Re: [PART1 RFC v3 07/12] svm: Add interrupt injection via AVIC
From: Suravee Suthikulpanit
Date: Tue Apr 05 2016 - 09:27:25 EST
Hi Paolo,
On 3/18/16 17:22, Paolo Bonzini wrote:
On 18/03/2016 07:09, Suravee Suthikulpanit wrote:
This patch introduces a new mechanism to inject interrupt using AVIC.
Since VINTR is not supported when enable AVIC, we need to inject
interrupt via APIC backing page instead.
This patch also adds support for AVIC doorbell, which is used by
KVM to signal a running vcpu to check IRR for injected interrupts.
Signed-off-by: Suravee Suthikulpanit <suravee.suthikulpanit@xxxxxxx>
Looks good, but I think it breaks nested virtualization. See below.
[...]
@@ -2877,8 +2895,10 @@ static int clgi_interception(struct vcpu_svm *svm)
disable_gif(svm);
/* After a CLGI no interrupts should come */
- svm_clear_vintr(svm);
- svm->vmcb->control.int_ctl &= ~V_IRQ_MASK;
+ if (!svm_vcpu_avic_enabled(svm)) {
+ svm_clear_vintr(svm);
+ svm->vmcb->control.int_ctl &= ~V_IRQ_MASK;
+ }
This is for nested virtualization. Unless you support nested AVIC, the
L2 guest should run without AVIC (i.e. IsRunning should be false) and
use the old VINTR mechanism.
I see. I am not planning to supported nested AVIC at the L2 level for
the moment. If it is alright, I would like to get the basic AVIC and
IOMMU in first (unless you have a different opinion).
In that case, I think I should also make sure to not expose AVIC CPUID
to the guest VM.
[...]
@@ -3904,6 +3942,9 @@ static void enable_irq_window(struct kvm_vcpu *vcpu)
* get that intercept, this function will be called again though and
* we'll get the vintr intercept.
*/
+ if (svm_vcpu_avic_enabled(svm))
+ return;
Same here.
If I make change so that we do not expose the AVIC CPUID to the L1
guest, then the L1 KVM driver should not be setting up AVIC for the L2
vcpus. And, in this case, the svm_vcpu_avic_enabled(svm) should return
false. I've not tested with nested VM. I will give that a try.
Thanks,
Suravee