git.ipfire.org Git - thirdparty/linux.git/commit

author	Sean Christopherson <seanjc@google.com>
	Fri, 15 May 2026 17:15:36 +0000 (10:15 -0700)
committer	Sean Christopherson <seanjc@google.com>
	Thu, 21 May 2026 21:24:57 +0000 (14:24 -0700)
commit	a9e18aa3263f356edae305e29830e5fe63d8597a
tree	0b6e9107fbf09ec3ca9ccbe6ab01cb9ef3f633c9	tree \| snapshot
parent	b60621c5121c9435eda99af7dc2100f5c0f88695	commit \| diff

KVM: SVM: Flush the current TLB when transitioning from xAVIC => x2AVIC

Flush the current TLB when xAVIC *or* x2AVIC is activated, as KVM is
(apparently) responsible for purging TLB entries when transitioning from
xAVIC to x2AVIC. The APM says a whole lot of nothing about TLB flushing
with respect to (x2)AVIC, but empirical data strongly suggests hardware
also does a whole lot of nothing.

Failure to flush the TLB when enabling x2AVIC can lead to guest accesses
to the APIC base address getting incorrectly redirected to the virtual
APIC page. The flaw most visibly manifests as failures in KVM-Unit-Test's
verify_disabled_apic_mmio() testcase when x2APIC is enabled (though for
reasons unknown, the test only reliably fails with EFI builds).

Fixes: 0ccf3e7cb95a ("KVM: SVM: Flush the "current" TLB when activating AVIC")
Fixes: 4d1d7942e36a ("KVM: SVM: Introduce logic to (de)activate x2AVIC mode")
Cc: stable@vger.kernel.org
Cc: Naveen N Rao (AMD) <naveen@kernel.org>
Link: https://patch.msgid.link/20260515171536.1841645-1-seanjc@google.com
Signed-off-by: Sean Christopherson <seanjc@google.com>