• Sean Christopherson's avatar
    KVM: x86: Inhibit APIC memslot if x2APIC and AVIC are enabled · 2008fab3
    Sean Christopherson authored
    Free the APIC access page memslot if any vCPU enables x2APIC and SVM's
    AVIC is enabled to prevent accesses to the virtual APIC on vCPUs with
    x2APIC enabled.  On AMD, if its "hybrid" mode is enabled (AVIC is enabled
    when x2APIC is enabled even without x2AVIC support), keeping the APIC
    access page memslot results in the guest being able to access the virtual
    APIC page as x2APIC is fully emulated by KVM.  I.e. hardware isn't aware
    that the guest is operating in x2APIC mode.
    
    Exempt nested SVM's update of APICv state from the new logic as x2APIC
    can't be toggled on VM-Exit.  In practice, invoking the x2APIC logic
    should be harmless precisely because it should be a glorified nop, but
    play it safe to avoid latent bugs, e.g. with dropping the vCPU's SRCU
    lock.
    
    Intel doesn't suffer from the same issue as APICv has fully independent
    VMCS controls for xAPIC vs. x2APIC virtualization.  Technically, KVM
    should provide bus error semantics and not memory semantics for the APIC
    page when x2APIC is enabled, but KVM already provides memory semantics in
    other scenarios, e.g. if APICv/AVIC is enabled and the APIC is hardware
    disabled (via APIC_BASE MSR).
    
    Note, checking apic_access_memslot_enabled without taking locks relies
    it being set during vCPU creation (before kvm_vcpu_reset()).  vCPUs can
    race to set the inhibit and delete the memslot, i.e. can get false
    positives, but can't get false negatives as apic_access_memslot_enabled
    can't be toggled "on" once any vCPU reaches KVM_RUN.
    
    Opportunistically drop the "can" while updating avic_activate_vmcb()'s
    comment, i.e. to state that KVM _does_ support the hybrid mode.  Move
    the "Note:" down a line to conform to preferred kernel/KVM multi-line
    comment style.
    
    Opportunistically update the apicv_update_lock comment, as it isn't
    actually used to protect apic_access_memslot_enabled (which is protected
    by slots_lock).
    
    Fixes: 0e311d33 ("KVM: SVM: Introduce hybrid-AVIC mode")
    Signed-off-by: default avatarSean Christopherson <seanjc@google.com>
    Reviewed-by: default avatarMaxim Levitsky <mlevitsk@redhat.com>
    Message-Id: <20230106011306.85230-11-seanjc@google.com>
    Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
    2008fab3
x86.c 358 KB