| Message ID | 20250317052308.498244-1-nikunj@amd.com (mailing list archive) |
|---|---|
| Headers | show |
| Series | Enable Secure TSC for SEV-SNP | expand |
On 3/17/25 6:23 AM, Nikunj A Dadhania wrote: > The hypervisor controls TSC value calculations for the guest. A malicious > hypervisor can prevent the guest from progressing. The Secure TSC feature for > SEV-SNP allows guests to securely use the RDTSC and RDTSCP instructions. This > ensures the guest has a consistent view of time and prevents a malicious > hypervisor from manipulating time, such as making it appear to move backward or > advance too quickly. For more details, refer to the "Secure Nested Paging > (SEV-SNP)" section, subsection "Secure TSC" in APM Volume 2. > > This patch set is also available at: > > https://github.com/AMDESE/linux-kvm/tree/sectsc-host-latest > > and is based on kvm/queue > > Testing Secure TSC > ----------------- > > Secure TSC guest patches are available as part of v6.14-rc1. > > QEMU changes: > https://github.com/nikunjad/qemu/tree/snp-securetsc-latest > > QEMU command line SEV-SNP with Secure TSC: > > qemu-system-x86_64 -cpu EPYC-Milan-v2 -smp 4 \ > -object memory-backend-memfd,id=ram1,size=1G,share=true,prealloc=false,reserve=false \ > -object sev-snp-guest,id=sev0,cbitpos=51,reduced-phys-bits=1,secure-tsc=on,stsc-freq=2000000000 \ > -machine q35,confidential-guest-support=sev0,memory-backend=ram1 \ > ... > Hi Nikunj, I've been trying to test this patchset with the above QEMU command line and with the OVMF built from upstream master. But I'm encountering following errors: " !!!!!!!! Image Section Alignment(0x40) does not match Required Alignment (0x1000) !!!!!!!! ProtectUefiImage failed to create image properties record " I briefly looked at this[1] branch as well but it appears to be no longer actively maintained as I ran into some build errors which are fixed in upstream. The build command I'm using to build the OVMF is as follows: build -a X64 -b DEBUG -t GCC5 -D DEBUG_VERBOSE -p OvmfPkg/OvmfPkgX64.dsc So, I was wondering if you've some extra patches on top of upstream OVMF to test SecureTSC or are there any modifications required in my build command? Thank you! [1] https://github.com/AMDESE/ovmf/tree/snp-latest > Changelog: > ---------- > v5: > * Rebased on top of kvm/queue that includes protected TSC patches > https://lore.kernel.org/kvm/20250314183422.2990277-1-pbonzini@redhat.com/ > * Dropped patch 4/5 as it is not required after protected TSC patches > * Set guest_tsc_protected when Secure TSC is enabled (Paolo) > * Collect Reviewed-by from Tom > * Base the desired_tsc_freq on KVM's ABI (Sean) > > v4: https://lore.kernel.org/kvm/20250310063938.13790-1-nikunj@amd.com/ > * Rebased on top of latest kvm-x86/next > * Collect Reviewed-by from Tom > * Use "KVM: SVM" instead of "crypto: ccp" (Tom) > * Clear the intercept in sev_es_init_vmcb() (Tom) > * Differentiate between guest and host MSR_IA32_TSC writes (Tom) > > Ketan Chaturvedi (1): > KVM: SVM: Enable Secure TSC for SNP guests > > Nikunj A Dadhania (3): > x86/cpufeatures: Add SNP Secure TSC > KVM: SVM: Add missing member in SNP_LAUNCH_START command structure > KVM: SVM: Add GUEST_TSC_FREQ MSR for Secure TSC enabled guests > > arch/x86/include/asm/cpufeatures.h | 1 + > arch/x86/include/asm/svm.h | 1 + > arch/x86/include/uapi/asm/kvm.h | 3 ++- > arch/x86/kvm/svm/sev.c | 17 +++++++++++++++++ > arch/x86/kvm/svm/svm.c | 1 + > arch/x86/kvm/svm/svm.h | 11 ++++++++++- > include/linux/psp-sev.h | 2 ++ > 7 files changed, 34 insertions(+), 2 deletions(-) > > > base-commit: 9f443c33263385cbb8565ab58db3f7983e769bed
