lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20231106130041.gqoqszdxrmdomsxl@box.shutemov.name>
Date:   Mon, 6 Nov 2023 16:00:41 +0300
From:   "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>
To:     "Nikunj A. Dadhania" <nikunj@....com>
Cc:     Tom Lendacky <thomas.lendacky@....com>,
        linux-kernel@...r.kernel.org, x86@...nel.org, kvm@...r.kernel.org,
        bp@...en8.de, mingo@...hat.com, tglx@...utronix.de,
        dave.hansen@...ux.intel.com, dionnaglaze@...gle.com,
        pgonda@...gle.com, seanjc@...gle.com, pbonzini@...hat.com
Subject: Re: [PATCH v5 09/14] x86/sev: Add Secure TSC support for SNP guests

On Mon, Nov 06, 2023 at 04:15:59PM +0530, Nikunj A. Dadhania wrote:
> On 11/2/2023 4:06 PM, Kirill A. Shutemov wrote:
> > On Thu, Nov 02, 2023 at 11:11:52AM +0530, Nikunj A. Dadhania wrote:
> >> On 10/31/2023 1:56 AM, Tom Lendacky wrote:
> >>>> diff --git a/include/linux/cc_platform.h b/include/linux/cc_platform.h
> >>>> index cb0d6cd1c12f..e081ca4d5da2 100644
> >>>> --- a/include/linux/cc_platform.h
> >>>> +++ b/include/linux/cc_platform.h
> >>>> @@ -90,6 +90,14 @@ enum cc_attr {
> >>>>        * Examples include TDX Guest.
> >>>>        */
> >>>>       CC_ATTR_HOTPLUG_DISABLED,
> >>>> +
> >>>> +    /**
> >>>> +     * @CC_ATTR_GUEST_SECURE_TSC: Secure TSC is active.
> >>>> +     *
> >>>> +     * The platform/OS is running as a guest/virtual machine and actively
> >>>> +     * using AMD SEV-SNP Secure TSC feature.
> >>>
> >>> I think TDX also has a secure TSC like feature, so can this be generic?
> >>
> >> Yes, we can do that. In SNP case SecureTSC is an optional feature, not sure if that is the case for TDX as well.
> >>
> >> Kirill any inputs ?
> > 
> > We have several X86_FEATURE_ flags to indicate quality of TSC. Do we
> > really need a CC_ATTR on top of that? Maybe SEV code could just set
> > X86_FEATURE_ according to what its TSC can do?
> 
> For SEV-SNP, SEV_STATUS MSR has the information of various features
> that have been enabled by the hypervisor. We will need a CC_ATTR for
> these optional features.

If all users of the attribute is withing x86, I would rather add synthetic
X86_FEATURE_ flags than CC_ATTR_. We have better instrumentation around
features.

-- 
  Kiryl Shutsemau / Kirill A. Shutemov

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