Re: [PATCH v6 12/16] x86/sev: Prevent RDTSC/RDTSCP interception for Secure TSC enabled guests
From: Dionna Amalie Glaze
Date: Tue Dec 05 2023 - 12:16:44 EST
On Tue, Nov 28, 2023 at 5:02 AM Nikunj A Dadhania <nikunj@xxxxxxx> wrote:
>
> The hypervisor should not be intercepting RDTSC/RDTSCP when Secure TSC
> is enabled. A #VC exception will be generated if the RDTSC/RDTSCP
> instructions are being intercepted. If this should occur and Secure
> TSC is enabled, terminate guest execution.
>
> Signed-off-by: Nikunj A Dadhania <nikunj@xxxxxxx>
> ---
> arch/x86/kernel/sev-shared.c | 10 ++++++++++
> 1 file changed, 10 insertions(+)
>
> diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c
> index ccb0915e84e1..6d9ef5897421 100644
> --- a/arch/x86/kernel/sev-shared.c
> +++ b/arch/x86/kernel/sev-shared.c
> @@ -991,6 +991,16 @@ static enum es_result vc_handle_rdtsc(struct ghcb *ghcb,
> bool rdtscp = (exit_code == SVM_EXIT_RDTSCP);
> enum es_result ret;
>
> + /*
> + * RDTSC and RDTSCP should not be intercepted when Secure TSC is
> + * enabled. Terminate the SNP guest when the interception is enabled.
> + * This file is included from kernel/sev.c and boot/compressed/sev.c,
> + * use sev_status here as cc_platform_has() is not available when
> + * compiling boot/compressed/sev.c.
> + */
> + if (sev_status & MSR_AMD64_SNP_SECURE_TSC)
> + return ES_VMM_ERROR;
Is this not a cc_platform_has situation? I don't recall how the
conversation shook out for TDX's forcing X86_FEATURE_TSC_RELIABLE
versus having a cc_attr_secure_tsc
> +
> ret = sev_es_ghcb_hv_call(ghcb, ctxt, exit_code, 0, 0);
> if (ret != ES_OK)
> return ret;
> --
> 2.34.1
>
--
-Dionna Glaze, PhD (she/her)