From: Isaku Yamahata Introduce a new module parameter, nested_apic_timer_virt, to control the nested virtualization of the APIC timer in KVM. The nested_apic_timer_virt parameter is set to true by default on processor platforms that support APIC timer virtualization. On platforms that do not support this feature, the parameter will indicate that APIC timer virtualization is not available. Signed-off-by: Isaku Yamahata --- arch/x86/kvm/vmx/capabilities.h | 1 + arch/x86/kvm/vmx/nested.c | 13 ++++++++++++- arch/x86/kvm/vmx/vmx.c | 2 +- 3 files changed, 14 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/vmx/capabilities.h b/arch/x86/kvm/vmx/capabilities.h index f73a50c887ac..8d8beae4839a 100644 --- a/arch/x86/kvm/vmx/capabilities.h +++ b/arch/x86/kvm/vmx/capabilities.h @@ -15,6 +15,7 @@ extern bool __read_mostly enable_ept; extern bool __read_mostly enable_unrestricted_guest; extern bool __read_mostly enable_ept_ad_bits; extern bool __read_mostly enable_pml; +extern bool __read_mostly enable_apic_timer_virt; extern int __read_mostly pt_mode; #define PT_MODE_SYSTEM 0 diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index a940f1d9ee83..fd2c3b11aabe 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -27,6 +27,10 @@ module_param_named(enable_shadow_vmcs, enable_shadow_vmcs, bool, S_IRUGO); static bool __ro_after_init warn_on_missed_cc; module_param(warn_on_missed_cc, bool, 0444); +static bool __read_mostly enable_nested_apic_timer_virt = true; +module_param_named(nested_apic_timer_virt, enable_nested_apic_timer_virt, bool, + S_IRUGO); + #define CC KVM_NESTED_VMENTER_CONSISTENCY_CHECK /* @@ -7485,13 +7489,20 @@ static void nested_vmx_setup_secondary_ctls(u32 ept_caps, static void nested_vmx_setup_tertiary_ctls(struct vmcs_config *vmcs_conf, struct nested_vmx_msrs *msrs) { - msrs->tertiary_ctls = vmcs_conf->cpu_based_3rd_exec_ctrl; + enable_nested_apic_timer_virt &= enable_apic_timer_virt; + msrs->tertiary_ctls = vmcs_conf->cpu_based_3rd_exec_ctrl; msrs->tertiary_ctls &= TERTIARY_EXEC_GUEST_APIC_TIMER; + if (!enable_nested_apic_timer_virt) + msrs->tertiary_ctls &= ~TERTIARY_EXEC_GUEST_APIC_TIMER; + if (msrs->tertiary_ctls) msrs->procbased_ctls_high |= CPU_BASED_ACTIVATE_TERTIARY_CONTROLS; + + if (!(msrs->tertiary_ctls & TERTIARY_EXEC_GUEST_APIC_TIMER)) + enable_nested_apic_timer_virt = false; } static void nested_vmx_setup_misc_data(struct vmcs_config *vmcs_conf, diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 76725f8dd228..bc4611629879 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -118,7 +118,7 @@ module_param(enable_ipiv, bool, 0444); module_param(enable_device_posted_irqs, bool, 0444); -static bool __read_mostly enable_apic_timer_virt = true; +bool __read_mostly enable_apic_timer_virt = true; module_param_named(apic_timer_virt, enable_apic_timer_virt, bool, 0444); /* -- 2.45.2