On Wed, Sep 16, 2020 at 11:38:38AM -0500, Tom Lendacky wrote: > > > On 9/16/20 11:02 AM, Sean Christopherson wrote: > > On Wed, Sep 16, 2020 at 10:11:10AM -0500, Tom Lendacky wrote: > >> On 9/15/20 3:13 PM, Tom Lendacky wrote: > >>> On 9/15/20 11:30 AM, Sean Christopherson wrote: > >>>> I don't quite follow the "doesn't mean debugging can't be done in the future". > >>>> Does that imply that debugging could be supported for SEV-ES guests, even if > >>>> they have an encrypted VMSA? > >>> > >>> Almost anything can be done with software. It would require a lot of > >>> hypervisor and guest code and changes to the GHCB spec, etc. So given > >>> that, probably just the check for arch.guest_state_protected is enough for > >>> now. I'll just need to be sure none of the debugging paths can be taken > >>> before the VMSA is encrypted. > >> > >> So I don't think there's any guarantee that the KVM_SET_GUEST_DEBUG ioctl > >> couldn't be called before the VMSA is encrypted, meaning I can't check the > >> arch.guest_state_protected bit for that call. So if we really want to get > >> rid of the allow_debug() op, I'd need some other way to indicate that this > >> is an SEV-ES / protected state guest. > > > > Would anything break if KVM "speculatively" set guest_state_protected before > > LAUNCH_UPDATE_VMSA? E.g. does KVM need to emulate before LAUNCH_UPDATE_VMSA? > > Yes, the way the code is set up, the guest state (VMSA) is initialized in > the same way it is today (mostly) and that state is encrypted by the > LAUNCH_UPDATE_VMSA call. I check the guest_state_protected bit to decide > on whether to direct the updates to the real VMSA (before it's encrypted) > or the GHCB (that's the get_vmsa() function from patch #5). Ah, gotcha. Would it work to set guest_state_protected[*] from time zero, and move vmsa_encrypted to struct vcpu_svm? I.e. keep vmsa_encrypted, but use it only for guiding get_vmsa() and related behavior.
