Skip to content

Commit 8dac6b9

Browse files
yamahatabonzini
yamahata
authored and
bonzini
committed
KVM: TDX: Add methods to ignore virtual apic related operation
TDX protects TDX guest APIC state from VMM. Implement access methods of TDX guest vAPIC state to ignore them or return zero. Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com> Signed-off-by: Binbin Wu <binbin.wu@linux.intel.com> Message-ID: <20250222014757.897978-13-binbin.wu@linux.intel.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
1 parent f65916a commit 8dac6b9

File tree

1 file changed

+28
-3
lines changed

1 file changed

+28
-3
lines changed

arch/x86/kvm/vmx/main.c

Lines changed: 28 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -240,6 +240,15 @@ static bool vt_apic_init_signal_blocked(struct kvm_vcpu *vcpu)
240240
return vmx_apic_init_signal_blocked(vcpu);
241241
}
242242

243+
static void vt_set_virtual_apic_mode(struct kvm_vcpu *vcpu)
244+
{
245+
/* Only x2APIC mode is supported for TD. */
246+
if (is_td_vcpu(vcpu))
247+
return;
248+
249+
return vmx_set_virtual_apic_mode(vcpu);
250+
}
251+
243252
static void vt_apicv_pre_state_restore(struct kvm_vcpu *vcpu)
244253
{
245254
struct pi_desc *pi = vcpu_to_pi_desc(vcpu);
@@ -248,6 +257,14 @@ static void vt_apicv_pre_state_restore(struct kvm_vcpu *vcpu)
248257
memset(pi->pir, 0, sizeof(pi->pir));
249258
}
250259

260+
static void vt_hwapic_isr_update(struct kvm_vcpu *vcpu, int max_isr)
261+
{
262+
if (is_td_vcpu(vcpu))
263+
return;
264+
265+
return vmx_hwapic_isr_update(vcpu, max_isr);
266+
}
267+
251268
static int vt_sync_pir_to_irr(struct kvm_vcpu *vcpu)
252269
{
253270
if (is_td_vcpu(vcpu))
@@ -437,6 +454,14 @@ static void vt_get_exit_info(struct kvm_vcpu *vcpu, u32 *reason,
437454
vmx_get_exit_info(vcpu, reason, info1, info2, intr_info, error_code);
438455
}
439456

457+
static void vt_set_apic_access_page_addr(struct kvm_vcpu *vcpu)
458+
{
459+
if (is_td_vcpu(vcpu))
460+
return;
461+
462+
vmx_set_apic_access_page_addr(vcpu);
463+
}
464+
440465
static void vt_refresh_apicv_exec_ctrl(struct kvm_vcpu *vcpu)
441466
{
442467
if (is_td_vcpu(vcpu)) {
@@ -561,13 +586,13 @@ struct kvm_x86_ops vt_x86_ops __initdata = {
561586
.update_cr8_intercept = vmx_update_cr8_intercept,
562587

563588
.x2apic_icr_is_split = false,
564-
.set_virtual_apic_mode = vmx_set_virtual_apic_mode,
565-
.set_apic_access_page_addr = vmx_set_apic_access_page_addr,
589+
.set_virtual_apic_mode = vt_set_virtual_apic_mode,
590+
.set_apic_access_page_addr = vt_set_apic_access_page_addr,
566591
.refresh_apicv_exec_ctrl = vt_refresh_apicv_exec_ctrl,
567592
.load_eoi_exitmap = vmx_load_eoi_exitmap,
568593
.apicv_pre_state_restore = vt_apicv_pre_state_restore,
569594
.required_apicv_inhibits = VMX_REQUIRED_APICV_INHIBITS,
570-
.hwapic_isr_update = vmx_hwapic_isr_update,
595+
.hwapic_isr_update = vt_hwapic_isr_update,
571596
.sync_pir_to_irr = vt_sync_pir_to_irr,
572597
.deliver_interrupt = vt_deliver_interrupt,
573598
.dy_apicv_has_pending_interrupt = pi_has_pending_interrupt,

0 commit comments

Comments
 (0)