Re: [PATCH v8 2/2] KVM: SVM: Enable Secure TSC for SNP guests

kvm.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Sean Christopherson <seanjc@google.com>
To: Kai Huang <kai.huang@intel.com>
Cc: Xiaoyao Li <xiaoyao.li@intel.com>,
	"kvm@vger.kernel.org" <kvm@vger.kernel.org>,
	 "pbonzini@redhat.com" <pbonzini@redhat.com>,
	"nikunj@amd.com" <nikunj@amd.com>,
	 "thomas.lendacky@amd.com" <thomas.lendacky@amd.com>,
	 "vaishali.thakkar@suse.com" <vaishali.thakkar@suse.com>,
	"bp@alien8.de" <bp@alien8.de>,
	 Isaku Yamahata <isaku.yamahata@intel.com>,
	 "santosh.shukla@amd.com" <santosh.shukla@amd.com>
Subject: Re: [PATCH v8 2/2] KVM: SVM: Enable Secure TSC for SNP guests
Date: Tue, 8 Jul 2025 07:42:25 -0700	[thread overview]
Message-ID: <aG0uUdY6QPnit6my@google.com> (raw)
In-Reply-To: <d8a30e490c50956a358887a3d018a9b86df91fd0.camel@intel.com>

On Tue, Jul 08, 2025, Kai Huang wrote:
> 
> > > > -		svm->vcpu.arch.guest_state_protected = true;
> > > > +		vcpu->arch.guest_state_protected = true;
> > > > +		vcpu->arch.guest_tsc_protected = snp_secure_tsc_enabled(kvm);
> > > > +
> > > 
> > > + Xiaoyao.
> > > 
> > > The KVM_SET_TSC_KHZ can also be a vCPU ioctl (in fact, the support of VM
> > > ioctl of it was added later).  I am wondering whether we should reject
> > > this vCPU ioctl for TSC protected guests, like:

Yes, we definitely should.  And if it's not too ugly, KVM should also reject the
VM-scoped KVM_SET_TSC_KHZ if vCPUs have been created with guest_tsc_protected=true.
(or maybe we could get greedy and try to disallow KVM_SET_TSC_KHZ if vCPUs have
been created for any VM shape?)

> > > diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> > > index 2806f7104295..699ca5e74bba 100644
> > > --- a/arch/x86/kvm/x86.c
> > > +++ b/arch/x86/kvm/x86.c
> > > @@ -6186,6 +6186,10 @@ long kvm_arch_vcpu_ioctl(struct file *filp,
> > >                  u32 user_tsc_khz;
> > >   
> > >                  r = -EINVAL;
> > > +
> > > +               if (vcpu->arch.guest_tsc_protected)
> > > +                       goto out;
> > > +
> > >                  user_tsc_khz = (u32)arg;
> > >   
> > >                  if (kvm_caps.has_tsc_control &&
> > 
> > It seems to need to be opt-in since it changes the ABI somehow. E.g., it 
> > at least works before when the VMM calls KVM_SET_TSC_KHZ at vcpu with 
> > the same value passed to KVM_SET_TSC_KHZ at vm. But with the above 
> > change, it would fail.
> > 
> > Well, in reality, it's OK for QEMU since QEMU explicitly doesn't call 
> > KVM_SET_TSC_KHZ at vcpu for TDX VMs. But I'm not sure about the impact 
> > on other VMMs. Considering KVM TDX support just gets in from v6.16-rc1, 
> > maybe it doesn't have real impact for other VMMs as well?

6.16 hasn't officially release yet, so any impact to userspace is irrelevant,
i.e. there is no established ABI at this time.

Can someone send a proper patch?

next prev parent reply	other threads:[~2025-07-08 14:42 UTC|newest]

Thread overview: 23+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-07-07 10:10 [PATCH v8 0/2] Enable Secure TSC for SEV-SNP Nikunj A Dadhania
2025-07-07 10:10 ` [PATCH v8 1/2] x86/cpufeatures: Add SNP Secure TSC Nikunj A Dadhania
2025-07-07 10:10 ` [PATCH v8 2/2] KVM: SVM: Enable Secure TSC for SNP guests Nikunj A Dadhania
2025-07-07 13:34   ` Tom Lendacky
2025-07-08  2:21   ` Huang, Kai
2025-07-08  6:45     ` Nikunj A. Dadhania
2025-07-08 10:48       ` Huang, Kai
2025-07-08 14:34         ` Sean Christopherson
2025-07-08 22:42           ` Huang, Kai
2025-07-09  4:14           ` Nikunj A. Dadhania
2025-07-08  7:16     ` Xiaoyao Li
2025-07-08 10:53       ` Huang, Kai
2025-07-08 14:42         ` Sean Christopherson [this message]
2025-07-08 22:56           ` Huang, Kai
2025-07-08 23:08             ` Sean Christopherson
2025-07-09  5:54               ` Huang, Kai
2025-07-08 14:37   ` Sean Christopherson
2025-07-09  4:12     ` Nikunj A. Dadhania
2025-07-09 13:02       ` Sean Christopherson
2025-07-10 10:59         ` Nikunj A Dadhania
2025-07-10 13:20           ` Sean Christopherson
2025-07-10 15:04             ` Nikunj A. Dadhania
2025-07-10 23:30               ` Sean Christopherson

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=aG0uUdY6QPnit6my@google.com \
    --to=seanjc@google.com \
    --cc=bp@alien8.de \
    --cc=isaku.yamahata@intel.com \
    --cc=kai.huang@intel.com \
    --cc=kvm@vger.kernel.org \
    --cc=nikunj@amd.com \
    --cc=pbonzini@redhat.com \
    --cc=santosh.shukla@amd.com \
    --cc=thomas.lendacky@amd.com \
    --cc=vaishali.thakkar@suse.com \
    --cc=xiaoyao.li@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).