On Thu, Nov 06, 2025 at 01:09:37PM +0100, Markus Armbruster wrote: > Pardon my ignorance... > > "Naveen N Rao (AMD)" <[email protected]> writes: > > > Add support for configuring the TSC frequency when Secure TSC is enabled > > in SEV-SNP guests through a new "tsc-frequency" property on SEV-SNP > > guest objects, similar to the vCPU-specific property used by regular > > guests and TDX. > > Which property exactly?
Same name: tsc-frequency specified with '-cpu' > > > A new property is needed since SEV-SNP guests require > > the TSC frequency to be specified during early SNP_LAUNCH_START command > > before any vCPUs are created. > > Sounds awkward. > > Do the two properties set the same thing at different times? Yes. For regular guests, TSC frequency is set using a vCPU ioctl. However, TDX and SEV-SNP (with Secure TSC) require the TSC frequency to be set as a VM property (there is a VM ioctl for this purpose). This was Tom's question too (see v2): is there any way to re-use 'tsc-frequency' specified with '-cpu' for Secure TSC. > > > The user-provided TSC frequency is set through KVM_SET_TSC_KHZ before > > issuing KVM_SEV_SNP_LAUNCH_START. > > > > Attempts to set TSC frequency on both the SEV_SNP object and the cpu > > object result in an error from KVM (on the vCPU ioctl), so do not add > > separate checks for the same. > > > > Sample command-line: > > -machine q35,confidential-guest-support=sev0 \ > > -object > > sev-snp-guest,id=sev0,cbitpos=51,reduced-phys-bits=1,secure-tsc=on,tsc-frequency=2500000000 > > > > Co-developed-by: Ketan Chaturvedi <[email protected]> > > Signed-off-by: Ketan Chaturvedi <[email protected]> > > Co-developed-by: Nikunj A Dadhania <[email protected]> > > Signed-off-by: Nikunj A Dadhania <[email protected]> > > Signed-off-by: Naveen N Rao (AMD) <[email protected]> > > [...] > > > diff --git a/qapi/qom.json b/qapi/qom.json > > index c7dd2dd1b095..5daaf065b6b7 100644 > > --- a/qapi/qom.json > > +++ b/qapi/qom.json > > @@ -1104,6 +1104,9 @@ > > # @secure-tsc: enable Secure TSC > > # (default: false) (since 10.2) > > # > > +# @tsc-frequency: set secure TSC frequency. Only valid if Secure TSC > > +# is enabled (default: zero) (since 10.2) > > Is this likely to remain the only property that's only valied when > @secure-tsc is true? At this stage, yes. I am not aware of anything else that is specific to Secure TSC. - Naveen
