q8TnY4fcVotnmq9P2?=
 =?us-ascii?Q?4+O7L0hVXkvZyTUaIAOJyas45b4BOzopFoOopKiZSvgyKKuafB2/hYx6YpOk?=
 =?us-ascii?Q?cELRHFaAf9MRkTsmTsJ+uAc3X+RJ4/yPmOzWW4/xHVinqI4TVysWbfAr3qn6?=
 =?us-ascii?Q?pHb2FSMaJ8ebrP07bK+AVpr/fqY9pgFeXWRM1hYyUjU9tTlodbY+CbvGfzgs?=
 =?us-ascii?Q?VVt5RqiNayvUm4MVwZ0j/uhqgVg/r90QWWI9pfArF0jF0Uf9/f409BD8CFBu?=
 =?us-ascii?Q?ogN0FFw6Czo3SsVSTYjlk6WOyKcmqMo9eb95XDfowKOfQ2CE+VCHQICHIflb?=
 =?us-ascii?Q?Z2ZOvJZs6fgeATC5zHt3fnXpjGzvcC2w5oZAMuBR13GZftwog9m0WsQyaRlf?=
 =?us-ascii?Q?WBQ5HZfn8edaSwGDUQA9rCA1KAmL9/Vn8n8D484lu3XqlC7FJXo2v3N6yrD/?=
 =?us-ascii?Q?SByPue6nj4whY77ynAful0esSiN9VWajdlKQMTc5ms4GCraJxXcHLp3GV4wI?=
 =?us-ascii?Q?8waUFMhc3aKRfDsV1DyY/SbLgSPt63BVgvwYHWHPbBtJ7i3wF8Q3FzPD8EPG?=
 =?us-ascii?Q?fN+4BCAo8PIiwGWFm6//ubcKqtIsVV1DzIZByucHjLUrASiF8M+dN4OqH2J9?=
 =?us-ascii?Q?dtb023CuiZMCiYN92mRFrtWnMv5j2JGAdVSSNxxApvigOh2ip6+3kyT7BTFO?=
 =?us-ascii?Q?sUf58MEjCcxI+MgmJ9o3v1rNUywKojOKREByGfsmU3/do48gElsmL14N4JEJ?=
 =?us-ascii?Q?LxgjqzZyjlNTrCwTjo1/Mc2jGIWVol8baafe6sxXT66v3fGBkUqYhB6FY2lV?=
 =?us-ascii?Q?JbrEHlcug4n/YuW5cGMnKB+5sXlHwbcC3fYQ+x2Nn/tQLq/LaUSCZ9tUEgNd?=
 =?us-ascii?Q?0KUgB27stv74veUsZVaUAexZ7dlJVQ84DrH3F02K/V+qsA3wwQ7U5cG6FdFC?=
 =?us-ascii?Q?fK5/ya4v1pCImA6klcigZdeSQTBMtzvDnn8QOEhBZ5A+bl2ZKJwloU5sG1n8?=
 =?us-ascii?Q?n1CNyXX8+mmiXitpqKiOp3OuOfUcZR3ugA2GMPrDhDYixTTxsgZe76ARhJmN?=
 =?us-ascii?Q?HobaJVOUQCOmrwuZSY+PqfamalCHCl6xCt+4?=
X-Forefront-Antispam-Report: 
	CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:satlexmb07.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(1800799024)(376014)(82310400026)(36860700013);DIR:OUT;SFP:1101;
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Sep 2025 05:07:44.9664
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 baadc375-30fa-450d-417a-08ddfa5f21b9
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[satlexmb07.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
	MWH0EPF000971E9.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA0PR12MB8894
Content-Type: text/plain; charset="utf-8"

The kvm_wait_lapic_expire() function is a pre-VMRUN optimization that
allows a vCPU to wait for an imminent LAPIC timer interrupt. However,
this function is not fully compatible with protected APIC models like
Secure AVIC because it relies on inspecting KVM's software vAPIC state.
For Secure AVIC, the true timer state is hardware-managed and opaque
to KVM. For this reason, kvm_wait_lapic_expire() does not check whether
timer interrupt is injected for the guests which have protected APIC
state.

For the protected APIC guests, the check for injected timer need to be
done by the callers of kvm_wait_lapic_expire(). So, for Secure AVIC
guests, check to be injected vectors in the requested_IRR for injected
timer interrupt before doing a kvm_wait_lapic_expire().

