Received: by 2002:a05:6a11:4021:0:0:0:0 with SMTP id ky33csp1017342pxb; Tue, 14 Sep 2021 14:12:32 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx7t5EEOxNDpZZMeYCzbxlpSiMGZxuDzpUqGFIuTDwpF62MooJO/O10Qi04Itr4iDUnjWAw X-Received: by 2002:a02:7818:: with SMTP id p24mr16419214jac.72.1631653952480; Tue, 14 Sep 2021 14:12:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1631653952; cv=none; d=google.com; s=arc-20160816; b=HgDj1oM2qvA0lX4y3e6BTqPXht+X/qM69cz89yWbxJ2PJXvK4vHbyjZMSX6KEIsW0S TORUbCVAntiaijZCtoGPlCDtg+BHp68Pqr8zHMtaj/TVE+On4BXhYGOuFi2shih7OJJs TkpwblBLIqU/RRB8QKDneA7kMoe3bRfF4yzgrPhQelGI0STKiBtx8Y8FqjiAW3RfXZdd fzclmpRNwKDcuRzpzVUnz7NPhBFh4zjDEWS7G0z9mKWoPHMk2R0GLCxkp9qkXVOI1ya3 IUHogWnV5fRako1LaSpJz7YU8Tk75ZnNZRIH4q85JjvT8PrTkhavIgcxJpyi799tZAx7 c4Cg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:references:mime-version :message-id:in-reply-to:date:reply-to:dkim-signature; bh=BGyteJrFicXpaz74Co+W4m7Ybp8XG6rNqdJoL5bS1T4=; b=KRk7dDOetigcrsd+XeQt/q0uC8Q51yPIXptlRB53rnt0DcQtjg5VV3xAmp6uxRG+mw bMAm0F4+8xEFxWgu5WBgWx+2p5VRu1AAxlCe+zFO6K88BM/RJAUMEAlSdRkWqHCCXzon 2/zhvYn9R3q30hqi9j80NdtckjRpXoQ0mMx/UABHQfptL/UyaNvXeWp/lqzSlzEPhUp1 s5t7ZRxv0tayYvAYOXT7bCQSAWuhHpyTioL3c/cYE6tEgu6169eNnevv6h3jE9LWbzOO fexRfl7vL4pa7FQyuj0B3Xs0ZshqEmaed6ge7neEQmCRnOUaH+p/70SWp5bSkW1b4YJE Wl3w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b="U+U/3xkf"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id o18si12641159jam.60.2021.09.14.14.12.21; Tue, 14 Sep 2021 14:12:32 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b="U+U/3xkf"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234376AbhINVLT (ORCPT + 99 others); Tue, 14 Sep 2021 17:11:19 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48442 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234349AbhINVLQ (ORCPT ); Tue, 14 Sep 2021 17:11:16 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A2F78C061762 for ; Tue, 14 Sep 2021 14:09:58 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id v66-20020a25abc8000000b0059ef57c3386so680383ybi.1 for ; Tue, 14 Sep 2021 14:09:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=BGyteJrFicXpaz74Co+W4m7Ybp8XG6rNqdJoL5bS1T4=; b=U+U/3xkfAShm5h0uHb24Ei1JfmtrGD7T27mgc4dZgabR0Vz+CNil/Yg7P5ERLL3lJS bIiy2UgvXXlur83sCXzMuggHZCa9yN9Tn93ZzQYwhNeNtl9327v01zLA2KuxOc15Dnt/ GOqIX/AoCA4OuYZ5STtiVENxgK5CFCsqiFI+oQdG54SSiKLiGqdYOewhmj5QtvzpR6jj vGvHh+kD84MMapKXVlidFX9dlHM6HPNShacEhQXv9r0r2oFn2MNwxpodU6/fKLz3Cosr Gn4tIrHBiUvpAuuwk4n5UZOd0Uaq8SaBotLqfiQNoeqEQuXki8N4WNS3h+ConEjurMP2 6SWA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=BGyteJrFicXpaz74Co+W4m7Ybp8XG6rNqdJoL5bS1T4=; b=dqX1t1+Qg55RK4TnjngrO6G4riu68Yhr6kWW6bhfynyOqHYjoG1a70aLXZiyh0m/bs yJEjyGn20VBw3r2+zPTkVl8zty0+9TDjgKKNDGnGi8gciVK0goDUHP6Zn4i8E+S4Sv/7 sE/0Z0HFhrHmgza/yEZ1t6QCMiOZo7fyXJ48Mau4xRvH35nglvYeLLtN4tnI6z2Gq8bO LUfkzadis59HCm4USDq6Nqnq3Vj5KylbARlcrilqjVRdG/BCUplTgFjNULNh80fkVZkC bZcIgv8ZPhjlZ9b2I7iZAN8YcJjeRhWl04F0NdffeQpTr8zDVjYLpIJxz/Nk6plBYSnl Ju+Q== X-Gm-Message-State: AOAM532qQEpvGuBK88Hix8oSQ1plmjdVQV4vYmXaN4wMUsgB0h3mT1Ti xyyhlpOFy7XWQfDwTEIEj/uBFqdN6wY= X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:90:200:d59f:9874:e5e5:256b]) (user=seanjc job=sendgmr) by 2002:a05:6902:102e:: with SMTP id x14mr1711176ybt.410.1631653797888; Tue, 14 Sep 2021 14:09:57 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 14 Sep 2021 14:09:51 -0700 In-Reply-To: <20210914210951.2994260-1-seanjc@google.com> Message-Id: <20210914210951.2994260-3-seanjc@google.com> Mime-Version: 1.0 References: <20210914210951.2994260-1-seanjc@google.com> X-Mailer: git-send-email 2.33.0.309.g3052b89438-goog Subject: [PATCH 2/2] KVM: SEV: Flush cache on non-coherent systems before RECEIVE_UPDATE_DATA From: Sean Christopherson To: Paolo Bonzini Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Peter Gonda , Marc Orr , Tom Lendacky , Brijesh Singh , Masahiro Kozuka Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Masahiro Kozuka Flush the destination page before invoking RECEIVE_UPDATE_DATA, as the PSP encrypts the data with the guest's key when writing to guest memory. If the target memory was not previously encrypted, the cache may contain dirty, unecrypted data that will persist on non-coherent systems. Fixes: 15fb7de1a7f5 ("KVM: SVM: Add KVM_SEV_RECEIVE_UPDATE_DATA command") Cc: stable@vger.kernel.org Cc: Peter Gonda Cc: Marc Orr Cc: Tom Lendacky Cc: Brijesh Singh Signed-off-by: Masahiro Kozuka [sean: converted bug report to changelog] Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/sev.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 95228ba3cd8f..f5edc67b261b 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -1470,6 +1470,13 @@ static int sev_receive_update_data(struct kvm *kvm, struct kvm_sev_cmd *argp) goto e_free_trans; } + /* + * Flush (on non-coherent CPUs) before RECEIVE_UPDATE_DATA, the PSP + * encrypts the written data with the guest's key, and the cache may + * contain dirty, unencrypted data. + */ + sev_clflush_pages(guest_page, n); + /* The RECEIVE_UPDATE_DATA command requires C-bit to be always set. */ data.guest_address = (page_to_pfn(guest_page[0]) << PAGE_SHIFT) + offset; data.guest_address |= sev_me_mask; -- 2.33.0.309.g3052b89438-goog