Hello Paolo, I believe one of my teammates is currently working on adding a KVM selftest for SEV and SEV-ES. Thanks, Ashish On Mon, Nov 30, 2020 at 03:41:41PM +0100, Paolo Bonzini wrote: > On 29/11/20 10:41, Ashish Kalra wrote: > > From: Ashish Kalra <ashish.kalra@xxxxxxx> > > > > This patch breaks SEV guests. > > > > The patch stores current ASID in struct vcpu_svm and only moves it to VMCB in > > svm_vcpu_run(), but by doing so, the ASID allocated for SEV guests and setup > > in vmcb->control.asid by pre_sev_run() gets over-written by this ASID > > stored in struct vcpu_svm and hence, VMRUN fails as SEV guest is bound/activated > > on a different ASID then the one overwritten in vmcb->control.asid at VMRUN. > > > > For example, asid#1 was activated for SEV guest and then vmcb->control.asid is > > overwritten with asid#0 (svm->asid) as part of this patch in svm_vcpu_run() and > > hence VMRUN fails. > > > > Thanks Ashish, I've sent a patch to fix it. > > Would it be possible to add a minimal SEV test to > tools/testing/selftests/kvm? It doesn't have to do full attestation etc., > if you can just write an "out" instruction using SEV_DBG_ENCRYPT and check > that you can run it that's enough. > > Paolo >
