Re: [PATCH v16 05/13] x86/sev: Add Secure TSC support for SNP guests

From: Tom Lendacky
Date: Tue Jan 07 2025 - 13:53:49 EST

Next message: Kalra, Ashish: "Re: [PATCH v3 2/7] crypto: ccp: Fix implicit SEV/SNP init and shutdown in ioctls"
Previous message: egyszeregy: "[PATCH 0/6] netfilter: x_tables: Merge xt_*.c files which has same name."
In reply to: Borislav Petkov: "Re: [PATCH v16 05/13] x86/sev: Add Secure TSC support for SNP guests"
Next in thread: Borislav Petkov: "Re: [PATCH v16 05/13] x86/sev: Add Secure TSC support for SNP guests"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 1/7/25 06:37, Borislav Petkov wrote:
> On Tue, Jan 07, 2025 at 05:13:03PM +0530, Nikunj A. Dadhania wrote:
>>>> + case CC_ATTR_GUEST_SNP_SECURE_TSC:
>>>> + return (sev_status & MSR_AMD64_SEV_SNP_ENABLED) &&
>>>
>>> This is new here?
>>
>> Yes, this was suggested by Tom here [1]
>
> Either of you care to explain why this is needed?
>
>>>> + (sev_status & MSR_AMD64_SNP_SECURE_TSC);
>
> I would strongly assume that whatever sets MSR_AMD64_SNP_SECURE_TSC will have
> checked/set MSR_AMD64_SEV_SNP_ENABLED already.

Yes, but from a readability point of view this makes it perfectly clear
that Secure TSC is only for SNP guests.

It's not on a fast path, so I don't think it hurts anything by having
the extra check. But if you prefer the previous check, I'm ok with that.

Thanks,
Tom

>

Next message: Kalra, Ashish: "Re: [PATCH v3 2/7] crypto: ccp: Fix implicit SEV/SNP init and shutdown in ioctls"
Previous message: egyszeregy: "[PATCH 0/6] netfilter: x_tables: Merge xt_*.c files which has same name."
In reply to: Borislav Petkov: "Re: [PATCH v16 05/13] x86/sev: Add Secure TSC support for SNP guests"
Next in thread: Borislav Petkov: "Re: [PATCH v16 05/13] x86/sev: Add Secure TSC support for SNP guests"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]