Explicitly check that SNP platform initialization succeeded prior to
creating SNP VMs. The return from sev_platform_init() only tracks "legacy"
SEV and SEV-ES support, i.e. can return '0' even if SNP setup fails.
Fixes: 1dfe571c12cf ("KVM: SEV: Add initial SEV-SNP support")
Signed-off-by: Sean Christopherson <seanjc@xxxxxxxxxx>
---
arch/x86/kvm/svm/sev.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index 3fc87cdc95c8..dd001a293899 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -449,6 +449,10 @@ static int __sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp,
/* This needs to happen after SEV/SNP firmware initialization. */
if (vm_type == KVM_X86_SNP_VM) {
+ if (!init_args.snp_initialized) {
+ ret = -EIO;
+ goto e_free;
+ }
ret = snp_guest_req_init(kvm);
if (ret)
goto e_free;
--
2.48.1.711.g2feabab25a-goog
--ZxKkPI+e2NE34Qwk
Content-Type: text/x-diff; charset=us-ascii
Content-Disposition: attachment;
filename="0003-KVM-SVM-Ignore-sev_platform_init-return-code-when-cr.patch"
