How to Enable Intel PT (Processor Trace) in QEMU-KVM VMs

intel_pt_kvm.md

How to Enable Intel PT (Processor Trace) in QEMU-KVM VMs

Caution

Intel PT virtualization is BROKEN, as it has multiple fatal flaws, several which put the host at risk. Use at your own risk.

This guide will most likely become obsolete once the feature will be removed from the various linux distros. For more info check out KVM: VMX: Mark Intel PT virtualization as BROKEN and CVE-2024-53135

This script sets KVM Processor Trace feature in host-guest mode enabling VMs to use intel-pt
This solves QEMU error: qemu-system-x86_64: warning: host doesn't support requested feature: CPUID.07H:EBX.intel-pt [bit 25]

sudo modprobe -r kvm_intel                              # Disable kvm_intel kernel module
sudo modprobe kvm_intel pt_mode=1                       # Enable it with PT in host-guest mode
cat /sys/module/kvm_intel/parameters/pt_mode            # Check if pt_mode is actually 1
qemu-system-x86_64 -accel kvm -cpu host,intel-pt [...]  # Run the vm with intel-pt cpu option

Troubleshooting

• Ensure that Intel PT virtualization is still available on your system

ls /sys/module/kvm_intel/parameters/pt_mode             # This file should exist

• Ensure you have Intel PT on the host

ls /sys/bus/event_source/devices/intel_pt/              # This dir should exist

otherwise your host is not compatible (or you are on an old kernel or your kernel config disables intel pt or ...)

• Ensure the required MSRs fields are 1

sudo rdmsr 0x485 -f 14:14 # MSR_IA32_VMX_MISC_INTEL_PT
sudo rdmsr 0x48B -f 56:56 # SECONDARY_EXEC_PT_USE_GPA
sudo rdmsr 0x484 -f 50:50 # VM_ENTRY_LOAD_IA32_RTIT_CTL

otherwise your host is not compatible :(

It seems that in newest kernel in Ubuntu (if you keep using sudo apt-get full-upgrade), we cannot enable pt_mode=1 for kvm_intel module any more... see this and the code in Linux kernel, they have disabled this parameter by default for security consideration.