Re: [PATCH v2 3/3] KVM: x86: Add a module param to control and enumerate device posted IRQs

Sean Christopherson <seanjc@xxxxxxxxxx> · Thu, 20 Mar 2025 10:59:19 -0700

On Thu, Mar 20, 2025, Sean Christopherson wrote:
> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> index f76d655dc9a8..e7eb2198db26 100644
> --- a/arch/x86/kvm/x86.c
> +++ b/arch/x86/kvm/x86.c
> @@ -227,6 +227,10 @@ EXPORT_SYMBOL_GPL(allow_smaller_maxphyaddr);
>  bool __read_mostly enable_apicv = true;
>  EXPORT_SYMBOL_GPL(enable_apicv);
>  
> +bool __read_mostly enable_device_posted_irqs = true;
> +module_param(enable_device_posted_irqs, bool, 0444);
> +EXPORT_SYMBOL_GPL(enable_device_posted_irqs);
> +
>  const struct _kvm_stats_desc kvm_vm_stats_desc[] = {
>  	KVM_GENERIC_VM_STATS(),
>  	STATS_DESC_COUNTER(VM, mmu_shadow_zapped),
> @@ -9772,6 +9776,9 @@ int kvm_x86_vendor_init(struct kvm_x86_init_ops *ops)
>  	if (r != 0)
>  		goto out_mmu_exit;
>  
> +	enable_device_posted_irqs &= enable_apicv &&
> +				     irq_remapping_cap(IRQ_POSTING_CAP);

Drat, this is flawed.  Putting the module param in kvm.ko means that loading
kvm.ko with enable_device_posted_irqs=true, but a vendor module with APICv/AVIC
disabled, leaves enable_device_posted_irqs disabled for the lifetime of kvm.ko.
I.e. reloading the vendor module with APICv/AVIC enabled can't enable device
posted IRQs.

Option #1 is to do what we do for enable_mmio_caching, and snapshot userspace's
desire.

diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index e7eb2198db26..c84ad9109108 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -228,6 +228,7 @@ bool __read_mostly enable_apicv = true;
 EXPORT_SYMBOL_GPL(enable_apicv);
 
 bool __read_mostly enable_device_posted_irqs = true;
+bool __ro_after_init allow_device_posted_irqs;
 module_param(enable_device_posted_irqs, bool, 0444);
 EXPORT_SYMBOL_GPL(enable_device_posted_irqs);
 
@@ -9776,8 +9777,8 @@ int kvm_x86_vendor_init(struct kvm_x86_init_ops *ops)
        if (r != 0)
                goto out_mmu_exit;
 
-       enable_device_posted_irqs &= enable_apicv &&
-                                    irq_remapping_cap(IRQ_POSTING_CAP);
+       enable_device_posted_irqs = allow_device_posted_irqs && enable_apicv &&
+                                   irq_remapping_cap(IRQ_POSTING_CAP);
 
        kvm_ops_update(ops);
 
@@ -14033,6 +14034,8 @@ EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_rmp_fault);
 
 static int __init kvm_x86_init(void)
 {
+       allow_device_posted_irqs = enable_device_posted_irqs;
+
        kvm_init_xstate_sizes();
 
        kvm_mmu_x86_module_init();


Option #2 is to shove the module param into vendor code, but leave the variable
in kvm.ko, like we do for enable_apicv.

I'm leaning toward option #2, as it's more flexible, arguably more intuitive, and
doesn't prevent putting the logic in kvm_x86_vendor_init().







