Received: by 2002:a05:7208:9594:b0:7e:5202:c8b4 with SMTP id gs20csp1511291rbb; Mon, 26 Feb 2024 11:34:28 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCXf6rBz7S/IvEGbLuGBADcnIVjrCzfk9amtLgfvKhxv+t5JBEue2t+PMaZLlRIB3XgaNNrSk8/mIGsAKYXBY2aKl+sdj1SAAJHhk/QqcQ== X-Google-Smtp-Source: AGHT+IEPbFeJtg6tTzNU7Bf4imdYdB0VinbkDTg3D4eBartHqqTQLnR+Z6VYY7wN4hOt5IGlziXj X-Received: by 2002:a05:6e02:de3:b0:365:1a08:2425 with SMTP id m3-20020a056e020de300b003651a082425mr6903393ilj.30.1708976068551; Mon, 26 Feb 2024 11:34:28 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1708976068; cv=pass; d=google.com; s=arc-20160816; b=j7qorTj2cJCo2f3AqNtBCgeysJTffwEG19wTeW63Mu7UZXxDMKasrRQwU0FjU5BLob HotIIteTp4HRGMlVeK9CTMhq2VfRMuFJUdmFVhgePMuniMFSbO0nd78sQm/wFkcLO4LO xOJAZfPTOJcdK5mZRAcbgaemH3NoAhM/nWOOwDSA/hWQoJLzV+RrsG+HDGSCmS3ovF3a nRKV8LOEfMgm95Ya0Kgdsx/5ssTGQT4XAQnt4ATTHoRpm+2te3cFyrfF6k/GCecEjBWm KOw7bnXzZln7HGHzMVrJ2OyaG8UYo8clAS3Iw/PXrF03oZU2gfD1qC75Aimt5ors4PQ4 z7zw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=1sh44m/6LSbtyCFX1lr2LXY+Z5ZsaGdYMgSlDHZYYvY=; fh=TLdZJsFzSA0fpm6Q4iUv+uB0sG0oU+h3Bp6HiSGyZm8=; b=FuNPcUUSue41EJ1b81Qc8KlrilrOeO772J5nAIUaAMGu6ouj6TTRfdEVmZHfvCTK9P nbSOhTOWhs3dVDgHHQgSqN49VdxOBntF+BHhcz+fM540Pmi1WCiusQ4A7Vdbpg9ffT6A 5Wwr6Lh/dZRKz5saXicy41UP4j2z6Z9JSUgaADgjxNiA+j8PmgcxTK8gJZ1O675wL0op BAHuFAk3ymLsyl8V6CjfiTFrFqeXiKrb6QYWm52kRmYE9U0e7y3f5TdKY8IJOzPIx/Lo HM2y6kCg4Q+BZHqPtI8vqG3TWHSIxSR/2+X0HIXNmpIloahOdNzUWruL834axBwZoy8u XdCg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=RsT8yu5l; arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass dkdomain=redhat.com dmarc=pass fromdomain=redhat.com); spf=pass (google.com: domain of linux-kernel+bounces-82196-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-82196-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [2604:1380:40f1:3f00::1]) by mx.google.com with ESMTPS id u35-20020a632363000000b005d8b313de26si4091677pgm.594.2024.02.26.11.34.28 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 26 Feb 2024 11:34:28 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-82196-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) client-ip=2604:1380:40f1:3f00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=RsT8yu5l; arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass dkdomain=redhat.com dmarc=pass fromdomain=redhat.com); spf=pass (google.com: domain of linux-kernel+bounces-82196-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-82196-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 82EADB27528 for ; Mon, 26 Feb 2024 19:08:26 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 7430E13473A; Mon, 26 Feb 2024 19:04:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="RsT8yu5l" Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A3805132C0A for ; Mon, 26 Feb 2024 19:03:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708974240; cv=none; b=BzXY10GFMMR7DoHxOOj684dRE7xDN1ntiIdNdjPl74UFN4HL4jc0/+IOeNvCTFhUMBGl3TsGBM9IPKfzyoCRGuuFZYDeUAKSu4Sd/SS6CQpijAeSpwHSyx1MkCOzgg4+LQSa3MnjFarhdSA3PXb5PrXMZ22du280vwdfxXrPc+g= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708974240; c=relaxed/simple; bh=yQ4+cUh1wFZP/DwoOESRlRUOq9oDhCd15lNRun6wmBM=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version:Content-Type; b=TlY/nbkO2z0y5urF8cbYDO0PEanQryEoiKufh3wABbxnTKpH0iQ1mUFh/nsYgybIebYdbajktbhWjTQZu9NWKvd4okQDXZT2pleNRxA4g+qwb6xk8Bzpd0tk23SB5h++7pACKeHxiDsc7qdhd7Pdfz+KbX/TSeEVKvEzCki1v84= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=RsT8yu5l; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1708974235; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=1sh44m/6LSbtyCFX1lr2LXY+Z5ZsaGdYMgSlDHZYYvY=; b=RsT8yu5lxg7boW+QL9vP9Ye8B/TZnLA9Kj23cuJO/raV9//308wWdOngtRufJcPklVibAc DRSzbdVzwD5ZEEPKO2MKKonfapt3s3fl10eSV8VRGpvUcM/gQybj9t2pSeiRHGP8TdRSRV XLRUxynmHbuTvlR0prY2EqyfTuBKSws= Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-217-r79btMwjNJWMB0x_odPoNw-1; Mon, 26 Feb 2024 14:03:48 -0500 X-MC-Unique: r79btMwjNJWMB0x_odPoNw-1 Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 78A633C14942; Mon, 26 Feb 2024 19:03:47 +0000 (UTC) Received: from virtlab701.virt.lab.eng.bos.redhat.com (virtlab701.virt.lab.eng.bos.redhat.com [10.19.152.228]) by smtp.corp.redhat.com (Postfix) with ESMTP id 50ABD492BC6; Mon, 26 Feb 2024 19:03:47 +0000 (UTC) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: seanjc@google.com, michael.roth@amd.com, aik@amd.com Subject: [PATCH v3 09/15] KVM: SEV: disable DEBUG_SWAP by default Date: Mon, 26 Feb 2024 14:03:38 -0500 Message-Id: <20240226190344.787149-10-pbonzini@redhat.com> In-Reply-To: <20240226190344.787149-1-pbonzini@redhat.com> References: <20240226190344.787149-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 8bit X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.9 Disable all VMSA features in KVM_SEV_INIT and KVM_SEV_ES_INIT. They are not actually supported by SEV (a SEV guest does not have a VMSA to which you can apply features) and they cause unexpected changes in measurement for SEV-ES. Going on, the way to enable them will be to use a new initialization ioctl that takes the VMSA features as a parameter. Signed-off-by: Paolo Bonzini --- arch/x86/kvm/svm/sev.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index b46612db0594..2db0b2b36120 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -252,7 +252,7 @@ static int sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp) sev->active = true; sev->es_active = argp->id == KVM_SEV_ES_INIT; - sev->vmsa_features = sev_supported_vmsa_features; + sev->vmsa_features = 0; ret = sev_asid_new(sev); if (ret) -- 2.39.1