| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <7a5de2be-4e79-409a-90f2-398815fc59c7@amd.com> Date: Wed, 18 Dec 2024 10:50:07 +0530 From: "Nikunj A. Dadhania" <nikunj@....com> To: Borislav Petkov <bp@...en8.de> Cc: linux-kernel@...r.kernel.org, thomas.lendacky@....com, x86@...nel.org, kvm@...r.kernel.org, mingo@...hat.com, tglx@...utronix.de, dave.hansen@...ux.intel.com, pgonda@...gle.com, seanjc@...gle.com, pbonzini@...hat.com Subject: Re: [PATCH v15 06/13] x86/sev: Prevent GUEST_TSC_FREQ MSR interception for Secure TSC enabled guests On 12/17/2024 4:27 PM, Borislav Petkov wrote: > On Thu, Dec 12, 2024 at 10:23:01AM +0530, Nikunj A. Dadhania wrote: >> @@ -1477,19 +1480,13 @@ static enum es_result vc_handle_msr(struct ghcb *ghcb, struct es_em_ctxt *ctxt) >> case MSR_SVSM_CAA: >> return __vc_handle_msr_caa(regs, write); >> case MSR_IA32_TSC: >> - return __vc_handle_msr_tsc(regs, write); >> + case MSR_AMD64_GUEST_TSC_FREQ: >> + if (sev_status & MSR_AMD64_SNP_SECURE_TSC) >> + return __vc_handle_msr_tsc(regs, write); With the above change, non-Secure TSC SNP guest will return following error: $ sudo rdmsr 0xc0010134 rdmsr: CPU 0 cannot read MSR 0xc0010134 $ > Now push that conditional inside the function too. With the condition inside the function, even tough the MSR is not valid in this configuration, I am getting value 0. Is this behavior acceptable ? $ sudo rdmsr 0xc0010134 0 $ Regards, Nikunj
Powered by blists - more mailing lists