| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 6 Nov 2023 17:23:44 +0530
From: "Nikunj A. Dadhania" <nikunj@....com>
To: "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>,
seanjc@...gle.com, pbonzini@...hat.com
Cc: Dave Hansen <dave.hansen@...el.com>, linux-kernel@...r.kernel.org,
thomas.lendacky@....com, x86@...nel.org, kvm@...r.kernel.org,
bp@...en8.de, mingo@...hat.com, tglx@...utronix.de,
dave.hansen@...ux.intel.com, dionnaglaze@...gle.com,
pgonda@...gle.com
Subject: Re: [PATCH v5 13/14] x86/tsc: Mark Secure TSC as reliable clocksource
On 11/2/2023 6:08 PM, Kirill A. Shutemov wrote:
> On Thu, Nov 02, 2023 at 05:46:26PM +0530, Nikunj A. Dadhania wrote:
>> On 11/2/2023 5:37 PM, Nikunj A. Dadhania wrote:
>>> On 11/2/2023 4:03 PM, Kirill A. Shutemov wrote:
>>>> On Thu, Nov 02, 2023 at 11:23:34AM +0530, Nikunj A. Dadhania wrote:
>>>>> On 10/30/2023 10:48 PM, Dave Hansen wrote:
>>>>>> On 10/29/23 23:36, Nikunj A Dadhania wrote:
>>>>>> ...
>>>>>>> diff --git a/arch/x86/kernel/tsc.c b/arch/x86/kernel/tsc.c
>>>>>>> index 15f97c0abc9d..b0a8546d3703 100644
>>>>>>> --- a/arch/x86/kernel/tsc.c
>>>>>>> +++ b/arch/x86/kernel/tsc.c
>>>>>>> @@ -1241,7 +1241,7 @@ static void __init check_system_tsc_reliable(void)
>>>>>>> tsc_clocksource_reliable = 1;
>>>>>>> }
>>>>>>> #endif
>>>>>>> - if (boot_cpu_has(X86_FEATURE_TSC_RELIABLE))
>>>>>>> + if (boot_cpu_has(X86_FEATURE_TSC_RELIABLE) || cc_platform_has(CC_ATTR_GUEST_SECURE_TSC))
>>>>>>> tsc_clocksource_reliable = 1;
>>>>>>
>>>>>> Why can't you just set X86_FEATURE_TSC_RELIABLE?
>>>>>
>>>>> Last time when I tried, I had removed my kvmclock changes and I had set
>>>>> the X86_FEATURE_TSC_RELIABLE similar to Kirill's patch[1], this did not
>>>>> select the SecureTSC.
>>>>>
>>>>> Let me try setting X86_FEATURE_TSC_RELIABLE and retaining my patch for
>>>>> skipping kvmclock.
>>>>
>>>> kvmclock lowers its rating if TSC is good enough:
>>>>
>>>> if (boot_cpu_has(X86_FEATURE_CONSTANT_TSC) &&
>>>> boot_cpu_has(X86_FEATURE_NONSTOP_TSC) &&
>>>> !check_tsc_unstable())
>>>> kvm_clock.rating = 299;
>>>>
>>>> Does your TSC meet the requirements?
>>>
>>> I have set TscInvariant (bit 8) in CPUID_8000_0007_edx and TSC is set as reliable.
>>>
>>> With this I see kvm_clock rating being lowered, but kvm-clock is still being picked as clock-source.
>>
>> Ah.. at later point TSC is picked up, is this expected ?
>>
>> [ 2.564052] clocksource: Switched to clocksource kvm-clock
>> [ 2.678136] clocksource: Switched to clocksource tsc
>
> On bare metal I see switch from tsc-early to tsc. tsc-early rating is
> equal to kvmclock rating after it gets lowered.
For SNP guest with secure tsc enabled, kvm-clock and tsc-early both are at 299.
Initially, kvm-clock is selected as clocksource and when tsc with 300 rating is enqueued,
clocksource then switches to tsc.
[ 0.004231] clocksource: clocksource_enqueue: name kvm-clock rating 299
[...]
[ 2.046319] clocksource: clocksource_enqueue: name tsc-early rating 299
[...]
[ 3.399179] clocksource: Switched to clocksource kvm-clock
[...]
[ 3.513652] clocksource: clocksource_enqueue: name tsc rating 300
[ 3.517314] clocksource: Switched to clocksource tsc
> Maybe kvmclock rating has to be even lower after detecting sane TSC?
If I set kvmclock rating to 298, I do see exact behavior as you have seen on the bare-metal.
[ 0.004520] clocksource: clocksource_enqueue: name kvm-clock rating 298
[...]
[ 1.827422] clocksource: clocksource_enqueue: name tsc-early rating 299
[...]
[ 3.485059] clocksource: Switched to clocksource tsc-early
[...]
[ 3.623625] clocksource: clocksource_enqueue: name tsc rating 300
[ 3.628954] clocksource: Switched to clocksource tsc
Regards
Nikunj
Powered by blists - more mailing lists