Commit ef8b4b72 authored by Paolo Bonzini's avatar Paolo Bonzini
Browse files

KVM: ensure APICv is considered inactive if there is no APIC 



kvm_vcpu_apicv_active() returns false if a virtual machine has no in-kernel
local APIC, however kvm_apicv_activated might still be true if there are
no reasons to disable APICv; in fact it is quite likely that there is none
because APICv is inhibited by specific configurations of the local APIC
and those configurations cannot be programmed.  This triggers a WARN:

   WARN_ON_ONCE(kvm_apicv_activated(vcpu->kvm) != kvm_vcpu_apicv_active(vcpu));

To avoid this, introduce another cause for APICv inhibition, namely the
absence of an in-kernel local APIC.  This cause is enabled by default,
and is dropped by either KVM_CREATE_IRQCHIP or the enabling of
KVM_CAP_IRQCHIP_SPLIT.

Reported-by: default avatarIgnat Korchagin <ignat@cloudflare.com>
Fixes: ee49a893 ("KVM: x86: Move SVM's APICv sanity check to common x86", 2021-10-22)
Reviewed-by: default avatarMaxim Levitsky <mlevitsk@redhat.com>
Reviewed-by: default avatarSean Christopherson <seanjc@google.com>
Tested-by: default avatarIgnat Korchagin <ignat@cloudflare.com>
Message-Id: <20211130123746.293379-1-pbonzini@redhat.com>
Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
parent cb1d220d

arch/x86/include/asm/kvm_host.h

+1 −0
Original line number Diff line number Diff line
@@ -1036,6 +1036,7 @@ struct kvm_x86_msr_filter { 
#define APICV_INHIBIT_REASON_PIT_REINJ  4

#define APICV_INHIBIT_REASON_X2APIC	5

#define APICV_INHIBIT_REASON_BLOCKIRQ	6

#define APICV_INHIBIT_REASON_ABSENT	7



struct kvm_arch {

	unsigned long n_used_mmu_pages;

arch/x86/kvm/svm/avic.c

+1 −0
Original line number Diff line number Diff line
@@ -900,6 +900,7 @@ int svm_update_pi_irte(struct kvm *kvm, unsigned int host_irq, 
bool svm_check_apicv_inhibit_reasons(ulong bit)

{

	ulong supported = BIT(APICV_INHIBIT_REASON_DISABLE) |

			  BIT(APICV_INHIBIT_REASON_ABSENT) |

			  BIT(APICV_INHIBIT_REASON_HYPERV) |

			  BIT(APICV_INHIBIT_REASON_NESTED) |

			  BIT(APICV_INHIBIT_REASON_IRQWIN) |

arch/x86/kvm/vmx/vmx.c

+1 −0
Original line number Diff line number Diff line
@@ -7525,6 +7525,7 @@ static void hardware_unsetup(void) 
static bool vmx_check_apicv_inhibit_reasons(ulong bit)

{

	ulong supported = BIT(APICV_INHIBIT_REASON_DISABLE) |

			  BIT(APICV_INHIBIT_REASON_ABSENT) |

			  BIT(APICV_INHIBIT_REASON_HYPERV) |

			  BIT(APICV_INHIBIT_REASON_BLOCKIRQ);

arch/x86/kvm/x86.c

+5 −4
Original line number Diff line number Diff line
@@ -5740,6 +5740,7 @@ int kvm_vm_ioctl_enable_cap(struct kvm *kvm, 
		smp_wmb();

		kvm->arch.irqchip_mode = KVM_IRQCHIP_SPLIT;

		kvm->arch.nr_reserved_ioapic_pins = cap->args[0];

		kvm_request_apicv_update(kvm, true, APICV_INHIBIT_REASON_ABSENT);

		r = 0;

split_irqchip_unlock:

		mutex_unlock(&kvm->lock);
@@ -6120,6 +6121,7 @@ long kvm_arch_vm_ioctl(struct file *filp, 
		/* Write kvm->irq_routing before enabling irqchip_in_kernel. */

		smp_wmb();

		kvm->arch.irqchip_mode = KVM_IRQCHIP_KERNEL;

		kvm_request_apicv_update(kvm, true, APICV_INHIBIT_REASON_ABSENT);

	create_irqchip_unlock:

		mutex_unlock(&kvm->lock);

		break;
@@ -8818,10 +8820,9 @@ static void kvm_apicv_init(struct kvm *kvm) 
{

	init_rwsem(&kvm->arch.apicv_update_lock);



	if (enable_apicv)

		clear_bit(APICV_INHIBIT_REASON_DISABLE,

	set_bit(APICV_INHIBIT_REASON_ABSENT,

		&kvm->arch.apicv_inhibit_reasons);

	else

	if (!enable_apicv)

		set_bit(APICV_INHIBIT_REASON_DISABLE,

			&kvm->arch.apicv_inhibit_reasons);

}