On 7/8/2025 8:07 PM, Sean Christopherson wrote: > On Mon, Jul 07, 2025, Nikunj A Dadhania wrote: >> Introduce the read-only MSR GUEST_TSC_FREQ (0xc0010134) that returns >> guest's effective frequency in MHZ when Secure TSC is enabled for SNP >> guests. Disable interception of this MSR when Secure TSC is enabled. Note >> that GUEST_TSC_FREQ MSR is accessible only to the guest and not from the >> hypervisor context. > > ... > >> @@ -4487,6 +4512,9 @@ static void sev_es_init_vmcb(struct vcpu_svm *svm) >> >> /* Can't intercept XSETBV, HV can't modify XCR0 directly */ >> svm_clr_intercept(svm, INTERCEPT_XSETBV); >> + >> + if (snp_secure_tsc_enabled(svm->vcpu.kvm)) >> + svm_disable_intercept_for_msr(&svm->vcpu, MSR_AMD64_GUEST_TSC_FREQ, MSR_TYPE_RW); > > KVM shouldn't be disabling write interception for a read-only MSR. Few of things to consider here: 1) GUEST_TSC_FREQ is a *guest only* MSR and what is the point in KVM intercepting writes to that MSR. The guest vCPU handles it appropriately when interception is disabled. 2) Guest does not expect GUEST_TSC_FREQ MSR to be intercepted(read or write), guest will terminate if GUEST_TSC_FREQ MSR is intercepted by the hypervisor: 38cc6495cdec x86/sev: Prevent GUEST_TSC_FREQ MSR interception for Secure TSC enabled guests > And this > code belongs in sev_es_recalc_msr_intercepts(). Sure. Regards, Nikunj
