From: Sean Christopherson <seanjc@google.com>
To: Maxim Levitsky <mlevitsk@redhat.com>
Cc: Suravee Suthikulpanit <suravee.suthikulpanit@amd.com>,
linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
pbonzini@redhat.com, joro@8bytes.org, jon.grimm@amd.com,
wei.huang2@amd.com, terry.bowman@amd.com
Subject: Re: [PATCH v2 11/12] KVM: SVM: Do not inhibit APICv when x2APIC is present
Date: Fri, 29 Apr 2022 17:00:52 +0000 [thread overview]
Message-ID: <YmwZxAWJ8KqHodbf@google.com> (raw)
In-Reply-To: <41b1e63ad6e45be019bbedc93bd18cfcb9475b06.camel@redhat.com>
On Tue, Apr 26, 2022, Maxim Levitsky wrote:
> On Tue, 2022-04-26 at 10:06 +0300, Maxim Levitsky wrote:
> BTW, can I ask you to check something on the AMD side of things of AVIC?
>
> I noticed that AMD's manual states that:
>
> "Multiprocessor VM requirements. When running a VM which has multiple virtual CPUs, and the
> VMM runs a virtual CPU on a core which had last run a different virtual CPU from the same VM,
> regardless of the respective ASID values, care must be taken to flush the TLB on the VMRUN using a
> TLB_CONTROL value of 3h. Failure to do so may result in stale mappings misdirecting virtual APIC
> accesses to the previous virtual CPU's APIC backing page."
>
> It it relevant to KVM? I don't fully understand why it was mentioned that ASID doesn't matter,
> what makes it special about 'virtual CPU from the same VM' if ASID doesn't matter?
I believe it's calling out that, because vCPUs from the same VM likely share an ASID,
the magic TLB entry for the APIC-access page, which redirects to the virtual APIC page,
will be preserved. And so if the hypervisor doesn't flush the ASID/TLB, accelerated
xAPIC accesses for the new vCPU will go to the previous vCPU's virtual APIC page.
Intel has the same requirement, though this specific scenario isn't as well documented.
E.g. even if using EPT and VPID, the EPT still needs to be invalidated because the
TLB can cache guest-physical mappings, which are not associated with a VPID.
Huh. I was going to say that KVM does the necessary flushes in vmx_vcpu_load_vmcs()
and pre_svm_run(), but I don't think that's true. KVM flushes if the _new_ VMCS/VMCB
is being migrated to a different pCPU, but neither VMX nor SVM flush when switching
between vCPUs that are both "loaded" on the current pCPU.
Switching between vmcs01 and vmcs02 is ok, because KVM always forces a different
EPTP, even if L1 is using shadow paging (the guest_mode bit in the role prevents
reusing a root). nSVM is "ok" because it flushes on every transition anyways.
next prev parent reply other threads:[~2022-04-29 17:01 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-12 11:58 [PATCH v2 00/12] Introducing AMD x2APIC Virtualization (x2AVIC) support Suravee Suthikulpanit
2022-04-12 11:58 ` [PATCH v2 01/12] x86/cpufeatures: Introduce x2AVIC CPUID bit Suravee Suthikulpanit
2022-04-12 11:58 ` [PATCH v2 02/12] KVM: x86: lapic: Rename [GET/SET]_APIC_DEST_FIELD to [GET/SET]_XAPIC_DEST_FIELD Suravee Suthikulpanit
2022-04-12 11:58 ` [PATCH v2 03/12] KVM: SVM: Detect X2APIC virtualization (x2AVIC) support Suravee Suthikulpanit
2022-04-12 11:58 ` [PATCH v2 04/12] KVM: SVM: Update max number of vCPUs supported for x2AVIC mode Suravee Suthikulpanit
2022-04-12 11:58 ` [PATCH v2 05/12] KVM: SVM: Update avic_kick_target_vcpus to support 32-bit APIC ID Suravee Suthikulpanit
2022-04-12 11:58 ` [PATCH v2 06/12] KVM: SVM: Do not support updating APIC ID when in x2APIC mode Suravee Suthikulpanit
2022-04-18 11:09 ` Maxim Levitsky
2022-04-12 11:58 ` [PATCH v2 07/12] KVM: SVM: Adding support for configuring x2APIC MSRs interception Suravee Suthikulpanit
2022-04-18 11:17 ` Maxim Levitsky
2022-04-12 11:58 ` [PATCH v2 08/12] KVM: SVM: Update AVIC settings when changing APIC mode Suravee Suthikulpanit
2022-04-18 12:55 ` Maxim Levitsky
2022-05-02 14:07 ` Suravee Suthikulpanit
2022-05-02 17:13 ` Maxim Levitsky
2022-05-03 13:04 ` Suravee Suthikulpanit
2022-05-04 11:46 ` Maxim Levitsky
2022-05-04 11:49 ` Maxim Levitsky
2022-05-04 12:38 ` Maxim Levitsky
2022-04-12 11:58 ` [PATCH v2 09/12] KVM: SVM: Introduce helper functions to (de)activate AVIC and x2AVIC Suravee Suthikulpanit
2022-04-12 11:58 ` [PATCH v2 10/12] KVM: SVM: Do not throw warning when calling avic_vcpu_load on a running vcpu Suravee Suthikulpanit
2022-04-12 11:58 ` [PATCH v2 11/12] KVM: SVM: Do not inhibit APICv when x2APIC is present Suravee Suthikulpanit
2022-04-19 13:29 ` Maxim Levitsky
2022-04-26 2:25 ` Suravee Suthikulpanit
2022-04-26 7:06 ` Maxim Levitsky
2022-04-26 9:56 ` Maxim Levitsky
2022-04-29 17:00 ` Sean Christopherson [this message]
2022-05-01 6:49 ` Maxim Levitsky
2022-04-12 11:58 ` [PATCH v2 12/12] kvm/x86: Remove APICV activate mode inconsistency check Suravee Suthikulpanit
2022-04-18 12:55 ` Maxim Levitsky
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YmwZxAWJ8KqHodbf@google.com \
--to=seanjc@google.com \
--cc=jon.grimm@amd.com \
--cc=joro@8bytes.org \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mlevitsk@redhat.com \
--cc=pbonzini@redhat.com \
--cc=suravee.suthikulpanit@amd.com \
--cc=terry.bowman@amd.com \
--cc=wei.huang2@amd.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.