From: Sean Christopherson <seanjc@google.com>
To: FirstName LastName <vannapurve@google.com>
Cc: pbonzini@redhat.com, dave.hansen@linux.intel.com,
rick.p.edgecombe@intel.com, dapeng1.mi@linux.intel.com,
mizhang@google.com, jmattson@google.com, kvm@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH 2/2] KVM: TDX: Disable pmu virtualization for TDX VMs
Date: Wed, 6 May 2026 16:03:20 -0700 [thread overview]
Message-ID: <afvIuEuSYuktmtA2@google.com> (raw)
In-Reply-To: <20260505014118.3783476-3-vannapurve@google.com>
On Tue, May 05, 2026, FirstName LastName wrote:
> From: Vishal Annapurve <vannapurve@google.com>
>
> TDX module virtualizes PMU for TDX VMs[1]. Host has following
> toggles to control the PMU functionality exposed to TDX VMs:
> 1) Configure TD_PARAMS to allow guests to use performance monitoring.
> 2) Restrict the TD to a subset of the PEBS counters if supported.
> 3) Limit the TD to setup a certain perfmon events using basic/enhanced
> event filtering.
>
> KVM will need to be enlightened to support these toggles. Explicitly
> disable PMU virtualization for TDX VMs by default until such a support lands.
>
> [1] Section 15.2: https://cdrdv2.intel.com/v1/dl/getContent/733575
>
> Suggested-by: Sean Christopherson <seanjc@google.com>
> Signed-off-by: Vishal Annapurve <vannapurve@google.com>
> ---
> arch/x86/kvm/vmx/tdx.c | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c
> index 1e47c194af53..01498c25942d 100644
> --- a/arch/x86/kvm/vmx/tdx.c
> +++ b/arch/x86/kvm/vmx/tdx.c
> @@ -638,6 +638,12 @@ int tdx_vm_init(struct kvm *kvm)
> kvm->arch.has_private_mem = true;
> kvm->arch.disabled_quirks |= KVM_X86_QUIRK_IGNORE_GUEST_PAT;
>
> + /*
> + * PMU support is provide by the TDX-Module (if enabled for the VM).
> + * From KVM's perspective, the VM doesn't have a virtual PMU.
> + */
> + kvm->arch.enable_pmu = false;
Gah, I forgot that KVM_CAP_PMU_CAPABILITY allows re-enabling PMU support (which
is really quite annoying). Unless we want to risk breaking userspace, the best
idea I can come up with is to add a has_protected_pmu flag, and then disallow
KVM_CAP_PMU_CAPABILITY.
The question then becomes, do we keep patch 1 and also clear enable_pmu in tdx.c,
or do we keep the ordering and have kvm_arch_init_vm() consume has_protected_pmu?
Neither one is particularly awesome :-/
diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
index c470e40a00aa..8371dcaaed1a 100644
--- a/arch/x86/include/asm/kvm_host.h
+++ b/arch/x86/include/asm/kvm_host.h
@@ -1422,6 +1422,7 @@ struct kvm_arch {
bool has_private_mem;
bool has_protected_state;
bool has_protected_eoi;
+ bool has_protected_pmu;
bool pre_fault_allowed;
struct hlist_head *mmu_page_hash;
struct list_head active_mmu_pages;
diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c
index 04ce321ebdf3..3ba295bd44f8 100644
--- a/arch/x86/kvm/vmx/tdx.c
+++ b/arch/x86/kvm/vmx/tdx.c
@@ -635,6 +635,7 @@ int tdx_vm_init(struct kvm *kvm)
* i.e. all EOIs are accelerated and never trigger exits.
*/
kvm->arch.has_protected_eoi = true;
+ kvm->arch.has_protected_pmu = true;
kvm->arch.has_private_mem = true;
kvm->arch.disabled_quirks |= KVM_X86_QUIRK_IGNORE_GUEST_PAT;
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 0a1b63c63d1a..57d78255c80c 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -6910,7 +6910,8 @@ int kvm_vm_ioctl_enable_cap(struct kvm *kvm,
break;
mutex_lock(&kvm->lock);
- if (!kvm->created_vcpus && !kvm->arch.created_mediated_pmu) {
+ if (!kvm->created_vcpus && !kvm->arch.created_mediated_pmu &&
+ !kvm->arch.has_protected_pmu) {
kvm->arch.enable_pmu = !(cap->args[0] & KVM_PMU_CAP_DISABLE);
r = 0;
}
next prev parent reply other threads:[~2026-05-06 23:03 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-05 1:41 [PATCH 0/2] KVM: TDX: Disable PMU virtualization for TDX VMs FirstName LastName
2026-05-05 1:41 ` [PATCH 1/2] KVM: x86: Move the default arch state init before vm_init() call FirstName LastName
2026-05-05 1:41 ` [PATCH 2/2] KVM: TDX: Disable pmu virtualization for TDX VMs FirstName LastName
2026-05-06 23:03 ` Sean Christopherson [this message]
2026-05-06 23:39 ` Vishal Annapurve
2026-05-06 23:56 ` Huang, Kai
2026-05-07 0:40 ` Vishal Annapurve
2026-05-07 14:24 ` Sean Christopherson
2026-05-13 18:25 ` Vishal Annapurve
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=afvIuEuSYuktmtA2@google.com \
--to=seanjc@google.com \
--cc=dapeng1.mi@linux.intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=jmattson@google.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mizhang@google.com \
--cc=pbonzini@redhat.com \
--cc=rick.p.edgecombe@intel.com \
--cc=vannapurve@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.