This patch series aims to lift long standing restriction of
using AVIC only when nested virtualization is not exposed
to the guest.
Notes about specific patches:
Patch 1 - this is an unrelated fix to KVM for a corner case I found
while writing a unit test for the feature.
Patch 2 addresses the fact that AVIC appears to be disabled
in CPUID on several Milan systems I am tesing on.
This adds a workaround (with a big warning and a kernel taint) to enable
it anyway if you really know what you are doing.
Patch 3 is from Paolo, which was done after our long discussion about the
various races that AVIC inhibition is subject to. Thanks Paolo!
It replaces two patches I sent in the previous version which attempted
to fix the same issue but weren't quite right.
Patch 4 is the more or less the same patch 5 in V1, but with proper
justification.
Patch 6 is the patch that adds the AVIC co-existance itself and
in this version I fixed (and partially tested) it in regard to AVIC inhibition
due to interrupt window.
Everything was tested on a Zen3 (Milan) machine.
On Zen2 machines, the errata #1235 makes my tests fail quite fast.
For general use though, most of the time this errata doesn't cause
long hangs.
Best regards,
Maxim Levitsky
Maxim Levitsky (5):
KVM: nSVM: deal with L1 hypervisor that intercepts interrupts but lets
L2 control EFLAGS.IF
KVM: SVM: allow to force AVIC to be enabled
KVM: SVM: fix race between interrupt delivery and AVIC inhibition
KVM: x86: don't touch irr_pending in kvm_apic_update_apicv when
inhibiting it
KVM: SVM: allow AVIC to co-exist with a nested guest running
arch/x86/include/asm/kvm-x86-ops.h | 1 +
arch/x86/include/asm/kvm_host.h | 7 ++-
arch/x86/kvm/lapic.c | 5 +-
arch/x86/kvm/svm/avic.c | 91 +++++++++++++++++++-----------
arch/x86/kvm/svm/nested.c | 11 ++--
arch/x86/kvm/svm/svm.c | 51 +++++++++++------
arch/x86/kvm/svm/svm.h | 1 +
arch/x86/kvm/x86.c | 17 +++++-
8 files changed, 125 insertions(+), 59 deletions(-)
--
2.26.3
