Will pushf and popf cause VMEXIT in virtual machine on x86 platform?

Question

I am trying to add some codes in linux kernel running in virtual machine powered by kvm. However, I find the instruction pushf and popf will cause dramatic performance overhead, with at most 5x slowdown for apache. I am sure it is these 2 instructions that cause the overhead because if I replace them with lahf and sahf, the overhead is gone.

Now I wonder why they bring so much degradation and how to avoid them? I find some clues in this slide, which indicates that pushf and popf will be trapped into hypervisor. Do they really cause VMEXIT and what is the exit_reason number? Finally, is there anyway to configure VMCS so that pushf and popf will not be trapped?

Answer 1

On Intel processors, all instructions that can cause a VM exit or that have different behavior in a guest are described in volume 3, chapter 25 of the SDM. Pushf and popf are not listed anywhere in that chapter, which means that those instructions do not cause a VM exit, and their observable behavior when executed in a guest is the same as when executed outside a guest.

The reason no VM exit is required for the popf instruction (notwithstanding the slides referenced in the question) is that the VMCS has controls to override behaviors that are normally controlled by the flags register. For example, while in the guest, the IF flag doesn't solely control delivery of interrupts; instead, flags in the VMCS control whether external interrupts are delivered to the guest or whether a VM exit occurs.

It doesn't surprise me that popf has a non-trivial performance impact, considering all that it does. See the description of popf in the software developer's manual for details.