Re: [PATCH v15 04/13] x86/sev: Change TSC MSR behavior for Secure TSC enabled guests
From: Borislav Petkov
Date: Tue Dec 10 2024 - 06:44:27 EST
On Tue, Dec 10, 2024 at 10:32:23AM +0530, Nikunj A. Dadhania wrote:
> That is the warning from the APM: 15.36.18 Secure TSC
>
> "Guests that run with Secure TSC enabled are not expected to perform writes to
> the TSC MSR (10h). If such a write occurs, subsequent TSC values read are
> undefined."
>
> What I make out of it is: if a write is performed to the TSC MSR, subsequent
> reads of TSC is not reliable/trusted.
Basically, what happens on baremetal too.
> Do you also want to terminate the offending guest?
>
> ES_UNSUPPORTED return will do that.
I guess that would be too harsh. I guess a warn and a ES_OK should be fine for
now.
> This is changing the behavior for SEV-ES and SNP guests(non SECURE_TSC), TSC
> MSR reads are converted to RDTSC. This is a good optimization. But just
> wanted to bring up the subtle impact.
That RDTSC happens still in the guest, right? But in its #VC handler. Versus it
being a HV GHCB protocol call. I guess this conversion should be a separate
patch in case there's some issues like the HV intercepting RDTSC... i.e.,
VMEXIT_RDTSC.
We should probably handle that case too and then fallback to the GHCB call. Or
is there a catch 22 I'm missing here...
> Yes, I was thinking about a switch, as there will be more such instances when we
> enable newer features.
Exactly.
Thx.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette