KVM: x86: Assume timer IRQ was injected if APIC state is protected

If APIC state is protected, i.e. the vCPU is a TDX guest, assume a timer
IRQ was injected when deciding whether or not to busy wait in the "timer
advanced" path.  The "real" vIRR is not readable/writable, so trying to
query for a pending timer IRQ will return garbage.

Note, TDX can scour the PIR if it wants to be more precise and skip the
"wait" call entirely.

Signed-off-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Binbin Wu <binbin.wu@linux.intel.com>
Message-ID: <20250222014757.897978-6-binbin.wu@linux.intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c
index bbdede07d0630003b79837bfa0bb30e030828095..e78b1d223230c8f9baeb68c524a391e9969b6fca 100644 (file)
--- a/arch/x86/kvm/lapic.c
+++ b/arch/x86/kvm/lapic.c
@@ -1797,8 +1797,17 @@ static void apic_update_lvtt(struct kvm_lapic *apic)
 static bool lapic_timer_int_injected(struct kvm_vcpu *vcpu)
 {
        struct kvm_lapic *apic = vcpu->arch.apic;
-       u32 reg = kvm_lapic_get_reg(apic, APIC_LVTT);
+       u32 reg;
 
+       /*
+        * Assume a timer IRQ was "injected" if the APIC is protected.  KVM's
+        * copy of the vIRR is bogus, it's the responsibility of the caller to
+        * precisely check whether or not a timer IRQ is pending.
+        */
+       if (apic->guest_apic_protected)
+               return true;
+
+       reg = kvm_lapic_get_reg(apic, APIC_LVTT);
        if (kvm_apic_hw_enabled(apic)) {
                int vec = reg & APIC_VECTOR_MASK;
                void *bitmap = apic->regs + APIC_ISR;