Re: [PATCH 2/2] KVM: x86: Forbid KVM_SET_CPUID{,2} after KVM_RUN

From: Sean Christopherson
Date: Thu Jan 13 2022 - 11:26:30 EST


On Thu, Jan 13, 2022, Vitaly Kuznetsov wrote:
> Maxim Levitsky <mlevitsk@xxxxxxxxxx> writes:
> > For my nested AVIC work I would really want the APIC ID of a VCPU to be read-only
> > and be equal to vcpu_id.
> >
>
> Doesn't APIC ID have topology encoded in it?

Yeah, APIC IDs are derived from the topology. From the SDM (this doesn't
talk about core/SMT info, but that's included as well):

The hardware assigned APIC ID is based on system topology and includes encoding
for socket position and cluster information.

The SDM also says:

Some processors permit software to modify the APIC ID. However, the ability of
software to modify the APIC ID is processor model specific.

So I _think_ we could define KVM behavior to ignore writes from the _guest_, but
the APIC_ID == vcpu_id requirement won't fly as userspace expects to be able to
stuff virtual toplogy info into the APIC ID.