lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Tue, 5 Dec 2023 09:16:27 -0800
From:   Dionna Amalie Glaze <dionnaglaze@...gle.com>
To:     Nikunj A Dadhania <nikunj@....com>
Cc:     linux-kernel@...r.kernel.org, thomas.lendacky@....com,
        x86@...nel.org, kvm@...r.kernel.org, bp@...en8.de,
        mingo@...hat.com, tglx@...utronix.de, dave.hansen@...ux.intel.com,
        pgonda@...gle.com, seanjc@...gle.com, pbonzini@...hat.com
Subject: Re: [PATCH v6 12/16] x86/sev: Prevent RDTSC/RDTSCP interception for
 Secure TSC enabled guests

On Tue, Nov 28, 2023 at 5:02 AM Nikunj A Dadhania <nikunj@....com> wrote:
>
> The hypervisor should not be intercepting RDTSC/RDTSCP when Secure TSC
> is enabled. A #VC exception will be generated if the RDTSC/RDTSCP
> instructions are being intercepted. If this should occur and Secure
> TSC is enabled, terminate guest execution.
>
> Signed-off-by: Nikunj A Dadhania <nikunj@....com>
> ---
>  arch/x86/kernel/sev-shared.c | 10 ++++++++++
>  1 file changed, 10 insertions(+)
>
> diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c
> index ccb0915e84e1..6d9ef5897421 100644
> --- a/arch/x86/kernel/sev-shared.c
> +++ b/arch/x86/kernel/sev-shared.c
> @@ -991,6 +991,16 @@ static enum es_result vc_handle_rdtsc(struct ghcb *ghcb,
>         bool rdtscp = (exit_code == SVM_EXIT_RDTSCP);
>         enum es_result ret;
>
> +       /*
> +        * RDTSC and RDTSCP should not be intercepted when Secure TSC is
> +        * enabled. Terminate the SNP guest when the interception is enabled.
> +        * This file is included from kernel/sev.c and boot/compressed/sev.c,
> +        * use sev_status here as cc_platform_has() is not available when
> +        * compiling boot/compressed/sev.c.
> +        */
> +       if (sev_status & MSR_AMD64_SNP_SECURE_TSC)
> +               return ES_VMM_ERROR;

Is this not a cc_platform_has situation? I don't recall how the
conversation shook out for TDX's forcing X86_FEATURE_TSC_RELIABLE
versus having a cc_attr_secure_tsc

> +
>         ret = sev_es_ghcb_hv_call(ghcb, ctxt, exit_code, 0, 0);
>         if (ret != ES_OK)
>                 return ret;
> --
> 2.34.1
>


-- 
-Dionna Glaze, PhD (she/her)

Powered by blists - more mailing lists