On Tue, Oct 18, 2022 at 1:59 PM Peter Gonda <pgonda@xxxxxxxxxx> wrote:
>
> ...
> +
> +static void configure_sev_pte_masks(struct kvm_vm *vm)
> +{
> + uint32_t eax, ebx, ecx, edx, enc_bit;
> +
> + cpuid(CPUID_MEM_ENC_LEAF, &eax, &ebx, &ecx, &edx);
> + enc_bit = ebx & CPUID_EBX_CBIT_MASK;
> +
> + vm->arch.c_bit = 1 << enc_bit;
This should be 1ULL << enc_bit as the overall result overflows 32 bits.
> + vm->arch.pte_me_mask = vm->arch.c_bit | vm->arch.s_bit;
Maybe the role of pte_me_mask needs to be discussed in more detail. If
pte_me_mask is to be used only for maintaining/manipulating encryption
of page table memory then maybe it should be just set as
vm->arch.c_bit or better yet replaced with vm->arch.c_bit.
gpa_protected_mask also needs to be set here so that vm_untag_gpa
works as expected.
> + vm->protected = true;
> +}
> +
> ...
> +}
> --
> 2.38.0.413.g74048e4d9e-goog
>
