本文将记录下Intel® Architecture Instruction Set Extensions Programming Reference中的APIC-timer virtualization技术。笔者特意裁剪了本文相关的描述: APIC-timer virtualization

1. overview

The new feature virtualizes the TSC-deadline mode of the APIC timer. When this mode is active, software can program the APIC timer with a deadline written to the IA32_TSC_DEADLINE MSR. A timer interrupt becomes pending when the logical processor’s timestamp counter (TSC) is greater or equal to the deadline.

APIC-timer virtualization operates in conjunction with the existing virtual-interrupt delivery feature. With that feature, a virtual-machine monitor (VMM) establishes a virtual-APIC page in memory for each virtual logical processor (vCPU). A logical processor uses this page to virtualize certain aspects of APIC operation for the vCPU.

The feature is based on new guest-timer hardware that introduces two new architectural features: guest-timer events and a guest deadline. With APIC-timer virtualization, guest writes to the IA32_TSC_DEADLINE MSR do not interact with the APIC (or its timer) but instead establish a guest deadline to arm the guest-timer hardware. When a logical processor’s TSC is greater than or equal to the guest deadline(shadow context), a guest-timer event becomes pending. (笔者注:硬件)Processing of a guest-timer event updates the virtual-APIC page to record the fact that a new virtual interrupt is pending.

2. guest-timer hardware

A logical processor supports APIC-timer virtualization using new guest-timer hardware. Software controls this hardware using an unsigned 64-bit value called the guest deadline. (There is a separate guest deadline for each logical processor.) If the guest deadline is non-zero, a guest-timer event will be pending when the timestamp counter (TSC) reaches or exceeds the guest deadline.

3. changes to vmx non-root operation

The 1-setting of the “APIC-timer virtualization” VM-execution control changes how a logical processor responds to accesses to the IA32_TSC_DEADLINE MSR.

3.1 Accesses to the IA32_TSC_DEADLINE MSR

If the “APIC-timer virtualization” VM-execution control is 1, the operation of reads and writes to the
IA32_TSC_DEADLINE MSR (MSR 6E0H) is modified:

  • Any read from the IA32_TSC_DEADLINE MSR (e.g., by RDMSR) that does not cause a fault or a VM exit returns the value of the guest deadline shadow (from the VMCS).
  • Any write to the IA32_TSC_DEADLINE MSR (e.g., by WRMSR) that does not cause a fault or a VM exit is treated as follows:
    • The source operand is written to the guest deadline shadow (updating the VMCS).
    • If the source operand is zero, the guest deadline (the value that controls when hardware generates a guest time event) is cleared to 0.
    • If the source operand is not zero, the guest deadline is computed as follows. The source operand is interpreted as a virtual deadline. The processor converts that value to the actual guest deadline based on the current configuration of TSC offsetting and TSC scaling.

Note that when the “APIC-timer virtualization” VM-execution control is 1, such writes do not change the value of the IA32_TSC_DEADLINE MSR nor do they interact with the APIC timer in any way.

3.2 Processing of Guest-Timer Events

Processing of a guest-timer event updates the virtual-APIC page to cause a virtual timer interrupt to become pending. Specifically, the logical processor performs the following steps:

  • V := virtual timer vector;
  • VIRR[V] := 1;// update virtual IRR field on virtual-APIC page
  • RVI := max{RVI, V};// update guest interrupt status field in VMCS
  • evaluate pending virtual interrupts;// a virtual interrupt may be delivered immediately after this processing
  • Guest deadline := 0;
  • Guest deadline shadow := 0;

4. 总结

  • guest 在non-root mode写IA32_TSC_DEADLINE MSR时,无需发生VM Exit,硬件会更新guest deadline shadow(virtual context),同时也会更新guest deadline(shadow context);
  • 硬件会利用guest deadline(the value that controls when hardware generates a guest time event)与physical TSC相比,当physical timestap大于等于guest deadline时,就会给non-root mode的vCPU注入timer中断
  • 给vCPU注入的timer中断vector由Virtual timer vector决定

利用three context思想以及理解上述三个VMCS fields的作用,即可对APIC-timer virtualization有深入的理解。

5. Q & A

Q: hypervisor如何获知vCPU的timer中断vector的呢?
A: guest配置LVT的Timer时,会发生VM Exit,这样hypervisor就可以知道vCPU的timer中断vector,然后将Virtual timer vector这一VMCS field设置为vCPU的timer中断vector即可!