On Sun, Mar 13, 2022 at 05:09:08PM +0200, Maxim Levitsky wrote: >> > > This won't work with nested AVIC - we can't just inhibit a nested guest using its own AVIC, >> > > because migration happens. >> > >> > I mean because host decided to change its apic id, which it can in theory do any time, >> > even after the nested guest has started. Seriously, the only reason guest has to change apic id, >> > is to try to exploit some security hole. >> >> Hi >> >> Thanks for the information. >> >> IIUC, you mean KVM applies APICv inhibition only to L1 VM, leaving APICv >> enabled for L2 VM. Shouldn't KVM disable APICv for L2 VM in this case? >> It looks like a generic issue in dynamically toggling APICv scheme, >> e.g., qemu can set KVM_GUESTDBG_BLOCKIRQ after nested guest has started. >> > >That is the problem - you can't disable it for L2, unless you are willing to emulate it in software. >Or in other words, when nested guest uses a hardware feature, you can't at some point say to it: >sorry buddy - hardware feature disappeared. Hi Maxim, I may miss something. When reading Sean's APICv inhibition cleanups, I find AVIC is disabled for L1 when nested is enabled (SVM is advertised to L1). Then, I think the new inhibition introduced for changed xAPIC ID shouldn't be a problem for L2 VM. Or, you plan to remove APICV_INHIBIT_REASON_NESTED and expose AVIC to L1? svm_vcpu_after_set_cpuid: /* * Currently, AVIC does not work with nested virtualization. * So, we disable AVIC when cpuid for SVM is set in the L1 guest. */ if (nested && guest_cpuid_has(vcpu, X86_FEATURE_SVM)) kvm_request_apicv_update(vcpu->kvm, false, APICV_INHIBIT_REASON_NESTED);