From: Sean Christopherson <seanjc@google.com>
To: Jethro Beekman <jethro@fortanix.com>
Cc: "Paolo Bonzini" <pbonzini@redhat.com>,
kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
"Alexander Potapenko" <glider@google.com>,
"Carlos López" <clopez@suse.de>
Subject: Re: [PATCH 00/21] Fixes and lock cleanup+hardening
Date: Thu, 12 Mar 2026 09:03:10 -0700 [thread overview]
Message-ID: <abLjvqaamIedrbMg@google.com> (raw)
In-Reply-To: <08c7e1fa-c78f-4c6b-b2cb-baf7233e681d@fortanix.com>
On Wed, Mar 11, 2026, Jethro Beekman wrote:
> On 2026-03-11 00:48, Sean Christopherson wrote:
> > Fix several fatal SEV bugs, then clean up the SEV+ APIs to either document
> > that they are safe to query outside of kvm->lock, or to use lockdep-protected
> > version. The sev_mem_enc_register_region() goof is at least the second bug
> > we've had related to checking for an SEV guest outside of kvm->lock, and in
> > general it's nearly impossible to just "eyeball" the safety of KVM's usage.
> >
> > I included Carlos' guard() cleanups here to avoid annoying conflicts (well,
> > to solve them now instead of when applying).
>
> I wrote a bunch of tests (see below) to check the kernel can properly handle bad userspace flows. I haven't had the chance to test them with your patch set.
>
> test_vcpu_hotplug() triggers dump_vmcb()
FWIW, this is a non-issue, especially since SEV-ES+ guests can effectively fuzz
the VMSA at will.
next prev parent reply other threads:[~2026-03-12 16:03 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-10 23:48 [PATCH 00/21] Fixes and lock cleanup+hardening Sean Christopherson
2026-03-10 23:48 ` [PATCH 01/21] KVM: selftests: Remove duplicate LAUNCH_UPDATE_VMSA call in SEV-ES migrate test Sean Christopherson
2026-03-10 23:48 ` [PATCH 02/21] KVM: SEV: Reject attempts to sync VMSA of an already-launched/encrypted vCPU Sean Christopherson
2026-03-10 23:48 ` [PATCH 03/21] KVM: SEV: Protect *all* of sev_mem_enc_register_region() with kvm->lock Sean Christopherson
2026-03-10 23:48 ` [PATCH 04/21] KVM: SEV: Disallow LAUNCH_FINISH if vCPUs are actively being created Sean Christopherson
2026-03-10 23:48 ` [PATCH 05/21] KVM: SEV: Lock all vCPUs when synchronzing VMSAs for SNP launch finish Sean Christopherson
2026-04-08 14:07 ` Aithal, Srikanth
2026-04-08 18:42 ` Sean Christopherson
2026-04-09 5:12 ` Aithal, Srikanth
2026-03-10 23:48 ` [PATCH 06/21] KVM: SEV: Lock all vCPUs for the duration of SEV-ES VMSA synchronization Sean Christopherson
2026-03-10 23:48 ` [PATCH 07/21] KVM: SEV: Provide vCPU-scoped accessors for detecting SEV+ guests Sean Christopherson
2026-03-10 23:48 ` [PATCH 08/21] KVM: SEV: Add quad-underscore version of VM-scoped APIs to detect " Sean Christopherson
2026-03-10 23:48 ` [PATCH 09/21] KVM: SEV: Document the SEV-ES check when querying SMM support as "safe" Sean Christopherson
2026-03-10 23:48 ` [PATCH 10/21] KVM: SEV: Move standard VM-scoped helpers to detect SEV+ guests to sev.c Sean Christopherson
2026-03-17 10:33 ` Alexander Potapenko
2026-03-31 18:42 ` Sean Christopherson
2026-03-10 23:48 ` [PATCH 11/21] KVM: SEV: Move SEV-specific VM initialization " Sean Christopherson
2026-03-10 23:48 ` [PATCH 12/21] KVM: SEV: WARN on unhandled VM type when initializing VM Sean Christopherson
2026-04-09 5:12 ` Yan Zhao
2026-04-09 18:48 ` Sean Christopherson
2026-04-10 7:46 ` Yan Zhao
2026-04-10 15:49 ` Sean Christopherson
2026-03-10 23:48 ` [PATCH 13/21] KVM: SEV: Hide "struct kvm_sev_info" behind CONFIG_KVM_AMD_SEV=y Sean Christopherson
2026-03-10 23:48 ` [PATCH 14/21] KVM: SEV: Document that checking for SEV+ guests when reclaiming memory is "safe" Sean Christopherson
2026-03-10 23:48 ` [PATCH 15/21] KVM: SEV: Assert that kvm->lock is held when querying SEV+ support Sean Christopherson
2026-03-10 23:48 ` [PATCH 16/21] KVM: SEV: use mutex guard in snp_launch_update() Sean Christopherson
2026-03-10 23:48 ` [PATCH 17/21] KVM: SEV: use mutex guard in sev_mem_enc_ioctl() Sean Christopherson
2026-03-10 23:48 ` [PATCH 18/21] KVM: SEV: use mutex guard in sev_mem_enc_unregister_region() Sean Christopherson
2026-03-10 23:48 ` [PATCH 19/21] KVM: SEV: use mutex guard in snp_handle_guest_req() Sean Christopherson
2026-03-10 23:48 ` [PATCH 20/21] KVM: SVM: Move lock-protected allocation of SEV ASID into a separate helper Sean Christopherson
2026-03-10 23:48 ` [PATCH 21/21] KVM: SEV: Goto an existing error label if charging misc_cg for an ASID fails Sean Christopherson
2026-03-11 14:29 ` [PATCH 00/21] Fixes and lock cleanup+hardening Jethro Beekman
2026-03-12 16:03 ` Sean Christopherson [this message]
2026-04-08 0:14 ` Sean Christopherson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=abLjvqaamIedrbMg@google.com \
--to=seanjc@google.com \
--cc=clopez@suse.de \
--cc=glider@google.com \
--cc=jethro@fortanix.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.