lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <505FB766-F79B-4D54-910E-B2EE497515FE@intel.com>
Date:   Tue, 29 Aug 2023 16:01:48 +0000
From:   "Nakajima, Jun" <jun.nakajima@...el.com>
To:     Thomas Gleixner <tglx@...utronix.de>
CC:     "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>,
        "Hansen, Dave" <dave.hansen@...el.com>,
        Borislav Petkov <bp@...en8.de>,
        "Lutomirski, Andy" <luto@...nel.org>,
        Kuppuswamy Sathyanarayanan 
        <sathyanarayanan.kuppuswamy@...ux.intel.com>,
        "Reshetova, Elena" <elena.reshetova@...el.com>,
        "x86@...nel.org" <x86@...nel.org>,
        "linux-coco@...ts.linux.dev" <linux-coco@...ts.linux.dev>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] x86/tdx: Mark TSC reliable

> On Aug 25, 2023, at 10:09 AM, Thomas Gleixner <tglx@...utronix.de> wrote:
> 
> On Fri, Aug 25 2023 at 16:52, Kirill A. Shutemov wrote:
>> On Thu, Aug 24, 2023 at 05:49:05PM +0200, Thomas Gleixner wrote:
>>> On Tue, Aug 08 2023 at 23:01, Kirill A. Shutemov wrote:
>>>> On Tue, Aug 08, 2023 at 10:13:05AM -0700, Dave Hansen wrote:
>>>>> I take it this is carved in stone in the TDX specs somewhere.  A
>>>>> reference would be nice.
>>>> 
>>>> TDX Module 1.0 spec:
>>>> 
>>>> 5.3.5. Time Stamp Counter (TSC)
>>>> 
>>>> TDX provides a trusted virtual TSC to the guest TDs. TSC value is
>>>> monotonously incrementing, starting from 0 on TD initialization by the
>>>> host VMM. The deviation between virtual TSC values read by each VCPU is
>>>> small.
>>> 
>>> Nice weasel wording. What's the definition of "small"?
>> 
>> The newer spec says "Virtual TSC values are consistent among all the TD’s
>> VCPUs at the level supported by the CPU".
> 
> That means what? It's not a guarantee for consistency either. :(

Actually (in TDX Module 1.5 spec), the sentence is "Virtual TSC values are consistent among all the TD’s VCPUs at the level supported by the CPU, see below”. 

And the below:
---
The host VMM is required to do the following:
• Set up the same IA32_TSC_ADJUST values on all LPs before initializing the Intel TDX module.
• Make sure IA32_TSC_ADJUST is not modified from its initial value before calling SEAMCALL.

The Intel TDX module checks the above as part of TDH.VP.ENTER and any other SEAMCALL leaf function that reads TSC.

The virtualized TSC is designed to have the following characteristics:
• The virtual TSC frequency is specified by the host VMM as an input to TDH.MNG.INIT in units of 25MHz – it can be between 4 and 400 (corresponding to a range of 100MHz to 10GHz).
• The virtual TSC starts counting from 0 at TDH.MNG.INIT time.
...

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