2022-02-12 10:01:29

by Tom Lendacky

[permalink] [raw]
Subject: Re: [PATCH v2 3/4] x86/cpu: clear SME features when not in use

On 2/11/22 15:02, Mario Limonciello wrote:
> Currently the SME CPU feature flag is reflective of whether the CPU
> supports the features but not whether they have been activated by the
> kernel.
>
> Change this around to clear the features if the kernel is not using
> them so userspace can determine if they are available and in use
> from `/proc/cpuinfo`.
>
> As the feature flag is now cleared on systems that SME isn't active
> use CPUID 0x8000001f to confirm SME availability before calling
> `native_wbinvd`.
>
> Signed-off-by: Mario Limonciello <[email protected]>
> ---

>
> + if (!sme_me_mask)
> + goto clear_all;
> +

This is incorrect. Just because host memory encryption is not active
doesn't mean that SEV guests can't be run. This should only clear the SME
feature bit.

Thanks,
Tom