[svsm-devel] [EXTERNAL] Questions about Alternate Injection and timers

Jon Lange jlange at microsoft.com
Tue May 20 21:11:00 CEST 2025 

APIC timers use the timer LVT entry to define which interrupt vector should be signaled when a timer is due.  It is up to software to decide which vector to program into the timer LVT.

Vectors 0-31 are not legal interrupt vectors.  This is inherent in the x86/x64 specification.  Vector 0 is the #DE exception and cannot be associated with an interrupt.  I'm not well versed in the legacy PIC, but I suspect that the PIC uses interrupt source zero, not vector zero, to describe a timer.  The IOAPIC is supposed to translate interrupts sources to vector numbers, so I expect the IOAPIC would be able to associate the PIC timer with whatever vector number is desired by software.

The use of vector 0x50 - or any vector in the SVSM - assumes the availability of KVM planes, which is a feature that is still in development.  Once KVM planes have been implemented, then every VMPL will have its own vector space, and the use of vector 0x50 (or any other vector) would not collide across VMPLs.  The Alternate Injection design relies on the availability of such a feature, because the SVSM must be able to signal itself in order to complete interrupt injection, and without planes, this is impossible.

The choice of 0x50 was arbitrary, and was chosen before generic IPI support was implemented in the SVSM.  We could have decided that cross-processor Alternate Injection could be accomplished through the use of generic IPIs.  However, generic IPIs also rely on planes to give the SVSM the ability to signal itself.  I'm afraid that you're going to have to wait for planes to be ready before making further progress on top of KVM.

-Jon

-----Original Message-----
From: Melody (Huibo) Wang <huibo.wang at amd.com> 
Sent: Tuesday, May 20, 2025 11:48 AM
To: Jon Lange <jlange at microsoft.com>; svsm-devel at coconut-svsm.dev
Cc: Lendacky, Thomas <Thomas.Lendacky at amd.com>
Subject: [EXTERNAL] Questions about Alternate Injection and timers

Hi Jon,

I have a few questions I would like to clarify with you.

1. How do you envision the whole flow of injecting a timer interrupt into an
   AI-enabled guest with a SVSM?

   Qemu+KVM enables both the PIC and APIC by default and it tries to inject IRQ 0 as a timer
   interrupt but the spec talks only about vectors 31-255 will be handled
   by the SVSM What about 0-31 and 0 especially which is the PIC timer
   interrupt line?

2. In Coconut SVSM, we do not use "Injection Notification Vector" 0x50 to
   differentiate this #HV is for SVSM or lower VMPL, instead the SVSM is
   reading the extended interrupt information from the doorbell page
   automatically. At least I don't see where in the code we use vector 0x50 to
   do the differentiation.

   I would imagine we should use this vector to see if we need to read the
   doorbell page and after that we should clear this bit. We would need to
   make sure that KVM and SVSM are "compatible" in the pending event field,
   no?


As always, thanks for the help!

Melody

More information about the Svsm-devel mailing list