mbox series

[v2,0/2] KVM: nVMX: Fix an SVI update bug with passthrough APIC

Message ID 20241128000010.4051275-1-seanjc@google.com (mailing list archive)
Headers show
Series KVM: nVMX: Fix an SVI update bug with passthrough APIC | expand

Message

Sean Christopherson Nov. 28, 2024, midnight UTC 
Defer updating SVI (i.e. the VMCS's highest ISR cache) when L2 is active,
but L1 has not enabled virtual interrupt delivery for L2, as an EOI that
is emulated _by KVM_ in such a case acts on L1's ISR, i.e. vmcs01 needs to
reflect the updated ISR when L1 is next run.

Note, L1's ISR is also effectively L2's ISR in such a setup, but because
virtual interrupt deliver is disable for L2, there's no need to update
SVI in vmcs02, because it will never be used.

v2:
 - WARN only if the vCPU is running to avoid false positives due to userspace
   stuffing APIC state while L2 is active. [Chao]
 - Grab Chao's Tested-by.

v1: https://lore.kernel.org/all/20241101192114.1810198-1-seanjc@google.com
Chao Gao (1):
  KVM: nVMX: Defer SVI update to vmcs01 on EOI when L2 is active w/o VID

Sean Christopherson (1):
  KVM: x86: Plumb in the vCPU to kvm_x86_ops.hwapic_isr_update()

 arch/x86/include/asm/kvm_host.h |  2 +-
 arch/x86/kvm/lapic.c            | 22 ++++++++++++++++------
 arch/x86/kvm/lapic.h            |  1 +
 arch/x86/kvm/vmx/nested.c       |  5 +++++
 arch/x86/kvm/vmx/vmx.c          | 23 ++++++++++++++++++++++-
 arch/x86/kvm/vmx/vmx.h          |  1 +
 arch/x86/kvm/vmx/x86_ops.h      |  2 +-
 7 files changed, 47 insertions(+), 9 deletions(-)


base-commit: 4d911c7abee56771b0219a9fbf0120d06bdc9c14