[PATCH 0/5] Revoke supported SEV VM types

[PATCH 0/5] Revoke supported SEV VM types

[Tycho Andersen]

From: "Tycho Andersen (AMD)" <tycho@kernel.org>

Recent SEV firmware [1] does not support SEV-ES VMs when SNP is enabled.
Sean suggested [2] adding an API so that userspace can check for this
condition, so do that. Also introduce and use SNP_VERIFY_MITIGATION to
determine whether it is present or not.

[1]: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3023.html
[2]: https://lore.kernel.org/all/aZyLIWtffvEnmtYh@google.com/

Tycho Andersen (AMD) (5):
  kvm/sev: don't expose unusable VM types
  crypto/ccp: introduce SNP_VERIFY_MITIGATION
  crypto/ccp: export firmware supported vm types
  kvm/sev: mask off firmware unsupported vm types
  selftests/kvm: teach sev_*_test about revoking VM types

 arch/x86/kvm/svm/sev.c                        | 16 +++-
 drivers/crypto/ccp/sev-dev.c                  | 84 +++++++++++++++++++
 include/linux/psp-sev.h                       | 56 +++++++++++++
 .../selftests/kvm/x86/sev_init2_tests.c       | 14 ++--
 .../selftests/kvm/x86/sev_migrate_tests.c     |  2 +-
 .../selftests/kvm/x86/sev_smoke_test.c        |  4 +-
 6 files changed, 162 insertions(+), 14 deletions(-)


base-commit: 11439c4635edd669ae435eec308f4ab8a0804808
-- 
2.53.0

[PATCH 1/5] kvm/sev: don't expose unusable VM types

[Tycho Andersen]

From: "Tycho Andersen (AMD)" <tycho@kernel.org>

Commit 0aa6b90ef9d7 ("KVM: SVM: Add support for allowing zero SEV ASIDs")
made it possible to make it impossible to use SEV VMs by not allocating
them any ASIDs.

Commit 6c7c620585c6 ("KVM: SEV: Add SEV-SNP CipherTextHiding support") did
the same thing for SEV-ES.

Do not export KVM_X86_SEV(_ES)_VM as exported types if in either of these
situations, so that userspace can use them to determine what is actually
supported by the current kernel configuration.

Also move the buildup to a local variable so it is easier to add additional
masking in future patches.

Link: https://lore.kernel.org/all/aZyLIWtffvEnmtYh@google.com/
Suggested-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Tycho Andersen (AMD) <tycho@kernel.org>
---
 arch/x86/kvm/svm/sev.c | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index 3f9c1aa39a0a..f941d48626d3 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -2957,18 +2957,26 @@ void sev_vm_destroy(struct kvm *kvm)
 
 void __init sev_set_cpu_caps(void)
 {
+	int supported_vm_types = 0;
+
 	if (sev_enabled) {
 		kvm_cpu_cap_set(X86_FEATURE_SEV);
-		kvm_caps.supported_vm_types |= BIT(KVM_X86_SEV_VM);
+
+		if (min_sev_asid <= max_sev_asid)
+			supported_vm_types |= BIT(KVM_X86_SEV_VM);
 	}
 	if (sev_es_enabled) {
 		kvm_cpu_cap_set(X86_FEATURE_SEV_ES);
-		kvm_caps.supported_vm_types |= BIT(KVM_X86_SEV_ES_VM);
+
+		if (min_sev_es_asid <= max_sev_es_asid)
+			supported_vm_types |= BIT(KVM_X86_SEV_ES_VM);
 	}
 	if (sev_snp_enabled) {
 		kvm_cpu_cap_set(X86_FEATURE_SEV_SNP);
-		kvm_caps.supported_vm_types |= BIT(KVM_X86_SNP_VM);
+		supported_vm_types |= BIT(KVM_X86_SNP_VM);
 	}
+
+	kvm_caps.supported_vm_types |= supported_vm_types;
 }
 
 static bool is_sev_snp_initialized(void)
-- 
2.53.0

[PATCH 2/5] crypto/ccp: introduce SNP_VERIFY_MITIGATION

[Tycho Andersen]

From: "Tycho Andersen (AMD)" <tycho@kernel.org>

These are all documented in the SEV FW document ID 56860.

