Patch "KVM: SEV-ES: Set guest_state_protected after VMSA update" has been added to the 5.14-stable tree

<gregkh@xxxxxxxxxxxxxxxxxxx> · Sun, 24 Oct 2021 14:12:19 +0200

This is a note to let you know that I've just added the patch titled

    KVM: SEV-ES: Set guest_state_protected after VMSA update

to the 5.14-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     kvm-sev-es-set-guest_state_protected-after-vmsa-update.patch
and it can be found in the queue-5.14 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From baa1e5ca172ce7bf9554070139482dd7ea919528 Mon Sep 17 00:00:00 2001
From: Peter Gonda <pgonda@xxxxxxxxxx>
Date: Fri, 15 Oct 2021 13:32:22 -0400
Subject: KVM: SEV-ES: Set guest_state_protected after VMSA update

From: Peter Gonda <pgonda@xxxxxxxxxx>

commit baa1e5ca172ce7bf9554070139482dd7ea919528 upstream.

The refactoring in commit bb18a6777465 ("KVM: SEV: Acquire
vcpu mutex when updating VMSA") left behind the assignment to
svm->vcpu.arch.guest_state_protected; add it back.

Signed-off-by: Peter Gonda <pgonda@xxxxxxxxxx>
[Delta between v2 and v3 of Peter's patch, which had already been
 committed; the commit message is my own. - Paolo]
Fixes: bb18a6777465 ("KVM: SEV: Acquire vcpu mutex when updating VMSA")
Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
 arch/x86/kvm/svm/sev.c |    7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -619,7 +619,12 @@ static int __sev_launch_update_vmsa(stru
 	vmsa.handle = to_kvm_svm(kvm)->sev_info.handle;
 	vmsa.address = __sme_pa(svm->vmsa);
 	vmsa.len = PAGE_SIZE;
-	return sev_issue_cmd(kvm, SEV_CMD_LAUNCH_UPDATE_VMSA, &vmsa, error);
+	ret = sev_issue_cmd(kvm, SEV_CMD_LAUNCH_UPDATE_VMSA, &vmsa, error);
+	if (ret)
+	  return ret;
+
+	vcpu->arch.guest_state_protected = true;
+	return 0;
 }
 
 static int sev_launch_update_vmsa(struct kvm *kvm, struct kvm_sev_cmd *argp)


Patches currently in stable-queue which might be from pgonda@xxxxxxxxxx are

queue-5.14/kvm-sev-flush-cache-on-non-coherent-systems-before-receive_update_data.patch
queue-5.14/kvm-sev-es-set-guest_state_protected-after-vmsa-update.patch






