[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [RFC PATCH for-4.22] x86/hvm: Introduce force_x2apic flag
- To: Teddy Astie <teddy.astie@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
- From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
- Date: Tue, 11 Nov 2025 13:32:45 +0000
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=z39PZnE/UWKc4M/MPsBUoIxASly3Ow5JD9+rvf7AIdE=; b=rjvfZp6GMRvlUNlqPNNbidCIgf6RWZI1YZ12XOYR8sYY5DTrO3Ds5Dg3Db7Z3arS+ZLX1vLmBAxG8pr88RC87pc0a5Ru/d+ejXBScu/dLtJ6pgsRdxFAzv/9ymnE9qHAa1MhZpt856z/KbrW3kDIKjY7UHC9ctwGtQiNkfjFSmbINCMAPK351E4yaNfC9MF9vWfe4oCkT6ub4xwpMGQRqMLjIQsTGKhWO6r448MdljNrIcS4MmCzIJOiM1W3K0K0s9ZL+D4YWq/DG1tqSKB42YFBljyzMtnOl7SbYn2jD8arZnyWHESzpBcRrHB5W1rIvxgTSzKErlsPq1ocnNI5ew==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=R5W2WG0AK0aeTVDE4KblhECzlS9pO4AZ+gAWvXlZjJVKRETk1aSlyTRxLnKBrJhqcpSn7LE5+kU7wCTMsurpO16cTpMhni8W4vZUWmBBlQFoylWIK5n9Jq8TUGiRuRS9Elxl95irChV4qdSQ0p45ldmH4EVaKJTqzzhC8lVSeNIG5AfaDGJzfMvUPUdVCxskEpGNy2XWTMWSc9+uLAyi35RgByo+OFM6FFr7DfmwsgDDlNwgsvyNuxcUv0y+YjMFytAKJv0aoVt2svr6atFNiKKipb1rss7GROe+cY7Hsq89h/BHJGhqIkcBvgBuA1focfPrGd1D+tXSwfTJs0mzBQ==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
- Cc: Anthony PERARD <anthony.perard@xxxxxxxxxx>, Juergen Gross <jgross@xxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Oleksii Kurochko <oleksii.kurochko@xxxxxxxxx>
- Delivery-date: Tue, 11 Nov 2025 13:33:11 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 29/10/2025 6:26 pm, Teddy Astie wrote:
> Introduce a new flag to force the x2APIC enabled and preventing a
> guest from switching back LAPIC to xAPIC mode.
>
> The semantics of this mode are based IA32_XAPIC_DISABLE_STATUS
> architectural MSR of Intel specification.
>
> Signed-off-by: Teddy Astie <teddy.astie@xxxxxxxxxx>
You can do what you want by simply starting the VM in x2APIC mode.
OSes don't tend to switch out of x2APIC mode, especially if it was set
by firmware.
IA32_XAPIC_DISABLE_STATUS is garbage. It was an emergency "fix" the
fact that the entire L2 cache datastream was architecturally visible in
the xAPIC MMIO window, included decrypted SGX contents. Furthermore,
upon this being discussed, and it being pointed out that the proper
place to put the lock bit would be in MSR_APIC_BASE itself, Intel
declined citing "too much effort to qualify". So we're left with this
instead.
We do virtualise one Intel control on AMD for the benefit of L1, but AMD
have finally grown CPUID Faulting into an architectural feature so we
can see about retiring the old bodge.
But, the Local APIC is far more complicated, and which mode you want
depends more on which hardware acceleration is available to you, and
there's a huge amount of work needing to do to get our x2APIC support
into better shape.
Either way, start simple by starting the guest in x2APIC mode. It will
probably be sufficient for your needs.
~Andrew
|
