From mboxrd@z Thu Jan 1 00:00:00 1970 From: Marcelo Tosatti Subject: Re: [PATCH 2/2] x86, apicv: Add Posted Interrupt supporting Date: Wed, 6 Feb 2013 23:23:31 -0200 Message-ID: <20130207012331.GA18150@amt.cnet> References: <20130204204729.GA16442@amt.cnet> <20130205080035.GU23213@redhat.com> <20130205105438.GC23213@redhat.com> <20130205111633.GD23213@redhat.com> <20130205132926.GJ23213@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: Gleb Natapov , "kvm@vger.kernel.org" , "Shan, Haitao" , "Zhang, Xiantao" , "Nakajima, Jun" , "Anvin, H Peter" To: "Zhang, Yang Z" Return-path: Received: from mx1.redhat.com ([209.132.183.28]:34418 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754804Ab3BGBYD (ORCPT ); Wed, 6 Feb 2013 20:24:03 -0500 Content-Disposition: inline In-Reply-To: Sender: kvm-owner@vger.kernel.org List-ID: > >>>>>>>> According the SDM, software should not touch the IRR when target > > vcpu > >>> is > >>>>>>> running. Instead, use locked way to access PIR. So your solution may > >>>>>>> wrong. Then your apicv patches are broken, because they do exactly > >>>>>>> that. > >>>>>> Which code is broken? > >>>>>> > >>>>> The one that updates IRR directly on the apic page. > >>>> No, all the updates are ensuring the target vcpu is not running. So > >>>> it's safe to touch IRR. > >>>> > >>> Not at all. Read the code. > >> Sorry. I still cannot figure out which code is wrong. All the places > >> call sync_pir_to_irr() are on target vcpu. Can you point out the code? > >> Thanks. > >> > > I am taking about vapic patches which are already in, not pir patches. > Yes, but the issue will be fixed with pir patches. With posted interrupt, it will touch PIR instead IRR and access PIR is allowed by HW. > > Best regards, > Yang > >>From http://www.mail-archive.com/kvm@vger.kernel.org/msg82824.html: " > 2. Section 29.6 mentions that "Use of the posted-interrupt descriptor > differs from that of other data structures that are referenced by > pointers in a VMCS. There is a general requirement that software > ensure > that each such data structure is modified only when no logical > processor > with a current VMCS that references it is in VMX non-root operation. > That requirement does not apply to the posted-interrupt descriptor. > There is a requirement, however, that such modifications be done using > locked read-modify-write instructions." > > The APIC virtual page is being modified by a CPU while a logical > processor with current VMCS that references it is in VMX non-root > operation, in fact even modifying the APIC virtual page with EOI > virtualizaton, virtual interrupt delivery, etc. What are the > requirements in this case? It should be same with posted interrupt. Software must ensure to use atomic access to virtual apic page. " Can this point be clarified? Software can or cannot access virtual APIC page while VMCS that references it is in VMX non-root operation? Because if it cannot, then it means the current code is broken and VID usage without PIR should not be allowed.