From: "Nikunj A. Dadhania" <nikunj@amd.com>
To: Xiaoyao Li <xiaoyao.li@intel.com>,
linux-kernel@vger.kernel.org, thomas.lendacky@amd.com,
bp@alien8.de, x86@kernel.org, kvm@vger.kernel.org
Cc: mingo@redhat.com, tglx@linutronix.de,
dave.hansen@linux.intel.com, pgonda@google.com,
seanjc@google.com, pbonzini@redhat.com
Subject: Re: [PATCH v14 09/13] tsc: Use the GUEST_TSC_FREQ MSR for discovering TSC frequency
Date: Tue, 29 Oct 2024 15:06:37 +0530 [thread overview]
Message-ID: <8c824034-60cc-fac4-fe1c-c55bbedbb020@amd.com> (raw)
In-Reply-To: <ff5d23fa-12c6-47bb-8309-b19d39875827@intel.com>
On 10/29/2024 2:45 PM, Xiaoyao Li wrote:
> On 10/29/2024 11:56 AM, Nikunj A. Dadhania wrote:
>>
>>
>> On 10/29/2024 8:32 AM, Xiaoyao Li wrote:
>>> On 10/28/2024 1:34 PM, Nikunj A Dadhania wrote:
>>>> Calibrating the TSC frequency using the kvmclock is not correct for
>>>> SecureTSC enabled guests. Use the platform provided TSC frequency via the
>>>> GUEST_TSC_FREQ MSR (C001_0134h).
>>>>
>>>> Signed-off-by: Nikunj A Dadhania <nikunj@amd.com>
>>>> ---
>>>> arch/x86/include/asm/sev.h | 2 ++
>>>> arch/x86/coco/sev/core.c | 16 ++++++++++++++++
>>>> arch/x86/kernel/tsc.c | 5 +++++
>>>> 3 files changed, 23 insertions(+)
>>>>
>>>> diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h
>>>> index d27c4e0f9f57..9ee63ddd0d90 100644
>>>> --- a/arch/x86/include/asm/sev.h
>>>> +++ b/arch/x86/include/asm/sev.h
>>>> @@ -536,6 +536,7 @@ static inline int handle_guest_request(struct snp_msg_desc *mdesc, u64 exit_code
>>>> }
>>>> void __init snp_secure_tsc_prepare(void);
>>>> +void __init snp_secure_tsc_init(void);
>>>> #else /* !CONFIG_AMD_MEM_ENCRYPT */
>>>> @@ -584,6 +585,7 @@ static inline int handle_guest_request(struct snp_msg_desc *mdesc, u64 exit_code
>>>> u32 resp_sz) { return -ENODEV; }
>>>> static inline void __init snp_secure_tsc_prepare(void) { }
>>>> +static inline void __init snp_secure_tsc_init(void) { }
>>>> #endif /* CONFIG_AMD_MEM_ENCRYPT */
>>>> diff --git a/arch/x86/coco/sev/core.c b/arch/x86/coco/sev/core.c
>>>> index 140759fafe0c..0be9496b8dea 100644
>>>> --- a/arch/x86/coco/sev/core.c
>>>> +++ b/arch/x86/coco/sev/core.c
>>>> @@ -3064,3 +3064,19 @@ void __init snp_secure_tsc_prepare(void)
>>>> pr_debug("SecureTSC enabled");
>>>> }
>>>> +
>>>> +static unsigned long securetsc_get_tsc_khz(void)
>>>> +{
>>>> + unsigned long long tsc_freq_mhz;
>>>> +
>>>> + setup_force_cpu_cap(X86_FEATURE_TSC_KNOWN_FREQ);
>>>> + rdmsrl(MSR_AMD64_GUEST_TSC_FREQ, tsc_freq_mhz);
>>>> +
>>>> + return (unsigned long)(tsc_freq_mhz * 1000);
>>>> +}
>>>> +
>>>> +void __init snp_secure_tsc_init(void)
>>>> +{
>>>> + x86_platform.calibrate_cpu = securetsc_get_tsc_khz;
>>>> + x86_platform.calibrate_tsc = securetsc_get_tsc_khz;
>>>> +}
>>>> diff --git a/arch/x86/kernel/tsc.c b/arch/x86/kernel/tsc.c
>>>> index dfe6847fd99e..730cbbd4554e 100644
>>>> --- a/arch/x86/kernel/tsc.c
>>>> +++ b/arch/x86/kernel/tsc.c
>>>> @@ -30,6 +30,7 @@
>>>> #include <asm/i8259.h>
>>>> #include <asm/topology.h>
>>>> #include <asm/uv/uv.h>
>>>> +#include <asm/sev.h>
>>>> unsigned int __read_mostly cpu_khz; /* TSC clocks / usec, not used here */
>>>> EXPORT_SYMBOL(cpu_khz);
>>>> @@ -1514,6 +1515,10 @@ void __init tsc_early_init(void)
>>>> /* Don't change UV TSC multi-chassis synchronization */
>>>> if (is_early_uv_system())
>>>> return;
>>>> +
>>>> + if (cc_platform_has(CC_ATTR_GUEST_SNP_SECURE_TSC))
>>>> + snp_secure_tsc_init();
>>>
>>> IMHO, it isn't the good place to call snp_secure_tsc_init() to update the callbacks here.
>>>
>>> It's better to be called in some snp init functions.
>>
>> As part of setup_arch(), init_hypervisor_platform() gets called and all the PV clocks
>> are registered and initialized as part of init_platform callback. Once the hypervisor
>> platform is initialized, tsc_early_init() is called. SEV SNP guest can be running on
>> any hypervisor, so the call back needs to be updated either in tsc_early_init() or
>> init_hypervisor_platform(), as the change is TSC related, I have updated it here.
>
> I think it might be due to
>
> 1. it lacks a central place for SNP related stuff, like tdx_early_init()
sme_early_init() does the init for SEV/SNP related stuff, but this is not the right place to do TSC callback inits as kvmclock will over-ride it.
> 2. even we have some place of 1), the callbacks will be overwrote in init_hypervisor_platform() by specific PV ops.
>
> However, I don't think it's good practice to update it tsc.c. The reason why callback is used is that arch/hypervisor specific code can implement
> and overwrite with it's own implementation in its own file.
>
> Back to your case, I think a central snp init function would be helpful, and we can introduce a new flag to skip the overwrite of tsc/cpu calibration for hypervisor when the flag is set.
That again touches all the hypervisor (KVM, Xen, HyperV and VMWare). We wanted to move this to common code as suggested by Sean.
Regards,
Nikunj
next prev parent reply other threads:[~2024-10-29 9:36 UTC|newest]
Thread overview: 49+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-28 5:34 [PATCH v14 00/13] Add Secure TSC support for SNP guests Nikunj A Dadhania
2024-10-28 5:34 ` [PATCH v14 01/13] x86/sev: Carve out and export SNP guest messaging init routines Nikunj A Dadhania
2024-10-29 17:43 ` Borislav Petkov
2024-10-30 4:44 ` Nikunj A. Dadhania
2024-10-30 10:10 ` Borislav Petkov
2024-10-28 5:34 ` [PATCH v14 02/13] x86/sev: Relocate SNP guest messaging routines to common code Nikunj A Dadhania
2024-10-28 5:34 ` [PATCH v14 03/13] x86/sev: Add Secure TSC support for SNP guests Nikunj A Dadhania
2024-10-29 8:41 ` Xiaoyao Li
2024-10-29 8:46 ` Nikunj A. Dadhania
2024-10-29 9:19 ` Xiaoyao Li
2024-10-29 14:27 ` Borislav Petkov
2024-10-29 14:34 ` Tom Lendacky
2024-10-29 14:49 ` Borislav Petkov
2024-10-29 14:50 ` Xiaoyao Li
2024-10-29 15:03 ` Borislav Petkov
2024-10-29 15:14 ` Xiaoyao Li
2024-10-29 15:57 ` Borislav Petkov
2024-10-29 16:50 ` Dave Hansen
2024-10-29 17:05 ` Borislav Petkov
2024-10-30 11:55 ` Nikunj A. Dadhania
2024-11-01 16:00 ` Borislav Petkov
2024-11-11 7:03 ` Nikunj A. Dadhania
2024-11-11 8:46 ` Nikunj A. Dadhania
2024-11-11 10:51 ` Borislav Petkov
2024-11-11 11:23 ` Nikunj A. Dadhania
2024-11-11 11:30 ` Borislav Petkov
2024-11-11 11:44 ` Nikunj A. Dadhania
2024-11-11 13:42 ` Borislav Petkov
2024-11-12 8:43 ` Nikunj A. Dadhania
2024-11-11 10:34 ` Borislav Petkov
2024-10-28 5:34 ` [PATCH v14 04/13] x86/sev: Change TSC MSR behavior for Secure TSC enabled guests Nikunj A Dadhania
2024-11-01 16:40 ` Borislav Petkov
2024-11-11 7:06 ` Nikunj A. Dadhania
2024-10-28 5:34 ` [PATCH v14 05/13] x86/sev: Prevent RDTSC/RDTSCP interception " Nikunj A Dadhania
2024-11-11 15:53 ` Borislav Petkov
2024-11-11 16:39 ` Nikunj A. Dadhania
2024-11-11 17:03 ` Borislav Petkov
2024-10-28 5:34 ` [PATCH v14 06/13] x86/sev: Prevent GUEST_TSC_FREQ MSR " Nikunj A Dadhania
2024-10-28 5:34 ` [PATCH v14 07/13] x86/sev: Mark Secure TSC as reliable clocksource Nikunj A Dadhania
2024-10-28 5:34 ` [PATCH v14 08/13] x86/cpu/amd: Do not print FW_BUG for Secure TSC Nikunj A Dadhania
2024-10-28 5:34 ` [PATCH v14 09/13] tsc: Use the GUEST_TSC_FREQ MSR for discovering TSC frequency Nikunj A Dadhania
2024-10-29 3:02 ` Xiaoyao Li
2024-10-29 3:56 ` Nikunj A. Dadhania
2024-10-29 9:15 ` Xiaoyao Li
2024-10-29 9:36 ` Nikunj A. Dadhania [this message]
2024-10-28 5:34 ` [PATCH v14 10/13] tsc: Upgrade TSC clocksource rating Nikunj A Dadhania
2024-10-28 5:34 ` [PATCH v14 11/13] tsc: Switch to native sched clock Nikunj A Dadhania
2024-10-28 5:34 ` [PATCH v14 12/13] x86/kvmclock: Abort SecureTSC enabled guest when kvmclock is selected Nikunj A Dadhania
2024-10-28 5:34 ` [PATCH v14 13/13] x86/sev: Allow Secure TSC feature for SNP guests Nikunj A Dadhania
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8c824034-60cc-fac4-fe1c-c55bbedbb020@amd.com \
--to=nikunj@amd.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=pgonda@google.com \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=x86@kernel.org \
--cc=xiaoyao.li@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox