Re: [PATCH] KVM: SVM: Disable AVIC on SNP-enabled system without HvInUseWrAllowed feature
From: Joao Martins
Date: Tue Oct 01 2024 - 07:05:22 EST
On 30/09/2024 06:50, Suravee Suthikulpanit wrote:
> diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h
> index dd4682857c12..921b6de80e24 100644
> --- a/arch/x86/include/asm/cpufeatures.h
> +++ b/arch/x86/include/asm/cpufeatures.h
> @@ -448,6 +448,7 @@
> #define X86_FEATURE_SME_COHERENT (19*32+10) /* AMD hardware-enforced cache coherency */
> #define X86_FEATURE_DEBUG_SWAP (19*32+14) /* "debug_swap" AMD SEV-ES full debug state swap support */
> #define X86_FEATURE_SVSM (19*32+28) /* "svsm" SVSM present */
> +#define X86_FEATURE_HV_INUSE_WR_ALLOWED (19*32+30) /* Write to in-use hypervisor-owned pages allowed */
>
> /* AMD-defined Extended Feature 2 EAX, CPUID level 0x80000021 (EAX), word 20 */
> #define X86_FEATURE_NO_NESTED_DATA_BP (20*32+ 0) /* No Nested Data Breakpoints */
> diff --git a/arch/x86/kvm/svm/avic.c b/arch/x86/kvm/svm/avic.c
> index 4b74ea91f4e6..42f2caf17d6a 100644
> --- a/arch/x86/kvm/svm/avic.c
> +++ b/arch/x86/kvm/svm/avic.c
> @@ -1199,6 +1199,12 @@ bool avic_hardware_setup(void)
> return false;
> }
>
> + if (cc_platform_has(CC_ATTR_HOST_SEV_SNP) &&
> + !boot_cpu_has(X86_FEATURE_HV_INUSE_WR_ALLOWED)) {
> + pr_warn("AVIC disabled: missing HvInUseWrAllowed on SNP-enabled system");
> + return false;
> + }
> +
Wouldn't be better to make this is APICv inhibit to allow non-SNP guests to work
with AVIC?
Joao