After updating the secondary execution controls, the MSR bitmaps need
to be updated to enable APIC MSR intercepts (i.e. start treating APIC
MSRs as if the guest's APICs are back in xAPIC mode by calling
vmx_set_msr_bitmap, given that updating the execution controls should
disable "virtualize x2APIC mode").
The function vmx_set_msr_bitmap needs to look at the state of APICv to
know that "virtualize x2APIC mode" was disabled.
Also, calling vmx_secondary_exec_control clobbers /all/ dynamic bits
in the secondary controls (including the shadow VMCS bits). Those bits
needs to be respected (ideally this patch should just whack all of the
APICv related secondary execution controls).
I can put together a patch if you'd like.
On Mon, May 16, 2016 at 8:38 AM, Roman Kagan <rkagan@xxxxxxxxxxxxx> wrote:
> There are APICv-related fields among secondary processor-based
> VM-execution controls, too. Those used to be left at their initial
> enabled state when APICv was disabled (upon activating Hyper-V SynIC).
> This would result in Windows guests getting stuck when SynIC-based
> auto-EOI interrupt intersected with e.g. an IPI in the guest.
>
> So update the secondary execution controls too, if present, when
> deactivating APICv while enabling Hyper-V SynIC.
>
> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx>
> ---
> arch/x86/kvm/vmx.c | 17 ++++++++++-------
> 1 file changed, 10 insertions(+), 7 deletions(-)
>
> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> index ee1c8a9..7d98517 100644
> --- a/arch/x86/kvm/vmx.c
> +++ b/arch/x86/kvm/vmx.c
> @@ -4778,13 +4778,6 @@ static u32 vmx_pin_based_exec_ctrl(struct vcpu_vmx *vmx)
> return pin_based_exec_ctrl;
> }
>
> -static void vmx_refresh_apicv_exec_ctrl(struct kvm_vcpu *vcpu)
> -{
> - struct vcpu_vmx *vmx = to_vmx(vcpu);
> -
> - vmcs_write32(PIN_BASED_VM_EXEC_CONTROL, vmx_pin_based_exec_ctrl(vmx));
> -}
> -
> static u32 vmx_exec_control(struct vcpu_vmx *vmx)
> {
> u32 exec_control = vmcs_config.cpu_based_exec_ctrl;
> @@ -4843,6 +4836,16 @@ static u32 vmx_secondary_exec_control(struct vcpu_vmx *vmx)
> return exec_control;
> }
>
> +static void vmx_refresh_apicv_exec_ctrl(struct kvm_vcpu *vcpu)
> +{
> + struct vcpu_vmx *vmx = to_vmx(vcpu);
> +
> + vmcs_write32(PIN_BASED_VM_EXEC_CONTROL, vmx_pin_based_exec_ctrl(vmx));
> + if (cpu_has_secondary_exec_ctrls())
> + vmcs_write32(SECONDARY_VM_EXEC_CONTROL,
> + vmx_secondary_exec_control(vmx));
> +}
> +
> static void ept_set_mmio_spte_mask(void)
> {
> /*
> --
> 2.5.5
>
> --
> To unsubscribe from this list: send the line "unsubscribe kvm" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
