On Tue, Dec 03, 2024 at 02:30:38PM +0530, Nikunj A Dadhania wrote:
> diff --git a/arch/x86/coco/sev/core.c b/arch/x86/coco/sev/core.c
> index af28fb962309..59c5e716fdd1 100644
> --- a/arch/x86/coco/sev/core.c
> +++ b/arch/x86/coco/sev/core.c
> @@ -1473,6 +1473,14 @@ static enum es_result vc_handle_msr(struct ghcb *ghcb, struct es_em_ctxt *ctxt)
> if (regs->cx == MSR_IA32_TSC && (sev_status & MSR_AMD64_SNP_SECURE_TSC))
> return __vc_handle_msr_tsc(regs, write);
>
> + /*
> + * GUEST_TSC_FREQ should not be intercepted when Secure TSC is
> + * enabled. Terminate the SNP guest when the interception is enabled.
> + */
> + if (regs->cx == MSR_AMD64_GUEST_TSC_FREQ && (sev_status & MSR_AMD64_SNP_SECURE_TSC))
> + return ES_VMM_ERROR;
> +
> +
If you merge this logic into the switch-case, the patch becomes even easier
and the code cleaner:
diff --git a/arch/x86/coco/sev/core.c b/arch/x86/coco/sev/core.c
index 050170eb28e6..35d9a3bb4b06 100644
--- a/arch/x86/coco/sev/core.c
+++ b/arch/x86/coco/sev/core.c
@@ -1446,6 +1446,13 @@ static enum es_result __vc_handle_msr_tsc(struct pt_regs *regs, bool write)
if (!(sev_status & MSR_AMD64_SNP_SECURE_TSC))
goto read_tsc;
+ /*
+ * GUEST_TSC_FREQ should not be intercepted when Secure TSC is
+ * enabled. Terminate the SNP guest when the interception is enabled.
+ */
+ if (regs->cx == MSR_AMD64_GUEST_TSC_FREQ)
+ return ES_VMM_ERROR;
+
if (write) {
WARN_ONCE(1, "TSC MSR writes are verboten!\n");
return ES_UNSUPPORTED;
@@ -1472,6 +1479,7 @@ static enum es_result vc_handle_msr(struct ghcb *ghcb, struct es_em_ctxt *ctxt)
case MSR_SVSM_CAA:
return __vc_handle_msr_caa(regs, write);
case MSR_IA32_TSC:
+ case MSR_AMD64_GUEST_TSC_FREQ:
return __vc_handle_msr_tsc(regs, write);
default:
break;
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
