From: Naveen N Rao <naveen@kernel.org>
To: Sean Christopherson <seanjc@google.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>,
kvm@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v2 3/5] KVM: SVM: Only disable x2AVIC WRMSR interception for MSRs that are accelerated
Date: Fri, 8 May 2026 22:29:22 +0530 [thread overview]
Message-ID: <af4SexKS4Z0K2lGE@blrnaveerao1> (raw)
In-Reply-To: <20260506184746.2719880-4-seanjc@google.com>
On Wed, May 06, 2026 at 11:47:44AM -0700, Sean Christopherson wrote:
> When x2AVIC is enabled, disable WRMSR interception only for MSRs that are
> actually accelerated by hardware. Disabling interception for MSRs that
> aren't accelerated is functionally "fine", and in some cases a weird "win"
> for performance, but only for cases that should never be triggered by a
> well-behaved VM (writes to read-only registers; the #GP will typically
> occur in the guest without taking a #VMEXIT, even for fault-like exits).
Doesn't have to be part of this series, but I think we can now also clean
up avic_unaccelerated_access_interception() and some of the other
functions it calls for updating LDR/DFR. With this change, I believe the
only reason we can ever see AVIC_UNACCELERATED_ACCESS when x2AVIC is
enabled will be for APIC_EOI writes for level-triggered interrupts.
Probably worth a comment/assert in that function.
>
> But overall, disabling interception for MSRs that aren't accelerated is at
> best confusing and unintuitive, and at worst introduces avoidable risk, as
> the effective guest-visible behavior depends on the whims of the CPU (the
> behavior of x2APIC MSR writes on at least Zen4 doesn't match the behavior
> documented in the table in "15.29.3.1 Virtual APIC Register Accesses" of
> the APM).
FWIW, I tested the current behavior (with most MSRs passed-through) and
the new behavior with your changes, and (had AI) put together a table to
capture all of this. It also serves to document what x2AVIC does (except
for a few MSRs that were intercepted currently).
It is inline with my expectations, no surprises here:
+--------------+---------------+---------------+---------------+---------------+---------------+
| MSR | Register | Current RDMSR | New RDMSR | Current WRMSR | New WRMSR |
+--------------+---------------+---------------+---------------+---------------+---------------+
| 0x802 | APIC_ID | HW | HW | #GP-direct | * MSR_INT:#GP |
| 0x803 | APIC_LVR | HW | HW | #GP-direct | * MSR_INT:#GP |
| 0x808 | APIC_TPR | HW | HW | HW | HW |
| 0x809 | APIC_ARBPRI | UAA(f):#GP | * MSR_INT:#GP | #GP-direct | * MSR_INT:#GP |
| 0x80A | APIC_PPR | HW | HW | #GP-direct | * MSR_INT:#GP |
| 0x80B | APIC_EOI | #GP-direct | * MSR_INT:#GP | HW | HW |
| 0x80C | APIC_RRR | #GP-direct | * MSR_INT:#GP | #GP-direct | * MSR_INT:#GP |
| 0x80D | APIC_LDR | HW | HW | #GP-direct | * MSR_INT:#GP |
| 0x80E | APIC_DFR | #GP-direct | * MSR_INT:#GP | #GP-direct | * MSR_INT:#GP |
| 0x80F | APIC_SPIV | HW | HW | UAA(t) | * MSR_INT:ok |
| 0x810 | APIC_ISR0 | HW | HW | #GP-direct | * MSR_INT:#GP |
| 0x811..0x817 | APIC_ISR1..7 | MSR_INT:ok | * HW | MSR_INT:#GP | MSR_INT:#GP |
| 0x818 | APIC_TMR0 | HW | HW | #GP-direct | * MSR_INT:#GP |
