On Fri, Feb 05, 2021 at 06:03:13PM +0800, Zhimin Feng wrote:
> when in vm:
> rdtsc = host_tsc * (TSC multiplier) + tsc_offset(<0)
> so when vm write tsc_deadline_msr the value always less than
> tsc stampcounter msr value, the irq never be triggered.
>
> the tsc_adjust msr use as below, host execute
> rdtsc = host_tsc + tsc_adjust
>
> when vmentry, we set the tsc_adjust equal tsc_offset and vmcs
> tsc offset filed equal 0, so the vm execute rdtsc the result like this:
> rdtsc = host_tsc + tsc_adjust + 0
> the tsc_deadline_msr value will equal tsc stampcounter msr and
> the irq will trigger success.
That above is unintelligible..
> +static void vmx_adjust_tsc_offset(struct kvm_vcpu *vcpu, bool to_host)
> +{
> + u64 tsc_adjust;
> + struct timer_passth_info *local_timer_info;
> +
> + local_timer_info = &per_cpu(passth_info, smp_processor_id());
> +
> + if (to_host) {
> + tsc_adjust = local_timer_info->host_tsc_adjust;
> + wrmsrl(MSR_IA32_TSC_ADJUST, tsc_adjust);
> + vmcs_write64(TSC_OFFSET, vcpu->arch.tsc_offset);
> + } else {
> + rdmsrl(MSR_IA32_TSC_ADJUST, tsc_adjust);
> + local_timer_info->host_tsc_adjust = tsc_adjust;
> +
> + wrmsrl(MSR_IA32_TSC_ADJUST, tsc_adjust + vcpu->arch.tsc_offset);
> + vmcs_write64(TSC_OFFSET, 0);
> + }
> +}
NAK
This wrecks the host TSC value, any host code between this and actually
entering that VM will observe batshit time.