Signed-off-by: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
---
 arch/x86/kvm/svm/sev.c | 8 ++++++++
 arch/x86/kvm/svm/svm.c | 3 ++-
 arch/x86/kvm/svm/svm.h | 2 ++
 3 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index 5be2956fb812..3f6cf8d5068a 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -5405,3 +5405,11 @@ bool sev_savic_has_pending_interrupt(struct kvm_vcpu=
 *vcpu)
 	return READ_ONCE(to_svm(vcpu)->sev_savic_has_pending_ipi) ||
 		kvm_apic_has_interrupt(vcpu) !=3D -1;
 }
+
+bool sev_savic_timer_int_injected(struct kvm_vcpu *vcpu)
+{
+	u32 reg  =3D kvm_lapic_get_reg(vcpu->arch.apic, APIC_LVTT);
+	int vec =3D reg & APIC_VECTOR_MASK;
+
+	return to_svm(vcpu)->vmcb->control.requested_irr[vec / 32] & BIT(vec % 32=
);
+}
diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index a945bc094c1a..d0d972731ea7 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -4335,7 +4335,8 @@ static __no_kcsan fastpath_t svm_vcpu_run(struct kvm_=
vcpu *vcpu, u64 run_flags)
 	    vcpu->arch.host_debugctl !=3D svm->vmcb->save.dbgctl)
 		update_debugctlmsr(svm->vmcb->save.dbgctl);
=20
-	kvm_wait_lapic_expire(vcpu);
+	if (!sev_savic_active(vcpu->kvm) || sev_savic_timer_int_injected(vcpu))
+		kvm_wait_lapic_expire(vcpu);
=20
 	/*
 	 * If this vCPU has touched SPEC_CTRL, restore the guest's value if
diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h
index 8043833a1a8c..ecc4ea11822d 100644
--- a/arch/x86/kvm/svm/svm.h
+++ b/arch/x86/kvm/svm/svm.h
@@ -878,6 +878,7 @@ static inline bool sev_savic_active(struct kvm *kvm)
 }
 void sev_savic_set_requested_irr(struct vcpu_svm *svm, bool reinjected);
 bool sev_savic_has_pending_interrupt(struct kvm_vcpu *vcpu);
+bool sev_savic_timer_int_injected(struct kvm_vcpu *vcpu);
 #else
 static inline struct page *snp_safe_alloc_page_node(int node, gfp_t gfp)
 {
@@ -917,6 +918,7 @@ static inline struct vmcb_save_area *sev_decrypt_vmsa(s=
truct kvm_vcpu *vcpu)
 static inline void sev_free_decrypted_vmsa(struct kvm_vcpu *vcpu, struct v=
mcb_save_area *vmsa) {}
 static inline void sev_savic_set_requested_irr(struct vcpu_svm *svm, bool =
reinjected) {}
 static inline bool sev_savic_has_pending_interrupt(struct kvm_vcpu *vcpu) =
{ return false; }
+static inline bool sev_savic_timer_int_injected(struct kvm_vcpu *vcpu) { r=
eturn true; }
 #endif
=20
 /* vmenter.S */
--=20
2.34.1
From nobody Thu Oct  2 03:27:32 2025
Received: from PH8PR06CU001.outbound.protection.outlook.com
 (mail-westus3azon11012044.outbound.protection.outlook.com [40.107.209.44])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0D68D2E92B7;
	Tue, 23 Sep 2025 05:08:05 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=fail smtp.client-ip=40.107.209.44
ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758604087; cv=fail;
