On 12/11/2025 10:35 am, Teddy Astie wrote: > Le 29/10/2025 à 19:26, Teddy Astie a écrit : >> Introduce a new flag to force the x2APIC enabled and preventing a >> guest from switching back LAPIC to xAPIC mode. >> >> The semantics of this mode are based IA32_XAPIC_DISABLE_STATUS >> architectural MSR of Intel specification. >> >> Signed-off-by: Teddy Astie <[email protected]> >> --- >> This feature can be useful for various reasons, starting with SEV as >> it is complicated (especially with SEV-ES) to handle MMIO, and legacy >> xAPIC is one thing that needs MMIO intercepts (and Linux uses it during >> boot unless x2APIC is initially enabled, even if it switches to >> x2apic afterward). It could also be interesting to reduce the attack >> surface of the hypervisor (by only exposing x2apic to the guest). >> >> As it can allow to have MMIO-less guest (using PVH), perhaps it can >> be enough for avoiding the problematic cases of virtualized INVLPGB >> (when we have it). >> >> In my testing, Linux, FreeBSD and PV-shim works fine with it; OVMF >> freezes for some reason, NetBSD doesn't support it (no x2apic support >> as Xen guest). HVM BIOS gets stuck at SeaBIOS as it expects booting >> with xAPIC. >> >> On Intel platforms, it would be better to expose the >> IA32_XAPIC_DISABLE_STATUS architectural MSR to advertise this to >> guest, but it's non-trivial as it needs to be properly exposed >> through IA32_ARCH_CAPABILITIES which is currently passed-through. >> >> docs/man/xl.cfg.5.pod.in | 7 +++++++ >> tools/libs/light/libxl_types.idl | 1 + >> tools/libs/light/libxl_x86.c | 4 ++++ >> tools/xl/xl_parse.c | 1 + >> xen/arch/x86/domain.c | 2 +- >> xen/arch/x86/hvm/hvm.c | 2 ++ >> xen/arch/x86/hvm/vlapic.c | 23 ++++++++++++++++++++++- >> xen/arch/x86/include/asm/domain.h | 2 ++ >> xen/arch/x86/include/asm/hvm/domain.h | 3 +++ >> xen/include/public/arch-x86/xen.h | 12 +++++++++++- >> 10 files changed, 54 insertions(+), 3 deletions(-) >> > I guess for now, it would be preferable overall to : > - just add a way to enable it by default, not lock in it in x2apic mode > - the ability to lock it down (i.e disable xAPIC at compile time) could > be introduced separately > > I'm not completely decided on the naming of the option, maybe something > like : > x2apic_mode = <default> | <pre_enable> (or just enable ?) > > `default` will keep the current behavior, or force x2apic if xAPIC is > disabled at compile time; `pre_enable` will enable it by default, but OS > may be able to go back to xAPIC mode if supported.
You don't need any new hypercalls. Just set the state correctly in a LAPIC record in libxg's vcpu_hvm(). ~Andrew