| 0x819..0x81F | APIC_TMR1..7 | MSR_INT:ok | * HW | MSR_INT:#GP | MSR_INT:#GP |
| 0x820 | APIC_IRR0 | HW | HW | #GP-direct | * MSR_INT:#GP |
| 0x821..0x827 | APIC_IRR1..7 | MSR_INT:ok | * HW | MSR_INT:#GP | MSR_INT:#GP |
| 0x828 | APIC_ESR | HW | HW | UAA(t) | * MSR_INT:ok |
| 0x830 | APIC_ICR | HW | HW | INC_IPI | HW / INC_IPI |
| 0x831 | APIC_ICR2 [1] | #GP-direct | * MSR_INT:#GP | #GP-direct | * MSR_INT:#GP |
| 0x832 | APIC_LVTT | MSR_INT:ok | * HW | MSR_INT:ok | MSR_INT:ok |
| 0x833 | APIC_LVTTHMR | HW | HW | UAA(t) | * MSR_INT:ok |
| 0x834 | APIC_LVTPC | HW | HW | UAA(t) | * MSR_INT:ok |
| 0x835 | APIC_LVT0 | HW | HW | UAA(t) | * MSR_INT:ok |
| 0x836 | APIC_LVT1 | HW | HW | UAA(t) | * MSR_INT:ok |
| 0x837 | APIC_LVTERR | HW | HW | UAA(t) | * MSR_INT:ok |
| 0x838 | APIC_TMICT | HW | HW | UAA(t) | * MSR_INT:ok |
| 0x839 | APIC_TMCCT | UAA(f):0 | * MSR_INT:0 | #GP-direct | * MSR_INT:#GP |
| 0x83E | APIC_TDCR | HW | HW | UAA(t) | * MSR_INT:ok |
| 0x83F | APIC_SELF_IPI | MSR_INT:#GP | MSR_INT:#GP | MSR_INT:ok | * HW / INC_IPI|
+--------------+---------------+---------------+---------------+---------------+---------------+
Legend:
HW HW-accelerated; no #VMEXIT
#GP-direct CPU delivers #GP from microcode; no #VMEXIT
UAA(f):X AVIC_UNACCEL_ACCESS exit, fault flavor; KVM emulates, guest sees X
UAA(t) AVIC_UNACCEL_ACCESS exit, trap flavor; write completed in vAPIC page, KVM post-processes
MSR_INT:X MSR_INTERCEPT (MSR-bitmap) exit; KVM emulates, guest sees X
INC_IPI AVIC_INCOMPLETE_IPI exit; KVM emulates IPI delivery
* cell value differs from corresponding existing-behavior cell
- Naveen
next prev parent reply other threads:[~2026-05-08 17:03 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-06 18:47 [PATCH v2 0/5] KVM: SVM: Fix x2AVIC MSR interception issues Sean Christopherson
2026-05-06 18:47 ` [PATCH v2 1/5] KVM: SVM: Disable x2AVIC RDMSR interception for MSRs KVM actually supports Sean Christopherson
2026-05-07 13:56 ` Naveen N Rao
2026-05-07 14:27 ` Sean Christopherson
2026-05-08 16:35 ` Naveen N Rao
2026-05-06 18:47 ` [PATCH v2 2/5] KVM: SVM: Always intercept RDMSR for TMCCT (current APIC timer count) Sean Christopherson
2026-05-07 14:19 ` Naveen N Rao
2026-05-07 15:44 ` Sean Christopherson
2026-05-07 18:26 ` Sean Christopherson
2026-05-08 16:41 ` Naveen N Rao
2026-05-08 16:56 ` Sean Christopherson
2026-05-06 18:47 ` [PATCH v2 3/5] KVM: SVM: Only disable x2AVIC WRMSR interception for MSRs that are accelerated Sean Christopherson
2026-05-08 16:59 ` Naveen N Rao [this message]
2026-05-06 18:47 ` [PATCH v2 4/5] *** DO NOT MERGE *** KVM: x86: Hack in a stat to track guest-induced exits (for testing) Sean Christopherson
2026-05-08 17:14 ` Naveen N Rao
2026-05-08 17:49 ` Sean Christopherson
2026-05-09 5:08 ` Naveen N Rao
2026-05-06 18:47 ` [PATCH v2 5/5] *** DO NOT MERGE *** KVM: selftests: Add hacky test to verify x2APIC MSR interception Sean Christopherson
2026-05-09 5:10 ` [PATCH v2 0/5] KVM: SVM: Fix x2AVIC MSR interception issues Naveen N Rao
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=af4SexKS4Z0K2lGE@blrnaveerao1 \
--to=naveen@kernel.org \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=seanjc@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox