Received-SPF: pass (google.com: domain of linux-kernel+bounces-7507-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) client-ip=2604:1380:40f1:3f00::1;
Precedence: bulk
MIME-Version: 1.0
References: <cover.1699936040.git.isaku.yamahata@intel.com>
 <1c12f378af7de16d7895f8badb18c3b1715e9271.1699936040.git.isaku.yamahata@intel.com>
 <938efd3cfcb25d828deab0cc0ba797177cc69602.camel@redhat.com>
 <ZXo54VNuIqbMsYv-@google.com> <aa7aa5ea5b112a0ec70c6276beb281e19c052f0e.camel@redhat.com>
 <ZXswR04H9Tl7xlyj@google.com> <20231219014045.GA2639779@ls.amr.corp.intel.com>
 <CALMp9eRgWct3bb5en0=geT0HmMemipkzXkjL9kmEAV+1yJg-pw@mail.gmail.com>
 <20231219081104.GB2639779@ls.amr.corp.intel.com> <ZYNlhKCcOHgjTcFZ@google.com>
In-Reply-To: <ZYNlhKCcOHgjTcFZ@google.com>
From: Jim Mattson <jmattson@google.com>
Date: Wed, 20 Dec 2023 14:22:28 -0800
Message-ID: <CALMp9eS7DgBkspdPmeB7m7SyWv42V1WEzWQHiyTB3nxtL7JqPQ@mail.gmail.com>
Subject: Re: [PATCH v2 1/3] KVM: x86: Make the hardcoded APIC bus frequency vm variable
To: Sean Christopherson <seanjc@google.com>
Cc: Isaku Yamahata <isaku.yamahata@linux.intel.com>, Maxim Levitsky <mlevitsk@redhat.com>, 
	isaku.yamahata@intel.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org, 
	isaku.yamahata@gmail.com, Paolo Bonzini <pbonzini@redhat.com>, erdemaktas@google.com, 
	Vishal Annapurve <vannapurve@google.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

On Wed, Dec 20, 2023 at 2:07=E2=80=AFPM Sean Christopherson <seanjc@google.=
com> wrote:
>
> On Tue, Dec 19, 2023, Isaku Yamahata wrote:
> > On Mon, Dec 18, 2023 at 07:53:45PM -0800, Jim Mattson <jmattson@google.=
com> wrote:
> > > > There are several options to address this.
> > > > 1. Make the KVM able to configure APIC bus frequency (This patch).
> > > >    Pros: It resembles the existing hardware.  The recent Intel CPUs
> > > >    adapts 25MHz.
> > > >    Cons: Require the VMM to emulate the APIC timer at 25MHz.
> > > > 2. Make the TDX architecture enumerate CPUID 0x15 to configurable
> > > >    frequency or not enumerate it.
> > > >    Pros: Any APIC bus frequency is allowed.
> > > >    Cons: Deviation from the real hardware.
>
> I don't buy this as a valid Con.  TDX is one gigantic deviation from real=
 hardware,
> and since TDX obviously can't guarantee the APIC timer is emulated at the=
 correct
> frequency, there can't possibly be any security benefits.  If this were t=
ruly a
> Con that anyone cared about, we would have gotten patches to "fix" KVM a =
long time
> ago.
>
> If the TDX module wasn't effectively hardware-defined software, i.e. was =
actually
> able to adapt at the speed of software, then fixing this in TDX would be =
a complete
> no-brainer.
>
> The KVM uAPI required to play nice is relatively minor, so I'm not totall=
y opposed
> to adding it.  But I totally agree with Jim that forcing KVM to change 13=
+ years
> of behavior just because someone at Intel decided that 25MHz was a good n=
umber is
> ridiculous.
>
> > > > 3. Make the TDX guest kernel use 1GHz when it's running on KVM.
> > > >    Cons: The kernel ignores CPUID leaf 0x15.
> > >
> > > 4. Change CPUID.15H under TDX to report the crystal clock frequency a=
s 1 GHz.
> > > Pro: This has been the virtual APIC frequency for KVM guests for 13 y=
ears.
> > > Pro: This requires changing only one hard-coded constant in TDX.
> > >
> > > I see no compelling reason to complicate KVM with support for
> > > configurable APIC frequencies, and I see no advantages to doing so.
> >
> > Because TDX isn't specific to KVM, it should work with other VMM techno=
logies.
> > If we'd like to go for this route, the frequency would be configurable.=
  What
> > frequency should be acceptable securely is obscure.  25MHz has long his=
tory with
> > the real hardware.

I am curious how many other hypervisors either offer a configurable
APIC frequency or happened to also land on 25 MHz.