| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <de0b0551-003d-0cc8-9015-9124c25f5d43@amd.com> Date: Thu, 24 Oct 2024 14:14:00 +0530 From: "Nikunj A. Dadhania" <nikunj@....com> To: Xiaoyao Li <xiaoyao.li@...el.com>, linux-kernel@...r.kernel.org, thomas.lendacky@....com, bp@...en8.de, x86@...nel.org, kvm@...r.kernel.org Cc: mingo@...hat.com, tglx@...utronix.de, dave.hansen@...ux.intel.com, pgonda@...gle.com, seanjc@...gle.com, pbonzini@...hat.com Subject: Re: [PATCH v13 05/13] x86/sev: Prevent RDTSC/RDTSCP interception for Secure TSC enabled guests On 10/24/2024 1:26 PM, Xiaoyao Li wrote: > On 10/21/2024 1:51 PM, Nikunj A Dadhania wrote: >> The hypervisor should not be intercepting RDTSC/RDTSCP when Secure TSC is >> enabled. A #VC exception will be generated if the RDTSC/RDTSCP instructions >> are being intercepted. If this should occur and Secure TSC is enabled, >> terminate guest execution. > > There is another option to ignore the interception and just return back to > guest execution. That is not correct, RDTSC/RDTSCP should return the timestamp counter value computed using the GUEST_TSC_SCALE and GUEST_TSC_OFFSET part of VMSA. > I think it better to add some justification on why make it> fatal and terminate the guest is better than ignoring the interception. How about the below updated commit message: The hypervisor should not be intercepting RDTSC/RDTSCP when Secure TSC is enabled. A #VC exception will be generated if the RDTSC/RDTSCP instructions are being intercepted. If this should occur and Secure TSC is enabled, terminate guest execution as the guest cannot rely on the TSC value provided by the hypervisor. Regards Nikunj
Powered by blists - more mailing lists