lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <c3b789cd-ab23-4a61-9c00-f37a2108abd4@amd.com>
Date: Mon, 25 Aug 2025 11:07:22 +0530
From: "Nikunj A. Dadhania" <nikunj@....com>
To: Sean Christopherson <seanjc@...gle.com>, Paolo Bonzini
	<pbonzini@...hat.com>
CC: <kvm@...r.kernel.org>, <linux-kernel@...r.kernel.org>, Thomas Lendacky
	<thomas.lendacky@....com>, Michael Roth <michael.roth@....com>, "Borislav
 Petkov" <bp@...en8.de>, Vaishali Thakkar <vaishali.thakkar@...e.com>, "Kai
 Huang" <kai.huang@...el.com>
Subject: Re: [PATCH v11 0/8] KVM: SVM: Enable Secure TSC for SEV-SNP



On 8/22/2025 3:05 AM, Sean Christopherson wrote:
> On Tue, 19 Aug 2025 16:48:25 -0700, Sean Christopherson wrote:
>> This is a combination of Nikunk's series to enable secure TSC support and to
>> fix the GHCB version issues, along with some code refactorings to move SEV+
>> setup code into sev.c (we've managed to grow something like 4 flows that all
>> do more or less the same thing).
>>
>> Note, I haven't tested SNP functionality in any way.
>>
>> [...]
> 
> Applied to kvm-x86 svm. 

Thanks Sean !

> Nikunj, can you give this one last sanity check when
> you get the chance?  No rush.  I moved the "!kvm->arch.default_tsc_khz" check
> up slightly so that it could use a direct return instead of a goto, just want
> to make sure I didn't pull a stupid.

Tested the branch with SEV, SEV-ES, SNP and SNP with SecureTSC guests,
working as expected.

> 
> Thanks!
> 
> [1/8] KVM: SEV: Drop GHCB_VERSION_DEFAULT and open code it
>       https://github.com/kvm-x86/linux/commit/c78af20374a1
> [2/8] KVM: SEV: Enforce minimum GHCB version requirement for SEV-SNP guests
>       https://github.com/kvm-x86/linux/commit/00f0b959ffb0
> [3/8] x86/cpufeatures: Add SNP Secure TSC
>       https://github.com/kvm-x86/linux/commit/7b59c73fd611
> [4/8] KVM: SVM: Move SEV-ES VMSA allocation to a dedicated sev_vcpu_create() helper
>       https://github.com/kvm-x86/linux/commit/34bd82aab15b
> [5/8] KVM: SEV: Move init of SNP guest state into sev_init_vmcb()
>       https://github.com/kvm-x86/linux/commit/3d4e882e3439
> [6/8] KVM: SEV: Set RESET GHCB MSR value during sev_es_init_vmcb()
>       https://github.com/kvm-x86/linux/commit/baf6ed177290
> [7/8] KVM: SEV: Fold sev_es_vcpu_reset() into sev_vcpu_create()
>       https://github.com/kvm-x86/linux/commit/f7b1f0c1620d
> [8/8] KVM: SVM: Enable Secure TSC for SNP guests
>       https://github.com/kvm-x86/linux/commit/a311fce2b694
> 
> --
> https://github.com/kvm-x86/linux/tree/next

Regards,
Nikunj

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