* Re: [PATCH v3 2/4] KVM: selftests: Verify SNP VMs are rejected from migration and mirroring [not found] ` <20260602-sev_snp_fixes-v3-2-585e4783a42f@meta.com> @ 2026-06-15 6:46 ` Atish Patra 0 siblings, 0 replies; 2+ messages in thread From: Atish Patra @ 2026-06-15 6:46 UTC (permalink / raw) To: Sean Christopherson, Paolo Bonzini, Borislav Petkov, Dave Hansen, x86, H. Peter Anvin, Tom Lendacky, Peter Gonda, Brijesh Singh, Youngjae Lee, Ashish Kalra, Michael Roth, John Allen, Herbert Xu Cc: clm, kvm, linux-kernel, linux-crypto, stable, Atish Patra On 6/2/26 3:11 PM, Atish Patra wrote: > From: Atish Patra <atishp@meta.com> > > Migration and mirroring of SEV-SNP VMs are not supported yet. > > Add two selftests that verify KVM rejects intra-host migration and > mirroring when the source VM is an SNP VM, so the restriction stays enforced > until proper SNP state transfer is implemented. > > Signed-off-by: Atish Patra <atishp@meta.com> > --- > .../testing/selftests/kvm/x86/sev_migrate_tests.c | 47 ++++++++++++++++++++++ > 1 file changed, 47 insertions(+) > > diff --git a/tools/testing/selftests/kvm/x86/sev_migrate_tests.c b/tools/testing/selftests/kvm/x86/sev_migrate_tests.c > index 6b0928e69051..acef6ab26d3d 100644 > --- a/tools/testing/selftests/kvm/x86/sev_migrate_tests.c > +++ b/tools/testing/selftests/kvm/x86/sev_migrate_tests.c > @@ -313,6 +313,49 @@ static void test_sev_mirror_parameters(void) > kvm_vm_free(vm_no_vcpu); > } > > +static void test_sev_snp_migrate_reject(void) > +{ > + struct kvm_vm *src_vm, *dst_vm; > + int ret; > + > + src_vm = vm_create_barebones_type(KVM_X86_SNP_VM); > + snp_vm_init(src_vm); > + __vm_vcpu_add(src_vm, 0); > + vm_sev_launch(src_vm, snp_default_policy(), NULL); > + > + dst_vm = vm_create_barebones_type(KVM_X86_SNP_VM); > + __vm_vcpu_add(dst_vm, 0); > + > + ret = __sev_migrate_from(dst_vm, src_vm); > + TEST_ASSERT(ret == -1 && errno == EINVAL, > + "SNP VM migration should be rejected. ret: %d, errno: %d", > + ret, errno); > + > + kvm_vm_free(src_vm); > + kvm_vm_free(dst_vm); > +} > + > +static void test_sev_snp_mirror_reject(void) > +{ > + struct kvm_vm *src_vm, *dst_vm; > + int ret; > + > + src_vm = vm_create_barebones_type(KVM_X86_SNP_VM); > + snp_vm_init(src_vm); > + __vm_vcpu_add(src_vm, 0); > + vm_sev_launch(src_vm, snp_default_policy(), NULL); > + > + dst_vm = aux_vm_create(false); > + > + ret = __sev_mirror_create(dst_vm, src_vm); > + TEST_ASSERT(ret == -1 && errno == EINVAL, > + "SNP VM mirroring should be rejected. ret: %d, errno: %d", > + ret, errno); > + > + kvm_vm_free(src_vm); > + kvm_vm_free(dst_vm); > +} > + > static void test_sev_move_copy(void) > { > struct kvm_vm *dst_vm, *dst2_vm, *dst3_vm, *sev_vm, *mirror_vm, > @@ -384,12 +427,16 @@ int main(int argc, char *argv[]) > test_sev_migrate_parameters(); > if (kvm_has_cap(KVM_CAP_VM_COPY_ENC_CONTEXT_FROM)) > test_sev_move_copy(); > + if (kvm_cpu_has(X86_FEATURE_SEV_SNP)) > + test_sev_snp_migrate_reject(); > } > if (kvm_has_cap(KVM_CAP_VM_COPY_ENC_CONTEXT_FROM)) { > test_sev_mirror(/* es= */ false); > if (have_sev_es) > test_sev_mirror(/* es= */ true); > test_sev_mirror_parameters(); > + if (kvm_cpu_has(X86_FEATURE_SEV_SNP)) > + test_sev_snp_mirror_reject(); > } > return 0; > } > gentle ping for any feedback on this patch ? ^ permalink raw reply [flat|nested] 2+ messages in thread
* [PATCH v3 0/4] KVM: Miscellaneous SEV/SNP related fixes
@ 2026-06-02 22:36 Atish Patra
2026-06-02 22:36 ` [PATCH v3 2/4] KVM: selftests: Verify SNP VMs are rejected from migration and mirroring Atish Patra
0 siblings, 1 reply; 2+ messages in thread
From: Atish Patra @ 2026-06-02 22:36 UTC (permalink / raw)
To: Sean Christopherson, Paolo Bonzini, Borislav Petkov, Dave Hansen,
x86, H. Peter Anvin, Tom Lendacky, Peter Gonda, Brijesh Singh,
Youngjae Lee, Ashish Kalra, Michael Roth, John Allen, Herbert Xu
Cc: clm, kvm, linux-kernel, linux-crypto, stable, Atish Patra,
Sashiko
This series addresses a few issues found during code audit of the
KVM SEV/SNP and CCP driver code. The fixes include a incorrect lock state
and incomplete state handling during intra-host migration for SNP VMs.
