* [RFC PATCH V6 0/4] x86/Hyper-V: Add AMD Secure AVIC for Hyper-V platform
@ 2025-08-06 9:11 Tianyu Lan
0 siblings, 0 replies; 3+ messages in thread
From: Tianyu Lan @ 2025-08-06 9:11 UTC (permalink / raw)
To: kys, haiyangz, wei.liu, decui, tglx, mingo, bp, dave.hansen, x86,
hpa, arnd, Neeraj.Upadhyay, kvijayab
Cc: Tianyu Lan, linux-arch, linux-hyperv, linux-kernel
From: Tianyu Lan <tiala@microsoft.com>
From: Tianyu Lan <tiala@microsoft.com>
Secure AVIC is a new hardware feature in the AMD64
architecture to allow SEV-SNP guests to prevent the
hypervisor from generating unexpected interrupts to
a vCPU or otherwise violate architectural assumptions
around APIC behavior.
Each vCPU has a guest-allocated APIC backing page of
size 4K, which maintains APIC state for that vCPU.
APIC backing page's ALLOWED_IRR field indicates the
interrupt vectors which the guest allows the hypervisor
to send.
This patchset is to enable the feature for Hyper-V
platform. Patch "Drivers: hv: Allow vmbus message
synic interrupt injected from Hyper-V" is to expose
new fucntion hv_enable_coco_interrupt() and device
driver and arch code may update AVIC backing page
ALLOWED_IRR field to allow Hyper-V inject associated
vector.
This patchset is based on the AMD patchset "AMD: Add
Secure AVIC Guest Support"
https://lkml.org/lkml/2025/6/10/1579
Change since v5:
- Rmove extra line and move hv_enable_coco_interrupt()
just after hv_set_msr() in the hv_synic_disable_regs().
Change since v4:
- Change the order to call hv_enable_coco_interrupt()
in the hv_synic_enable/disable_regs().
- Update commit title "Drivers/hv:" to "Drivers: hv:"
Change since v3:
- Disable VMBus Message interrupt via hv_enable_
coco_interrupt() in the hv_synic_disable_regs().
- Fix coding style issue and update change log.
Change since v2:
- Add hv_enable_coco_interrupt() as wrapper
of apic_update_vector()
- Re-work change logs
Change since v1:
- Remove the check of Secure AVIC when set APIC backing page
- Use apic_update_vector() instead of exposing new interface
from Secure AVIC driver to update APIC backing page and allow
associated interrupt to be injected by hypervisor.
Tianyu Lan (4):
x86/hyperv: Don't use hv apic driver when Secure AVIC is available
Drivers: hv: Allow vmbus message synic interrupt injected from Hyper-V
x86/hyperv: Don't use auto-eoi when Secure AVIC is available
x86/hyperv: Allow Hyper-V to inject STIMER0 interrupts
arch/x86/hyperv/hv_apic.c | 9 +++++++++
arch/x86/hyperv/hv_init.c | 7 +++++++
arch/x86/kernel/cpu/mshyperv.c | 2 ++
drivers/hv/hv.c | 7 ++++++-
drivers/hv/hv_common.c | 5 +++++
include/asm-generic/mshyperv.h | 1 +
6 files changed, 30 insertions(+), 1 deletion(-)
--
2.25.1
^ permalink raw reply [flat|nested] 3+ messages in thread
* [RFC PATCH V6 0/4] x86/Hyper-V: Add AMD Secure AVIC for Hyper-V platform
@ 2025-08-06 9:11 Tianyu Lan
2025-08-06 9:11 ` [RFC PATCH V6 1/4] x86/hyperv: Don't use hv apic driver when Secure AVIC is available Tianyu Lan
0 siblings, 1 reply; 3+ messages in thread
From: Tianyu Lan @ 2025-08-06 9:11 UTC (permalink / raw)
To: kys, haiyangz, wei.liu, decui, tglx, mingo, bp, dave.hansen, x86,
hpa, arnd, Neeraj.Upadhyay, kvijayab
Cc: Tianyu Lan, linux-arch, linux-hyperv, linux-kernel
From: Tianyu Lan <tiala@microsoft.com>
From: Tianyu Lan <tiala@microsoft.com>
Secure AVIC is a new hardware feature in the AMD64
architecture to allow SEV-SNP guests to prevent the
hypervisor from generating unexpected interrupts to
a vCPU or otherwise violate architectural assumptions
around APIC behavior.
Each vCPU has a guest-allocated APIC backing page of
size 4K, which maintains APIC state for that vCPU.
APIC backing page's ALLOWED_IRR field indicates the
interrupt vectors which the guest allows the hypervisor
to send.
This patchset is to enable the feature for Hyper-V
platform. Patch "Drivers: hv: Allow vmbus message
synic interrupt injected from Hyper-V" is to expose
new fucntion hv_enable_coco_interrupt() and device
driver and arch code may update AVIC backing page
ALLOWED_IRR field to allow Hyper-V inject associated
vector.