 b=Wyd/pW3pwgIgyMtKiopx3hXzOqVte11G/6edjpH1xyvhi8BbOETzHFjDUYxtF8kYzPQKdYm/OZqAsZYhy08LU7Hodyyy339ZSMdxBAr67ZZeuKUVyjU76iAkRhSmc4Nt22+y4G/ydbeCYxm6L7DejaTOI4S+38YaYLuG+vnrS+g=
ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758604087; c=relaxed/simple;
	bh=koS+2PQmltQvFYFNwOImae+hJCN5xJoRJPCbYBMjSz4=;
	h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version:Content-Type;
 b=PXn/3nQugoCGUtMZd8mrVmX9wMc3Zbd8xhr41cWpZpzQKBjIoRaDOP1UpxJrAunU2iFLPy3TQ8KC12X1gERDHi5PoF4H/HUb+69oUwMaVoD4jTcDBUeuidEjzMgOI7NPMpZWTh7po5ZDNUD32oME4jhU6nmiTV9ULHXNY5ICE7A=
ARC-Authentication-Results: i=2; smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com;
 spf=fail smtp.mailfrom=amd.com;
 dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b=SeyuXrZW; arc=fail smtp.client-ip=40.107.209.44
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=fail smtp.mailfrom=amd.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b="SeyuXrZW"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
 b=ekblckbI0Tw0NPJV5CpmDUXsDYtRY+u9jHdDx9tFex0+1kOV+go9unXAp3Q8fbP7UZe5tayK0ySo289zSPFBuoCuUt/DNmA8FFP4q1UZbyR0tXnIC9U/gEG6Bl2VaFilcb2KcyS+UTe0LTrTj5pNC8wT6qAe+eeFdq25GlmbVtGTZG3navHX0eGp1jIGa4a7mUDzUKgdJXYqhCrYzkgSUwGAfANZkx3nTpCHQ00DbZzFGX1PXz6l5XaPYgmdouK/YQYRucrtvdGEYsIKUv082JNwitjDN9UdX58DaXRuEriAApNlnwYuuRteVev/P//guNqZWuwJbjHSHLLUhstBqg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector10001;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=PSoIOqoQpeeKO2vdQAfWRtvkVgl/VFF6RhFzFI4Zbfc=;
 b=SV6RxlMTBOcfNE97FCBi3opNL7XGWrdF33tpxu722wc4+MLoEMGj1EY3PNGBtbQw4lYwDoy0L6fag9NK/QMbQVYZjpM03OUFazQLuFjl7/qrMAGArZSmZOVuwPwVEc/tjms5VkQ/A5gHpd6vIHco1NOll0U70VC95ZKgv0RF6sGqyws2qA0t+hVDm+mg+0+hYBmYbT/iKwPY59E+MeGiwDzuIFa7Ue+xvyMuXw7bPbegmyzg5JhJfiih7hf+v7NyHnEbLaFSIG/8X/bbUqoFxPruZUoMmX7PAT2KMF1Auh5H8XR5JV8SToCvPAgCEwhu0PCzb4FfzYhmd/tnLzmZpQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com;
 dmarc=pass (p=quarantine sp=quarantine pct=100) action=none
 header.from=amd.com; dkim=none (message not signed); arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=PSoIOqoQpeeKO2vdQAfWRtvkVgl/VFF6RhFzFI4Zbfc=;
 b=SeyuXrZWUtYWeQs9mCYmr9KOvw3mprwyd+GDaumsDZSTO7POelyotoMfM2+BYJbmc4mjOUKztGyMG8yhOeexlyTsbSQCcT7GsHH/M2myJzvgG8DhVBYmErbsdi0UTjnH4HkU8p8dg9yVav5zm246BjX1VcI9U6m/Yetz7DGxu2I=
Received: from CH0PR07CA0025.namprd07.prod.outlook.com (2603:10b6:610:32::30)
 by PH7PR12MB7020.namprd12.prod.outlook.com (2603:10b6:510:1ba::17) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9137.19; Tue, 23 Sep
 2025 05:08:01 +0000
Received: from CH2PEPF00000145.namprd02.prod.outlook.com
 (2603:10b6:610:32:cafe::a0) by CH0PR07CA0025.outlook.office365.com
 (2603:10b6:610:32::30) with Microsoft SMTP Server (version=TLS1_3,
