[PATCH v2 1/2] x86/cpufeatures: Add virtual TSC_AUX feature bit

[PATCH v2 1/2] x86/cpufeatures: Add virtual TSC_AUX feature bit

[Babu Moger]

The TSC_AUX Virtualization feature allows AMD SEV-ES guests to securely use
TSC_AUX (auxiliary time stamp counter data) MSR in RDTSCP and RDPID
instructions.

The TSC_AUX MSR is typically initialized to APIC ID or another unique
identifier so that software can quickly associate returned TSC value
with the logical processor.

Add the feature bit and also include it in the kvm for detection.

Signed-off-by: Babu Moger <babu.moger@amd.com>
Acked-by: Borislav Petkov <bp@suse.de>
---
v2:
Fixed the text(commented by Boris).
Added Acked-by from Boris.

v1:
https://lore.kernel.org/kvm/164937947020.1047063.14919887750944564032.stgit@bmoger-ubuntu/

 arch/x86/include/asm/cpufeatures.h |    1 +
 arch/x86/kvm/cpuid.c               |    2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h
index 73e643ae94b6..1bc66a17a95a 100644
--- a/arch/x86/include/asm/cpufeatures.h
+++ b/arch/x86/include/asm/cpufeatures.h
@@ -405,6 +405,7 @@
 #define X86_FEATURE_SEV			(19*32+ 1) /* AMD Secure Encrypted Virtualization */
 #define X86_FEATURE_VM_PAGE_FLUSH	(19*32+ 2) /* "" VM Page Flush MSR is supported */
 #define X86_FEATURE_SEV_ES		(19*32+ 3) /* AMD Secure Encrypted Virtualization - Encrypted State */
+#define X86_FEATURE_V_TSC_AUX		(19*32+ 9) /* Virtual TSC_AUX */
 #define X86_FEATURE_SME_COHERENT	(19*32+10) /* "" AMD hardware-enforced cache coherency */
 
 /*
diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
index b24ca7f4ed7c..99a4c078b397 100644
--- a/arch/x86/kvm/cpuid.c
+++ b/arch/x86/kvm/cpuid.c
@@ -674,7 +674,7 @@ void kvm_set_cpu_caps(void)
 
 	kvm_cpu_cap_mask(CPUID_8000_001F_EAX,
 		0 /* SME */ | F(SEV) | 0 /* VM_PAGE_FLUSH */ | F(SEV_ES) |
-		F(SME_COHERENT));
+		F(V_TSC_AUX) | F(SME_COHERENT));
 
 	kvm_cpu_cap_mask(CPUID_C000_0001_EDX,
 		F(XSTORE) | F(XSTORE_EN) | F(XCRYPT) | F(XCRYPT_EN) |

[PATCH v2 2/2] KVM: SVM: Disable RDTSCP and TSC_AUX MSR intercepts when V_TSC_AUX is present

[Babu Moger]

The TSC_AUX virtualization feature allows AMD SEV-ES guests to securely use
TSC_AUX (auxiliary time stamp counter data) in the RDTSCP and RDPID
instructions. The TSC_AUX value is set using the WRMSR instruction to the
TSC_AUX MSR (0xC0000103). It is read by the RDMSR, RDTSCP and RDPID
instructions. If the read/write of the TSC_AUX MSR is intercepted, then
RDTSCP and RDPID must also be intercepted when TSC_AUX virtualization
is present. However, the RDPID instruction can't be intercepted. This means
that when TSC_AUX virtualization is present, RDTSCP and TSC_AUX MSR
read/write must not be intercepted for SEV-ES (or SEV-SNP) guests.

