[PATCH RFC v7 56/64] KVM: x86/mmu: Generate KVM_EXIT_MEMORY_FAULT for implicit conversions for SNP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



SEV-SNP will set PFERR_GUEST_ENC_MASK for NPT faults for
encrypted/private memory. Generally such accesses will be preceded at
some point by a GHCB request to the hypervisor to put the page in the
expected private/shared state, so the KVM MMU wouldn't normally need to
generate KVM_EXIT_MEMORY_FAULTs to handle the updates at access time.

However, implicit conversions are also supported for SNP guests, and in
those cases an KVM_EXIT_MEMORY_FAULT will be needed to put the page in
the expected private/shared state.

Check for this PFERR_GUEST_ENC_MASK bit when determining whether a #NPF
should be handled with restrictedmem pages or not.

Signed-off-by: Michael Roth <michael.roth@xxxxxxx>
---
 arch/x86/kvm/svm/sev.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index 885a3f1da910..0dd3d9debe48 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -4446,7 +4446,10 @@ int sev_fault_is_private(struct kvm *kvm, gpa_t gpa, u64 error_code, bool *priva
 	 * source is the only indicator of whether the fault should be treated
 	 * as private or not.
 	 */
-	*private_fault = kvm_mem_is_private(kvm, gfn);
+	if (sev_snp_guest(kvm))
+		*private_fault = (error_code & PFERR_GUEST_ENC_MASK) ? true : false;
+	else
+		*private_fault = kvm_mem_is_private(kvm, gfn);
 
 	return 1;
 
-- 
2.25.1





[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux