On Thu, Dec 01, 2022, Alexey Kardashevskiy wrote: > With SVM_SEV_FEAT_DEBUG_SWAP enabled, the VM should not get #VC events > for DR7 read/write which it rather avoided. > > Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxx> > --- > arch/x86/kernel/sev.c | 6 ++++++ > 1 file changed, 6 insertions(+) > > diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c > index a428c62330d3..4e91b9f8742c 100644 > --- a/arch/x86/kernel/sev.c > +++ b/arch/x86/kernel/sev.c > @@ -1618,6 +1618,9 @@ static enum es_result vc_handle_dr7_write(struct ghcb *ghcb, > long val, *reg = vc_insn_get_rm(ctxt); > enum es_result ret; > > + if ((sev_status >> 2) & SVM_SEV_FEAT_DEBUG_SWAP) Probably high time to add a helper/macro to convert the SEV_STATUS to the SEV_FEATURES field. > + return ES_VMM_ERROR; > + > if (!reg) > return ES_DECODE_FAILED; > > @@ -1655,6 +1658,9 @@ static enum es_result vc_handle_dr7_read(struct ghcb *ghcb, > struct sev_es_runtime_data *data = this_cpu_read(runtime_data); > long *reg = vc_insn_get_rm(ctxt); > > + if ((sev_status >> 2) & SVM_SEV_FEAT_DEBUG_SWAP) > + return ES_VMM_ERROR; > + > if (!reg) > return ES_DECODE_FAILED; > > -- > 2.38.1 >
