Fix couple of interrelated issues:
o KVM currently allows userspace to access MSRs even after the VMSA is
encrypted. This can result into issues if MSR update has side effects on
VM configuration. Patch 1 fixes that by preventing KVM_{GET|SET}_MSRS
for SEV-ES guests once VMSA is encrypted.
o As documented in APM, LBR Virtualization must be enabled for SEV-ES
guests. However, KVM currently enables LBRV unconditionally without
checking feature bit, which is wrong. Patch 2 prevents SEV-ES guests
when LBRV support is missing.
o Although LBRV is enabled for SEV-ES guests, MSR_IA32_DEBUGCTLMSR was
still intercepted. This can crash SEV-ES guest if used inadvertently.
Patch 3 fixes it.
Patches prepared on kvm/next (6f627b425378)
v2: https://lore.kernel.org/r/20240416050338.517-1-ravi.bangoria@xxxxxxx
v2->v3: Fix all affiliated issues along with fixing MSR_IA32_DEBUGCTLMSR
interception:
- Block KVM_{GET|SET}_MSRS for SEV-ES guests post VMSA encryption (new)
- Block SEV-ES guest creation when LBRV is disabled/not supported (new)
- Move LBRV enablement code after VMSA encryption to avoid a scenario
where LBRV can be disabled inadvertently through MSR_IA32_DEBUGCTLMSR
write. (new)
- Removed all 'Reviewed-by' since the code has changed quite a bit.
Nikunj A Dadhania (1):
KVM: SEV-ES: Prevent MSR access post VMSA encryption
Ravi Bangoria (2):
KVM: SEV-ES: Disallow SEV-ES guests when X86_FEATURE_LBRV is absent
KVM: SEV-ES: Fix LBRV code
arch/x86/kvm/svm/sev.c | 21 +++++++++++++++------
arch/x86/kvm/svm/svm.c | 42 ++++++++++++++++++++++++++++++++----------
arch/x86/kvm/svm/svm.h | 7 ++++---
3 files changed, 51 insertions(+), 19 deletions(-)
--
2.45.1
