From: Xiaoyao Li <xiaoyao.li@intel.com>
To: Sean Christopherson <seanjc@google.com>,
Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
Hou Wenlong <houwenlong.hwl@antgroup.com>,
Lai Jiangshan <jiangshan.ljs@antgroup.com>
Subject: Re: [PATCH v2 2/2] KVM: SVM: Re-load current, not host, TSC_AUX on #VMEXIT from SEV-ES guest
Date: Tue, 23 Sep 2025 12:05:18 +0800 [thread overview]
Message-ID: <b9b4bb21-47db-4282-8d4c-eedb836fbfb9@intel.com> (raw)
In-Reply-To: <20250919213806.1582673-3-seanjc@google.com>
On 9/20/2025 5:38 AM, Sean Christopherson wrote:
> From: Hou Wenlong <houwenlong.hwl@antgroup.com>
>
> Prior to running an SEV-ES guest, set TSC_AUX in the host save area to the
> current value in hardware, as tracked by the user return infrastructure,
> instead of always loading the host's desired value for the CPU. If the
> pCPU is also running a non-SEV-ES vCPU, loading the host's value on #VMEXIT
> could clobber the other vCPU's value, e.g. if the SEV-ES vCPU preempted
> the non-SEV-ES vCPU, in which case KVM expects the other vCPU's TSC_AUX
> value to be resident in hardware.
>
> Note, unlike TDX, which blindly _zeroes_ TSC_AUX on TD-Exit, SEV-ES CPUs
> can load an arbitrary value. Stuff the current value in the host save
> area instead of refreshing the user return cache so that KVM doesn't need
> to track whether or not the vCPU actually enterred the guest and thus
> loaded TSC_AUX from the host save area.
>
> Fixes: 916e3e5f26ab ("KVM: SVM: Do not use user return MSR support for virtualized TSC_AUX")
> Cc: stable@vger.kernel.org
> Suggested-by: Lai Jiangshan <jiangshan.ljs@antgroup.com>
> Signed-off-by: Hou Wenlong <houwenlong.hwl@antgroup.com>
> [sean: handle the SEV-ES case in sev_es_prepare_switch_to_guest()]
> Signed-off-by: Sean Christopherson <seanjc@google.com>
Reviewed-by: Xiaoyao Li <xiaoyao.li@intel.com>
one nit below,
> ---
> arch/x86/kvm/svm/sev.c | 14 +++++++++++++-
> arch/x86/kvm/svm/svm.c | 26 +++++++-------------------
> arch/x86/kvm/svm/svm.h | 4 +++-
> 3 files changed, 23 insertions(+), 21 deletions(-)
>
> diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
> index cce48fff2e6c..95767b9d0d55 100644
> --- a/arch/x86/kvm/svm/sev.c
> +++ b/arch/x86/kvm/svm/sev.c
> @@ -4664,7 +4664,9 @@ int sev_vcpu_create(struct kvm_vcpu *vcpu)
> return 0;
> }
>
> -void sev_es_prepare_switch_to_guest(struct vcpu_svm *svm, struct sev_es_save_area *hostsa)
> +void sev_es_prepare_switch_to_guest(struct vcpu_svm *svm,
> + struct sev_es_save_area *hostsa,
> + int tsc_aux_uret_slot)
Passing the tsc_aux_uret_slot as paramter looks a bit ugly, how about
externing it?
next prev parent reply other threads:[~2025-09-23 4:05 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-19 21:38 [PATCH v2 0/2] KVM: SVM: Fix a bug where TSC_AUX can get clobbered Sean Christopherson
2025-09-19 21:38 ` [PATCH v2 1/2] KVM: x86: Add helper to retrieve current value of user return MSR Sean Christopherson
2025-09-23 3:58 ` Xiaoyao Li
2025-09-19 21:38 ` [PATCH v2 2/2] KVM: SVM: Re-load current, not host, TSC_AUX on #VMEXIT from SEV-ES guest Sean Christopherson
2025-09-23 4:05 ` Xiaoyao Li [this message]
2025-09-23 16:14 ` Sean Christopherson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=b9b4bb21-47db-4282-8d4c-eedb836fbfb9@intel.com \
--to=xiaoyao.li@intel.com \
--cc=houwenlong.hwl@antgroup.com \
--cc=jiangshan.ljs@antgroup.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=seanjc@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.