[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <8015deec-08e7-4908-85e1-d42f55f4bb6b@amd.com>
Date: Tue, 29 Oct 2024 17:45:23 +0530
From: Neeraj Upadhyay <Neeraj.Upadhyay@....com>
To: "Kirill A. Shutemov" <kirill@...temov.name>
Cc: Borislav Petkov <bp@...en8.de>, linux-kernel@...r.kernel.org,
tglx@...utronix.de, mingo@...hat.com, dave.hansen@...ux.intel.com,
Thomas.Lendacky@....com, nikunj@....com, Santosh.Shukla@....com,
Vasant.Hegde@....com, Suravee.Suthikulpanit@....com, David.Kaplan@....com,
x86@...nel.org, hpa@...or.com, peterz@...radead.org, seanjc@...gle.com,
pbonzini@...hat.com, kvm@...r.kernel.org
Subject: Re: [RFC 00/14] AMD: Add Secure AVIC Guest Support
On 10/29/2024 5:21 PM, Kirill A. Shutemov wrote:
> On Tue, Oct 29, 2024 at 03:54:24PM +0530, Neeraj Upadhyay wrote:
>> diff --git a/arch/x86/kernel/apic/apic.c b/arch/x86/kernel/apic/apic.c
>> index aeda74bf15e6..08156ac4ec6c 100644
>> --- a/arch/x86/kernel/apic/apic.c
>> +++ b/arch/x86/kernel/apic/apic.c
>> @@ -1163,6 +1163,9 @@ void disable_local_APIC(void)
>> if (!apic_accessible())
>> return;
>>
>> + if (apic->teardown)
>> + apic->teardown();
>> +
>> apic_soft_disable();
>>
>> #ifdef CONFIG_X86_32
>
> Hm. I think it will call apic->teardown() for all but the one CPU that
> does kexec. I believe we need to disable SAVIC for all CPUs.
>
I see it being called for all CPUs.
For the CPU doing kexec, I see below backtrace, which lands into disable_local_APIC()
disable_local_APIC
native_stop_other_cpus
native_machine_shutdown
machine_shutdown
kernel_kexec
For the other CPUs, it is below:
disable_local_APIC
stop_this_cpu
__sysvec_reboot
sysvec_reboot
> Have you tested the case when the target kernel doesn't support SAVIC and
> tries to use a new interrupt vector on the boot CPU? I think it will
> break.
>
For a VM launched with VMSA feature containing Secure AVIC, the target
kernel also is required to support Secure AVIC. Otherwise, guest bootup
would fail. I will capture this information in the documentation.
So, as far as I understand, SAVIC kernel kexecing into a non-SAVIC kernel
is not a valid use case.
- Neeraj
Powered by blists - more mailing lists