Tom Lendacky <thomas.lendacky@xxxxxxx> writes:
> On 2/17/25 04:22, Nikunj A Dadhania wrote:
>> @@ -3161,6 +3161,20 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr)
>>
>> svm->tsc_aux = data;
>> break;
>> + case MSR_IA32_TSC:
>> + /*
>> + * If Secure TSC is enabled, do not emulate TSC write as TSC calculation
>> + * ignores the TSC_OFFSET and TSC_SCALE control fields, record the error
>> + * and return a #GP. Allow the TSC to be initialized until the guest state
>> + * is protected to prevent unexpected VMM errors.
>> + */
>> + if (vcpu->arch.guest_state_protected && snp_secure_tsc_enabled(vcpu->kvm)) {
>
> I'm not sure if it matters, but do we need to differentiate between
> guest and host write in this situation at all in regards to the message
> or return code?
>
Yes, I think we can have something like the below:
+ case MSR_IA32_TSC:
+ /*
+ * For Secure TSC enabled VM, do not emulate TSC write as the
+ * TSC calculation ignores the TSC_OFFSET and TSC_SCALE control
+ * fields.
+ *
+ * Guest writes: Record the error and return a #GP.
+ * Host writes are ignored.
+ */
+ if (snp_secure_tsc_enabled(vcpu->kvm)) {
+ if (!msr->host_initiated) {
+ vcpu_unimpl(vcpu, "unimplemented IA32_TSC for Secure TSC\n");
+ return 1;
+ } else
+ return 0;
+ }
+
+ ret = kvm_set_msr_common(vcpu, msr);
+ break;
>> + vcpu_unimpl(vcpu, "unimplemented IA32_TSC for secure tsc\n");
>
> s/secure tsc/Secure TSC/ ?
>
Ack,
Thanks
Nikunj
