Documentation/virt/kvm/api.rst | 9 ++++++++- arch/x86/kvm/x86.c | 13 ++++++++++--- 2 files changed, 18 insertions(+), 4 deletions(-)
This series follows Sean's suggestions [1][2] to: - Reject vCPU scope KVM_SET_TSC_KHZ ioctl for TSC protected vCPU - Reject VM scope KVM_SET_TSC_KHZ ioctl when vCPUs have been created .. in the discussion of SEV-SNP Secure TSC support series. v1 -> v2: - Protect kvm->create_vcpus check using kvm->lock. - Chao. - Add documentation update to each patch. -Nikunj. - Collect RB (Xiaoyao, Nikunj). - Switched the patch order to make documentation update easier. v1: https://lore.kernel.org/kvm/cover.1752038725.git.kai.huang@intel.com/ Hi Xiaoyao, Nikunj, I added your RB anyway, so let me know if you have concern :-) This series has been sanity tested with TDX guests using today's Qemu: - With this series Qemu can still run TDX guests successfully. - With some hack to the Qemu, both VM and vCPU scope KVM_SET_TSC_KHZ ioctls failed as expected. Kai Huang (2): KVM: x86: Reject KVM_SET_TSC_KHZ VM ioctl when vCPUs have been created KVM: x86: Reject KVM_SET_TSC_KHZ vCPU ioctl for TSC protected guest Documentation/virt/kvm/api.rst | 9 ++++++++- arch/x86/kvm/x86.c | 13 ++++++++++--- 2 files changed, 18 insertions(+), 4 deletions(-) base-commit: 6c7ecd725e503bf2ca69ff52c6cc48bb650b1f11 -- 2.50.0
On Mon, 14 Jul 2025 10:20:18 +1200, Kai Huang wrote:
> This series follows Sean's suggestions [1][2] to:
>
> - Reject vCPU scope KVM_SET_TSC_KHZ ioctl for TSC protected vCPU
> - Reject VM scope KVM_SET_TSC_KHZ ioctl when vCPUs have been created
>
> .. in the discussion of SEV-SNP Secure TSC support series.
>
> [...]
Applied patch 2 to kvm-x86 fixes, with a tweaked changelog to call out that
TDX support hasn't yet been released, i.e. that there is no established ABI
to break.
Applied patch 1 to kvm-x86 misc, with tweaked documentation to not imply that
userspace "must" invoke the ioctl. I think this is the last patch I'll throw
into misc for 6.17? So in theory, if it breaks userspace, I can simply
truncate it from the pull request.
[1/2] KVM: x86: Reject KVM_SET_TSC_KHZ VM ioctl when vCPUs have been created
https://github.com/kvm-x86/linux/commit/dcbe5a466c12
[2/2] KVM: x86: Reject KVM_SET_TSC_KHZ vCPU ioctl for TSC protected guest
https://github.com/kvm-x86/linux/commit/e51cf184d90c
--
https://github.com/kvm-x86/linux/tree/next
On Mon, 2025-07-14 at 17:23 -0700, Sean Christopherson wrote:
> On Mon, 14 Jul 2025 10:20:18 +1200, Kai Huang wrote:
> > This series follows Sean's suggestions [1][2] to:
> >
> > - Reject vCPU scope KVM_SET_TSC_KHZ ioctl for TSC protected vCPU
> > - Reject VM scope KVM_SET_TSC_KHZ ioctl when vCPUs have been created
> >
> > .. in the discussion of SEV-SNP Secure TSC support series.
> >
> > [...]
>
> Applied patch 2 to kvm-x86 fixes, with a tweaked changelog to call out that
> TDX support hasn't yet been released, i.e. that there is no established ABI
> to break.
>
> Applied patch 1 to kvm-x86 misc, with tweaked documentation to not imply that
> userspace "must" invoke the ioctl. I think this is the last patch I'll throw
> into misc for 6.17? So in theory, if it breaks userspace, I can simply
> truncate it from the pull request.
Thanks!
>
> [1/2] KVM: x86: Reject KVM_SET_TSC_KHZ VM ioctl when vCPUs have been created
> https://github.com/kvm-x86/linux/commit/dcbe5a466c12
> [2/2] KVM: x86: Reject KVM_SET_TSC_KHZ vCPU ioctl for TSC protected guest
> https://github.com/kvm-x86/linux/commit/e51cf184d90c
Btw, in the second patch it seems you have:
Fixes; adafea1 ("KVM: x86: Add infrastructure for secure TSC")
Shouldn't we follow the standard format, i.e.,
Fixes: adafea110600 ("KVM: x86: Add infrastructure for secure TSC")
?
On Tue, Jul 15, 2025, Kai Huang wrote:
> On Mon, 2025-07-14 at 17:23 -0700, Sean Christopherson wrote:
> > On Mon, 14 Jul 2025 10:20:18 +1200, Kai Huang wrote:
> > > This series follows Sean's suggestions [1][2] to:
> > >
> > > - Reject vCPU scope KVM_SET_TSC_KHZ ioctl for TSC protected vCPU
> > > - Reject VM scope KVM_SET_TSC_KHZ ioctl when vCPUs have been created
> > >
> > > .. in the discussion of SEV-SNP Secure TSC support series.
> > >
> > > [...]
> >
> > Applied patch 2 to kvm-x86 fixes, with a tweaked changelog to call out that
> > TDX support hasn't yet been released, i.e. that there is no established ABI
> > to break.
> >
> > Applied patch 1 to kvm-x86 misc, with tweaked documentation to not imply that
> > userspace "must" invoke the ioctl. I think this is the last patch I'll throw
> > into misc for 6.17? So in theory, if it breaks userspace, I can simply
> > truncate it from the pull request.
>
> Thanks!
>
> >
> > [1/2] KVM: x86: Reject KVM_SET_TSC_KHZ VM ioctl when vCPUs have been created
> > https://github.com/kvm-x86/linux/commit/dcbe5a466c12
> > [2/2] KVM: x86: Reject KVM_SET_TSC_KHZ vCPU ioctl for TSC protected guest
> > https://github.com/kvm-x86/linux/commit/e51cf184d90c
>
> Btw, in the second patch it seems you have:
>
> Fixes; adafea1 ("KVM: x86: Add infrastructure for secure TSC")
>
> Shouldn't we follow the standard format, i.e.,
>
> Fixes: adafea110600 ("KVM: x86: Add infrastructure for secure TSC")
Ugh, yes, the semi-colon is just a typo. New hash:
https://github.com/kvm-x86/linux/commit/b24bbb534c2d
© 2016 - 2025 Red Hat, Inc.