On Tue, Oct 29, 2024 at 05:45:23PM +0530, Neeraj Upadhyay wrote: > > > On 10/29/2024 5:21 PM, Kirill A. Shutemov wrote: > > On Tue, Oct 29, 2024 at 03:54:24PM +0530, Neeraj Upadhyay wrote: > >> diff --git a/arch/x86/kernel/apic/apic.c b/arch/x86/kernel/apic/apic.c > >> index aeda74bf15e6..08156ac4ec6c 100644 > >> --- a/arch/x86/kernel/apic/apic.c > >> +++ b/arch/x86/kernel/apic/apic.c > >> @@ -1163,6 +1163,9 @@ void disable_local_APIC(void) > >> if (!apic_accessible()) > >> return; > >> > >> + if (apic->teardown) > >> + apic->teardown(); > >> + > >> apic_soft_disable(); > >> > >> #ifdef CONFIG_X86_32 > > > > Hm. I think it will call apic->teardown() for all but the one CPU that > > does kexec. I believe we need to disable SAVIC for all CPUs. > > > > I see it being called for all CPUs. > > For the CPU doing kexec, I see below backtrace, which lands into disable_local_APIC() > > disable_local_APIC > native_stop_other_cpus > native_machine_shutdown > machine_shutdown > kernel_kexec > > For the other CPUs, it is below: > > disable_local_APIC > stop_this_cpu > __sysvec_reboot > sysvec_reboot Backtraces are backwards, but, yeah, I missed reboot path. > > Have you tested the case when the target kernel doesn't support SAVIC and > > tries to use a new interrupt vector on the boot CPU? I think it will > > break. > > > > For a VM launched with VMSA feature containing Secure AVIC, the target > kernel also is required to support Secure AVIC. Otherwise, guest bootup > would fail. I will capture this information in the documentation. > So, as far as I understand, SAVIC kernel kexecing into a non-SAVIC kernel > is not a valid use case. Hm. I thought if SAVIC is not enabled by the guest the guest would boot without the secure feature, no? -- Kiryl Shutsemau / Kirill A. Shutemov
