lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CABgObfbSWZUMS8cMvYQE9FpeWjk=Lam+A_ysQvaJqL5LQ4fYag@mail.gmail.com>
Date: Wed, 3 Dec 2025 14:36:20 +0100
From: Paolo Bonzini <pbonzini@...hat.com>
To: David Woodhouse <dwmw2@...radead.org>
Cc: "Huang, Kai" <kai.huang@...el.com>, "seanjc@...gle.com" <seanjc@...gle.com>, 
	"shaju.abraham@...anix.com" <shaju.abraham@...anix.com>, 
	"khushit.shah@...anix.com" <khushit.shah@...anix.com>, "x86@...nel.org" <x86@...nel.org>, "bp@...en8.de" <bp@...en8.de>, 
	"stable@...r.kernel.org" <stable@...r.kernel.org>, "hpa@...or.com" <hpa@...or.com>, 
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "mingo@...hat.com" <mingo@...hat.com>, 
	"dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>, "kvm@...r.kernel.org" <kvm@...r.kernel.org>, 
	"Kohler, Jon" <jon@...anix.com>, "tglx@...utronix.de" <tglx@...utronix.de>
Subject: Re: [PATCH v3] KVM: x86: Add x2APIC "features" to control EOI
 broadcast suppression

On Wed, Dec 3, 2025 at 2:32 PM David Woodhouse <dwmw2@...radead.org> wrote:
> > That would make it impossible to use the fixed implementation on the
> > local APIC side, without changing the way the IOAPIC appears to the
> > guest.
>
> Yes, but remember that "the fixed implementation on the local APIC
> side" means precisely that it's fixed to *not* broadcast the EOI. Which
> means you absolutely *need* to have an I/O APIC capable of receiving
> the explicit directed EOI, or the EOI will never happen at all.
>
> Which is why it probably makes sense to drop the 'version_id' field
> from the struct where I'd added it, and just make the code report a
> hard-coded version based on suppress_eoi_broadcast being enabled:
>
> (kvm->arch.suppress_eoi_broadcast == KVM_SUPPRESS_EOI_ENABLED) ? 0x20: 0x11
>
> So yes, it's a guest-visible change, but only if the VMM explicitly
> *asks* for the broadcast suppression feature to work, in which case
> it's *necessary* anyway.

I see what you mean and I guess you're right... "Setting X will cause
the in-kernel IOAPIC to report version 0x20" is as obscure as it gets,
but then so is "Setting X will break guests unless you tell in-kernel
IOAPIC to report version 0x20".

So this is good, but the docs need to say clearly that this should
only be set if either full in-kernel irqchip is in use or, for split
irqchip, if the userspace IOAPIC implements directed EOI correctly.

Paolo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