From: Kishon Vijay Abraham I <kvijayab@xxxxxxx> Virtual GIF (VGIF) providing masking capability for when virtual interrupts (virtual maskable interrupts, virtual NMIs) can be taken by the guest vCPU. Secure AVIC hardware reads VGIF state from the vCPU's VMSA. So, set VGIF for secondary CPUs (the configuration for boot CPU is done by the hypervisor), to unmask delivery of virtual interrupts to the vCPU. Signed-off-by: Kishon Vijay Abraham I <kvijayab@xxxxxxx> Reviewed-by: Tianyu Lan <tiala@xxxxxxxxxxxxx> Signed-off-by: Neeraj Upadhyay <Neeraj.Upadhyay@xxxxxxx> --- Changes since v9: - Commit log update. arch/x86/coco/sev/core.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/x86/coco/sev/core.c b/arch/x86/coco/sev/core.c index da9fa9d7254b..37b1d41e68d0 100644 --- a/arch/x86/coco/sev/core.c +++ b/arch/x86/coco/sev/core.c @@ -974,6 +974,9 @@ static int wakeup_cpu_via_vmgexit(u32 apic_id, unsigned long start_ip, unsigned vmsa->x87_ftw = AP_INIT_X87_FTW_DEFAULT; vmsa->x87_fcw = AP_INIT_X87_FCW_DEFAULT; + if (cc_platform_has(CC_ATTR_SNP_SECURE_AVIC)) + vmsa->vintr_ctrl |= V_GIF_MASK; + /* SVME must be set. */ vmsa->efer = EFER_SVME; -- 2.34.1
