[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v7 38/52] i386/apic: Skip kvm_apic_put() for TDX
|
From: |
Xiaoyao Li |
|
Subject: |
[PATCH v7 38/52] i386/apic: Skip kvm_apic_put() for TDX |
|
Date: |
Fri, 24 Jan 2025 08:20:34 -0500 |
KVM neithers allow writing to MSR_IA32_APICBASE for TDs, nor allow for
KVM_SET_LAPIC[*].
Note, KVM_GET_LAPIC is also disallowed for TDX. It is called in the path
do_kvm_cpu_synchronize_state()
-> kvm_arch_get_registers()
-> kvm_get_apic()
and it's already disllowed for confidential guest through
guest_state_protected.
[*] https://lore.kernel.org/all/Z3w4Ku4Jq0CrtXne@google.com/
Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
---
hw/i386/kvm/apic.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/hw/i386/kvm/apic.c b/hw/i386/kvm/apic.c
index 757510600098..a1850524a67f 100644
--- a/hw/i386/kvm/apic.c
+++ b/hw/i386/kvm/apic.c
@@ -17,6 +17,7 @@
#include "system/hw_accel.h"
#include "system/kvm.h"
#include "kvm/kvm_i386.h"
+#include "kvm/tdx.h"
static inline void kvm_apic_set_reg(struct kvm_lapic_state *kapic,
int reg_id, uint32_t val)
@@ -141,6 +142,10 @@ static void kvm_apic_put(CPUState *cs, run_on_cpu_data
data)
struct kvm_lapic_state kapic;
int ret;
+ if(is_tdx_vm()) {
+ return;
+ }
+
kvm_put_apicbase(s->cpu, s->apicbase);
kvm_put_apic_state(s, &kapic);
--
2.34.1
- [PATCH v7 23/52] i386/tdx: Add TDVF memory via KVM_TDX_INIT_MEM_REGION, (continued)
- [PATCH v7 23/52] i386/tdx: Add TDVF memory via KVM_TDX_INIT_MEM_REGION, Xiaoyao Li, 2025/01/24
- [PATCH v7 24/52] i386/tdx: Call KVM_TDX_INIT_VCPU to initialize TDX vcpu, Xiaoyao Li, 2025/01/24
- [PATCH v7 26/52] i386/tdx: Enable user exit on KVM_HC_MAP_GPA_RANGE, Xiaoyao Li, 2025/01/24
- [PATCH v7 29/52] i386/cpu: introduce x86_confidential_guest_cpu_instance_init(), Xiaoyao Li, 2025/01/24
- [PATCH v7 33/52] i386/tdx: Set kvm_readonly_mem_enabled to false for TDX VM, Xiaoyao Li, 2025/01/24
- [PATCH v7 30/52] i386/tdx: implement tdx_cpu_instance_init(), Xiaoyao Li, 2025/01/24
- [PATCH v7 31/52] i386/cpu: Introduce enable_cpuid_0x1f to force exposing CPUID 0x1f, Xiaoyao Li, 2025/01/24
- [PATCH v7 35/52] i386/tdx: Disable PIC for TDX VMs, Xiaoyao Li, 2025/01/24
- [PATCH v7 36/52] i386/tdx: Don't synchronize guest tsc for TDs, Xiaoyao Li, 2025/01/24
- [PATCH v7 37/52] i386/tdx: Only configure MSR_IA32_UCODE_REV in kvm_init_msrs() for TDs, Xiaoyao Li, 2025/01/24
- [PATCH v7 38/52] i386/apic: Skip kvm_apic_put() for TDX,
Xiaoyao Li <=
- [PATCH v7 25/52] i386/tdx: Finalize TDX VM, Xiaoyao Li, 2025/01/24
- [PATCH v7 28/52] i386/tdx: Wire TDX_REPORT_FATAL_ERROR with GuestPanic facility, Xiaoyao Li, 2025/01/24
- [PATCH v7 27/52] i386/tdx: Handle KVM_SYSTEM_EVENT_TDX_FATAL, Xiaoyao Li, 2025/01/24
- [PATCH v7 32/52] i386/tdx: Force exposing CPUID 0x1f, Xiaoyao Li, 2025/01/24
- [PATCH v7 34/52] i386/tdx: Disable SMM for TDX VMs, Xiaoyao Li, 2025/01/24
- [PATCH v7 39/52] cpu: Don't set vcpu_dirty when guest_state_protected, Xiaoyao Li, 2025/01/24
- [PATCH v7 42/52] i386/tdx: Apply TDX fixed0 and fixed1 information to supported CPUIDs, Xiaoyao Li, 2025/01/24
- [PATCH v7 41/52] i386/tdx: Implement adjust_cpuid_features() for TDX, Xiaoyao Li, 2025/01/24
- [PATCH v7 49/52] i386/tdx: Don't treat SYSCALL as unavailable, Xiaoyao Li, 2025/01/24
- [PATCH v7 43/52] i386/tdx: Mask off CPUID bits by unsupported TD Attributes, Xiaoyao Li, 2025/01/24