1. Patchew
  2. QEMU
  3. View series

[RFC PATCH 0/1] target/i386: Add support for KVM APERF/MPERF passthrough

Anderson Nascimento posted 1 patch 6 days, 1 hour ago
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20260602022048.752453-1-anderson@allelesecurity.com
Maintainers: Paolo Bonzini <pbonzini@redhat.com>, Zhao Liu <zhao1.liu@intel.com>, Marcelo Tosatti <mtosatti@redhat.com>
There is a newer version of this series
target/i386/cpu.c     | 17 ++++++++++++++++-
target/i386/cpu.h     |  2 ++
target/i386/kvm/kvm.c |  5 ++++-
3 files changed, 22 insertions(+), 2 deletions(-)
[RFC PATCH 0/1] target/i386: Add support for KVM APERF/MPERF passthrough
Posted by Anderson Nascimento 6 days, 1 hour ago 
Hello,

I have implemented support for exposing and enabling APERF/MPERF 
MSR passthrough for x86 QEMU guests when running on KVM.

As of last year, the Linux kernel supports providing a capability 
to disable APERF/MPERF read intercepts [1]. However, there is 
currently no native way in QEMU to instruct KVM to activate this 
capability or expose the feature bit cleanly via CPUID.

My patch introduces the `aperfmperf` feature flag via `FEAT_6_ECX` 
(CPUID.06H:ECX[bit 0]). It ties into the existing power management 
framework, so when a user enables power management via 
`-overcommit cpu-pm=on` and passes `+aperfmperf` to the CPU, QEMU 
requests KVM to drop the MSR intercepts.

For testing, I passed the feature via Libvirt XML like so:

    <qemu:arg value="-overcommit"/>
    <qemu:arg value="cpu-pm=on"/>
    <qemu:arg value="-cpu"/>
    <qemu:arg value="+aperfmperf,+invtsc"/>

A FreeBSD 16 guest is successfully able to read the changing 
values of the MSRs directly without exiting to the hypervisor:

root@freebsd16development:/home/user # cpucontrol -i 6 /dev/cpuctl0
cpuid level 0x6: 0x00000004 0x00000000 0x00000001 0x00000000
root@freebsd16development:/home/user # cpucontrol -m 0xe7 /dev/cpuctl0
MSR 0xe7: 0x00007fdf 0x22480f90
root@freebsd16development:/home/user # cpucontrol -m 0xe7 /dev/cpuctl0
MSR 0xe7: 0x00007fdf 0x2b8b48b0
root@freebsd16development:/home/user # cpucontrol -m 0xe8 /dev/cpuctl0
MSR 0xe8: 0x000050de 0x49270831
root@freebsd16development:/home/user # cpucontrol -m 0xe8 /dev/cpuctl0
MSR 0xe8: 0x000050de 0x4ad66ae6
root@freebsd16development:/home/user # 

I am looking for feedback on the approach, specifically if tying 
this directly into `cpu-pm` makes the most sense to the 
maintainers.

Based-on: QEMU v11.0.50 (commit 5611a9268d)

Anderson Nascimento (1):
  target/i386: Add support for KVM APERF/MPERF passthrough

 target/i386/cpu.c     | 17 ++++++++++++++++-
 target/i386/cpu.h     |  2 ++
 target/i386/kvm/kvm.c |  5 ++++-
 3 files changed, 22 insertions(+), 2 deletions(-)

-- 
2.54.0
Re: [RFC PATCH 0/1] target/i386: Add support for KVM APERF/MPERF passthrough
Posted by Paolo Bonzini 5 days, 18 hours ago 
On 6/2/26 04:20, Anderson Nascimento wrote:
> Hello,
> 
> I have implemented support for exposing and enabling APERF/MPERF
> MSR passthrough for x86 QEMU guests when running on KVM.
> 
> As of last year, the Linux kernel supports providing a capability
> to disable APERF/MPERF read intercepts [1]. However, there is
> currently no native way in QEMU to instruct KVM to activate this
> capability or expose the feature bit cleanly via CPUID.
> 
> My patch introduces the `aperfmperf` feature flag via `FEAT_6_ECX`
> (CPUID.06H:ECX[bit 0]). It ties into the existing power management
> framework, so when a user enables power management via
> `-overcommit cpu-pm=on` and passes `+aperfmperf` to the CPU, QEMU
> requests KVM to drop the MSR intercepts.

Mostly looks good, but please mark it as unmigratable as well (similar 
to INVTSC which, not coincidentially, you're also using below).

Paolo

> 
> For testing, I passed the feature via Libvirt XML like so:
> 
>      <qemu:arg value="-overcommit"/>
>      <qemu:arg value="cpu-pm=on"/>
>      <qemu:arg value="-cpu"/>
>      <qemu:arg value="+aperfmperf,+invtsc"/>
> 
> A FreeBSD 16 guest is successfully able to read the changing
> values of the MSRs directly without exiting to the hypervisor:
> 
> root@freebsd16development:/home/user # cpucontrol -i 6 /dev/cpuctl0
> cpuid level 0x6: 0x00000004 0x00000000 0x00000001 0x00000000
> root@freebsd16development:/home/user # cpucontrol -m 0xe7 /dev/cpuctl0
> MSR 0xe7: 0x00007fdf 0x22480f90
> root@freebsd16development:/home/user # cpucontrol -m 0xe7 /dev/cpuctl0
> MSR 0xe7: 0x00007fdf 0x2b8b48b0
> root@freebsd16development:/home/user # cpucontrol -m 0xe8 /dev/cpuctl0
> MSR 0xe8: 0x000050de 0x49270831
> root@freebsd16development:/home/user # cpucontrol -m 0xe8 /dev/cpuctl0
> MSR 0xe8: 0x000050de 0x4ad66ae6
> root@freebsd16development:/home/user #
> 
> I am looking for feedback on the approach, specifically if tying
> this directly into `cpu-pm` makes the most sense to the
> maintainers.
> 
> Based-on: QEMU v11.0.50 (commit 5611a9268d)
> 
> Anderson Nascimento (1):
>    target/i386: Add support for KVM APERF/MPERF passthrough
> 
>   target/i386/cpu.c     | 17 ++++++++++++++++-
>   target/i386/cpu.h     |  2 ++
>   target/i386/kvm/kvm.c |  5 ++++-
>   3 files changed, 22 insertions(+), 2 deletions(-)
>

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.