On 2/17/25 04:22, Nikunj A Dadhania wrote:
> Introduce the read-only MSR GUEST_TSC_FREQ (0xc0010134) that returns
> guest's effective frequency in MHZ when Secure TSC is enabled for SNP
> guests. Disable interception of this MSR when Secure TSC is enabled. Note
> that GUEST_TSC_FREQ MSR is accessible only to the guest and not from the
> hypervisor context.
>
> Signed-off-by: Nikunj A Dadhania <nikunj@xxxxxxx>
> ---
> arch/x86/include/asm/svm.h | 1 +
> arch/x86/kvm/svm/sev.c | 2 ++
> arch/x86/kvm/svm/svm.c | 1 +
> arch/x86/kvm/svm/svm.h | 11 ++++++++++-
> 4 files changed, 14 insertions(+), 1 deletion(-)
>
> diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h
> index e2fac21471f5..a04346068c60 100644
> --- a/arch/x86/include/asm/svm.h
> +++ b/arch/x86/include/asm/svm.h
> @@ -289,6 +289,7 @@ static_assert((X2AVIC_MAX_PHYSICAL_ID & AVIC_PHYSICAL_MAX_INDEX_MASK) == X2AVIC_
> #define SVM_SEV_FEAT_RESTRICTED_INJECTION BIT(3)
> #define SVM_SEV_FEAT_ALTERNATE_INJECTION BIT(4)
> #define SVM_SEV_FEAT_DEBUG_SWAP BIT(5)
> +#define SVM_SEV_FEAT_SECURE_TSC BIT(9)
>
> #define SVM_SEV_FEAT_INT_INJ_MODES \
> (SVM_SEV_FEAT_RESTRICTED_INJECTION | \
> diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
> index 74525651770a..7875bb14a2b1 100644
> --- a/arch/x86/kvm/svm/sev.c
> +++ b/arch/x86/kvm/svm/sev.c
> @@ -843,6 +843,8 @@ static int sev_es_sync_vmsa(struct vcpu_svm *svm)
> save->dr6 = svm->vcpu.arch.dr6;
>
> save->sev_features = sev->vmsa_features;
> + if (snp_secure_tsc_enabled(vcpu->kvm))
> + set_msr_interception(&svm->vcpu, svm->msrpm, MSR_AMD64_GUEST_TSC_FREQ, 1, 1);
Seems odd to clear the intercept in the sev_es_sync_vmsa() routine. Why
not in the sev_es_init_vmcb() routine where this is normally done?
Thanks,
Tom
>
> /*
> * Skip FPU and AVX setup with KVM_SEV_ES_INIT to avoid
> diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
> index b8aa0f36850f..93cf508f983c 100644
> --- a/arch/x86/kvm/svm/svm.c
> +++ b/arch/x86/kvm/svm/svm.c
> @@ -143,6 +143,7 @@ static const struct svm_direct_access_msrs {
> { .index = X2APIC_MSR(APIC_TMICT), .always = false },
> { .index = X2APIC_MSR(APIC_TMCCT), .always = false },
> { .index = X2APIC_MSR(APIC_TDCR), .always = false },
> + { .index = MSR_AMD64_GUEST_TSC_FREQ, .always = false },
> { .index = MSR_INVALID, .always = false },
> };
>
> diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h
> index 5b159f017055..7335af2ab1df 100644
> --- a/arch/x86/kvm/svm/svm.h
> +++ b/arch/x86/kvm/svm/svm.h
> @@ -44,7 +44,7 @@ static inline struct page *__sme_pa_to_page(unsigned long pa)
> #define IOPM_SIZE PAGE_SIZE * 3
> #define MSRPM_SIZE PAGE_SIZE * 2
>
> -#define MAX_DIRECT_ACCESS_MSRS 48
> +#define MAX_DIRECT_ACCESS_MSRS 49
> #define MSRPM_OFFSETS 32
> extern u32 msrpm_offsets[MSRPM_OFFSETS] __read_mostly;
> extern bool npt_enabled;
> @@ -377,10 +377,19 @@ static __always_inline bool sev_snp_guest(struct kvm *kvm)
> return (sev->vmsa_features & SVM_SEV_FEAT_SNP_ACTIVE) &&
> !WARN_ON_ONCE(!sev_es_guest(kvm));
> }
> +
> +static inline bool snp_secure_tsc_enabled(struct kvm *kvm)
> +{
> + struct kvm_sev_info *sev = to_kvm_sev_info(kvm);
> +
> + return (sev->vmsa_features & SVM_SEV_FEAT_SECURE_TSC) &&
> + !WARN_ON_ONCE(!sev_snp_guest(kvm));
> +}
> #else
> #define sev_guest(kvm) false
> #define sev_es_guest(kvm) false
> #define sev_snp_guest(kvm) false
> +#define snp_secure_tsc_enabled(kvm) false
> #endif
>
> static inline bool ghcb_gpa_is_registered(struct vcpu_svm *svm, u64 val)
