Re: [PATCH v13 08/26] KVM: SEV: Add initial SEV-SNP support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Apr 18, 2024 at 9:51 PM Michael Roth <michael.roth@xxxxxxx> wrote:
> diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
> index 535018f152a3..d31404953bf1 100644
> --- a/arch/x86/kvm/svm/svm.c
> +++ b/arch/x86/kvm/svm/svm.c
> @@ -4899,7 +4899,8 @@ static int svm_vm_init(struct kvm *kvm)
>
>         if (type != KVM_X86_DEFAULT_VM &&
>             type != KVM_X86_SW_PROTECTED_VM) {
> -               kvm->arch.has_protected_state = (type == KVM_X86_SEV_ES_VM);
> +               kvm->arch.has_protected_state =
> +                       (type == KVM_X86_SEV_ES_VM || type == KVM_X86_SNP_VM);

I'd rather set has_private_mem here too, rather than in x86.c

Also this patch is the place to have

diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index d31404953bf1..6209f70ab11a 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -2056,6 +2056,9 @@ static int npf_interception(struct kvm_vcpu *vcpu)
     if (WARN_ON_ONCE(error_code & PFERR_SYNTHETIC_MASK))
         error_code &= ~PFERR_SYNTHETIC_MASK;

+    if (sev_snp_guest(vcpu) && (error_code & PFERR_GUEST_ENC_MASK))
+        error_code |= PFERR_PRIVATE_ACCESS;
+
     trace_kvm_page_fault(vcpu, fault_address, error_code);
     return kvm_mmu_page_fault(vcpu, fault_address, error_code,
             static_cpu_has(X86_FEATURE_DECODEASSISTS) ?


for the final shape of the MMU changes.

Paolo

> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> index 83b8260443a3..9923921904a2 100644
> --- a/arch/x86/kvm/x86.c
> +++ b/arch/x86/kvm/x86.c
> @@ -12598,7 +12598,7 @@ int kvm_arch_init_vm(struct kvm *kvm, unsigned long type)
>
>         kvm->arch.vm_type = type;
>         kvm->arch.has_private_mem =
> -               (type == KVM_X86_SW_PROTECTED_VM);
> +               (type == KVM_X86_SW_PROTECTED_VM || type == KVM_X86_SNP_VM);
>
>         ret = kvm_page_track_init(kvm);
>         if (ret)
> --
> 2.25.1
>






[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]
  Powered by Linux