These are based on the previous patch in the link, though moved out of
uapi.

Link: https://lore.kernel.org/linux-crypto/20250630202319.56331-2-prsampat@amd.com/
Signed-off-by: Tycho Andersen (AMD) <tycho@kernel.org>
CC: "Pratik R. Sampat" <prsampat@amd.com>
---
 drivers/crypto/ccp/sev-dev.c |  1 +
 include/linux/psp-sev.h      | 47 ++++++++++++++++++++++++++++++++++++
 2 files changed, 48 insertions(+)

diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index 096f993974d1..9eba3fe1a27f 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -222,6 +222,7 @@ static int sev_cmd_buffer_len(int cmd)
 	case SEV_CMD_GUEST_STATUS:		return sizeof(struct sev_data_guest_status);
 	case SEV_CMD_DBG_DECRYPT:		return sizeof(struct sev_data_dbg);
 	case SEV_CMD_DBG_ENCRYPT:		return sizeof(struct sev_data_dbg);
+	case SEV_CMD_SNP_VERIFY_MITIGATION:	return sizeof(struct sev_data_snp_verify_mitigation);
 	case SEV_CMD_SEND_START:		return sizeof(struct sev_data_send_start);
 	case SEV_CMD_SEND_UPDATE_DATA:		return sizeof(struct sev_data_send_update_data);
 	case SEV_CMD_SEND_UPDATE_VMSA:		return sizeof(struct sev_data_send_update_vmsa);
diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h
index 69ffa4b4d1fa..2b4b56632b4e 100644
--- a/include/linux/psp-sev.h
+++ b/include/linux/psp-sev.h
@@ -129,6 +129,7 @@ enum sev_cmd {
 	SEV_CMD_SNP_LAUNCH_FINISH	= 0x0A2,
 	SEV_CMD_SNP_DBG_DECRYPT		= 0x0B0,
 	SEV_CMD_SNP_DBG_ENCRYPT		= 0x0B1,
+	SEV_CMD_SNP_VERIFY_MITIGATION	= 0x0B2,
 	SEV_CMD_SNP_PAGE_SWAP_OUT	= 0x0C0,
 	SEV_CMD_SNP_PAGE_SWAP_IN	= 0x0C1,
 	SEV_CMD_SNP_PAGE_MOVE		= 0x0C2,
@@ -578,6 +579,51 @@ struct sev_data_dbg {
 	u32 len;				/* In */
 } __packed;
 
+/**
+ * struct sev_data_snp_verify_mitigation - SNP_VERIFY_MITIGATION command params
+ *
+ * @length: Length of the command buffer read by the PSP
+ * @subcommand: Mitigation sub-command for the firmware to execute.
+ * @rsvd: Reserved
+ * @vector: Bit specifying the vulnerability mitigation to process
+ * @dst_paddr_en: Destination paddr enabled
+ * @src_paddr_en: Source paddr enabled
+ * @rsvd1: Reserved
+ * @rsvd2: Reserved
+ * @src_paddr: Source address for optional input data
+ * @dst_paddr: Destination address to write the result
+ * @rsvd3: Reserved
+ */
+struct sev_data_snp_verify_mitigation {
+	u32 length;
+	u16 subcommand;
+	u16 rsvd;
+	u64 vector;
+	u32 dst_paddr_en : 1,
+	   src_paddr_en : 1,
+	   rsvd1 : 30;
+	u8 rsvd2[4];
+	u64 src_paddr;
+	u64 dst_paddr;
+	u8 rsvd3[24];
+} __packed;
+
+#define SNP_MIT_SUBCMD_REQ_STATUS	0x0
+#define SNP_MIT_SUBCMD_REQ_VERIFY	0x1
+
+/**
+ * struct snp_verify_mitigation_dst - mitigation result vectors
+ *
+ * @mit_verified_vector: Bit vector of vulnerability mitigations verified
+ * @mit_supported_vector: Bit vector of vulnerability mitigations supported
+ * @mit_failure_status: Status of the verification operation
+ */
+struct snp_verify_mitigation_dst {
+	u64 mit_verified_vector;		/* OUT */
+	u64 mit_supported_vector;		/* OUT */
+	u32 mit_failure_status;			/* OUT */
+} __packed;
+
 /**
  * struct sev_data_attestation_report - SEV_ATTESTATION_REPORT command parameters
  *
@@ -895,6 +941,7 @@ struct snp_feature_info {
 #define SNP_CIPHER_TEXT_HIDING_SUPPORTED	BIT(3)
 #define SNP_AES_256_XTS_POLICY_SUPPORTED	BIT(4)
 #define SNP_CXL_ALLOW_POLICY_SUPPORTED		BIT(5)
+#define SNP_VERIFY_MITIGATION_SUPPORTED		BIT(13)
 
