APIC access does not force VMM exit (44 apic access)

[steven765]

I must be missing something simple. I'm trying to virtualize interrupts on our custom VMM.

I have configured the apic_access_page in the vmcs, I enabled virtualize apic access in the execution control fields.

I confirmed the physical address programmed into the vmcs->apic_access_page is the one we try to access from the guest.

However when I let the guest run I see no vm exit's for type 44 when it tries to setup the APIC. It just runs straight through.

[alexfru]

If I'm not mistaken, in Hyper-V we had to intercept APIC register accesses in VMs "manually", basically by monitoring page faults. Does your CPU actually support automatic VM exits on APIC accesses?

Other than that, I'd need to read the manual to see all the involved logic (EPT and what not) to make guesses and further suggestions.

[steven765]

According to the manuals (as i understand them) it should force a 44 exit with the information about the apic register they were trying to access and the value. If i don't map in the page, naturally it causes an ept violation. That means I have to inject interrupts into the guest?

Many Thanks!

[alexfru]

Obviously, you do need to inject interrupts as the hardware APIC is not supposed to be shared across VM OSes and the host OS.
VM interrupts come from outside the VM. But, as I understand it, that alone has little to nothing do with a VM accessing virtual APIC registers. After all, it needs to configure what it thinks is the APIC and it needs to first receive an interrupt and only then use the APIC to, for example, acknowledge them.