 cipher=TLS_AES_256_GCM_SHA384) id 15.20.9137.20 via Frontend Transport; Tue,
 23 Sep 2025 05:08:01 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17)
 smtp.mailfrom=amd.com; dkim=none (message not signed)
 header.d=none;dmarc=pass action=none header.from=amd.com;
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=satlexmb07.amd.com; pr=C
Received: from satlexmb07.amd.com (165.204.84.17) by
 CH2PEPF00000145.mail.protection.outlook.com (10.167.244.102) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.9137.12 via Frontend Transport; Tue, 23 Sep 2025 05:08:01 +0000
Received: from BLR-L-NUPADHYA.xilinx.com (10.180.168.240) by
 satlexmb07.amd.com (10.181.42.216) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.2.2562.17; Mon, 22 Sep 2025 22:07:57 -0700
From: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
To: <kvm@vger.kernel.org>, <seanjc@google.com>, <pbonzini@redhat.com>
CC: <linux-kernel@vger.kernel.org>, <Thomas.Lendacky@amd.com>,
	<nikunj@amd.com>, <Santosh.Shukla@amd.com>, <Vasant.Hegde@amd.com>,
	<Suravee.Suthikulpanit@amd.com>, <bp@alien8.de>, <David.Kaplan@amd.com>,
	<huibo.wang@amd.com>, <naveen.rao@amd.com>, <tiala@microsoft.com>
Subject: [RFC PATCH v2 16/17] KVM: x86/cpuid: Disable paravirt APIC features
 for protected APIC
Date: Tue, 23 Sep 2025 10:33:16 +0530
Message-ID: <20250923050317.205482-17-Neeraj.Upadhyay@amd.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
References: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-ClientProxiedBy: satlexmb07.amd.com (10.181.42.216) To satlexmb07.amd.com
 (10.181.42.216)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: CH2PEPF00000145:EE_|PH7PR12MB7020:EE_
X-MS-Office365-Filtering-Correlation-Id: 59e65c60-4288-413a-6279-08ddfa5f2b95
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: 
	BCL:0;ARA:13230040|82310400026|376014|36860700013|1800799024;
X-Microsoft-Antispam-Message-Info: 
	=?us-ascii?Q?iPaTth4GwScQwSnRz5rWW0VIHyd1OoxJiTmxdEytsccWjbbGhJLpAhFTLvHM?=
 =?us-ascii?Q?aoR7dBZoPn4b6trNYV43XB5mtSbxxAlnRncAAN8RirudkeMfkN5Qud22qHAy?=
 =?us-ascii?Q?5MAhxRG1ZgCLVds6oBdCXlAVM8IfXXuWzLjUUfu18Y/YvuAWniXquXiWAEiM?=
 =?us-ascii?Q?iBNlQV2zCovdQ5AdvEclO96Xh9QZgLGPlKVKy2I98gW4dN3nWFdEgtRgfDPQ?=
 =?us-ascii?Q?VNLHauwMvih4fjkfkDSsrNOYRQmSrc/Mz+7UXkZoTJ0kgcSaA97xfMPShS8u?=
 =?us-ascii?Q?egM/qBbuUqnkT6mHSErbI0TSKZnxGy/B/jAx3yTAj9SSBQ5kbyLZpsmEcr40?=
 =?us-ascii?Q?lVjcpk+1p3AGiONQ3P6Bmq6J0zeH5D5yKMNCuro0IphvxfaFV+YNutf6eXs1?=
 =?us-ascii?Q?QCtbtHxAF70ANkmvJJurSOfEyLKv2GQ1Iw9C/d/IlaGZ3SftaNiO5R3YWu26?=
 =?us-ascii?Q?PfiIArgKWQzCLOKpxdk5utcO8sj695ZRQyTjFjzrOzvIKM9jh0xkf5dKzFf6?=
 =?us-ascii?Q?aDnAF+loOiBfQ+adj/UaIxjEQdCczb5Kjv4CgVgM+iapDirraD8gZ+2RPeB0?=
 =?us-ascii?Q?XB8HN6U+w4PO8BcWXnLiWY0r7pef5CZnn7zn14qLXLy/2bxFTFWthDt5YWL+?=