Signed-off-by: Babu Moger <babu.moger@amd.com>
---
v2:
No changes from v1.

v1:
https://lore.kernel.org/kvm/164937947781.1047063.9230786680311460912.stgit@bmoger-ubuntu/

 arch/x86/kvm/svm/sev.c |    8 ++++++++
 arch/x86/kvm/svm/svm.c |    1 +
 arch/x86/kvm/svm/svm.h |    2 +-
 3 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index 537aaddc852f..b0ead47c85e5 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -2922,6 +2922,14 @@ void sev_es_init_vmcb(struct vcpu_svm *svm)
 	set_msr_interception(vcpu, svm->msrpm, MSR_IA32_LASTBRANCHTOIP, 1, 1);
 	set_msr_interception(vcpu, svm->msrpm, MSR_IA32_LASTINTFROMIP, 1, 1);
 	set_msr_interception(vcpu, svm->msrpm, MSR_IA32_LASTINTTOIP, 1, 1);
+
+	if (boot_cpu_has(X86_FEATURE_V_TSC_AUX) &&
+	    (guest_cpuid_has(&svm->vcpu, X86_FEATURE_RDTSCP) ||
+	     guest_cpuid_has(&svm->vcpu, X86_FEATURE_RDPID))) {
+		set_msr_interception(vcpu, svm->msrpm, MSR_TSC_AUX, 1, 1);
+		if (guest_cpuid_has(&svm->vcpu, X86_FEATURE_RDTSCP))
+			svm_clr_intercept(svm, INTERCEPT_RDTSCP);
+	}
 }
 
 void sev_es_vcpu_reset(struct vcpu_svm *svm)
diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index bd4c64b362d2..526dc1be1c3c 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -101,6 +101,7 @@ static const struct svm_direct_access_msrs {
 	{ .index = MSR_EFER,				.always = false },
 	{ .index = MSR_IA32_CR_PAT,			.always = false },
 	{ .index = MSR_AMD64_SEV_ES_GHCB,		.always = true  },
+	{ .index = MSR_TSC_AUX,				.always = false },
 	{ .index = MSR_INVALID,				.always = false },
 };
 
diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h
index f77a7d2d39dd..da701edec93b 100644
--- a/arch/x86/kvm/svm/svm.h
+++ b/arch/x86/kvm/svm/svm.h
@@ -29,7 +29,7 @@
 #define	IOPM_SIZE PAGE_SIZE * 3
 #define	MSRPM_SIZE PAGE_SIZE * 2
 
-#define MAX_DIRECT_ACCESS_MSRS	20
+#define MAX_DIRECT_ACCESS_MSRS	21
 #define MSRPM_OFFSETS	16
 extern u32 msrpm_offsets[MSRPM_OFFSETS] __read_mostly;
 extern bool npt_enabled;

Re: [PATCH v2 1/2] x86/cpufeatures: Add virtual TSC_AUX feature bit

[Borislav Petkov]

On Tue, Apr 19, 2022 at 03:53:52PM -0500, Babu Moger wrote:
> The TSC_AUX Virtualization feature allows AMD SEV-ES guests to securely use
> TSC_AUX (auxiliary time stamp counter data) MSR in RDTSCP and RDPID
> instructions.
> 
> The TSC_AUX MSR is typically initialized to APIC ID or another unique
> identifier so that software can quickly associate returned TSC value
> with the logical processor.
> 
> Add the feature bit and also include it in the kvm for detection.
> 
> Signed-off-by: Babu Moger <babu.moger@amd.com>
> Acked-by: Borislav Petkov <bp@suse.de>
> ---
> v2:
> Fixed the text(commented by Boris).
> Added Acked-by from Boris.
> 
> v1:
> https://lore.kernel.org/kvm/164937947020.1047063.14919887750944564032.stgit@bmoger-ubuntu/
> 
>  arch/x86/include/asm/cpufeatures.h |    1 +
>  arch/x86/kvm/cpuid.c               |    2 +-
>  2 files changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h
> index 73e643ae94b6..1bc66a17a95a 100644
> --- a/arch/x86/include/asm/cpufeatures.h
> +++ b/arch/x86/include/asm/cpufeatures.h
> @@ -405,6 +405,7 @@
>  #define X86_FEATURE_SEV			(19*32+ 1) /* AMD Secure Encrypted Virtualization */
>  #define X86_FEATURE_VM_PAGE_FLUSH	(19*32+ 2) /* "" VM Page Flush MSR is supported */
>  #define X86_FEATURE_SEV_ES		(19*32+ 3) /* AMD Secure Encrypted Virtualization - Encrypted State */
> +#define X86_FEATURE_V_TSC_AUX		(19*32+ 9) /* Virtual TSC_AUX */

I forgot from the last time: nothing is going to use that bit in
userspace so make that

#define X86_FEATURE_V_TSC_AUX		(19*32+ 9) /* "" Virtual TSC_AUX */

please.

