Skip to content
  • Chenyi Qiang's avatar
    KVM: VMX: Enable bus lock VM exit · fe6b6bc8
    Chenyi Qiang authored
    Virtual Machine can exploit bus locks to degrade the performance of
    system. Bus lock can be caused by split locked access to writeback(WB)
    memory or by using locks on uncacheable(UC) memory. The bus lock is
    typically >1000 cycles slower than an atomic operation within a cache
    line. It also disrupts performance on other cores (which must wait for
    the bus lock to be released before their memory operations can
    To address the threat, bus lock VM exit is introduced to notify the VMM
    when a bus lock was acquired, allowing it to enforce throttling or other
    policy based mitigations.
    A VMM can enable VM exit due to bus locks by setting a new "Bus Lock
    Detection" VM-execution control(bit 30 of Secondary Processor-based VM
    execution controls). If delivery of this VM exit was preempted by a
    higher priority VM exit (e.g. EPT misconfiguration, EPT violation, APIC
    access VM exit, APIC write VM exit, exception bitmap exiting), bit 26 of
    exit reason in vmcs field is set to 1.
    In current implementation, the KVM exposes this capability through
    KVM_CAP_X86_BUS_LOCK_EXIT. The user can get the supported mode bitmap
    (i.e. off and exit) and enable it explicitly (disabled by default). If
    bus locks in guest are detected by KVM, exit to user space even when
    current exit reason is handled by KVM internally. Set a new field
    KVM_RUN_BUS_LOCK in vcpu->run->flags to inform the user space that there
    is a bus lock detected in guest.
    Document for Bus Lock VM exit is now available at the latest "Intel
    Architecture Instruction Set Extensions Programming Reference".
    Document Link:
    Co-developed-by: default avatarXiaoyao Li <>
    Signed-off-by: default avatarXiaoyao Li <>
    Signed-off-by: default avatarChenyi Qiang <>
    Message-Id: <>
    Signed-off-by: default avatarPaolo Bonzini <>