 /* Feature bits in EBX */
 #define SNP_SEV_TIO_SUPPORTED			BIT(1)
-- 
2.53.0

[PATCH 3/5] crypto/ccp: export firmware supported vm types

[Tycho Andersen]

From: "Tycho Andersen (AMD)" <tycho@kernel.org>

In some configurations, the firmware does not support all VM types. Do an
SNP_VERIFY_MITIGATION to determine if the mitigation for CVE-2025-48514 is
active, and if so, turn off the SEV_ES bit.

Signed-off-by: Tycho Andersen (AMD) <tycho@kernel.org>
---
 drivers/crypto/ccp/sev-dev.c | 83 ++++++++++++++++++++++++++++++++++++
 include/linux/psp-sev.h      |  9 ++++
 2 files changed, 92 insertions(+)

diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index 9eba3fe1a27f..79610617a38d 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -2930,3 +2930,86 @@ void sev_pci_exit(void)
 
 	sev_firmware_shutdown(sev);
 }
+
+static int snp_verify_mitigation(struct sev_device *sev, u64 vector, u64 *verified)
+{
+	struct sev_data_snp_verify_mitigation data = {0};
+	struct snp_verify_mitigation_dst *dst;
+	struct page *p;
+	int rc, error = 0;
+
+	if (!sev->snp_plat_status.feature_info ||
+	    !(sev->snp_feat_info_0.ecx & SNP_VERIFY_MITIGATION_SUPPORTED)) {
+		return -EOPNOTSUPP;
+	}
+
+	p = __snp_alloc_firmware_pages(GFP_KERNEL, 0, true);
+	if (!p)
+		return -ENOMEM;
+	dst = page_address(p);
+
+	data.length = sizeof(data);
+	data.subcommand = SNP_MIT_SUBCMD_REQ_VERIFY;
+	data.vector = vector;
+	data.dst_paddr_en = 1;
+	data.dst_paddr = __psp_pa(dst);
+
+	rc = sev_do_cmd(SEV_CMD_SNP_VERIFY_MITIGATION, &data, &error);
+	if (rc < 0) {
+		if (error)
+			dev_err(sev->dev, "VERIFY_MITIGATION error %d\n", error);
+		goto reclaim_pages;
+	}
+
+	rc = -EIO;
+	if (dst->mit_failure_status) {
+		dev_err(sev->dev, "VERIFY_MITIGATION failure status %d\n", dst->mit_failure_status);
+		goto reclaim_pages;
+	}
+
+	*verified = dst->mit_verified_vector;
+	rc = 0;
+
+reclaim_pages:
+	__snp_free_firmware_pages(p, 0, true);
+	return rc;
+}
+
+int sev_firmware_supported_vm_types(void)
+{
+	int rc, supported_vm_types = 0;
+	struct sev_device *sev;
+	u64 verified = 0;
+
+	if (!psp_master || !psp_master->sev_data)
+		return supported_vm_types;
+	sev = psp_master->sev_data;
+
+	supported_vm_types |= BIT(KVM_X86_SEV_VM);
+	supported_vm_types |= BIT(KVM_X86_SEV_ES_VM);
+
+	if (!sev->snp_initialized)
+		return supported_vm_types;
+
+	supported_vm_types |= BIT(KVM_X86_SNP_VM);
+
+	rc = snp_verify_mitigation(sev, SNP_MIT_VEC_CVE_2025_48514, &verified);
+	if (rc < 0) {
+		/*
+		 * Older firmware that doesn't support VERIFY_MITIGATION won't
+		 * have the mitigation for this CVE, so all types are supported.
+		 */
+		if (rc == -EOPNOTSUPP)
+			return supported_vm_types;
+		dev_err(sev->dev, "Unable to determine supported vm types: %d\n", rc);
+		return supported_vm_types;
+	}
+
+	/* This mitigation disables SEV-ES guests when present */
+	if (verified & SNP_MIT_VEC_CVE_2025_48514)
+		supported_vm_types &= ~BIT(KVM_X86_SEV_ES_VM);
+
+	return supported_vm_types;
+
+}
+EXPORT_SYMBOL_FOR_MODULES(sev_firmware_supported_vm_types, "kvm-amd");
diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h
index 2b4b56632b4e..07ce49b31ba2 100644
--- a/include/linux/psp-sev.h
+++ b/include/linux/psp-sev.h
@@ -611,6 +611,12 @@ struct sev_data_snp_verify_mitigation {
 #define SNP_MIT_SUBCMD_REQ_STATUS	0x0
 #define SNP_MIT_SUBCMD_REQ_VERIFY	0x1
 
