git.ipfire.org Git - thirdparty/linux.git/commit

author	Sean Christopherson <seanjc@google.com>
	Fri, 9 Jan 2026 03:45:31 +0000 (19:45 -0800)
committer	Sean Christopherson <seanjc@google.com>
	Wed, 14 Jan 2026 01:35:32 +0000 (17:35 -0800)
commit	249cc1ab4b9a5caa63d7e9c5a5b7862046089dd4
tree	cbc2a5ca86b912dd05346a77b84fa1a9dcc11e45	tree
parent	51c821d6d0ba038506d8b1c522f0b2b0ed756dd3	commit \| diff

KVM: nVMX: Switch to vmcs01 to set virtual APICv mode on-demand if L2 is active

If L1's virtual APIC mode changes while L2 is active, e.g. because L1
doesn't intercept writes to the APIC_BASE MSR and L2 changes the mode,
temporarily load vmcs01 and do all of the necessary actions instead of
deferring the update until the next nested VM-Exit.

This will help in fixing yet more issues related to updates while L2 is
active, e.g. KVM neglects to update vmcs02 MSR intercepts if vmcs01's MSR
intercepts are modified while L2 is active. Not updating x2APIC MSRs is
benign because vmcs01's settings are not factored into vmcs02's bitmap, but
deferring the x2APIC MSR updates would create a weird, inconsistent state.

Reviewed-by: Chao Gao <chao.gao@intel.com>
Link: https://patch.msgid.link/20260109034532.1012993-8-seanjc@google.com
Signed-off-by: Sean Christopherson <seanjc@google.com>

arch/x86/kvm/vmx/nested.c		diff \| blob \| blame \| history
arch/x86/kvm/vmx/vmx.c		diff \| blob \| blame \| history
arch/x86/kvm/vmx/vmx.h		diff \| blob \| blame \| history