From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:53481)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <peterx@redhat.com>) id 1btsnx-0000VT-Eh
	for qemu-devel@nongnu.org; Tue, 11 Oct 2016 04:52:58 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <peterx@redhat.com>) id 1btsnt-00051b-7n
	for qemu-devel@nongnu.org; Tue, 11 Oct 2016 04:52:56 -0400
Received: from mx1.redhat.com ([209.132.183.28]:43812)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <peterx@redhat.com>) id 1btsnt-00051S-1Q
	for qemu-devel@nongnu.org; Tue, 11 Oct 2016 04:52:53 -0400
Date: Tue, 11 Oct 2016 16:52:48 +0800
From: Peter Xu <peterx@redhat.com>
Message-ID: <20161011085248.GA21663@pxdev.xzpeter.org>
References: <20161010152848.17902-1-rkrcmar@redhat.com>
	<20161010152848.17902-7-rkrcmar@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <20161010152848.17902-7-rkrcmar@redhat.com>
Content-Transfer-Encoding: quoted-printable
Subject: Re: [Qemu-devel] [PATCH v5 6/7] intel_iommu: reject broken EIM
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Radim =?utf-8?B?S3LEjW3DocWZ?= <rkrcmar@redhat.com>
Cc: qemu-devel@nongnu.org, Igor Mammedov <imammedo@redhat.com>, Paolo Bonzini <pbonzini@redhat.com>, Richard Henderson <rth@twiddle.net>, Eduardo Habkost <ehabkost@redhat.com>, "Michael S. Tsirkin" <mst@redhat.com>

On Mon, Oct 10, 2016 at 05:28:47PM +0200, Radim Kr=C4=8Dm=C3=A1=C5=99 wro=
te:
> Cluster x2APIC cannot work without KVM's x2apic API when the maximal
> APIC ID is greater than 8 and only KVM's LAPIC can support x2APIC, so w=
e
> forbid other APICs and also the old KVM case with less than 9, to
> simplify the code.
>=20
> There is no point in enabling EIM in forbidden APICs, so we keep it
> enabled only for the KVM APIC;  unconditionally, because making the
> option depend on KVM version would be a maintanance burden.
>=20
> Old QEMUs would enable eim whenever intremap was on, which would trick
> guests into thinking that they can enable cluster x2APIC even if any
> interrupt destination would get clamped to 8 bits.
> Depending on your configuration, QEMU could notice that the destination
> LAPIC is not present and report it with a very non-obvious:
>=20
>   KVM: injection failed, MSI lost (Operation not permitted)
>=20
> Or the guest could say something about unexpected interrupts, because
> clamping leads to aliasing so interrupts were being delivered to
> incorrect VCPUs.
>=20
> KVM_X2APIC_API is the feature that allows us to enable EIM for KVM.
>=20
> QEMU 2.7 allowed EIM whenever interrupt remapping was enabled.  In orde=
r
> to keep backward compatibility, we again allow guests to misbehave in
> non-obvious ways, and make it the default for old machine types.
>=20
> A user can enable the buggy mode it with "x-buggy-eim=3Don".
>=20
> Signed-off-by: Radim Kr=C4=8Dm=C3=A1=C5=99 <rkrcmar@redhat.com>

Reviewed-by: Peter Xu <peterx@redhat.com>