Received: by 2002:a05:6a10:d5a5:0:0:0:0 with SMTP id gn37csp3984107pxb; Mon, 4 Oct 2021 14:25:19 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwUfiqjAxuof/BI/4oYoSPcXpJ/42X3wZgl+UlfKlaKmnkjTejW0ilwNutYiwRfSsW9RtKF X-Received: by 2002:a05:6402:2756:: with SMTP id z22mr6196788edd.264.1633382719128; Mon, 04 Oct 2021 14:25:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1633382719; cv=none; d=google.com; s=arc-20160816; b=Cjkyy6f9nlFvhSeU7UAnzs1knciS6Fbhe4ffucj2uHRCgWxB5dwTB/l5IVMwBhbpgD N5tDylk1UfSjASyggZWZh2Hf71HePnAs80EWsnO4pynChK7KDCwFSOv+3v/oOhry5unn TdRn/aWESiHQqE1K/o+UvdUuSFg1bl472uTjFvmfu5C0HFhU9JRZUndh49UxcLrLcQuE J+1s4vqSJBSLg2Ypoy1SrdPxr9OyFQvQ4eGRBzplkppBvFjqCDUi2gIVfeH3vqq7Ejow GoniOnwyu9uH+NM557Tsg0OQSKPm1Sk9bSDGlFE4uw/uK94unYdh0ac6VKy4jx9HUPJz LzHA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=ULHnih4xIDloVm3SWxQcFQW7txD9ApxSnf7csSvacGQ=; b=MbguOu+dRUhgDWwGl5quL7PugQ8KqPkVYngO6Ga5mVewov808sh1PivqmgpnII50tJ MCHl6JSwbq9NvKevG8wgCN9sIGEfmB+J05Ejz3fFmnGfJVS0EyjxvjpjXCIg4kXJjUx8 qO7gwSyRMsK//VpOdnQBpRIkMM1Tv9/Hq8FAk2q7vinrorxsYMAh2ws0oMkEKA5r3VJN cbeMSZZOCyhjrWyj7y8F3wtEMB31YcyyY7VIyhqhciaU5C93cao13GTnTa+VptN4Bl0o 4yIFT2+50JS+oiwcOb75cUYpy7XbEZ87HxrY+TV1kBK/eH+pAZRTjGGeGzPchhEAJd6v Z0pA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=1ixXI9xW; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id gc38si20133185ejc.479.2021.10.04.14.24.54; Mon, 04 Oct 2021 14:25:19 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=1ixXI9xW; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237595AbhJDNeg (ORCPT + 99 others); Mon, 4 Oct 2021 09:34:36 -0400 Received: from mail.kernel.org ([198.145.29.99]:43760 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S237681AbhJDNc3 (ORCPT ); Mon, 4 Oct 2021 09:32:29 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 1B00961B97; Mon, 4 Oct 2021 13:14:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1633353281; bh=9i9/bVfxe+6AmXfvgRdDqZ4w6gYjUsBQXFnQotSu0IY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=1ixXI9xWBL9tazy5KYBqny7VF8WLCb/G5N/jDTz7LtyiwbzmEtjJggjGcJXOof23+ kFUS2aHARSWfUuHFf9Zqs7u1bmIiD1sqn5UjZPiHX0Dj9PsTmV5LQl0DmOWC2OSXC/ 20DW7vRBpfYaL51ns/KQkx4DX8XQp8nfxM903IKA= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Alper Gun , Borislav Petkov , Brijesh Singh , David Rienjes , Marc Orr , John Allen , Peter Gonda , Sean Christopherson , Tom Lendacky , Vipin Sharma , Mingwei Zhang , Paolo Bonzini Subject: [PATCH 5.14 059/172] KVM: SVM: fix missing sev_decommission in sev_receive_start Date: Mon, 4 Oct 2021 14:51:49 +0200 Message-Id: <20211004125046.902566015@linuxfoundation.org> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20211004125044.945314266@linuxfoundation.org> References: <20211004125044.945314266@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Mingwei Zhang commit f1815e0aa770f2127c5df31eb5c2f0e37b60fa77 upstream. DECOMMISSION the current SEV context if binding an ASID fails after RECEIVE_START. Per AMD's SEV API, RECEIVE_START generates a new guest context and thus needs to be paired with DECOMMISSION: The RECEIVE_START command is the only command other than the LAUNCH_START command that generates a new guest context and guest handle. The missing DECOMMISSION can result in subsequent SEV launch failures, as the firmware leaks memory and might not able to allocate more SEV guest contexts in the future. Note, LAUNCH_START suffered the same bug, but was previously fixed by commit 934002cd660b ("KVM: SVM: Call SEV Guest Decommission if ASID binding fails"). Cc: Alper Gun Cc: Borislav Petkov Cc: Brijesh Singh Cc: David Rienjes Cc: Marc Orr Cc: John Allen Cc: Peter Gonda Cc: Sean Christopherson Cc: Tom Lendacky Cc: Vipin Sharma Cc: stable@vger.kernel.org Reviewed-by: Marc Orr Acked-by: Brijesh Singh Fixes: af43cbbf954b ("KVM: SVM: Add support for KVM_SEV_RECEIVE_START command") Signed-off-by: Mingwei Zhang Reviewed-by: Sean Christopherson Message-Id: <20210912181815.3899316-1-mizhang@google.com> Signed-off-by: Paolo Bonzini Signed-off-by: Greg Kroah-Hartman --- arch/x86/kvm/svm/sev.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -1405,8 +1405,10 @@ static int sev_receive_start(struct kvm /* Bind ASID to this guest */ ret = sev_bind_asid(kvm, start.handle, error); - if (ret) + if (ret) { + sev_decommission(start.handle); goto e_free_session; + } params.handle = start.handle; if (copy_to_user((void __user *)(uintptr_t)argp->data,