lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20250722055030.3126772-2-suleiman@google.com>
Date: Tue, 22 Jul 2025 14:50:28 +0900
From: Suleiman Souhlal <suleiman@...gle.com>
To: Paolo Bonzini <pbonzini@...hat.com>, Sean Christopherson <seanjc@...gle.com>
Cc: Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>, 
	Dave Hansen <dave.hansen@...ux.intel.com>, x86@...nel.org, 
	"H. Peter Anvin" <hpa@...or.com>, Chao Gao <chao.gao@...el.com>, 
	David Woodhouse <dwmw2@...radead.org>, Sergey Senozhatsky <senozhatsky@...omium.org>, 
	Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>, Tzung-Bi Shih <tzungbi@...nel.org>, 
	John Stultz <jstultz@...gle.com>, kvm@...r.kernel.org, linux-kernel@...r.kernel.org, 
	ssouhlal@...ebsd.org, Suleiman Souhlal <suleiman@...gle.com>
Subject: [PATCH v8 1/3] KVM: x86: Advance guest TSC after deep suspend.

Try to advance guest TSC to current time after suspend when the host
TSCs went backwards.

This makes the behavior consistent between suspends where host TSC
resets and suspends where it doesn't, such as suspend-to-idle, where
in the former case if the host TSC resets, the guests' would
previously be "frozen" due to KVM's backwards TSC prevention, while
in the latter case they would advance.

Suggested-by: Sean Christopherson <seanjc@...gle.com>
Signed-off-by: Suleiman Souhlal <suleiman@...gle.com>
---
 arch/x86/include/asm/kvm_host.h |  3 ++
 arch/x86/kvm/x86.c              | 49 ++++++++++++++++++++++++++++++++-
 2 files changed, 51 insertions(+), 1 deletion(-)

diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
index fb01e456b624..e57d51e9f2be 100644
--- a/arch/x86/include/asm/kvm_host.h
+++ b/arch/x86/include/asm/kvm_host.h
@@ -1415,6 +1415,9 @@ struct kvm_arch {
 	u64 cur_tsc_offset;
 	u64 cur_tsc_generation;
 	int nr_vcpus_matched_tsc;
+#ifdef CONFIG_X86_64
+	bool host_was_suspended;
+#endif
 
 	u32 default_tsc_khz;
 	bool user_set_tsc;
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index a9d992d5652f..422c7fcc5d83 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -2779,7 +2779,7 @@ static inline void adjust_tsc_offset_guest(struct kvm_vcpu *vcpu,
 	kvm_vcpu_write_tsc_offset(vcpu, tsc_offset + adjustment);
 }
 
-static inline void adjust_tsc_offset_host(struct kvm_vcpu *vcpu, s64 adjustment)
+static inline void __adjust_tsc_offset_host(struct kvm_vcpu *vcpu, s64 adjustment)
 {
 	if (vcpu->arch.l1_tsc_scaling_ratio != kvm_caps.default_tsc_scaling_ratio)
 		WARN_ON(adjustment < 0);
@@ -4995,6 +4995,52 @@ static bool need_emulate_wbinvd(struct kvm_vcpu *vcpu)
 
 static DEFINE_PER_CPU(struct kvm_vcpu *, last_vcpu);
 
+#ifdef CONFIG_X86_64
+static void kvm_set_host_was_suspended(struct kvm *kvm)
+{
+	kvm->arch.host_was_suspended = true;
+}
+
+static void adjust_tsc_offset_host(struct kvm_vcpu *vcpu, u64 adj)
+{
+	unsigned long flags;
+	struct kvm *kvm;
+	bool advance;
+	u64 kernel_ns, l1_tsc, offset, tsc_now;
+
+	kvm = vcpu->kvm;
+	advance = kvm_get_time_and_clockread(&kernel_ns, &tsc_now);
+	raw_spin_lock_irqsave(&kvm->arch.tsc_write_lock, flags);
+	/*
+	 * Advance the guest's TSC to current time instead of only preventing
+	 * it from going backwards, while making sure all the vCPUs use the
+	 * same offset.
+	 */
+	if (kvm->arch.host_was_suspended && advance) {
+		l1_tsc = nsec_to_cycles(vcpu,
+					kvm->arch.kvmclock_offset + kernel_ns);
+		offset = kvm_compute_l1_tsc_offset(vcpu, l1_tsc);
+		kvm->arch.cur_tsc_offset = offset;
+		kvm_vcpu_write_tsc_offset(vcpu, offset);
+	} else if (advance) {
+		kvm_vcpu_write_tsc_offset(vcpu, kvm->arch.cur_tsc_offset);
+	} else {
+		__adjust_tsc_offset_host(vcpu, adj);
+	}
+	kvm->arch.host_was_suspended = false;
+	raw_spin_unlock_irqrestore(&kvm->arch.tsc_write_lock, flags);
+}
+#else
+static void kvm_set_host_was_suspended(struct kvm *kvm)
+{
+}
+
+static void adjust_tsc_offset_host(struct kvm_vcpu *vcpu, u64 adj)
+{
+	__adjust_tsc_offset_host(vcpu, adj);
+}
+#endif /* CONFIG_X86_64 */
+
 void kvm_arch_vcpu_load(struct kvm_vcpu *vcpu, int cpu)
 {
 	struct kvm_pmu *pmu = vcpu_to_pmu(vcpu);
@@ -12729,6 +12775,7 @@ int kvm_arch_enable_virtualization_cpu(void)
 				kvm_make_request(KVM_REQ_MASTERCLOCK_UPDATE, vcpu);
 			}
 
+			kvm_set_host_was_suspended(kvm);
 			/*
 			 * We have to disable TSC offset matching.. if you were
 			 * booting a VM while issuing an S4 host suspend....
-- 
2.50.0.727.gbf7dc18ff4-goog

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