To: Sean Christopherson <seanjc@google.com>
To: Paolo Bonzini <pbonzini@redhat.com>
To: Borislav Petkov <bp@alien8.de>
To: Dave Hansen <dave.hansen@linux.intel.com>
To: x86@kernel.org
To: H. Peter Anvin <hpa@zytor.com>
To: Tom Lendacky <thomas.lendacky@amd.com>
To: Peter Gonda <pgonda@google.com>
To: Brijesh Singh <brijesh.singh@amd.com>
To: Youngjae Lee <youngjaelee@meta.com>
To: Ashish Kalra <ashish.kalra@amd.com>
To: Michael Roth <michael.roth@amd.com>
To: John Allen <john.allen@amd.com>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: clm@meta.com
Cc: kvm@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Cc: linux-crypto@vger.kernel.org
Cc: stable@vger.kernel.org
Signed-off-by: Atish Patra <atishp@meta.com>
---
Changes in v3:
- Added comments, fixed commit messages and fixes tag as per discussions on v2.
- sev_init_ex_buffer initialized with zero at allocation to prevent any kernel
data leak in case of init_ex_file is not present. Reported by Sashiko
- Link to v2: https://lore.kernel.org/r/20260601-sev_snp_fixes-v2-0-611891b28a86@meta.com
Changes in v2:
- Added fixes based on the reports by Sashiko.
- Added a kselftest for validating SNP VM mirroring/migration rejection.
- Link to v1: https://lore.kernel.org/r/20260528-sev_snp_fixes-v1-0-d67a08151779@meta.com
---
Atish Patra (4):
KVM: SEV: Do not allow intra-host migration/mirroring of SNP VMs
KVM: selftests: Verify SNP VMs are rejected from migration and mirroring
crypto: ccp: Fix possible deadlock in SEV init failure path
crypto: ccp: Fix memory leak in SEV INIT_EX path
arch/x86/kvm/svm/sev.c | 6 ++-
drivers/crypto/ccp/sev-dev.c | 19 +++++++--
.../testing/selftests/kvm/x86/sev_migrate_tests.c | 47 ++++++++++++++++++++++
3 files changed, 67 insertions(+), 5 deletions(-)
---
base-commit: e7ae89a0c97ce2b68b0983cd01eda67cf373517d
change-id: 20260525-sev_snp_fixes-0b73789c1a91
Best regards,
--
Atish Patra <atishp@meta.com>
^ permalink raw reply [flat|nested] 2+ messages in thread* [PATCH v3 2/4] KVM: selftests: Verify SNP VMs are rejected from migration and mirroring 2026-06-02 22:36 [PATCH v3 0/4] KVM: Miscellaneous SEV/SNP related fixes Atish Patra @ 2026-06-02 22:36 ` Atish Patra 0 siblings, 0 replies; 2+ messages in thread From: Atish Patra @ 2026-06-02 22:36 UTC (permalink / raw) To: Sean Christopherson, Paolo Bonzini, Borislav Petkov, Dave Hansen, x86, H. Peter Anvin, Tom Lendacky, Peter Gonda, Brijesh Singh, Youngjae Lee, Ashish Kalra, Michael Roth, John Allen, Herbert Xu Cc: clm, kvm, linux-kernel, linux-crypto, stable, Atish Patra From: Atish Patra <atishp@meta.com> Migration and mirroring of SEV-SNP VMs are not supported yet. Add two selftests that verify KVM rejects intra-host migration and mirroring when the source VM is an SNP VM, so the restriction stays enforced until proper SNP state transfer is