On 7/9/2024 11:21 PM, Manali Shukla wrote: > Malicious guests can cause bus locks to degrade the performance of a > system. Non-WB (write-back) and misaligned locked RMW > (read-modify-write) instructions are referred to as "bus locks" and > require system wide synchronization among all processors to guarantee > the atomicity. The bus locks can impose notable performance penalties > for all processors within the system. > > Support for the Bus Lock Threshold is indicated by CPUID > Fn8000_000A_EDX[29] BusLockThreshold=1, the VMCB provides a Bus Lock > Threshold enable bit and an unsigned 16-bit Bus Lock Threshold count. > > VMCB intercept bit > VMCB Offset Bits Function > 14h 5 Intercept bus lock operations > > Bus lock threshold count > VMCB Offset Bits Function > 120h 15:0 Bus lock counter > > During VMRUN, the bus lock threshold count is fetched and stored in an > internal count register. Prior to executing a bus lock within the > guest, the processor verifies the count in the bus lock register. If > the count is greater than zero, the processor executes the bus lock, > reducing the count. However, if the count is zero, the bus lock > operation is not performed, and instead, a Bus Lock Threshold #VMEXIT > is triggered to transfer control to the Virtual Machine Monitor (VMM). > > A Bus Lock Threshold #VMEXIT is reported to the VMM with VMEXIT code > 0xA5h, VMEXIT_BUSLOCK. EXITINFO1 and EXITINFO2 are set to 0 on > a VMEXIT_BUSLOCK. On a #VMEXIT, the processor writes the current > value of the Bus Lock Threshold Counter to the VMCB. > > More details about the Bus Lock Threshold feature can be found in AMD > APM [1]. > > Patches are prepared on kvm-x86/svm (704ec48fc2fb) > > Testing done: > - Added a selftest for the Bus Lock Threadshold functionality. > - Tested the Bus Lock Threshold functionality on SEV and SEV-ES guests. > - Tested the Bus Lock Threshold functionality on nested guests. > > Qemu changes can be found on: > Repo: https://github.com/AMDESE/qemu.git > Branch: buslock_threshold > > Qemu commandline to use the bus lock threshold functionality: > qemu-system-x86_64 -enable-kvm -cpu EPYC-Turin,+svm -M q35,bus-lock-ratelimit=10 \ .. > > [1]: AMD64 Architecture Programmer's Manual Pub. 24593, April 2024, > Vol 2, 15.14.5 Bus Lock Threshold. > https://bugzilla.kernel.org/attachment.cgi?id=306250 > > Manali Shukla (2): > x86/cpufeatures: Add CPUID feature bit for the Bus Lock Threshold > KVM: x86: nSVM: Implement support for nested Bus Lock Threshold > > Nikunj A Dadhania (2): > KVM: SVM: Enable Bus lock threshold exit > KVM: selftests: Add bus lock exit test > > arch/x86/include/asm/cpufeatures.h | 1 + > arch/x86/include/asm/svm.h | 5 +- > arch/x86/include/uapi/asm/svm.h | 2 + > arch/x86/kvm/governed_features.h | 1 + > arch/x86/kvm/svm/nested.c | 25 ++++ > arch/x86/kvm/svm/svm.c | 48 ++++++++ > arch/x86/kvm/svm/svm.h | 1 + > arch/x86/kvm/x86.h | 1 + > tools/testing/selftests/kvm/Makefile | 1 + > .../selftests/kvm/x86_64/svm_buslock_test.c | 114 ++++++++++++++++++ > 10 files changed, 198 insertions(+), 1 deletion(-) > create mode 100644 tools/testing/selftests/kvm/x86_64/svm_buslock_test.c > > > base-commit: 704ec48fc2fbd4e41ec982662ad5bf1eee33eeb2 A gentle reminder. -Manali
