Received: by 2002:ab2:7855:0:b0:1f9:5764:f03e with SMTP id m21csp946802lqp; Thu, 23 May 2024 05:06:46 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCUHAkxXr4PckbbWK4VE9BKNPU4mj3nwlyIaw5DApFLhaEcnhYeGciS5RIQJk7G4QpahYLAvvbNLzRe2utEnAIHvgsfHcjCgcmccMjcYtw== X-Google-Smtp-Source: AGHT+IHdcTbx+P9wZN37uJzcr9Humu+L5vw4u3fGHZvLQDN/jX7mUqqVppHWsmIqm5Pv9cfdphIW X-Received: by 2002:ac2:55b9:0:b0:51c:cc1b:a8f6 with SMTP id 2adb3069b0e04-526bf268198mr3825334e87.20.1716466006526; Thu, 23 May 2024 05:06:46 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1716466006; cv=pass; d=google.com; s=arc-20160816; b=QnlY2qJrHHs6TJGDT9BCF/DlhJDGA6wY1U/lDUm0c32nWcgU7FfWsyaqCwSRLLP1dO b4JAWenDZvQFmdKA3E08VQh564qIjiQ3xwgTK0PTEHKatIycVprPcAJ6h4L+lZ4c4ldo j0mcCz8lCQC+pk10/E8y+zjhEIaQCjXp+W8ltBZrjX9wqKN9plvjfJ6QSAxY8VWeTY7n NqH6f9hUdipT+cULExce+zcNX3ncwHkitH5RdzaPvX0loy+sIDxm3zQeucz7JflQ9u1l c+Gu36xKBjFHcs6qCtXKkcf8SFhqAYXo4CYuntyJ/wxw4S1cQaj+5ZoUCjNM4dU1MFK4 Y7wg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=FK37NPpRwRxmM+7XOgMP+JSuolOKlOH7y/5HrWaI86E=; fh=uxwjZ0ksoLlFbuJzA6bER+fressyBWV4K0Q6xsm1wYs=; b=yFyQqm0C5/7RLAlqKuuhutyjowCIXk7uxYtPRStR8yiMLAEMoj5hVksmSKgwWZfum0 sUyen6OWHr/mPK5DgCcJRhDjnzOA6ZUBYyVLke5cT5EwUe0IAenap/Z7bOn8dQdIqrDZ XhCNqroOgzDCwlEJPBI+XNs6hINWkGRAZCyQDQDVTgYv5wT8Ittcdy8DMCiemPIKr5cx e+C4fP5ACVz7ZNNgRBxKZZFssgPWMoT6riXmJEAux8MjzllpPiqu3C6vAi8UNiy6nplb U5GV0ZQlTLj9YJj/Ls+7qfpPJESUijODV6QN8iii2PEznFrlWKk/k/QUlxFs773YtSdW G/Eg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=kU5uEFs+; arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-187436-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-187436-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id a640c23a62f3a-a5a179467e9si1564048466b.96.2024.05.23.05.06.46 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 23 May 2024 05:06:46 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-187436-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=kU5uEFs+; arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-187436-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-187436-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 3FBB41F225A3 for ; Thu, 23 May 2024 12:06:46 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 5483A13D298; Thu, 23 May 2024 12:06:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="kU5uEFs+" Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 21B0413CF92; Thu, 23 May 2024 12:06:30 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.19 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716465992; cv=none; b=pudvbgCJniIbZ+eL0waL8jGnFgIZEQBs3ePJ9NjDuDwNak6LO3OEMM4qNwlPloE56awQPX4GZGWehmQtz5z9UIh/L4LsXsyXikP0gqAEQWN9JR1kMHT1IVpHzOUVkF7g92aTbQIb5uYiUn69BltXRnJEyXF8bcIIZblb7KSe48s= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716465992; c=relaxed/simple; bh=RsCi9zpX9ZWOnbJAJ30H+QRO1giMwJefX62MyVsW714=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=aqkxliKtDkjfH9rMCt1I3O9zjw0bM9A/5xjbQazoV9CFEwlEat5H1FoOo3VsjRU3IkE7igjBG4I1TSSGgZ/0F5UfBYQ9hqmz4PpAotvmpvhxYLGx//GZMY9CGkd/Sv5SodeCnRzeqAG3ErJtzpwl2YXkBk4yEjuKdFEwBC3LVdA= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=kU5uEFs+; arc=none smtp.client-ip=192.198.163.19 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1716465991; x=1748001991; h=date:from:to:cc:subject:message-id:references: mime-version:in-reply-to; bh=RsCi9zpX9ZWOnbJAJ30H+QRO1giMwJefX62MyVsW714=; b=kU5uEFs+VrC5+m6tyD1kV1m/Qh+8wXKjkB1HD7ifOho7++MfLPLdB+Yv FXhIdukDchj+jFHSR2VK8Je5dN+jseADKqpoAD2sqB6pVLb2YGICpHRFa hvli44+35pCga0cD14B2UwU0M6ta1CxU6EWcx2orm2jCdavzoh7wDRibB 4L4D4J3hfgKO8ulVEyXxxe6qJhnCXy1nADO9VehiL/IMF+97AAXeAGuaf SW9I5IDxaXxXE304EZFWmLyMHnIQvMPDNi/VAWRZDlIdn7Dm3E+mL9xEm dY6TwTvE2+6yS8CqgUAYD5jXnc6M4yAz3+wDHJmmBajK3n78C8qvjOElc A==; X-CSE-ConnectionGUID: Z3pH4CfES9GFDHa6xjJQ9Q== X-CSE-MsgGUID: AFAjXgNpT3mtUSeSxcPoCA== X-IronPort-AV: E=McAfee;i="6600,9927,11081"; a="12609427" X-IronPort-AV: E=Sophos;i="6.08,182,1712646000"; d="scan'208";a="12609427" Received: from orviesa003.jf.intel.com ([10.64.159.143]) by fmvoesa113.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 23 May 2024 05:06:31 -0700 X-CSE-ConnectionGUID: dNRZz+K8R9Sl4I+hdoIOAA== X-CSE-MsgGUID: EMuejiKDRSWP1TJHjJZKpA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.08,182,1712646000"; d="scan'208";a="38425148" Received: from black.fi.intel.com ([10.237.72.28]) by orviesa003.jf.intel.com with ESMTP; 23 May 2024 05:06:25 -0700 Received: by black.fi.intel.com (Postfix, from userid 1000) id 62D45E7; Thu, 23 May 2024 15:06:23 +0300 (EEST) Date: Thu, 23 May 2024 15:06:23 +0300 From: "Kirill A. Shutemov" To: Dexuan Cui Cc: x86@kernel.org, linux-coco@lists.linux.dev, bp@alien8.de, dave.hansen@intel.com, dave.hansen@linux.intel.com, haiyangz@microsoft.com, hpa@zytor.com, kys@microsoft.com, luto@kernel.org, mingo@redhat.com, peterz@infradead.org, sathyanarayanan.kuppuswamy@linux.intel.com, tglx@linutronix.de, wei.liu@kernel.org, Jason@zx2c4.com, mhklinux@outlook.com, thomas.lendacky@amd.com, tytso@mit.edu, ardb@kernel.org, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, Tianyu.Lan@microsoft.com, Elena Reshetova Subject: Re: [RFC PATCH] clocksource: hyper-v: Enable the tsc_page for a TDX VM in TD mode Message-ID: <7yos4yh6te7zcwga3swddpyjyxlif2c5vqad2rouwf7euw47df@jvouxfoakct6> References: <20240523022441.20879-1-decui@microsoft.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240523022441.20879-1-decui@microsoft.com> On Wed, May 22, 2024 at 07:24:41PM -0700, Dexuan Cui wrote: > A TDX VM on Hyper-V may run in TD mode or Partitioned TD mode (L2). For > the former, the VM has not enabled the Hyper-V TSC page (which is defined > in drivers/clocksource/hyperv_timer.c: "... tsc_pg __bss_decrypted ...") > because, for such a VM, the hypervisor requires that the page should be > shared, but currently the __bss_decrypted is not working for such a VM > yet. I don't see how it is safe. It opens guest clock for manipulations form VMM. Could you elaborate on security implications? > Hyper-V TSC page can work as a clocksource device similar to KVM pv > clock, and it's also used by the Hyper-V timer code to get the current > time: see hv_init_tsc_clocksource(), which sets the global function > pointer hv_read_reference_counter to read_hv_clock_tsc(); when > Hyper-V TSC page is not enabled, hv_read_reference_counter defaults to > be drivers/hv/hv_common.c: __hv_read_ref_counter(), which is suboptimal > as it uses the slow MSR interface to get the time info. Why can't the guest just read the TSC directly? Why do we need the page? I am confused. -- Kiryl Shutsemau / Kirill A. Shutemov