On 3/17/25 07:52, Vaishali Thakkar wrote: > On 3/17/25 6:23 AM, Nikunj A Dadhania wrote: >> The hypervisor controls TSC value calculations for the guest. A malicious >> hypervisor can prevent the guest from progressing. The Secure TSC >> feature for >> SEV-SNP allows guests to securely use the RDTSC and RDTSCP >> instructions. This >> ensures the guest has a consistent view of time and prevents a malicious >> hypervisor from manipulating time, such as making it appear to move >> backward or >> advance too quickly. For more details, refer to the "Secure Nested Paging >> (SEV-SNP)" section, subsection "Secure TSC" in APM Volume 2. >> >> This patch set is also available at: >> >> https://github.com/AMDESE/linux-kvm/tree/sectsc-host-latest >> >> and is based on kvm/queue >> >> Testing Secure TSC >> ----------------- >> >> Secure TSC guest patches are available as part of v6.14-rc1. >> >> QEMU changes: >> https://github.com/nikunjad/qemu/tree/snp-securetsc-latest >> >> QEMU command line SEV-SNP with Secure TSC: >> >> qemu-system-x86_64 -cpu EPYC-Milan-v2 -smp 4 \ >> -object >> memory-backend-memfd,id=ram1,size=1G,share=true,prealloc=false,reserve=false \ >> -object >> sev-snp-guest,id=sev0,cbitpos=51,reduced-phys-bits=1,secure-tsc=on,stsc-freq=2000000000 \ >> -machine q35,confidential-guest-support=sev0,memory-backend=ram1 \ >> ... >> > > Hi Nikunj, > > I've been trying to test this patchset with the above QEMU command line > and with the OVMF built from upstream master. But I'm encountering > following errors: > > " !!!!!!!! Image Section Alignment(0x40) does not match Required Alignment > (0x1000) !!!!!!!! > ProtectUefiImage failed to create image properties record " I bisected EDK2/OVMF and found that the above messages started appearing with commit 37f63deeefa8 ("MdeModulePkg: MemoryProtection: Use ImageRecordPropertiesLib") It doesn't appear to cause any issues while booting as I'm able to progress to the grub menu and boot the OS. Is it failing for you? Thanks, Tom > > I briefly looked at this[1] branch as well but it appears to be no longer > actively maintained as I ran into some build errors which are fixed in > upstream. > > The build command I'm using to build the OVMF is as follows: > build -a X64 -b DEBUG -t GCC5 -D DEBUG_VERBOSE -p OvmfPkg/OvmfPkgX64.dsc > > So, I was wondering if you've some extra patches on top of upstream OVMF > to test SecureTSC or are there any modifications required in my build > command? > > Thank you! > > > [1] https://github.com/AMDESE/ovmf/tree/snp-latest > >> Changelog: >> ---------- >> v5: >> * Rebased on top of kvm/queue that includes protected TSC patches >> >> https://lore.kernel.org/kvm/20250314183422.2990277-1-pbonzini@redhat.com/ >> * Dropped patch 4/5 as it is not required after protected TSC patches >> * Set guest_tsc_protected when Secure TSC is enabled (Paolo) >> * Collect Reviewed-by from Tom >> * Base the desired_tsc_freq on KVM's ABI (Sean) >> >> v4: https://lore.kernel.org/kvm/20250310063938.13790-1-nikunj@amd.com/ >> * Rebased on top of latest kvm-x86/next >> * Collect Reviewed-by from Tom >> * Use "KVM: SVM" instead of "crypto: ccp" (Tom) >> * Clear the intercept in sev_es_init_vmcb() (Tom) >> * Differentiate between guest and host MSR_IA32_TSC writes (Tom) >> >> Ketan Chaturvedi (1): >> KVM: SVM: Enable Secure TSC for SNP guests >> >> Nikunj A Dadhania (3): >> x86/cpufeatures: Add SNP Secure TSC >> KVM: SVM: Add missing member in SNP_LAUNCH_START command structure >> KVM: SVM: Add GUEST_TSC_FREQ MSR for Secure TSC enabled guests >> >> arch/x86/include/asm/cpufeatures.h | 1 + >> arch/x86/include/asm/svm.h | 1 + >> arch/x86/include/uapi/asm/kvm.h | 3 ++- >> arch/x86/kvm/svm/sev.c | 17 +++++++++++++++++ >> arch/x86/kvm/svm/svm.c | 1 + >> arch/x86/kvm/svm/svm.h | 11 ++++++++++- >> include/linux/psp-sev.h | 2 ++ >> 7 files changed, 34 insertions(+), 2 deletions(-) >> >> >> base-commit: 9f443c33263385cbb8565ab58db3f7983e769bed >
