git.baikalelectronics.ru Git - kernel.git/commit

author	Sean Christopherson <seanjc@google.com>
	Fri, 6 Jan 2023 01:12:36 +0000 (01:12 +0000)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Fri, 10 Mar 2023 08:34:12 +0000 (09:34 +0100)
commit	56b9c7bfe5d2c451f13b81ff3c74d42e16ec1523
tree	aff92cd5e03c9eadfe256ae39590ec0f4a6b10da	tree \| snapshot
parent	5e05ff30a0d86c85b2b8099ea079c5ae86c31df0	commit \| diff

KVM: SVM: Flush the "current" TLB when activating AVIC

commit 591fc07ca143f9a4976797d796159fc99cb4cfde upstream.

Flush the TLB when activating AVIC as the CPU can insert into the TLB
while AVIC is "locally" disabled. KVM doesn't treat "APIC hardware
disabled" as VM-wide AVIC inhibition, and so when a vCPU has its APIC
hardware disabled, AVIC is not guaranteed to be inhibited. As a result,
KVM may create a valid NPT mapping for the APIC base, which the CPU can
cache as a non-AVIC translation.

Note, Intel handles this in vmx_set_virtual_apic_mode().

Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Cc: stable@vger.kernel.org
Signed-off-by: Sean Christopherson <seanjc@google.com>
Reviewed-by: Maxim Levitsky <mlevitsk@redhat.com>
Message-Id: <20230106011306.85230-4-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>