implemented. Signed-off-by: Atish Patra <atishp@meta.com> --- .../testing/selftests/kvm/x86/sev_migrate_tests.c | 47 ++++++++++++++++++++++ 1 file changed, 47 insertions(+) diff --git a/tools/testing/selftests/kvm/x86/sev_migrate_tests.c b/tools/testing/selftests/kvm/x86/sev_migrate_tests.c index 6b0928e69051..acef6ab26d3d 100644 --- a/tools/testing/selftests/kvm/x86/sev_migrate_tests.c +++ b/tools/testing/selftests/kvm/x86/sev_migrate_tests.c @@ -313,6 +313,49 @@ static void test_sev_mirror_parameters(void) kvm_vm_free(vm_no_vcpu); } +static void test_sev_snp_migrate_reject(void) +{ + struct kvm_vm *src_vm, *dst_vm; + int ret; + + src_vm = vm_create_barebones_type(KVM_X86_SNP_VM); + snp_vm_init(src_vm); + __vm_vcpu_add(src_vm, 0); + vm_sev_launch(src_vm, snp_default_policy(), NULL); + + dst_vm = vm_create_barebones_type(KVM_X86_SNP_VM); + __vm_vcpu_add(dst_vm, 0); + + ret = __sev_migrate_from(dst_vm, src_vm); + TEST_ASSERT(ret == -1 && errno == EINVAL, + "SNP VM migration should be rejected. ret: %d, errno: %d", + ret, errno); + + kvm_vm_free(src_vm); + kvm_vm_free(dst_vm); +} + +static void test_sev_snp_mirror_reject(void) +{ + struct kvm_vm *src_vm, *dst_vm; + int ret; + + src_vm = vm_create_barebones_type(KVM_X86_SNP_VM); + snp_vm_init(src_vm); + __vm_vcpu_add(src_vm, 0); + vm_sev_launch(src_vm, snp_default_policy(), NULL); + + dst_vm = aux_vm_create(false); + + ret = __sev_mirror_create(dst_vm, src_vm); + TEST_ASSERT(ret == -1 && errno == EINVAL, + "SNP VM mirroring should be rejected. ret: %d, errno: %d", + ret, errno); + + kvm_vm_free(src_vm); + kvm_vm_free(dst_vm); +} + static void test_sev_move_copy(void) { struct kvm_vm *dst_vm, *dst2_vm, *dst3_vm, *sev_vm, *mirror_vm, @@ -384,12 +427,16 @@ int main(int argc, char *argv[]) test_sev_migrate_parameters(); if (kvm_has_cap(KVM_CAP_VM_COPY_ENC_CONTEXT_FROM)) test_sev_move_copy(); + if (kvm_cpu_has(X86_FEATURE_SEV_SNP)) + test_sev_snp_migrate_reject(); } if (kvm_has_cap(KVM_CAP_VM_COPY_ENC_CONTEXT_FROM)) { test_sev_mirror(/* es= */ false); if (have_sev_es) test_sev_mirror(/* es= */ true); test_sev_mirror_parameters(); + if (kvm_cpu_has(X86_FEATURE_SEV_SNP)) + test_sev_snp_mirror_reject(); } return 0; } -- 2.53.0-Meta ^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2026-06-15 6:46 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <20260602-sev_snp_fixes-v3-0-585e4783a42f@meta.com>
[not found] ` <20260602-sev_snp_fixes-v3-2-585e4783a42f@meta.com>
2026-06-15 6:46 ` [PATCH v3 2/4] KVM: selftests: Verify SNP VMs are rejected from migration and mirroring Atish Patra
2026-06-02 22:36 [PATCH v3 0/4] KVM: Miscellaneous SEV/SNP related fixes Atish Patra
2026-06-02 22:36 ` [PATCH v3 2/4] KVM: selftests: Verify SNP VMs are rejected from migration and mirroring Atish Patra
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox