lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 2 Nov 2023 15:38:51 +0300
From:   "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>
To:     "Nikunj A. Dadhania" <nikunj@....com>, seanjc@...gle.com,
        pbonzini@...hat.com
Cc:     Dave Hansen <dave.hansen@...el.com>, linux-kernel@...r.kernel.org,
        thomas.lendacky@....com, x86@...nel.org, kvm@...r.kernel.org,
        bp@...en8.de, mingo@...hat.com, tglx@...utronix.de,
        dave.hansen@...ux.intel.com, dionnaglaze@...gle.com,
        pgonda@...gle.com
Subject: Re: [PATCH v5 13/14] x86/tsc: Mark Secure TSC as reliable clocksource

On Thu, Nov 02, 2023 at 05:46:26PM +0530, Nikunj A. Dadhania wrote:
> On 11/2/2023 5:37 PM, Nikunj A. Dadhania wrote:
> > On 11/2/2023 4:03 PM, Kirill A. Shutemov wrote:
> >> On Thu, Nov 02, 2023 at 11:23:34AM +0530, Nikunj A. Dadhania wrote:
> >>> On 10/30/2023 10:48 PM, Dave Hansen wrote:
> >>>> On 10/29/23 23:36, Nikunj A Dadhania wrote:
> >>>> ...
> >>>>> diff --git a/arch/x86/kernel/tsc.c b/arch/x86/kernel/tsc.c
> >>>>> index 15f97c0abc9d..b0a8546d3703 100644
> >>>>> --- a/arch/x86/kernel/tsc.c
> >>>>> +++ b/arch/x86/kernel/tsc.c
> >>>>> @@ -1241,7 +1241,7 @@ static void __init check_system_tsc_reliable(void)
> >>>>>  			tsc_clocksource_reliable = 1;
> >>>>>  	}
> >>>>>  #endif
> >>>>> -	if (boot_cpu_has(X86_FEATURE_TSC_RELIABLE))
> >>>>> +	if (boot_cpu_has(X86_FEATURE_TSC_RELIABLE) || cc_platform_has(CC_ATTR_GUEST_SECURE_TSC))
> >>>>>  		tsc_clocksource_reliable = 1;
> >>>>
> >>>> Why can't you just set X86_FEATURE_TSC_RELIABLE?
> >>>
> >>> Last time when I tried, I had removed my kvmclock changes and I had set
> >>> the X86_FEATURE_TSC_RELIABLE similar to Kirill's patch[1], this did not
> >>> select the SecureTSC.
> >>>
> >>> Let me try setting X86_FEATURE_TSC_RELIABLE and retaining my patch for
> >>> skipping kvmclock.
> >>
> >> kvmclock lowers its rating if TSC is good enough:
> >>
> >> 	if (boot_cpu_has(X86_FEATURE_CONSTANT_TSC) &&
> >> 	    boot_cpu_has(X86_FEATURE_NONSTOP_TSC) &&
> >> 	    !check_tsc_unstable())
> >> 		kvm_clock.rating = 299;
> >>
> >> Does your TSC meet the requirements?
> > 
> > I have set TscInvariant (bit 8) in CPUID_8000_0007_edx and TSC is set as reliable.
> > 
> > With this I see kvm_clock rating being lowered, but kvm-clock is still being picked as clock-source.
> 
> Ah.. at later point TSC is picked up, is this expected ?
> 
> [    2.564052] clocksource: Switched to clocksource kvm-clock
> [    2.678136] clocksource: Switched to clocksource tsc

On bare metal I see switch from tsc-early to tsc. tsc-early rating is
equal to kvmclock rating after it gets lowered.

Maybe kvmclock rating has to be even lower after detecting sane TSC?

Sean, Paolo, any comments?

-- 
  Kiryl Shutsemau / Kirill A. Shutemov

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