subject:"\[PATCH v7 38\/52\] i386\/apic\: Skip kvm_apic_put\(\) for TDX"

Re: [PATCH v7 38/52] i386/apic: Skip kvm_apic_put() for TDX

2025-03-02 Thread Xiaoyao Li

On 2/28/2025 12:57 AM, Francesco Lavra wrote: On Fri, 2025-01-24 at 08:20 -0500, Xiaoyao Li wrote: KVM neithers allow writing to MSR_IA32_APICBASE for TDs, nor allow for KVM_SET_LAPIC[*]. Note, KVM_GET_LAPIC is also disallowed for TDX. It is called in the path do_kvm_cpu_synchronize_state()

Re: [PATCH v7 38/52] i386/apic: Skip kvm_apic_put() for TDX

2025-02-27 Thread Francesco Lavra

On Fri, 2025-01-24 at 08:20 -0500, Xiaoyao Li wrote: > KVM neithers allow writing to MSR_IA32_APICBASE for TDs, nor allow > for > KVM_SET_LAPIC[*]. > > Note, KVM_GET_LAPIC is also disallowed for TDX. It is called in the > path > > do_kvm_cpu_synchronize_state() > -> kvm_arch_get_registers() >

[PATCH v7 38/52] i386/apic: Skip kvm_apic_put() for TDX

2025-01-24 Thread Xiaoyao Li

KVM neithers allow writing to MSR_IA32_APICBASE for TDs, nor allow for KVM_SET_LAPIC[*]. Note, KVM_GET_LAPIC is also disallowed for TDX. It is called in the path do_kvm_cpu_synchronize_state() -> kvm_arch_get_registers() -> kvm_get_apic() and it's already disllowed for confidential gues