 =?us-ascii?Q?A5Q66NWPOGt6OdHt7gZ7d5jLJNxN539zJwiuQE28HZ/y8vcTIX4kOTi0/RKS?=
 =?us-ascii?Q?IH3QQ1n61WZ1g3fik+UZ/FDoEZCQRfs5DM+ERVO2gLNLjVjSREdtueEv8z8s?=
 =?us-ascii?Q?p1LZsQ+3utvFfs5eLpLCsdccNxrNRpENV9lyUO292YFRus/6ppFDBo4YCncO?=
 =?us-ascii?Q?kZ4HEQ6JOVVZPT6QpwDA2RJ7jBUluHmj33YRgsRC0tNmpxqb2kx1RHD189CR?=
 =?us-ascii?Q?m9vooPOaYuWHjPR+jqQrmGv8rBG4HxZMf9FENVClbbnt5OqHeGhr8nuvdQH+?=
 =?us-ascii?Q?lvPNMZIr/urgkhRztwp6SoqsNTM9IszpNB7fDzrqKP0H+JeLfi+TwC8/ny3s?=
 =?us-ascii?Q?nvfojqjlAArHjbveSmQKR3r7G24hOI8TLVoJE9LvJXYiGg8naRFj3OnxAQQk?=
 =?us-ascii?Q?Ja+vR3KhOaTiqYmz915zUtIXubMCkvosefc8Rgdn+Z0MDUtnCl+RNqDFlxHm?=
 =?us-ascii?Q?oS7cPlMN8jTu3/Hc9Mh8NwB9RDlW1Dt3QP9Yo9r+ivJLpG0qV3BDnhfVCwtz?=
 =?us-ascii?Q?v34WA+TuePQU26x8KaFkMnyOSx78nwtcUvYPEP6RSlqVU8PsnV0b3hyVoIP1?=
 =?us-ascii?Q?jkdKqArS06zKC6sK491dj4VEAhTgApXCN2i1BTDDgfz8GIHCDykoozaYrYUf?=
 =?us-ascii?Q?BQrlof4TX0/hA3/eMcyuYMQtrSrPYAvDQw0X54f8nRJXFbx/wB/vr4L6jYzm?=
 =?us-ascii?Q?K2heJWQo8Lk7FxYWrqvfIUE2UsFCxvo9C6VFcjNqcPkkIOmPITL6MgsAsABH?=
 =?us-ascii?Q?XgkzzsqEbIS/3+7HP+mETJynZLgqcb6RiFhfWBqxMH3zoes7+/wD4/PVIVSN?=
 =?us-ascii?Q?qJWqD2l1QU1KePtF4Jc+22997zPLCUyNONEO?=
X-Forefront-Antispam-Report: 
	CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:satlexmb07.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(82310400026)(376014)(36860700013)(1800799024);DIR:OUT;SFP:1101;
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Sep 2025 05:08:01.5981
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 59e65c60-4288-413a-6279-08ddfa5f2b95
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[satlexmb07.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
	CH2PEPF00000145.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB7020
Content-Type: text/plain; charset="utf-8"

The paravirtualized APIC features, PV_EOI and PV_SEND_IPI, are
predicated on KVM having full visibility and control over the guest's
vAPIC state. This assumption is invalid for guests with a protected APIC
(e.g., AMD SEV-SNP with Secure AVIC, Intel TDX), where the APIC state is
opaque to the hypervisor and managed by the hardware.

- PV_EOI: KVM cannot service a PV_EOI MSR write because it has no
  access to the guest's true In-Service Register (ISR). For these
  guests, EOIs are either accelerated by hardware or virtualized via
  a different, technology-specific VM-Exit, not the PV MSR.

- PV_SEND_IPI: Protected guest models have their own specific IPI
  virtualization flows (e.g., VMGEXIT on ICR write for Secure AVIC).
  Exposing the generic PV_SEND_IPI hypercall would provide a
  conflicting, incorrect path that bypasses the required secure flow.

To prevent the guest from using these incompatible interfaces, clear
the KVM_FEATURE_PV_EOI and KVM_FEATURE_PV_SEND_IPI PV feature CPUID
bits when for guests with protected APIC.

