Skip to content
/ linux Public
forked from torvalds/linux

Commit

Permalink
KVM: SEV: Update svm_vm_copy_asid_from for SEV-ES
Browse files Browse the repository at this point in the history 
For mirroring SEV-ES the mirror VM will need more then just the ASID.
The FD and the handle are required to all the mirror to call psp
commands. The mirror VM will need to call KVM_SEV_LAUNCH_UPDATE_VMSA to
setup its vCPUs' VMSAs for SEV-ES.

Signed-off-by: Peter Gonda <[email protected]>
Cc: Marc Orr <[email protected]>
Cc: Nathan Tempelman <[email protected]>
Cc: Paolo Bonzini <[email protected]>
Cc: Sean Christopherson <[email protected]>
Cc: Steve Rutherford <[email protected]>
Cc: Brijesh Singh <[email protected]>
Cc: [email protected]
Cc: [email protected]
Cc: [email protected]
Fixes: 54526d1 ("KVM: x86: Support KVM VMs sharing SEV context", 2021-04-21)
Message-Id: <[email protected]>
Signed-off-by: Paolo Bonzini <[email protected]>
  • Loading branch information
@pgonda @bonzini
pgonda authored and bonzini committed Sep 22, 2021
1 parent 24a996a commit f43c887
Showing 1 changed file with 12 additions and 4 deletions.
16 changes: 12 additions & 4 deletions arch/x86/kvm/svm/sev.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1724,8 +1724,7 @@ int svm_vm_copy_asid_from(struct kvm *kvm, unsigned int source_fd)
{
struct file *source_kvm_file;
struct kvm *source_kvm;
struct kvm_sev_info *mirror_sev;
unsigned int asid;
struct kvm_sev_info source_sev, *mirror_sev;
int ret;

source_kvm_file = fget(source_fd);
Expand All @@ -1748,7 +1747,8 @@ int svm_vm_copy_asid_from(struct kvm *kvm, unsigned int source_fd)
goto e_source_unlock;
}

asid = to_kvm_svm(source_kvm)->sev_info.asid;
memcpy(&source_sev, &to_kvm_svm(source_kvm)->sev_info,
sizeof(source_sev));

/*
* The mirror kvm holds an enc_context_owner ref so its asid can't
Expand All @@ -1768,8 +1768,16 @@ int svm_vm_copy_asid_from(struct kvm *kvm, unsigned int source_fd)
/* Set enc_context_owner and copy its encryption context over */
mirror_sev = &to_kvm_svm(kvm)->sev_info;
mirror_sev->enc_context_owner = source_kvm;
mirror_sev->asid = asid;
mirror_sev->active = true;
mirror_sev->asid = source_sev.asid;
mirror_sev->fd = source_sev.fd;
mirror_sev->es_active = source_sev.es_active;
mirror_sev->handle = source_sev.handle;
/*
* Do not copy ap_jump_table. Since the mirror does not share the same
* KVM contexts as the original, and they may have different
* memory-views.
*/

mutex_unlock(&kvm->lock);
return 0;
Expand Down

0 comments on commit f43c887

Please sign in to comment.