lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <B116CE75-43FD-41C4-BB3A-9B0A52FFD06B@nutanix.com>
Date: Fri, 3 Oct 2025 14:24:02 +0000
From: Khushit Shah <khushit.shah@...anix.com>
To: Sean Christopherson <seanjc@...gle.com>
CC: Jon Kohler <jon@...anix.com>, Paolo Bonzini <pbonzini@...hat.com>,
        Thomas
 Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>,
        Borislav
 Petkov <bp@...en8.de>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        "x86@...nel.org" <x86@...nel.org>, "H. Peter Anvin" <hpa@...or.com>,
        "kvm@...r.kernel.org" <kvm@...r.kernel.org>,
        "linux-kernel@...r.kernel.org"
	<linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] KVM: x86: skip userspace IOAPIC EOI exit when Directed
 EOI is enabled

Hi Sean,

Any updates on this?

I suggest adding a new KVM capability that disables advertising support for EOI
broadcast suppression when using split-irqchip. It is similar in spirit to
KVM_CAP_X2APIC_API for x2APIC quirks.

By default, we still assume the userspace I/O APIC implements the EOI register.
If it does not, userspace can set a flag before vCPU creation (after selecting
split-irqchip mode) to disable EOI broadcast suppression. This should be a
per-VM flag, as all APICs will share the same behavior. I am sharing a
preliminary diff for discussion. The earlier fix can sit on top of this. This just 
allows disabling EOI broadcast suppression under split-irqchip.

What are your thoughts on this? If this seems reasonable, I can send a proper
patch.

Apologies if sending an inline diff isn’t standard procedure.

Thanks,
Khushit

---
diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
index f19a76d3ca0e..8e087232dbcd 100644
--- a/arch/x86/include/asm/kvm_host.h
+++ b/arch/x86/include/asm/kvm_host.h
@@ -1457,6 +1457,8 @@ struct kvm_arch {
 
        bool disabled_lapic_found;
 
+       bool disable_eoi_broadcast_suppression_support;
+
        bool x2apic_format;
        bool x2apic_broadcast_quirk_disabled;
 
diff --git a/arch/x86/include/uapi/asm/kvm.h b/arch/x86/include/uapi/asm/kvm.h
index 0f15d683817d..e822ed4310f5 100644
--- a/arch/x86/include/uapi/asm/kvm.h
+++ b/arch/x86/include/uapi/asm/kvm.h
@@ -879,6 +879,8 @@ struct kvm_sev_snp_launch_finish {
        __u64 pad1[4];
 };
 
+#define KVM_SPLIT_IRQCHIP_API_DISABLE_EOI_BROADCAST_SUPPRESSION (1ULL << 0)
+
 #define KVM_X2APIC_API_USE_32BIT_IDS            (1ULL << 0)
 #define KVM_X2APIC_API_DISABLE_BROADCAST_QUIRK  (1ULL << 1)
 
diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c
index 4d77112b887d..1a077b5a75d7 100644
--- a/arch/x86/kvm/lapic.c
+++ b/arch/x86/kvm/lapic.c
@@ -558,7 +558,8 @@ void kvm_apic_set_version(struct kvm_vcpu *vcpu)
         * IOAPIC.
         */
        if (guest_cpu_cap_has(vcpu, X86_FEATURE_X2APIC) &&
-           !ioapic_in_kernel(vcpu->kvm))
+           !ioapic_in_kernel(vcpu->kvm) &&
+           !vcpu->kvm->arch.disable_eoi_broadcast_suppression_support)
                v |= APIC_LVR_DIRECTED_EOI;
        kvm_lapic_set_reg(apic, APIC_LVR, v);
 }
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 706b6fd56d3c..9884c780138a 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -4785,6 +4785,9 @@ int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext)
        case KVM_CAP_VM_TSC_CONTROL:
                r = kvm_caps.has_tsc_control;
                break;
+       case KVM_CAP_SPLIT_IRQCHIP_API:
+               r = KVM_SPLIT_IRQCHIP_API_DISABLE_EOI_BROADCAST_SUPPRESSION;
+               break;
        case KVM_CAP_X2APIC_API:
                r = KVM_X2APIC_API_VALID_FLAGS;
                break;
@@ -6455,6 +6458,23 @@ int kvm_vm_ioctl_enable_cap(struct kvm *kvm,
                mutex_unlock(&kvm->lock);
                break;
        }
+       case KVM_CAP_SPLIT_IRQCHIP_API: {
+               mutex_lock(&kvm->lock);
+               if (!irqchip_split(kvm)) {
+                       r = -ENXIO;
+                       goto split_irqchip_api_unlock;
+               }
+               if (kvm->created_vcpus) {
+                       r = -EINVAL;
+                       goto split_irqchip_api_unlock;
+               }
+               kvm->arch.disable_eoi_broadcast_suppression_support = (cap->args[0]
+                       & KVM_SPLIT_IRQCHIP_API_DISABLE_EOI_BROADCAST_SUPPRESSION) != 0;
+               r = 0;
+split_irqchip_api_unlock:
+               mutex_unlock(&kvm->lock);
+               break;
+       }
        case KVM_CAP_X2APIC_API:
                r = -EINVAL;
                if (cap->args[0] & ~KVM_X2APIC_API_VALID_FLAGS)
diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h
index f0f0d49d2544..732a93f9365e 100644
--- a/include/uapi/linux/kvm.h
+++ b/include/uapi/linux/kvm.h
@@ -962,6 +962,7 @@ struct kvm_enable_cap {
 #define KVM_CAP_ARM_EL2_E2H0 241
 #define KVM_CAP_RISCV_MP_STATE_RESET 242
 #define KVM_CAP_ARM_CACHEABLE_PFNMAP_SUPPORTED 243
+#define KVM_CAP_SPLIT_IRQCHIP_API 244
 
 struct kvm_irq_routing_irqchip {
        __u32 irqchip;

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