Signed-off-by: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
---
 arch/x86/kvm/cpuid.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
index e2836a255b16..01b3c4e88282 100644
--- a/arch/x86/kvm/cpuid.c
+++ b/arch/x86/kvm/cpuid.c
@@ -245,6 +245,10 @@ static u32 kvm_apply_cpuid_pv_features_quirk(struct kv=
m_vcpu *vcpu)
 	if (kvm_hlt_in_guest(vcpu->kvm))
 		best->eax &=3D ~(1 << KVM_FEATURE_PV_UNHALT);
=20
+	if (vcpu->arch.apic->guest_apic_protected)
+		best->eax &=3D ~((1 << KVM_FEATURE_PV_EOI) |
+			       (1 << KVM_FEATURE_PV_SEND_IPI));
+
 	return best->eax;
 }
=20
--=20
2.34.1
From nobody Thu Oct  2 03:27:32 2025
Received: from CO1PR03CU002.outbound.protection.outlook.com
 (mail-westus2azon11010025.outbound.protection.outlook.com [52.101.46.25])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 44E151C84BC;
	Tue, 23 Sep 2025 05:08:21 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=fail smtp.client-ip=52.101.46.25
ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758604103; cv=fail;
 b=PODKbUT9/iDmPLd9Px/kLdJz0osvFgW5CpBZIUaIqYQCOQ8NIIhqqov5hZsV3KktkHQNG9VmzY2Y1Jg2N/Ti50noE7Ohh6WyA57GhyqtbkUnrQnI6Fzt75HXP+vvfGei/hNUPu5OYpHg0vi6rHZob0Tt2ZRgZ0fuPRglMD4D/Jk=
ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758604103; c=relaxed/simple;
	bh=vedP0xXpup0kEfAu7yH088lQyqL0H6nPpct8U+yBnb4=;
	h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version:Content-Type;
 b=dyZ9YxmpZjxIUYwofGOiXaifZu8Tk0xpcgCAWbF26J8dKfZaroxkLkoZcxwNl8mOkrfC6Jxj8SF3+IzI5+M/A7GwxIAUZQ6HuxbaNbOaKlSyWtG0QTxDb7SS+gxHsOSCXLvT1YP8isPBHL5L1/bPQdSzWvWnmuh3mjv2sEiF7z4=
ARC-Authentication-Results: i=2; smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com;
 spf=fail smtp.mailfrom=amd.com;
 dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b=EOX/xNuq; arc=fail smtp.client-ip=52.101.46.25
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=fail smtp.mailfrom=amd.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b="EOX/xNuq"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
 b=yKsIxdVOodx2s0mhAqZQT2EX0kNV33ruPLEFEVnoOkUvj0Q8/ZFZZacg0Jr7i8YFJkpPQc04khCveG+gMlCDx81vavy+7gID0To9pgWfSa0pypvOyHqkkVPNNR16JRqz//fAvbUCy6/Y4BrXTaLAzTn6jIAC85UTfnAFZnrGoxxRwBSr8ASOexqvO+GDQ18AoOFLC3NNxgHpGjwA6k2+tEJ60ObO9JeTQ2cpOrqVexy+pC1YQ7wt2cEfr4qKyGQ0WkVcrbp2W//m8wDjE6bgPviFfmKCbUO0qoULk3iUbeZg2FbGcBzl/EF7ozAWnuiXLWN9PMf3VOevZaCJ44Pbkw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector10001;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=/BZx4YjcSyzuwIqdHaqBWddsFs46rgAwX/iqvUjQAKY=;
 b=hgUC8HtFHuytnU5R/JMQ4SzIL0LFyJX/4u1yEr1S7eSjZCzMRFZiS6lBsdRfy3cE5zMrPEodqFog8Kfb/U0mOYzY+bZc+4up3xtkBhzQmfRTySvgs3rnagUdSk6vteBFQ86K8GwaUJb3qn0mys8WwxXHkfGEiycR2glwj6sZwoW4nANLbeoaZDcCRM3oXH8zL3u4Tb8McLMZwPlajFPJL/18TzUpmKcxRbj9nVTfMp0ASyyGD8eibVNootApHR50tGTvQqKhEUctmotY3lAlVuBGIukG6vOqdgkH1G5amEanNi0evaqNOHPWDI4BqFMdQsRGUgHJg26uN1DJa9QVxw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com;
 dmarc=pass (p=quarantine sp=quarantine pct=100) action=none
 header.from=amd.com; dkim=none (message not signed); arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=/BZx4YjcSyzuwIqdHaqBWddsFs46rgAwX/iqvUjQAKY=;
