From: "Nikunj A. Dadhania" <nikunj@amd.com>
To: Dionna Amalie Glaze <dionnaglaze@google.com>
Cc: linux-kernel@vger.kernel.org, thomas.lendacky@amd.com,
x86@kernel.org, kvm@vger.kernel.org, bp@alien8.de,
mingo@redhat.com, tglx@linutronix.de,
dave.hansen@linux.intel.com, pgonda@google.com,
seanjc@google.com, pbonzini@redhat.com
Subject: Re: [PATCH v6 12/16] x86/sev: Prevent RDTSC/RDTSCP interception for Secure TSC enabled guests
Date: Thu, 7 Dec 2023 11:42:08 +0530 [thread overview]
Message-ID: <0d9d6900-9197-48fa-9627-8a9231b3857e@amd.com> (raw)
In-Reply-To: <CAAH4kHZVdZtU3MGLTuuxMZyBF1xO=UzpdVhqSE6szCxMLkHFvQ@mail.gmail.com>
On 12/7/2023 12:15 AM, Dionna Amalie Glaze wrote:
>>>> + if (sev_status & MSR_AMD64_SNP_SECURE_TSC)
>>>> + return ES_VMM_ERROR;
>>>
>>> Is this not a cc_platform_has situation? I don't recall how the
>>> conversation shook out for TDX's forcing X86_FEATURE_TSC_RELIABLE
>>> versus having a cc_attr_secure_tsc
>>
>> For SNP, SecureTSC is an opt-in feature. AFAIU, for TDX the feature is
>> turned on by default. So SNP guests need to check if the VMM has enabled
>> the feature before moving forward with SecureTSC initializations.
>>
>> The idea was to have some generic name instead of AMD specific SecureTSC
>> (cc_attr_secure_tsc), and I had sought comments from Kirill [1]. After
>> that discussion I have added a synthetic flag for Secure TSC[2].
>>
>
> So with regards to [2], this sev_status flag check should be
> cpu_has_feature(X86_FEATURE_SNP_SECURE_TSC)? I'm not sure if that's
> available in early boot where this code is used, so if it isn't,
> probably that's worth a comment.
Right, I will update the comment.
Regards
Nikunj
next prev parent reply other threads:[~2023-12-07 6:12 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-28 12:59 [PATCH v6 00/16] Add Secure TSC support for SNP guests Nikunj A Dadhania
2023-11-28 12:59 ` [PATCH v6 01/16] virt: sev-guest: Use AES GCM crypto library Nikunj A Dadhania
2023-11-28 12:59 ` [PATCH v6 02/16] virt: sev-guest: Move mutex to SNP guest device structure Nikunj A Dadhania
2023-11-28 12:59 ` [PATCH v6 03/16] virt: sev-guest: Replace dev_dbg with pr_debug Nikunj A Dadhania
2023-11-28 12:59 ` [PATCH v6 04/16] virt: sev-guest: Add SNP guest request structure Nikunj A Dadhania
2023-11-28 12:59 ` [PATCH v6 05/16] virt: sev-guest: Add vmpck_id to snp_guest_dev struct Nikunj A Dadhania
2023-11-28 12:59 ` [PATCH v6 06/16] x86/sev: Cache the secrets page address Nikunj A Dadhania
2023-12-06 22:21 ` Dionna Amalie Glaze
2023-12-07 6:06 ` Nikunj A. Dadhania
2023-11-28 12:59 ` [PATCH v6 07/16] x86/sev: Move and reorganize sev guest request api Nikunj A Dadhania
2023-11-28 22:50 ` kernel test robot
2023-11-29 2:40 ` kernel test robot
2023-12-05 17:13 ` Dionna Amalie Glaze
2023-12-06 4:24 ` Nikunj A. Dadhania
2023-11-28 12:59 ` [PATCH v6 08/16] x86/mm: Add generic guest initialization hook Nikunj A Dadhania
2023-11-28 12:59 ` [PATCH v6 09/16] x86/cpufeatures: Add synthetic Secure TSC bit Nikunj A Dadhania
2023-11-28 12:59 ` [PATCH v6 10/16] x86/sev: Add Secure TSC support for SNP guests Nikunj A Dadhania
2023-11-29 4:08 ` kernel test robot
2023-11-28 12:59 ` [PATCH v6 11/16] x86/sev: Change TSC MSR behavior for Secure TSC enabled guests Nikunj A Dadhania
2023-11-28 12:59 ` [PATCH v6 12/16] x86/sev: Prevent RDTSC/RDTSCP interception " Nikunj A Dadhania
2023-12-05 17:16 ` Dionna Amalie Glaze
2023-12-06 4:37 ` Nikunj A. Dadhania
2023-12-06 18:45 ` Dionna Amalie Glaze
2023-12-07 6:12 ` Nikunj A. Dadhania [this message]
2023-11-28 12:59 ` [PATCH v6 13/16] x86/kvmclock: Skip kvmclock when Secure TSC is available Nikunj A Dadhania
2023-11-28 12:59 ` [PATCH v6 14/16] x86/sev: Mark Secure TSC as reliable Nikunj A Dadhania
2023-11-28 12:59 ` [PATCH v6 15/16] x86/cpu/amd: Do not print FW_BUG for Secure TSC Nikunj A Dadhania
2023-11-28 12:59 ` [PATCH v6 16/16] x86/sev: Enable Secure TSC for SNP guests Nikunj A Dadhania
2023-12-06 17:46 ` [PATCH v6 00/16] Add Secure TSC support " Peter Gonda
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0d9d6900-9197-48fa-9627-8a9231b3857e@amd.com \
--to=nikunj@amd.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=dionnaglaze@google.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=pgonda@google.com \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox