Re: [PATCH RFC] target/i386: filter out VMX_PIN_BASED_POSTED_INTR when enabling SynIC

[Paolo Bonzini]

On 18/02/20 18:08, Vitaly Kuznetsov wrote:
> Paolo Bonzini <address@hidden> writes:
> 
>> On 18/02/20 15:44, Vitaly Kuznetsov wrote:
>>> Signed-off-by: Vitaly Kuznetsov <address@hidden>
>>> ---
>>> RFC: This is somewhat similar to eVMCS breakage and it is likely possible
>>> to fix this in KVM. I decided to try QEMU first as this is a single
>>> control and unlike eVMCS we don't need to keep a list of things to disable.
>>
>> I think you should disable "virtual-interrupt delivery" instead (which
>> in turn requires "process posted interrupts" to be zero).  That is the
>> one that is incompatible with AutoEOI interrupts.
> 
> I'm fighting the symptoms, not the cause :-) My understanding is that
> when SynIC is enabled for CPU0 KVM does
> 
> kvm_vcpu_update_apicv()
>       vmx_refresh_apicv_exec_ctrl()
>               pin_controls_set()
> 
> for *all* vCPUs (KVM_REQ_APICV_UPDATE). I'm not sure why
> SECONDARY_EXEC_APIC_REGISTER_VIRT/SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY
> are not causing problems and only PIN_BASED_POSTED_INTR does as we clear
> them all (not very important atm).

Let's take a step back, what is the symptom, i.e. how does it fail?
Because thinking more about it, since we have separate VMCS we can set
PIN_BASED_POSTED_INTR and SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY just fine
in the vmcs02.  The important part is to unconditionally call
vmx_deliver_nested_posted_interrupt.

Something like

        if (kvm_x86_ops->deliver_posted_interrupt(vcpu, vector)) {
                kvm_lapic_set_irr(vector, apic);
                kvm_make_request(KVM_REQ_EVENT, vcpu);
                kvm_vcpu_kick(vcpu);
        }

and in vmx_deliver_posted_interrupt

        r = vmx_deliver_nested_posted_interrupt(vcpu, vector);
        if (!r)
                return 0;

        if (!vcpu->arch.apicv_active)
                return -1;
        ...
        return 0;

Paolo