Received: by 2002:a05:6a11:4021:0:0:0:0 with SMTP id ky33csp864909pxb; Tue, 14 Sep 2021 10:19:35 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx8pI6v9xRf8xzssl82u2zqjE8CtS8EKbFanWlgVz93qGAEMg87heHItAbKgYu1DM9AkKjD X-Received: by 2002:a2e:a225:: with SMTP id i5mr16614591ljm.64.1631639975504; Tue, 14 Sep 2021 10:19:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1631639975; cv=none; d=google.com; s=arc-20160816; b=F+3bq+rSAKC9phVLzjF/GjvMSSfwGx4W4B1lWADpIk1OMRyyTSaVXCZEElqc4U3AkH 0Vg+rR4xEYSOO84Od9qotaEfZKVEXxl7eWgYTs+tPo1VTBvEZEN/tuqx+iRLguj3YYAB LIhSucCHwjl/YosoFe6WVydwsKuKsY9kso68fbTtsfVbzBStFa7zPTAjL5i01IUObDfC s2BM2aOF4e+InE3GNDvLy1gdxsCZ8Gcf33VnTc0jYrXk7nfpC96O1VXL4FSSny/nE8Ar fSi6nCCtrNeSl3MtyFwpLt1S8ND4S13Thgam5byYr4GiUuet/NKE6osRYheqbgkXpsYT ecAg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:mime-version:message-id:date :dkim-signature; bh=arTh63mKKz2UjJUT7owYdS6q6AzPlBHxrK8LnvU/pPg=; b=Q/2h7tkYhalbyV/xCwz8lzH/++fOC1nl1j35/N7ZFkK/MDX7AkxqVRYdzCRvqaIK++ LhHCQ4+aK4fwWISaevdyxArDHD8bq7V40kwxtqZm/3OFkij/wiA/CBuRBzmK0fT+y9XX HZkYoa1Tmp3ckCpkkU+1yDCBpqkryvW3SBDGxCo5x9lyS1UQs6lsSm/ProdQ5l50m9Xg /V3sm3ow62GUXFwupDvU8dv0uirhUbPWyoPoTb+MXo2/EnHITelALeADO0kruHYXsuta HCjH6e9RpDfsvCOse5r+gl9i1QLPbS0BY0TNbmWD5ckGO6tFMRxBT6atHRtWw1M9jy/E cR8A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=c8+R69js; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id f15si4829834lfc.590.2021.09.14.10.19.06; Tue, 14 Sep 2021 10:19:35 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=c8+R69js; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230415AbhINRRN (ORCPT + 99 others); Tue, 14 Sep 2021 13:17:13 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50160 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229517AbhINRRM (ORCPT ); Tue, 14 Sep 2021 13:17:12 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 34179C061574 for ; Tue, 14 Sep 2021 10:15:55 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id 63-20020a250d42000000b0059dc43162c9so18120355ybn.23 for ; Tue, 14 Sep 2021 10:15:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:message-id:mime-version:subject:from:to:cc; bh=arTh63mKKz2UjJUT7owYdS6q6AzPlBHxrK8LnvU/pPg=; b=c8+R69jscaR3LSiuenW4TuKCq+Ntj3ps02aD68vYYywqoXpGq1bt4CEQdSGzH7GFFD YA9gvZqm1/wq5XkZsp7V6rmfKP07o9SQSnku9nkDA0ToG2q0nImHP9MHtcvm/SdUSmsa kTvmC/b2bjRGVTdPB0v6/hhrQRz6JORTNipxEqdTsdoa4uhvHbZ51txngI1gjm77cyhw f4hvw+JzVJSLJYHKSdWWQduiir57mpvGUUDIymzlf0W5i0PK5R5+r8kQ8lqUGZb94Pw7 D8HkVDLku5SEcigXvdzKfeSmC0EzDKPhQ2fO8vq1lJ5SX4gK4o7eO6MAjXLEUFQV3Jnb k7pA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:message-id:mime-version:subject:from:to:cc; bh=arTh63mKKz2UjJUT7owYdS6q6AzPlBHxrK8LnvU/pPg=; b=U90ycLnkb/tg0XRcQvc+wp34qulP0QeCrOC+HnnqpyWOarX/D1eD45Q0tWvFxw++1J W1x2L9ZK5rmWHxIQ7uKOTfLctx2nsldw0EyJVYEqv9p63TXmdvNS9n9NOYwqk1oJz2qu xzMtYeFkTd5XblDz0WVYigk0zmOE9mOhtOiI+JUrmDjVR3jmKeeskJrg0YBbpxdzHh/N 7deAnKfIOBzCH6qIO/6O4QpJJlZHqGW4ATXGA4nwYyNaC012Uu79lZ35RsEvFWt/MpJm zEYIIYUHyuCXYC4dteBpf/UISpY9sMlOle9+VMr6Z+ZFp+i7aG8iuUsa8arJSDakO67D Mibw== X-Gm-Message-State: AOAM5333OYV2U50OqdsgL7wPxu/o3U4AyW7IcntJuk7LahdzywTOdgWw Jppk2PcBGQvgO5DUPGp4snnF844mXIw= X-Received: from pgonda1.kir.corp.google.com ([2620:15c:29:204:b358:1f40:79d5:ab23]) (user=pgonda job=sendgmr) by 2002:a25:d804:: with SMTP id p4mr272746ybg.87.1631639754332; Tue, 14 Sep 2021 10:15:54 -0700 (PDT) Date: Tue, 14 Sep 2021 10:15:51 -0700 Message-Id: <20210914171551.3223715-1-pgonda@google.com> Mime-Version: 1.0 X-Mailer: git-send-email 2.33.0.309.g3052b89438-goog Subject: [PATCH] KVM: SEV: Disable KVM_CAP_VM_COPY_ENC_CONTEXT_FROM for SEV-ES From: Peter Gonda To: kvm@vger.kernel.org Cc: Peter Gonda , Marc Orr , Paolo Bonzini , Sean Christopherson , Nathan Tempelman , Brijesh Singh , linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Copying an ASID into new vCPUs will not work for SEV-ES since the vCPUs VMSAs need to be setup and measured before SEV_LAUNCH_FINISH. Return an error if a users tries to KVM_CAP_VM_COPY_ENC_CONTEXT_FROM from an SEV-ES guest. Fixes: 54526d1fd593 ("KVM: x86: Support KVM VMs sharing SEV context") Signed-off-by: Peter Gonda Cc: Marc Orr Cc: Paolo Bonzini Cc: Sean Christopherson Cc: Nathan Tempelman Cc: Brijesh Singh Cc: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org --- arch/x86/kvm/svm/sev.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 75e0b21ad07c..8a279027425f 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -1728,7 +1728,7 @@ int svm_vm_copy_asid_from(struct kvm *kvm, unsigned int source_fd) source_kvm = source_kvm_file->private_data; mutex_lock(&source_kvm->lock); - if (!sev_guest(source_kvm)) { + if (!sev_guest(source_kvm) || sev_es_guest(source_kvm)) { ret = -EINVAL; goto e_source_unlock; } -- 2.33.0.309.g3052b89438-goog