lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <YB09f5oJ+sP9hiy6@hirez.programming.kicks-ass.net>
Date:   Fri, 5 Feb 2021 13:43:43 +0100
From:   Peter Zijlstra <peterz@...radead.org>
To:     Zhimin Feng <fengzhimin@...edance.com>
Cc:     x86@...nel.org, kvm@...r.kernel.org, linux-kernel@...r.kernel.org,
        pbonzini@...hat.com, seanjc@...gle.com, vkuznets@...hat.com,
        wanpengli@...cent.com, jmattson@...gle.com, joro@...tes.org,
        tglx@...utronix.de, mingo@...hat.com, bp@...en8.de, hpa@...or.com,
        fweisbec@...il.com, zhouyibo@...edance.com,
        zhanghaozhong@...edance.com
Subject: Re: [RFC: timer passthrough 5/9] KVM: vmx: use tsc_adjust to enable
 tsc_offset timer passthrough

On Fri, Feb 05, 2021 at 06:03:13PM +0800, Zhimin Feng wrote:
> when in vm:
> rdtsc = host_tsc * (TSC multiplier) + tsc_offset(<0)
> so when vm write tsc_deadline_msr the value always less than
> tsc stampcounter msr value, the irq never be triggered.
> 
> the tsc_adjust msr use as below, host execute
> rdtsc = host_tsc + tsc_adjust
> 
> when vmentry, we set the tsc_adjust equal tsc_offset and vmcs
> tsc offset filed equal 0, so the vm execute rdtsc the result like this:
> rdtsc = host_tsc + tsc_adjust + 0
> the tsc_deadline_msr value will equal tsc stampcounter msr and
> the irq will trigger success.

That above is unintelligible..

> +static void vmx_adjust_tsc_offset(struct kvm_vcpu *vcpu, bool to_host)
> +{
> +	u64 tsc_adjust;
> +	struct timer_passth_info *local_timer_info;
> +
> +	local_timer_info = &per_cpu(passth_info, smp_processor_id());
> +
> +	if (to_host) {
> +		tsc_adjust = local_timer_info->host_tsc_adjust;
> +		wrmsrl(MSR_IA32_TSC_ADJUST, tsc_adjust);
> +		vmcs_write64(TSC_OFFSET, vcpu->arch.tsc_offset);
> +	} else {
> +		rdmsrl(MSR_IA32_TSC_ADJUST, tsc_adjust);
> +		local_timer_info->host_tsc_adjust = tsc_adjust;
> +
> +		wrmsrl(MSR_IA32_TSC_ADJUST, tsc_adjust + vcpu->arch.tsc_offset);
> +		vmcs_write64(TSC_OFFSET, 0);
> +	}
> +}

NAK

This wrecks the host TSC value, any host code between this and actually
entering that VM will observe batshit time.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