diff options
| author | Xiaoyao Li <xiaoyao.li@intel.com> | 2025-05-08 10:59:47 -0400 |
|---|---|---|
| committer | Paolo Bonzini <pbonzini@redhat.com> | 2025-05-28 19:35:54 +0200 |
| commit | 62a1a8b89d90cd3fbee0e6d38e6a4c0d833e978a (patch) | |
| tree | d564932eb99f4566335e208e08a250722ef41684 | |
| parent | f9aaad3362a5886d78e7d4d50d563ac16c6acdde (diff) | |
| download | qemu-62a1a8b89d90cd3fbee0e6d38e6a4c0d833e978a.zip qemu-62a1a8b89d90cd3fbee0e6d38e6a4c0d833e978a.tar.gz qemu-62a1a8b89d90cd3fbee0e6d38e6a4c0d833e978a.tar.bz2 | |
i386/apic: Skip kvm_apic_put() for TDX
KVM neithers allow writing to MSR_IA32_APICBASE for TDs, nor allow for
KVM_SET_LAPIC[*].
Note, KVM_GET_LAPIC is also disallowed for TDX. It is called in the path
do_kvm_cpu_synchronize_state()
-> kvm_arch_get_registers()
-> kvm_get_apic()
and it's already disllowed for confidential guest through
guest_state_protected.
[*] https://lore.kernel.org/all/Z3w4Ku4Jq0CrtXne@google.com/
Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
Reviewed-by: Zhao Liu <zhao1.liu@intel.com>
Link: https://lore.kernel.org/r/20250508150002.689633-42-xiaoyao.li@intel.com
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
| -rw-r--r-- | hw/i386/kvm/apic.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/hw/i386/kvm/apic.c b/hw/i386/kvm/apic.c index 39035db..1be9bfe 100644 --- a/hw/i386/kvm/apic.c +++ b/hw/i386/kvm/apic.c @@ -17,6 +17,7 @@ #include "system/hw_accel.h" #include "system/kvm.h" #include "kvm/kvm_i386.h" +#include "kvm/tdx.h" static inline void kvm_apic_set_reg(struct kvm_lapic_state *kapic, int reg_id, uint32_t val) @@ -141,6 +142,10 @@ static void kvm_apic_put(CPUState *cs, run_on_cpu_data data) struct kvm_lapic_state kapic; int ret; + if (is_tdx_vm()) { + return; + } + kvm_put_apicbase(s->cpu, s->apicbase); kvm_put_apic_state(s, &kapic); |