 b=EOX/xNuqMTrbscUE7fLRJwAS++0rkQQzrFQWBHAj7HxZj6yk5GvVlhMzHejUvOQ55qjg7KA7zz4HWCK3i0+rvTwCKzLv2NM1Z4SNykO3hffySbhvXIqC8zjKQI/yUtik5mT2J7G/S1bdQurUNO5rxltFJ/Vtd2H0cEjAo++orsc=
Received: from CH3P220CA0022.NAMP220.PROD.OUTLOOK.COM (2603:10b6:610:1e8::15)
 by LV2PR12MB5821.namprd12.prod.outlook.com (2603:10b6:408:17a::8) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9137.20; Tue, 23 Sep
 2025 05:08:18 +0000
Received: from CH2PEPF00000148.namprd02.prod.outlook.com
 (2603:10b6:610:1e8:cafe::b6) by CH3P220CA0022.outlook.office365.com
 (2603:10b6:610:1e8::15) with Microsoft SMTP Server (version=TLS1_3,
 cipher=TLS_AES_256_GCM_SHA384) id 15.20.9137.20 via Frontend Transport; Tue,
 23 Sep 2025 05:08:18 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17)
 smtp.mailfrom=amd.com; dkim=none (message not signed)
 header.d=none;dmarc=pass action=none header.from=amd.com;
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=satlexmb07.amd.com; pr=C
Received: from satlexmb07.amd.com (165.204.84.17) by
 CH2PEPF00000148.mail.protection.outlook.com (10.167.244.105) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.9137.12 via Frontend Transport; Tue, 23 Sep 2025 05:08:18 +0000
Received: from BLR-L-NUPADHYA.xilinx.com (10.180.168.240) by
 satlexmb07.amd.com (10.181.42.216) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.2.2562.17; Mon, 22 Sep 2025 22:08:14 -0700
From: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
To: <kvm@vger.kernel.org>, <seanjc@google.com>, <pbonzini@redhat.com>
CC: <linux-kernel@vger.kernel.org>, <Thomas.Lendacky@amd.com>,
	<nikunj@amd.com>, <Santosh.Shukla@amd.com>, <Vasant.Hegde@amd.com>,
	<Suravee.Suthikulpanit@amd.com>, <bp@alien8.de>, <David.Kaplan@amd.com>,
	<huibo.wang@amd.com>, <naveen.rao@amd.com>, <tiala@microsoft.com>
Subject: [RFC PATCH v2 17/17] KVM: SVM: Advertise Secure AVIC support for SNP
 guests
Date: Tue, 23 Sep 2025 10:33:17 +0530
Message-ID: <20250923050317.205482-18-Neeraj.Upadhyay@amd.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
References: <20250923050317.205482-1-Neeraj.Upadhyay@amd.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-ClientProxiedBy: satlexmb07.amd.com (10.181.42.216) To satlexmb07.amd.com
 (10.181.42.216)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: CH2PEPF00000148:EE_|LV2PR12MB5821:EE_
X-MS-Office365-Filtering-Correlation-Id: ca090d14-752c-4801-790c-08ddfa5f35be
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: 
	BCL:0;ARA:13230040|82310400026|376014|36860700013|1800799024;
X-Microsoft-Antispam-Message-Info: 
	=?us-ascii?Q?UjXP3lacgaE+RUZHj42NXWKobXehvjx6p+6CbkpVuNYT55j/xr7rl0jSLIgH?=
 =?us-ascii?Q?AY4TG0VF97SiTtRx30cT7lJQLPHICRhCn5wvu3sXx1YG/ZVWC5/EhLseUCqE?=
 =?us-ascii?Q?oLmyeObCRPvA0gvxSdFa42d0eReSz1TdpzQwQk+9rehz/Le2Km2DRBhlB9S9?=
 =?us-ascii?Q?D1k0pQkM2zYuGC5+/NqbPEekJvDcyzR2ho5F7DHpxLw2HJi800/JbFCAsSha?=
 =?us-ascii?Q?yT5+XeAVdL4y0H1PBFp6MH8cceZwRl8TzMyeCGIdJ/0kCfkta8rLqNWZqvgL?=
 =?us-ascii?Q?zuZX0qmb4kh6Ax3lhs35o6jW3S5cUajeyJ66kw1Ii3qZyO/u7peE384QwnMR?=
 =?us-ascii?Q?jmlHQBVavWRVkiWYY8pAP9o64BxpUlYijD3rgdsDvG7KinTnko/KrM/qCJk+?=
 =?us-ascii?Q?+HT5clwZf/ya7urvivf6OtG/b16KZKtEKvj13/H27KXq8uh5cVtJ1vYoKg67?=