This patchset is based on the AMD patchset "AMD: Add
Secure AVIC Guest Support"
https://lkml.org/lkml/2025/6/10/1579
Change since v5:
- Rmove extra line and move hv_enable_coco_interrupt()
just after hv_set_msr() in the hv_synic_disable_regs().
Change since v4:
- Change the order to call hv_enable_coco_interrupt()
in the hv_synic_enable/disable_regs().
- Update commit title "Drivers/hv:" to "Drivers: hv:"
Change since v3:
- Disable VMBus Message interrupt via hv_enable_
coco_interrupt() in the hv_synic_disable_regs().
- Fix coding style issue and update change log.
Change since v2:
- Add hv_enable_coco_interrupt() as wrapper
of apic_update_vector()
- Re-work change logs
Change since v1:
- Remove the check of Secure AVIC when set APIC backing page
- Use apic_update_vector() instead of exposing new interface
from Secure AVIC driver to update APIC backing page and allow
associated interrupt to be injected by hypervisor.
Tianyu Lan (4):
x86/hyperv: Don't use hv apic driver when Secure AVIC is available
Drivers: hv: Allow vmbus message synic interrupt injected from Hyper-V
x86/hyperv: Don't use auto-eoi when Secure AVIC is available
x86/hyperv: Allow Hyper-V to inject STIMER0 interrupts
arch/x86/hyperv/hv_apic.c | 9 +++++++++
arch/x86/hyperv/hv_init.c | 7 +++++++
arch/x86/kernel/cpu/mshyperv.c | 2 ++
drivers/hv/hv.c | 7 ++++++-
drivers/hv/hv_common.c | 5 +++++
include/asm-generic/mshyperv.h | 1 +
6 files changed, 30 insertions(+), 1 deletion(-)
--
2.25.1
^ permalink raw reply [flat|nested] 3+ messages in thread
* [RFC PATCH V6 1/4] x86/hyperv: Don't use hv apic driver when Secure AVIC is available
2025-08-06 9:11 [RFC PATCH V6 0/4] x86/Hyper-V: Add AMD Secure AVIC for Hyper-V platform Tianyu Lan
@ 2025-08-06 9:11 ` Tianyu Lan
0 siblings, 0 replies; 3+ messages in thread
From: Tianyu Lan @ 2025-08-06 9:11 UTC (permalink / raw)
To: kys, haiyangz, wei.liu, decui, tglx, mingo, bp, dave.hansen, x86,
hpa, arnd, Neeraj.Upadhyay, kvijayab
Cc: Tianyu Lan, linux-arch, linux-hyperv, linux-kernel,
Michael Kelley
From: Tianyu Lan <tiala@microsoft.com>
When Secure AVIC is available, the AMD x2apic Secure
AVIC driver will be selected. In that case, have hv_apic_init()
return immediately without doing anything.
Reviewed-by: Michael Kelley <mhklinux@outlook.com>
Reviewed-by: Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>
Signed-off-by: Tianyu Lan <tiala@microsoft.com>
---
Change since RFC V3:
- Update Change log and fix coding style issue.
---
arch/x86/hyperv/hv_apic.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/arch/x86/hyperv/hv_apic.c b/arch/x86/hyperv/hv_apic.c
index bfde0a3498b9..01bc02cc0590 100644
--- a/arch/x86/hyperv/hv_apic.c
+++ b/arch/x86/hyperv/hv_apic.c
@@ -25,6 +25,7 @@
#include <linux/clockchips.h>
#include <linux/slab.h>
#include <linux/cpuhotplug.h>
+#include <linux/cc_platform.h>
#include <asm/hypervisor.h>
#include <asm/mshyperv.h>
#include <asm/apic.h>
@@ -293,6 +294,9 @@ static void hv_send_ipi_self(int vector)
void __init hv_apic_init(void)
{
+ if (cc_platform_has(CC_ATTR_SNP_SECURE_AVIC))
+ return;
+
if (ms_hyperv.hints & HV_X64_CLUSTER_IPI_RECOMMENDED) {
pr_info("Hyper-V: Using IPI hypercalls\n");
/*
--
2.25.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
end of thread, other threads:[~2025-08-06 9:11 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-08-06 9:11 [RFC PATCH V6 0/4] x86/Hyper-V: Add AMD Secure AVIC for Hyper-V platform Tianyu Lan
2025-08-06 9:11 ` [RFC PATCH V6 1/4] x86/hyperv: Don't use hv apic driver when Secure AVIC is available Tianyu Lan
-- strict thread matches above, loose matches on Subject: below --
2025-08-06 9:11 [RFC PATCH V6 0/4] x86/Hyper-V: Add AMD Secure AVIC for Hyper-V platform Tianyu Lan
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).