Thx.

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Re: [PATCH v2 1/2] x86/cpufeatures: Add virtual TSC_AUX feature bit

[Moger, Babu]

On 4/20/22 06:43, Borislav Petkov wrote:
> On Tue, Apr 19, 2022 at 03:53:52PM -0500, Babu Moger wrote:
>> The TSC_AUX Virtualization feature allows AMD SEV-ES guests to securely use
>> TSC_AUX (auxiliary time stamp counter data) MSR in RDTSCP and RDPID
>> instructions.
>>
>> The TSC_AUX MSR is typically initialized to APIC ID or another unique
>> identifier so that software can quickly associate returned TSC value
>> with the logical processor.
>>
>> Add the feature bit and also include it in the kvm for detection.
>>
>> Signed-off-by: Babu Moger <babu.moger@amd.com>
>> Acked-by: Borislav Petkov <bp@suse.de>
>> ---
>> v2:
>> Fixed the text(commented by Boris).
>> Added Acked-by from Boris.
>>
>> v1:
>> https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Flore.kernel.org%2Fkvm%2F164937947020.1047063.14919887750944564032.stgit%40bmoger-ubuntu%2F&amp;data=05%7C01%7Cbabu.moger%40amd.com%7Cf826192970c549ae73af08da22c2ff93%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637860518176768607%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&amp;sdata=fExIt5ghvuew%2BXKzGyixye2%2BLQncv91274nt8I0NXbY%3D&amp;reserved=0
>>
>>  arch/x86/include/asm/cpufeatures.h |    1 +
>>  arch/x86/kvm/cpuid.c               |    2 +-
>>  2 files changed, 2 insertions(+), 1 deletion(-)
>>
>> diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h
>> index 73e643ae94b6..1bc66a17a95a 100644
>> --- a/arch/x86/include/asm/cpufeatures.h
>> +++ b/arch/x86/include/asm/cpufeatures.h
>> @@ -405,6 +405,7 @@
>>  #define X86_FEATURE_SEV			(19*32+ 1) /* AMD Secure Encrypted Virtualization */
>>  #define X86_FEATURE_VM_PAGE_FLUSH	(19*32+ 2) /* "" VM Page Flush MSR is supported */
>>  #define X86_FEATURE_SEV_ES		(19*32+ 3) /* AMD Secure Encrypted Virtualization - Encrypted State */
>> +#define X86_FEATURE_V_TSC_AUX		(19*32+ 9) /* Virtual TSC_AUX */
> I forgot from the last time: nothing is going to use that bit in
> userspace so make that
>
> #define X86_FEATURE_V_TSC_AUX		(19*32+ 9) /* "" Virtual TSC_AUX */

Ok. Sure.

Thanks

>
> please.
>
> Thx.
>
-- 
Thanks
Babu Moger

Re: [PATCH v2 1/2] x86/cpufeatures: Add virtual TSC_AUX feature bit

[Paolo Bonzini]

On 4/19/22 22:53, Babu Moger wrote:
> diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
> index b24ca7f4ed7c..99a4c078b397 100644
> --- a/arch/x86/kvm/cpuid.c
> +++ b/arch/x86/kvm/cpuid.c
> @@ -674,7 +674,7 @@ void kvm_set_cpu_caps(void)
>   
>   	kvm_cpu_cap_mask(CPUID_8000_001F_EAX,
>   		0 /* SME */ | F(SEV) | 0 /* VM_PAGE_FLUSH */ | F(SEV_ES) |
> -		F(SME_COHERENT));
> +		F(V_TSC_AUX) | F(SME_COHERENT));
>   
>   	kvm_cpu_cap_mask(CPUID_C000_0001_EDX,
>   		F(XSTORE) | F(XSTORE_EN) | F(XCRYPT) | F(XCRYPT_EN) |

Not needed, since V_TSC_AUX is not exposed to guests.

I made the changes and queued both patches.

Paolo