Re: [PATCH] Allow RDTSC and RDTSCP from userspace
From: Andy Lutomirski
Date: Sat Apr 25 2020 - 14:15:51 EST
On Sat, Apr 25, 2020 at 5:49 AM Joerg Roedel <jroedel@xxxxxxx> wrote:
>
> Hi Dave,
>
> On Fri, Apr 24, 2020 at 03:53:09PM -0700, Dave Hansen wrote:
> > Ahh, so any instruction that can have an instruction intercept set
> > potentially needs to be able to tolerate a #VC? Those instruction
> > intercepts are under the control of the (untrusted relative to the
> > guest) hypervisor, right?
> >
> > >From the main sev-es series:
> >
> > +#ifdef CONFIG_AMD_MEM_ENCRYPT
> > +idtentry vmm_communication do_vmm_communication has_error_code=1
> > +#endif
>
> The next version of the patch-set (which I will hopefully have ready
> next week) will have this changed. The #VC exception handler uses an IST
> stack and is set to paranoid=1 and shift_ist. The IST stacks for the #VC
> handler are only allocated when SEV-ES is active.
shift_ist is gross. What's it for? If it's not needed, I'd rather
not use it, and I eventually want to get rid of it for #DB as well.
--Andy