Hi Vaishali, Thanks for testing the patches. On 3/17/2025 8:37 PM, Tom Lendacky wrote: > On 3/17/25 07:52, Vaishali Thakkar wrote: >> On 3/17/25 6:23 AM, Nikunj A Dadhania wrote: >>> >> >> Hi Nikunj, >> >> I've been trying to test this patchset with the above QEMU command line >> and with the OVMF built from upstream master. But I'm encountering >> following errors: >> >> " !!!!!!!! Image Section Alignment(0x40) does not match Required Alignment >> (0x1000) !!!!!!!! >> ProtectUefiImage failed to create image properties record " > > I bisected EDK2/OVMF and found that the above messages started appearing > with commit 37f63deeefa8 ("MdeModulePkg: MemoryProtection: Use > ImageRecordPropertiesLib") > > It doesn't appear to cause any issues while booting as I'm able to > progress to the grub menu and boot the OS. Is it failing for you? > > Thanks, > Tom > >> >> I briefly looked at this[1] branch as well but it appears to be no longer >> actively maintained as I ran into some build errors which are fixed in >> upstream. >> >> The build command I'm using to build the OVMF is as follows: >> build -a X64 -b DEBUG -t GCC5 -D DEBUG_VERBOSE -p OvmfPkg/OvmfPkgX64.dsc >> >> So, I was wondering if you've some extra patches on top of upstream OVMF >> to test SecureTSC or are there any modifications required in my build >> command? No, I do not have any Secure TSC related modification in OVMF. If it can boot SNP, that should work for Secure TSC guests as well. Regards Nikunj >> >> Thank you! >> >> >> [1] https://github.com/AMDESE/ovmf/tree/snp-latest >>
The hypervisor controls TSC value calculations for the guest. A malicious hypervisor can prevent the guest from progressing. The Secure TSC feature for SEV-SNP allows guests to securely use the RDTSC and RDTSCP instructions. This ensures the guest has a consistent view of time and prevents a malicious hypervisor from manipulating time, such as making it appear to move backward or advance too quickly. For more details, refer to the "Secure Nested Paging (SEV-SNP)" section, subsection "Secure TSC" in APM Volume 2. This patch set is also available at: https://github.com/AMDESE/linux-kvm/tree/sectsc-host-latest and is based on kvm/queue Testing Secure TSC ----------------- Secure TSC guest patches are available as part of v6.14-rc1. QEMU changes: https://github.com/nikunjad/qemu/tree/snp-securetsc-latest QEMU command line SEV-SNP with Secure TSC: qemu-system-x86_64 -cpu EPYC-Milan-v2 -smp 4 \ -object memory-backend-memfd,id=ram1,size=1G,share=true,prealloc=false,reserve=false \ -object sev-snp-guest,id=sev0,cbitpos=51,reduced-phys-bits=1,secure-tsc=on,stsc-freq=2000000000 \ -machine q35,confidential-guest-support=sev0,memory-backend=ram1 \ ... Changelog: ---------- v5: * Rebased on top of kvm/queue that includes protected TSC patches https://lore.kernel.org/kvm/20250314183422.2990277-1-pbonzini@redhat.com/ * Dropped patch 4/5 as it is not required after protected TSC patches * Set guest_tsc_protected when Secure TSC is enabled (Paolo) * Collect Reviewed-by from Tom * Base the desired_tsc_freq on KVM's ABI (Sean) v4: https://lore.kernel.org/kvm/20250310063938.13790-1-nikunj@amd.com/ * Rebased on top of latest kvm-x86/next * Collect Reviewed-by from Tom * Use "KVM: SVM" instead of "crypto: ccp" (Tom) * Clear the intercept in sev_es_init_vmcb() (Tom) * Differentiate between guest and host MSR_IA32_TSC writes (Tom) Ketan Chaturvedi (1): KVM: SVM: Enable Secure TSC for SNP guests Nikunj A Dadhania (3): x86/cpufeatures: Add SNP Secure TSC KVM: SVM: Add missing member in SNP_LAUNCH_START command structure KVM: SVM: Add GUEST_TSC_FREQ MSR for Secure TSC enabled guests arch/x86/include/asm/cpufeatures.h | 1 + arch/x86/include/asm/svm.h | 1 + arch/x86/include/uapi/asm/kvm.h | 3 ++- arch/x86/kvm/svm/sev.c | 17 +++++++++++++++++ arch/x86/kvm/svm/svm.c | 1 + arch/x86/kvm/svm/svm.h | 11 ++++++++++- include/linux/psp-sev.h | 2 ++ 7 files changed, 34 insertions(+), 2 deletions(-) base-commit: 9f443c33263385cbb8565ab58db3f7983e769bed