 =?us-ascii?Q?k24PxLxvzoAQSd5yzbbAw30Q7XVF+B0NpNocpmDHBIiczli8GKq04UbXeuNq?=
 =?us-ascii?Q?cprWV/kTJa09f6AjKUqfHK8s4VN9Kr9R0dnZtkeYcNDXZ4t5hTnIAi28hbk8?=
 =?us-ascii?Q?exOYuWy3w3/ERsRqeIN588ScdrSPRfwZh1cZTFvP4YNEsDWrqOjQrdpDVJkL?=
 =?us-ascii?Q?mE40F+nKKxl5YWjUYj3O7Ud0yUf1DooAMfcJ5WpkBNxu48jccEc1h3EPvMtT?=
 =?us-ascii?Q?RqCNV9Vo17N84xkWmp0g9exgxPvbh4ztdvfGMfb9ajpdYpRVeUaZ80/G9bmJ?=
 =?us-ascii?Q?ypoh8zJDjq2qEGFvnheSHFZEo7DpSPoyL0gTlrX2YvJbwF4cTry23Z/bA9Db?=
 =?us-ascii?Q?G2JORx8aWCRQXPTOzTIX4ZenL9ogTIgA/kQZl3IsAr3HP3iMPRnhpj12dBCF?=
 =?us-ascii?Q?ByD7aQWW/4q2/44raFfNrK2Qwtj42uLVTD+4xlZ5Qt7uU8WTjnuj1l59E7QS?=
 =?us-ascii?Q?RqY/zMpQoDhOgnE+X2Fb2uC81bK1KNKpxNgE/u0fN9pOS8eFrpOPq4/LhMhj?=
 =?us-ascii?Q?nAFEcw2qYp1J6RqR5UC/QEhGIKzaplqxZtbS0JdnunwmiBz5OSGjc4WticPL?=
 =?us-ascii?Q?q1zRZ4KhTIk0nAwQ+Rd3tqhwrECPDOCfWnGddJFM9+kGgliU1JXWVxz5PQTm?=
 =?us-ascii?Q?FuxoErs8wJUzjw5JMLWX52WeXY4zxVmny2dRkQtilG3pKdahHaC9rdCP12wH?=
 =?us-ascii?Q?1LQ3RvCwdwogTnT15simxAwUJHAzWYmv6h5RLjtV5x6occ8Tm+QrK+zWSHjD?=
 =?us-ascii?Q?U3S7nXHGK08j3XygzuiW7YHieffUBk1d8yWf98y6XHBlLLvSpIkDuj5hLz3h?=
 =?us-ascii?Q?NemaelPzO8QBiHMFP7Zk7OpYuoQU2eY2cGNCWH9MBArMxOhl7/w+EO8acvgH?=
 =?us-ascii?Q?QPlxcsr/I8BpmR+rxUmV+1W1FSxFojdJEJCtJ1z2vJVArpSVvkVKa2EXcf/y?=
 =?us-ascii?Q?RPBJ/BXlKqj6fV5EOFR8HN9nlAZ+Ar+m481pQyMFzSl1yghAiwFs48qFbzck?=
 =?us-ascii?Q?T1+3hpf04SZwxKWUBxcGDuYHAJ4Z0pzlS5Dp?=
X-Forefront-Antispam-Report: 
	CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:satlexmb07.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(82310400026)(376014)(36860700013)(1800799024);DIR:OUT;SFP:1101;
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Sep 2025 05:08:18.6443
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 ca090d14-752c-4801-790c-08ddfa5f35be
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[satlexmb07.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
	CH2PEPF00000148.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV2PR12MB5821
Content-Type: text/plain; charset="utf-8"

The preceding patches have implemented all the necessary KVM
infrastructure to support the Secure AVIC feature for SEV-SNP guests,
including interrupt/NMI injection, IPI virtualization, and EOI handling.

Despite the backend support being complete, KVM does not yet advertise
this capability. As a result, userspace tools cannot create VMs that
utilize this feature.

To enable the feature, add the SVM_SEV_FEAT_SECURE_AVIC flag to the
sev_supported_vmsa_features bitmask. This bitmask communicates
KVM's supported VMSA features to userspace.

This is the final enabling patch in the series, allowing the creation
of Secure AVIC-enabled virtual machines.

Signed-off-by: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
---
 arch/x86/kvm/svm/sev.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index 3f6cf8d5068a..fe3d65c50afd 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -3092,6 +3092,9 @@ void __init sev_hardware_setup(void)
 	sev_supported_vmsa_features =3D 0;
 	if (sev_es_debug_swap_enabled)
 		sev_supported_vmsa_features |=3D SVM_SEV_FEAT_DEBUG_SWAP;
+
+	if (sev_snp_savic_enabled)
+		sev_supported_vmsa_features |=3D SVM_SEV_FEAT_SECURE_AVIC;
 }
=20
 void sev_hardware_unsetup(void)
--=20
2.34.1