lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <0321430a-8666-4017-b791-127484c2b17e@amd.com>
Date:   Thu, 2 Nov 2023 11:09:16 +0530
From:   "Nikunj A. Dadhania" <nikunj@....com>
To:     Tom Lendacky <thomas.lendacky@....com>,
        linux-kernel@...r.kernel.org, x86@...nel.org, kvm@...r.kernel.org
Cc:     bp@...en8.de, mingo@...hat.com, tglx@...utronix.de,
        dave.hansen@...ux.intel.com, dionnaglaze@...gle.com,
        pgonda@...gle.com, seanjc@...gle.com, pbonzini@...hat.com
Subject: Re: [PATCH v5 12/14] x86/kvmclock: Skip kvmclock when Secure TSC is
 available

On 10/31/2023 2:30 AM, Tom Lendacky wrote:
> On 10/30/23 01:36, Nikunj A Dadhania wrote:
>> For AMD SNP guests having Secure TSC enabled, skip using the kvmclock.
>> The guest kernel will fallback and use Secure TSC based clocksource.
>>
>> Signed-off-by: Nikunj A Dadhania <nikunj@....com>
>> ---
>>   arch/x86/kernel/kvmclock.c | 2 +-
>>   1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/arch/x86/kernel/kvmclock.c b/arch/x86/kernel/kvmclock.c
>> index fb8f52149be9..779e7311fa6f 100644
>> --- a/arch/x86/kernel/kvmclock.c
>> +++ b/arch/x86/kernel/kvmclock.c
>> @@ -288,7 +288,7 @@ void __init kvmclock_init(void)
>>   {
>>       u8 flags;
>>   -    if (!kvm_para_available() || !kvmclock)
>> +    if (!kvm_para_available() || !kvmclock || cc_platform_has(CC_ATTR_GUEST_SECURE_TSC))
> 
> And is setting X86_FEATURE_TSC_RELIABLE, as Dave Hansen suggests, enough
> to prevent usage of kvmclock?

No that wasn't sufficient. kvmclock was always selected before SecureTSC even when X86_FEATURE_TSC_RELIABLE was selected.

> 
> There was a discussion here:
>  https://lore.kernel.org/lkml/20230808162320.27297-1-kirill.shutemov@linux.intel.com/
> 
> Thanks,
> Tom

Regards
Nikunj

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