On Mon, 2022-05-02 at 21:07 +0700, Suravee Suthikulpanit wrote:
> Maxim, Sean
>
> On 4/18/22 7:55 PM, Maxim Levitsky wrote:
> > On Tue, 2022-04-12 at 06:58 -0500, Suravee Suthikulpanit wrote:
> > > When APIC mode is updated (e.g. disabled, xAPIC, or x2APIC),
> > > KVM needs to call kvm_vcpu_update_apicv() to update AVIC settings
> > > accordingly.
> > >
> > > Signed-off-by: Suravee Suthikulpanit<suravee.suthikulpanit@xxxxxxx>
> > > ---
> > > arch/x86/kvm/svm/avic.c | 15 +++++++++++++++
> > > arch/x86/kvm/svm/svm.c | 1 +
> > > 2 files changed, 16 insertions(+)
> > >
> > > diff --git a/arch/x86/kvm/svm/avic.c b/arch/x86/kvm/svm/avic.c
> > > index 22ee1098e2a5..01392b8364f4 100644
> > > --- a/arch/x86/kvm/svm/avic.c
> > > +++ b/arch/x86/kvm/svm/avic.c
> > > @@ -616,6 +616,21 @@ void avic_apicv_post_state_restore(struct kvm_vcpu *vcpu)
> > > avic_handle_ldr_update(vcpu);
> > > }
> > >
> > > +void avic_set_virtual_apic_mode(struct kvm_vcpu *vcpu)
> > > +{
> > > + struct vcpu_svm *svm = to_svm(vcpu);
> > > +
> > > + if (!lapic_in_kernel(vcpu) || (avic_mode == AVIC_MODE_NONE))
> > > + return;
> > > +
> > > + if (kvm_get_apic_mode(vcpu) == LAPIC_MODE_INVALID) {
> > > + WARN_ONCE(true, "Invalid local APIC state (vcpu_id=%d)", vcpu->vcpu_id);
> > > + return;
> > > + }
> > > +
> > > + kvm_vcpu_update_apicv(&svm->vcpu);
> > I think it makes sense to call avic_refresh_apicv_exec_ctrl directly here.
> >
> > I am not sure that kvm_vcpu_update_apicv will even call it
> > because it has an optimization of doing nothing when inhibition status
> > didn't change.
> >
> >
> > Another semi-related note:
> >
> > the current way the x2avic msrs are configured creates slight performance
> > problem for nesting:
> >
> > The problem is that when entering a nested guest, AVIC on the current vCPU
> > is inhibited, but this is done only so that this vCPU*peers* don't
> > try to use AVIC to send IPIs to it, so there is no need to update vmcb01
> > msr interception bitmap, and vmcb02 should have all these msrs intercepted always.
> > Same with returning to host.
> >
> > It also should be checked that during nested entry, at least vmcb01 msr bitmap
> > is updated - TL;DR - please check that x2avic works when there is a nested guest running.
>
> In the kvm/queue branch, I found a regression on nested SVM guest, where L2 guest cannot
> launch. The bad commit is:
>
> commit a4cfff3f0f8c07f1f7873a82bdeb3995807dac8c (bisect)
> Merge: 42dcbe7d8bac 8d5678a76689
> Author: Paolo Bonzini <pbonzini@xxxxxxxxxx>
> Date: Fri Apr 8 12:43:40 2022 -0400
>
> Merge branch 'kvm-older-features' into HEAD
>
> Merge branch for features that did not make it into 5.18:
>
> * New ioctls to get/set TSC frequency for a whole VM
>
> * Allow userspace to opt out of hypercall patching
>
> Nested virtualization improvements for AMD:
>
> * Support for "nested nested" optimizations (nested vVMLOAD/VMSAVE,
> nested vGIF)
>
> * Allow AVIC to co-exist with a nested guest running
>
> * Fixes for LBR virtualizations when a nested guest is running,
> and nested LBR virtualization support
>
> * PAUSE filtering for nested hypervisors
>
> Guest support:
>
> * Decoupling of vcpu_is_preempted from PV spinlocks
>
> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx>
>
> I am still working on the bisect into the merge commits.
>
> Regards,
> Suravee
>
What happens when the guest can't launch? It sure works for me for kvm/queue
from yesterday.
I'll test again tomorrow.
Best regards,
Maxim Levitsky
