proxmox-mirrors/mirror_ubuntu-kernels
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_ubuntu-kernels.git synced 2026-01-24 09:10:01 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
fe6b6bc802
mirror_ubuntu-kernels/arch/x86/kvm
History
Chenyi Qiang fe6b6bc802 KVM: VMX: Enable bus lock VM exit 
Virtual Machine can exploit bus locks to degrade the performance of
system. Bus lock can be caused by split locked access to writeback(WB)
memory or by using locks on uncacheable(UC) memory. The bus lock is
typically >1000 cycles slower than an atomic operation within a cache
line. It also disrupts performance on other cores (which must wait for
the bus lock to be released before their memory operations can
complete).

To address the threat, bus lock VM exit is introduced to notify the VMM
when a bus lock was acquired, allowing it to enforce throttling or other
policy based mitigations.

A VMM can enable VM exit due to bus locks by setting a new "Bus Lock
Detection" VM-execution control(bit 30 of Secondary Processor-based VM
execution controls). If delivery of this VM exit was preempted by a
higher priority VM exit (e.g. EPT misconfiguration, EPT violation, APIC
access VM exit, APIC write VM exit, exception bitmap exiting), bit 26 of
exit reason in vmcs field is set to 1.

In current implementation, the KVM exposes this capability through
KVM_CAP_X86_BUS_LOCK_EXIT. The user can get the supported mode bitmap
(i.e. off and exit) and enable it explicitly (disabled by default). If
bus locks in guest are detected by KVM, exit to user space even when
current exit reason is handled by KVM internally. Set a new field
KVM_RUN_BUS_LOCK in vcpu->run->flags to inform the user space that there
is a bus lock detected in guest.

Document for Bus Lock VM exit is now available at the latest "Intel
Architecture Instruction Set Extensions Programming Reference".

Document Link:
https://software.intel.com/content/www/us/en/develop/download/intel-architecture-instruction-set-extensions-programming-reference.html

Co-developed-by: Xiaoyao Li <xiaoyao.li@intel.com>
Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
Signed-off-by: Chenyi Qiang <chenyi.qiang@intel.com>
Message-Id: <20201106090315.18606-4-chenyi.qiang@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-02-04 05:27:21 -05:00
..
mmu KVM: x86/mmu: Remove the defunct update_pte() paging hook 2021-02-04 05:27:17 -05:00
svm KVM/SVM: add support for SEV attestation command 2021-02-04 05:27:20 -05:00
vmx KVM: VMX: Enable bus lock VM exit 2021-02-04 05:27:21 -05:00
cpuid.c KVM: Expose AVX_VNNI instruction to guset 2021-02-04 05:27:16 -05:00
cpuid.h KVM: x86: reinstate vendor-agnostic check on SPEC_CTRL cpuid bits 2020-12-11 19:05:13 -05:00
debugfs.c KVM: let kvm_destroy_vm_debugfs clean up vCPU debugfs directories 2020-06-04 11:00:54 -04:00
emulate.c KVM: x86: Update emulator context mode if SYSENTER xfers to 64-bit mode 2021-02-02 12:03:54 -05:00
hyperv.c KVM: x86: hyper-v: allow KVM_GET_SUPPORTED_HV_CPUID as a system ioctl 2020-11-15 09:49:11 -05:00
hyperv.h KVM: x86: hyper-v: allow KVM_GET_SUPPORTED_HV_CPUID as a system ioctl 2020-11-15 09:49:11 -05:00
i8254.c kvm: i8254: remove redundant assignment to pointer s 2020-06-11 12:35:18 -04:00
i8254.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
i8259.c KVM: x86: Refactor picdev_write() to prevent Spectre-v1/L1TF attacks 2020-01-27 19:59:37 +01:00
ioapic.c KVM: ioapic: break infinite recursion on lazy EOI 2020-10-24 04:42:06 -04:00
ioapic.h kvm/x86: Remove redundant function implementations 2020-05-27 13:11:10 -04:00
irq_comm.c x86/kvm: Use msi_msg shadow structs 2020-10-28 20:26:26 +01:00
irq.c KVM: x86: Fix split-irqchip vs interrupt injection window request 2020-11-27 09:27:28 -05:00
irq.h kvm/x86: Remove redundant function implementations 2020-05-27 13:11:10 -04:00
Kconfig KVM: SVM: Add support for SEV-ES capability in KVM 2020-12-14 11:09:31 -05:00
kvm_cache_regs.h KVM: x86: Revert "KVM: x86: Mark GPRs dirty when written" 2021-01-25 18:52:10 -05:00
kvm_emulate.h ARM: 2020-04-02 15:13:15 -07:00
lapic.c KVM: SVM: Add support for booting APs in an SEV-ES guest 2021-01-07 18:11:37 -05:00
lapic.h KVM: nVMX: Morph notification vector IRQ on nested VM-Enter to pending PI 2020-09-28 07:57:22 -04:00
Makefile KVM: X86: Implement ring-based dirty memory tracking 2020-11-15 09:49:15 -05:00
mmu.h KVM: x86/mmu: Use boolean returns for (S)PTE accessors 2021-02-04 05:27:15 -05:00
mtrr.c KVM: x86: remove bogus #GP injection 2020-12-15 05:18:30 -05:00
pmu.c KVM/x86: pmu: Fix #GP condition check for RDPMC emulation 2020-07-09 07:08:37 -04:00
pmu.h kvm: x86: limit the maximum number of vPMU fixed counters to 3 2020-07-08 16:21:59 -04:00
trace.h KVM: SVM: Create trace events for VMGEXIT MSR protocol processing 2020-12-15 05:20:49 -05:00
tss.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
x86.c KVM: VMX: Enable bus lock VM exit 2021-02-04 05:27:21 -05:00
x86.h KVM: x86: Supplement __cr4_reserved_bits() with X86_FEATURE_PCID check 2021-02-01 12:43:02 -05:00