Re: [PATCH 1/2] KVM: SEV: Do not allow SEV-SNP VMs from intra-host migration

[Atish Patra <atish.patra@linux.dev>]

On 5/28/26 4:51 PM, sashiko-bot@kernel.org wrote:
> Thank you for your contribution! Sashiko AI review found 1 potential issue(s) to consider:
>
> Pre-existing issues:
> - [High] Incomplete protection against SEV-SNP VM state duplication in `sev_vm_copy_enc_context_from`.
> --
>
> commit 6c07753da8cad5a8ac0223da06cf2b84411e6fbf
> Author: Atish Patra <atishp@meta.com>
>
>      KVM: SEV: Do not allow SEV-SNP VMs from intra-host migration
>      
>      The intra-host migration feature is not fully implemented for SEV-SNP
>      VMs which require additional SNP-specific state such as guest_req_mutex,
>      guest_req_buf, and guest_resp_buf to be transferred or initialized on
>      the destination.
>
>> diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
>> index c2126b3c30724..aff6a0cf5bfe8 100644
>> --- a/arch/x86/kvm/svm/sev.c
>> +++ b/arch/x86/kvm/svm/sev.c
>> @@ -2142,7 +2142,8 @@ int sev_vm_move_enc_context_from(struct kvm *kvm, unsigned int source_fd)
>>   		return ret;
>>   
>>   	if (kvm->arch.vm_type != source_kvm->arch.vm_type ||
>> -	    sev_guest(kvm) || !sev_guest(source_kvm)) {
>> +	    sev_guest(kvm) || !sev_guest(source_kvm) ||
>> +	    sev_snp_guest(source_kvm)) {
> [Severity: High]
> This isn't a bug introduced by this patch, but does
> sev_vm_copy_enc_context_from() also need a similar check to block SEV-SNP
> VMs from VM mirroring?
>
> If userspace creates a mirror of an SNP VM, sev_vm_copy_enc_context_from()
> copies its encryption context but fails to copy vmsa_features:
>
> arch/x86/kvm/svm/sev.c:sev_vm_copy_enc_context_from() {
>      ...
>      mirror_sev->enc_context_owner = source_kvm;
>      mirror_sev->active = true;
>      mirror_sev->asid = source_sev->asid;
>      mirror_sev->fd = source_sev->fd;
>      mirror_sev->es_active = source_sev->es_active;
>      mirror_sev->need_init = false;
>      mirror_sev->handle = source_sev->handle;
>      ...
> }
>
> Because the mirror's vmsa_features is zero, KVM treats the mirror VM as a
> standard SEV-ES VM (since ____sev_snp_guest() will evaluate to false).
>
> When vCPUs are created for the mirror VM, KVM allocates standard SEV-ES
> VMSAs and fails to perform SNP-specific initialization, such as registering
> the VMSA pages in the RMP via SEV_CMD_SNP_LAUNCH_UPDATE.
>
> When KVM executes VMRUN for the mirror VM's vCPU, the hardware evaluates an
> ASID bound to SNP execution using an invalid, non-RMP-registered VMSA page.
> Will this trigger an RMP #NPF (Nested Page Fault) on the host hypervisor,
> leading to an unhandled hypervisor crash and denial of service?

Nice catch! I don't think it will lead to hypervisor crash though. As 
per my understanding, the fault on VMSA
page would be sent to user space and just a VM instance will crash which 
is not that critical.

Having said that, we should close the gap for such mistakes from VMM 
side though by rejecting mirroring
of sev-snp VMs. I will add a patch and update the migration kselftest as 
well for sanity checking.

>>   		ret = -EINVAL;
>>   		goto out_unlock;
>>   	}