From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pf1-f202.google.com (mail-pf1-f202.google.com [209.85.210.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 442083A6B76 for ; Thu, 14 May 2026 21:31:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.202 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1778794279; cv=none; b=Pq+Fr/E9il0hFgeaSYxZfqiFSAZZlv+Bl8v09Uinxmr9sKsaKNwCH2UJAk5TNvFEK7M+yuXBJZ9rJZ6SCKPMPHrLGKVNlyYUEXz4Hx6tAzz0seFTHUiFSMHXmmKqKj+GAskvLzfC0WOxn1TsijdyPTXh3Iv1xVubQtQpTJju9YE= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1778794279; c=relaxed/simple; bh=Z8JM+GpfUvrSxHsKlo3ZGg09soLQyAUqQKlIc9LRRnw=; h=Date:Mime-Version:Message-ID:Subject:From:To:Cc:Content-Type; b=aHq5eES7fOfTc52wWpIbqKD55holza5iphHovYJEZfPOpt2w1Uf7enMYPGq7YMBhNwTMVNDj+x3m7MhGiVgCfstm5Y7qloyaIKB/XbvZtnIOnmRFs3axQCKYZEcGkdKdUafn5OFgNRnJQRU99/CfoNKEEGyV7bGBrgL0Ig0egNg= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=REUpMcKy; arc=none smtp.client-ip=209.85.210.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="REUpMcKy" Received: by mail-pf1-f202.google.com with SMTP id d2e1a72fcca58-8386367b23cso6603627b3a.3 for ; Thu, 14 May 2026 14:31:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20251104; t=1778794277; x=1779399077; darn=vger.kernel.org; h=cc:to:from:subject:message-id:mime-version:date:reply-to:from:to:cc :subject:date:message-id:reply-to; bh=sBDwFph1fgL8JJtMFcY4wwaK5i0fyVyxn04k9bC39nA=; b=REUpMcKykOf6jp90JmmNUFjk5xJUF4bO+ZKDF0KCEILLRSPkwaL9qcNNDqxebZgNaH ml4PGnbdyWjTytXTTiEOsdum2uQiTUR6rXj0Wg2mgkD6KTRBt4FSMkMnEvvlxvy3USPq 8dlCxF31YLIby+rHGfnjCXZs9pwEXZnRn4ydt8XZIpm0YeGT1INWHl9yjGs8fJAyalTV T6Lb0NS9BbR0UmtkUla96cQC8Dvgm2LbICvKykZI80mQV6+rdq5QhGVCNk08Dyk5gzln 8pQQuVYi4hNB1aQb6pcV5KZjwjA+gNToxV9Bu90o86Hufiv5Vej2wViLfv4rckxTDLNF 5WSw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1778794277; x=1779399077; h=cc:to:from:subject:message-id:mime-version:date:reply-to :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=sBDwFph1fgL8JJtMFcY4wwaK5i0fyVyxn04k9bC39nA=; b=Qe4PQK4RmWKMRvbSkyWuO04XoTMZ2vi7zrPpGk+Lw/7H48OAvkJf4Ws2pHw8ja9J/v 4fSipSS7VeZXYpZdmgvt+mRuDY7vsPEBvAvX/hYREvH5hitgRlp/bWOYiLPLH8Sa1LXV k43gnoVWclALRpQ7ERtyES6KbxduXv2aGC4elwbBCoeg8Zymqxi5dPSXR5hyyBq9zJC4 6bNo2G5ya4jpmDXbkUPPIXtMYw0Dm1x7yMm7iFRKmNYLDKudO3miF7J7f0dRj066+2we KyU4CMn0Nq1Oo3EE0XP6eLgdy60Xyu8o1vYN/S1VuZXXY0X2DPM0RZnzQNe7oFhcTlWM ODJQ== X-Forwarded-Encrypted: i=1; AFNElJ810lqhgQFMEr9ainX8y1T4UNwdQETS2sQY32UoTUGZeL8yfe3k8cQzvy4ZLWFGlVsM6PFbVVc1CJPDFS0=@vger.kernel.org X-Gm-Message-State: AOJu0YzuvvEpzGPJfXv9//AzhT23II0sUJrvTKeXTUnvbu3Pq7KuYdNc BXhFxyf3GnhtQaDES6cF5XUHEzpc/9EQgI+Qhyp/wi5CQMdRSpAdMXuSA4RoHPOqO++O/RZFY8P uSIjIQA== X-Received: from pfbgc1.prod.google.com ([2002:a05:6a00:62c1:b0:838:27b2:c77]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a00:418f:b0:82f:5576:2853 with SMTP id d2e1a72fcca58-83f33d3a93fmr1275064b3a.30.1778794277178; Thu, 14 May 2026 14:31:17 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 14 May 2026 14:31:12 -0700 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 X-Mailer: git-send-email 2.54.0.563.g4f69b47b94-goog Message-ID: <20260514213115.1637082-1-seanjc@google.com> Subject: [PATCH v3 0/3] KVM: SVM: Fix x2AVIC MSR interception issues From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Naveen N Rao Content-Type: text/plain; charset="UTF-8" Fix a variety of bugs in SVM's handling of x2APIC MSR passthrough for x2AVIC, where KVM disables interception for MSR accesses that aren't accelerated by hardware (pointless and suboptimal), and also does NOT disable interception for practically any of the "range of vectors" MSRs, i.e. IRR, ISR, and TMR. Note, I tagged all of this for stable, but I could be convinced these fixes shouldn't be sent to LTS trees, as there are no functional bugs being fixed. v3: - Consolidate list generation for APICv and x2AVIC RDMSR passthrough (and avoid the wonky post-iteration fixup in the process). [Naveen] - Collect reviews. [Naveen] - Drop the hacky selftest (it's still available in v2). - Massage the changelog for patch 3 to call out that at least one section of the APM does document that #GP has priority over the AVIC checks. [Naveen] - Document the impact on TMCCT in patch 2. [Naveen] v2: - https://lore.kernel.org/all/20260506184746.2719880-1-seanjc@google.com - Actually iterate over the mask of readable regs. [Naveen] - Rewrite the changelog for patch 3 to more accurately capture what happens, and to avoid conflating "unaccelerated" with "fault-like". [Naveen] - Massage the changlog for patch 1 to describe the observed behavior of DFR and ICR2. - Test the #VMEXIT (or not) behavior with hacks (patches 4 and 5). v1: https://lore.kernel.org/all/20260409222449.2013847-1-seanjc@google.com Sean Christopherson (3): KVM: x86: Add dedicated API for getting mask of accelerated x2APIC MSRs KVM: SVM: Disable x2AVIC RDMSR interception for MSRs KVM actually supports KVM: SVM: Only disable x2AVIC WRMSR interception for MSRs that are accelerated arch/x86/kvm/lapic.c | 21 ++++++++++++++++-- arch/x86/kvm/lapic.h | 2 +- arch/x86/kvm/svm/avic.c | 47 +++++++++++------------------------------ arch/x86/kvm/vmx/vmx.c | 3 +-- 4 files changed, 33 insertions(+), 40 deletions(-) base-commit: a9512a611bd030088f13477258d1f8103cceaa40 -- 2.54.0.563.g4f69b47b94-goog