+/*
+ * For CVE-2025-48514 defined in AMD-SB-3023
+ * https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3023.html
+ */
+#define SNP_MIT_VEC_CVE_2025_48514		BIT(3)
+
 /**
  * struct snp_verify_mitigation_dst - mitigation result vectors
  *
@@ -1092,6 +1098,7 @@ void snp_free_firmware_page(void *addr);
 void sev_platform_shutdown(void);
 bool sev_is_snp_ciphertext_hiding_supported(void);
 u64 sev_get_snp_policy_bits(void);
+int sev_firmware_supported_vm_types(void);
 
 #else	/* !CONFIG_CRYPTO_DEV_SP_PSP */
 
@@ -1135,6 +1142,8 @@ static inline void sev_platform_shutdown(void) { }
 
 static inline bool sev_is_snp_ciphertext_hiding_supported(void) { return false; }
 
+static inline int sev_firmware_supported_vm_types(void) { return 0; }
+
 #endif	/* CONFIG_CRYPTO_DEV_SP_PSP */
 
 #endif	/* __PSP_SEV_H__ */
-- 
2.53.0

[PATCH 4/5] kvm/sev: mask off firmware unsupported vm types

[Tycho Andersen]

From: "Tycho Andersen (AMD)" <tycho@kernel.org>

In some configurations not all VM types are supported by the firmware.
Reflect this information in the supported_vm_types that KVM exports.

Link: https://lore.kernel.org/all/aZyLIWtffvEnmtYh@google.com/
Suggested-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Tycho Andersen (AMD) <tycho@kernel.org>
---
 arch/x86/kvm/svm/sev.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index f941d48626d3..eeae39af63a9 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -2976,6 +2976,8 @@ void __init sev_set_cpu_caps(void)
 		supported_vm_types |= BIT(KVM_X86_SNP_VM);
 	}
 
+	supported_vm_types &= sev_firmware_supported_vm_types();
+
 	kvm_caps.supported_vm_types |= supported_vm_types;
 }
 
-- 
2.53.0

[PATCH 5/5] selftests/kvm: teach sev_*_test about revoking VM types

[Tycho Andersen]

From: "Tycho Andersen (AMD)" <tycho@kernel.org>

Instead of using CPUID, use the VM type bit to determine support, since
those now reflect the correct status of support by the kernel and firmware
configurations.

Suggested-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Tycho Andersen (AMD) <tycho@kernel.org>
---
 tools/testing/selftests/kvm/x86/sev_init2_tests.c  | 14 ++++++--------
 .../testing/selftests/kvm/x86/sev_migrate_tests.c  |  2 +-
 tools/testing/selftests/kvm/x86/sev_smoke_test.c   |  4 ++--
 3 files changed, 9 insertions(+), 11 deletions(-)

diff --git a/tools/testing/selftests/kvm/x86/sev_init2_tests.c b/tools/testing/selftests/kvm/x86/sev_init2_tests.c
index b238615196ad..97bd036b4f1c 100644
--- a/tools/testing/selftests/kvm/x86/sev_init2_tests.c
+++ b/tools/testing/selftests/kvm/x86/sev_init2_tests.c
@@ -136,16 +136,14 @@ int main(int argc, char *argv[])
 		    kvm_check_cap(KVM_CAP_VM_TYPES), 1 << KVM_X86_SEV_VM);
 
