Re: [PATCH v15 04/13] x86/sev: Change TSC MSR behavior for Secure TSC enabled guests

[Borislav Petkov]

On Tue, Dec 10, 2024 at 10:32:23AM +0530, Nikunj A. Dadhania wrote:
> That is the warning from the APM: 15.36.18 Secure TSC
> 
> "Guests that run with Secure TSC enabled are not expected to perform writes to
> the TSC MSR (10h). If such a write occurs, subsequent TSC values read are
> undefined."
> 
> What I make out of it is: if a write is performed to the TSC MSR, subsequent
> reads of TSC is not reliable/trusted.

Basically, what happens on baremetal too.

> Do you also want to terminate the offending guest?
> 
> ES_UNSUPPORTED return will do that.

I guess that would be too harsh. I guess a warn and a ES_OK should be fine for
now.

> This is changing the behavior for SEV-ES and SNP guests(non SECURE_TSC), TSC
> MSR reads are converted to RDTSC. This is a good optimization. But just
> wanted to bring up the subtle impact.

That RDTSC happens still in the guest, right? But in its #VC handler. Versus it
being a HV GHCB protocol call. I guess this conversion should be a separate
patch in case there's some issues like the HV intercepting RDTSC... i.e.,
VMEXIT_RDTSC.

We should probably handle that case too and then fallback to the GHCB call. Or
is there a catch 22 I'm missing here...

> Yes, I was thinking about a switch, as there will be more such instances when we
> enable newer features.

Exactly.

Thx.

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette