The hypervisor controls TSC value calculations for the guest. A malicious hypervisor can prevent the guest from progressing. The Secure TSC feature for SEV-SNP allows guests to securely use the RDTSC and RDTSCP instructions. This ensures the guest has a consistent view of time and prevents a malicious hypervisor from manipulating time, such as making it appear to move backward or advance too quickly. For more details, refer to the "Secure Nested Paging (SEV-SNP)" section, subsection "Secure TSC" in APM Volume 2. This patchset is also available at: https://github.com/AMDESE/linux-kvm/tree/sectsc-host-latest and is based on kvm/next Testing SecureTSC ----------------- SecureTSC guest patches are available as part of v6.14-rc1. QEMU changes: https://github.com/nikunjad/qemu/tree/snp-securetsc-latest QEMU commandline SEV-SNP with SecureTSC: qemu-system-x86_64 -cpu EPYC-Milan-v2 -smp 4 \ -object memory-backend-memfd,id=ram1,size=1G,share=true,prealloc=false,reserve=false \ -object sev-snp-guest,id=sev0,cbitpos=51,reduced-phys-bits=1,secure-tsc=on,stsc-freq=2000000000 \ -machine q35,confidential-guest-support=sev0,memory-backend=ram1 \ ... Changelog: ---------- v2: * Address cpufeatures comment from Boris * Squashed Secure TSC enablement and setting frequency patch * Set the default TSC KHz for proper calulation of guest offset/multiplier Ketan Chaturvedi (1): KVM: SVM: Enable Secure TSC for SNP guests Nikunj A Dadhania (3): x86/cpufeatures: Add SNP Secure TSC KVM: SVM: Add GUEST_TSC_FREQ MSR for Secure TSC enabled guests KVM: SVM: Prevent writes to TSC MSR when Secure TSC is enabled arch/x86/include/asm/cpufeatures.h | 1 + arch/x86/include/asm/svm.h | 1 + arch/x86/include/uapi/asm/kvm.h | 3 ++- arch/x86/kvm/svm/sev.c | 22 ++++++++++++++++++++++ arch/x86/kvm/svm/svm.c | 12 ++++++++++++ arch/x86/kvm/svm/svm.h | 14 +++++++++++++- include/linux/psp-sev.h | 2 ++ 7 files changed, 53 insertions(+), 2 deletions(-) base-commit: 43fb96ae78551d7bfa4ecca956b258f085d67c40 -- 2.43.0
