From: Sean Christopherson <seanjc@google.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: Sean Christopherson <seanjc@google.com>,
Vitaly Kuznetsov <vkuznets@redhat.com>,
Wanpeng Li <wanpengli@tencent.com>,
Jim Mattson <jmattson@google.com>, Joerg Roedel <joro@8bytes.org>,
kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
Peter Gonda <pgonda@google.com>, Marc Orr <marcorr@google.com>,
Tom Lendacky <thomas.lendacky@amd.com>,
Brijesh Singh <brijesh.singh@amd.com>,
Masahiro Kozuka <masa.koz@kozuka.jp>
Subject: [PATCH 2/2] KVM: SEV: Flush cache on non-coherent systems before RECEIVE_UPDATE_DATA
Date: Tue, 14 Sep 2021 14:09:51 -0700 [thread overview]
Message-ID: <20210914210951.2994260-3-seanjc@google.com> (raw)
In-Reply-To: <20210914210951.2994260-1-seanjc@google.com>
From: Masahiro Kozuka <masa.koz@kozuka.jp>
Flush the destination page before invoking RECEIVE_UPDATE_DATA, as the
PSP encrypts the data with the guest's key when writing to guest memory.
If the target memory was not previously encrypted, the cache may contain
dirty, unecrypted data that will persist on non-coherent systems.
Fixes: 15fb7de1a7f5 ("KVM: SVM: Add KVM_SEV_RECEIVE_UPDATE_DATA command")
Cc: stable@vger.kernel.org
Cc: Peter Gonda <pgonda@google.com>
Cc: Marc Orr <marcorr@google.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Masahiro Kozuka <masa.koz@kozuka.jp>
[sean: converted bug report to changelog]
Signed-off-by: Sean Christopherson <seanjc@google.com>
---
arch/x86/kvm/svm/sev.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index 95228ba3cd8f..f5edc67b261b 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -1470,6 +1470,13 @@ static int sev_receive_update_data(struct kvm *kvm, struct kvm_sev_cmd *argp)
goto e_free_trans;
}
+ /*
+ * Flush (on non-coherent CPUs) before RECEIVE_UPDATE_DATA, the PSP
+ * encrypts the written data with the guest's key, and the cache may
+ * contain dirty, unencrypted data.
+ */
+ sev_clflush_pages(guest_page, n);
+
/* The RECEIVE_UPDATE_DATA command requires C-bit to be always set. */
data.guest_address = (page_to_pfn(guest_page[0]) << PAGE_SHIFT) + offset;
data.guest_address |= sev_me_mask;
--
2.33.0.309.g3052b89438-goog
WARNING: multiple messages have this Message-ID (diff)
From: Ashish Kalra <Ashish.Kalra@amd.com>
To: <seanjc@google.com>, Paolo Bonzini <pbonzini@redhat.com>
Cc: <brijesh.singh@amd.com>, <jmattson@google.com>, <joro@8bytes.org>,
<kvm@vger.kernel.org>, <linux-kernel@vger.kernel.org>,
<marcorr@google.com>, <masa.koz@kozuka.jp>, <pgonda@google.com>,
<thomas.lendacky@amd.com>, <vkuznets@redhat.com>,
<wanpengli@tencent.com>
Subject: [PATCH 2/2] KVM: SEV: Flush cache on non-coherent systems before RECEIVE_UPDATE_DATA
Date: Wed, 20 Oct 2021 22:58:48 +0000 [thread overview]
Message-ID: <20210914210951.2994260-3-seanjc@google.com> (raw) (raw)
Message-ID: <20211020225848.eDKZIsX3mNNYgasHleUen3h3CDp3ujJpt_nb3TecCCc@z> (raw)
In-Reply-To: <20210914210951.2994260-1-seanjc@google.com>
From: Sean Christopherson <seanjc@google.com>
Hello Paolo,
I am adding a SEV migration test as part of the KVM SEV selftests.
And while testing SEV migration with this selftest, i observed
cache coherency issues causing migration test failures, so really
need this patch to be added.
Tested-by: Ashish Kalra <ashish.kalra@amd.com>
next prev parent reply other threads:[~2021-09-14 21:10 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-14 21:09 [PATCH 0/2] KVM: SEV: RECEIVE_UPDATE_DATA bug fixes Sean Christopherson
2021-09-14 21:09 ` [PATCH 1/2] KVM: SEV: Pin guest memory for write for RECEIVE_UPDATE_DATA Sean Christopherson
2021-09-14 22:03 ` Peter Gonda
2021-09-14 22:15 ` Brijesh Singh
2021-09-21 17:59 ` Paolo Bonzini
2021-09-14 21:09 ` Sean Christopherson [this message]
[not found] ` <61709f42.1c69fb81.3b49.ecfeSMTPIN_ADDED_BROKEN@mx.google.com>
2021-10-21 17:01 ` [PATCH 2/2] KVM: SEV: Flush cache on non-coherent systems before RECEIVE_UPDATE_DATA Paolo Bonzini
2021-10-20 22:58 ` Ashish Kalra
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210914210951.2994260-3-seanjc@google.com \
--to=seanjc@google.com \
--cc=brijesh.singh@amd.com \
--cc=jmattson@google.com \
--cc=joro@8bytes.org \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=marcorr@google.com \
--cc=masa.koz@kozuka.jp \
--cc=pbonzini@redhat.com \
--cc=pgonda@google.com \
--cc=thomas.lendacky@amd.com \
--cc=vkuznets@redhat.com \
--cc=wanpengli@tencent.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox