Disable RTC_GSI pending EOI tracking for guests with protected APIC
state such as Secure AVIC. RTC_GSI is a edge-triggered vector and
Secure AVIC accelerates EOI write for edge-triggered interrupts.
In addition, APIC_ISR state is not visible within KVM and is part
of guest-owned backing page. So, lazy pending EOI checks also cannot
be done. So, disable tracking of pending EOI. This means coalesced
RTC interrupts cannot be detected by userspace for Secure AVIC guests.
Signed-off-by: Neeraj Upadhyay <Neeraj.Upadhyay@xxxxxxx>
---
arch/x86/kvm/ioapic.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/arch/x86/kvm/ioapic.c b/arch/x86/kvm/ioapic.c
index 995eb5054360..7d68e8ef6245 100644
--- a/arch/x86/kvm/ioapic.c
+++ b/arch/x86/kvm/ioapic.c
@@ -113,6 +113,9 @@ static void __rtc_irq_eoi_tracking_restore_one(struct kvm_vcpu *vcpu)
struct dest_map *dest_map = &ioapic->rtc_status.dest_map;
union kvm_ioapic_redirect_entry *e;
+ if (vcpu->arch.apic->guest_apic_protected)
+ return;
+
e = &ioapic->redirtbl[RTC_GSI];
if (!kvm_apic_match_dest(vcpu, NULL, APIC_DEST_NOSHORT,
e->fields.dest_id,
@@ -443,6 +446,7 @@ static int ioapic_service(struct kvm_ioapic *ioapic, int irq, bool line_status)
{
union kvm_ioapic_redirect_entry *entry = &ioapic->redirtbl[irq];
struct kvm_lapic_irq irqe;
+ struct kvm_vcpu *vcpu;
int ret;
if (entry->fields.mask ||
@@ -472,7 +476,9 @@ static int ioapic_service(struct kvm_ioapic *ioapic, int irq, bool line_status)
BUG_ON(ioapic->rtc_status.pending_eoi != 0);
ret = kvm_irq_delivery_to_apic(ioapic->kvm, NULL, &irqe,
&ioapic->rtc_status.dest_map);
- ioapic->rtc_status.pending_eoi = (ret < 0 ? 0 : ret);
+ vcpu = kvm_get_vcpu(ioapic->kvm, 0);
+ if (!vcpu->arch.apic->guest_apic_protected)
+ ioapic->rtc_status.pending_eoi = (ret < 0 ? 0 : ret);
} else
ret = kvm_irq_delivery_to_apic(ioapic->kvm, NULL, &irqe, NULL);
--
2.34.1
