A gentle reminder that this is waiting for review/approval...
According to section "Checks on VMX Controls" in Intel SDM vol 3C, the
following checks needs to be enforced on vmentry of L2 guests:
i) If the "use TPR shadow" VM-execution control is 0, the following
VM-execution controls must also be 0: "virtualize x2APIC mode",
"APIC-register virtualization" and "virtual-interrupt delivery".
ii) If the "virtualize x2APIC mode" VM-execution control is 1, the
"virtualize APIC accesses" VM-execution control must be 0.
Existing KVM code already enforces these checks. These patches are adding the
corresponding unit tests.
[kvm-unit-test 1/2] nVMX x86: APIC virtual controls must be unset if
[kvm-unit-test 2/2] nVMX x86: "virtualize APIC accesses" must be
x86/vmx_tests.c | 148 +++++++++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 146 insertions(+), 2 deletions(-)
Krish Sadhukhan (2):
nVMX x86: APIC virtual controls must be unset if "Use TPR shadow" is unset
nVMX x86: "virtualize APIC accesses" must be unset if "virtualize x2APIC" is set
