On Thu, Sep 18, 2025 at 11:10 PM Borislav Petkov <b...@alien8.de> wrote: > > On Thu, Sep 18, 2025 at 11:00:23AM -0400, Tianyu Lan wrote: > > Secure AVIC hardware provides APIC backing page > > to aid the guest in limiting which interrupt > > vectors can be injected into the guest. Hyper-V > > introduces a new register HV_X64_REGISTER_SEV_GPA_PAGE > > to notify hypervisor with APIC backing page and call > > it in Secure AVIC driver. > > Why does hyperv needs special handling again and cannot simply adhere to the > secure AVIC spec? > > None of that text explains *why* it is absolutely necessary to do something > hyperv-special...
Hyper-V uses a different hvcall to register an APIC backing page. > > > @@ -361,7 +364,11 @@ static void savic_setup(void) > > * VMRUN, the hypervisor makes use of this information to make sure > > * the APIC backing page is mapped in NPT. > > */ > > - res = savic_register_gpa(gpa); > > + if (hv_isolation_type_snp()) > > + res = hv_set_savic_backing_page(gfn); > > + else > > + res = savic_register_gpa(gpa); > > + > > This is ugly and doesn't belong here. > Could I move the check into savic_register_gpa() or add a stub function to check guest runs on Hyper-V or not and then call associated function to register APIC backing page? -- Thanks Tianyu Lan