 	TEST_REQUIRE(kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_SEV_VM));
-	have_sev_es = kvm_cpu_has(X86_FEATURE_SEV_ES);
+	have_sev_es = kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_SEV_ES_VM);
 
-	TEST_ASSERT(have_sev_es == !!(kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_SEV_ES_VM)),
-		    "sev-es: KVM_CAP_VM_TYPES (%x) does not match cpuid (checking %x)",
-		    kvm_check_cap(KVM_CAP_VM_TYPES), 1 << KVM_X86_SEV_ES_VM);
+	TEST_ASSERT(!have_sev_es || kvm_cpu_has(X86_FEATURE_SEV_ES),
+		    "sev-es: SEV_ES_VM supported without SEV_ES in CPUID");
 
-	have_snp = kvm_cpu_has(X86_FEATURE_SEV_SNP);
-	TEST_ASSERT(have_snp == !!(kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_SNP_VM)),
-		    "sev-snp: KVM_CAP_VM_TYPES (%x) indicates SNP support (bit %d), but CPUID does not",
-		    kvm_check_cap(KVM_CAP_VM_TYPES), KVM_X86_SNP_VM);
+	have_snp = kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_SNP_VM);
+	TEST_ASSERT(!have_snp || kvm_cpu_has(X86_FEATURE_SEV_SNP),
+		    "sev-snp: SNP_VM supported without SEV_SNP in CPUID");
 
 	test_vm_types();
 
diff --git a/tools/testing/selftests/kvm/x86/sev_migrate_tests.c b/tools/testing/selftests/kvm/x86/sev_migrate_tests.c
index 0a6dfba3905b..3f2c3b00e3bc 100644
--- a/tools/testing/selftests/kvm/x86/sev_migrate_tests.c
+++ b/tools/testing/selftests/kvm/x86/sev_migrate_tests.c
@@ -376,7 +376,7 @@ int main(int argc, char *argv[])
 
 	TEST_REQUIRE(kvm_cpu_has(X86_FEATURE_SEV));
 
-	have_sev_es = kvm_cpu_has(X86_FEATURE_SEV_ES);
+	have_sev_es = kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_SEV_ES_VM);
 
 	if (kvm_has_cap(KVM_CAP_VM_MOVE_ENC_CONTEXT_FROM)) {
 		test_sev_migrate_from(/* es= */ false);
diff --git a/tools/testing/selftests/kvm/x86/sev_smoke_test.c b/tools/testing/selftests/kvm/x86/sev_smoke_test.c
index 86ad1c7d068f..16ec940de5ac 100644
--- a/tools/testing/selftests/kvm/x86/sev_smoke_test.c
+++ b/tools/testing/selftests/kvm/x86/sev_smoke_test.c
@@ -219,10 +219,10 @@ int main(int argc, char *argv[])
 
 	test_sev_smoke(guest_sev_code, KVM_X86_SEV_VM, 0);
 
-	if (kvm_cpu_has(X86_FEATURE_SEV_ES))
+	if (kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_SEV_ES_VM))
 		test_sev_smoke(guest_sev_es_code, KVM_X86_SEV_ES_VM, SEV_POLICY_ES);
 
-	if (kvm_cpu_has(X86_FEATURE_SEV_SNP))
+	if (kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_SNP_VM))
 		test_sev_smoke(guest_snp_code, KVM_X86_SNP_VM, snp_default_policy());
 
 	return 0;
-- 
2.53.0

Re: [PATCH 3/5] crypto/ccp: export firmware supported vm types

[Tycho Andersen]

On Tue, Mar 03, 2026 at 12:15:07PM -0700, Tycho Andersen wrote:
> +/*
> + * For CVE-2025-48514 defined in AMD-SB-3023
> + * https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3023.html
> + */
> +#define SNP_MIT_VEC_CVE_2025_48514		BIT(3)

It turns out that the public security bulletin is wrong, and this is
not the right way to check for this. I will respin the series with a
fix.

Tycho

Re: [PATCH 1/5] kvm/sev: don't expose unusable VM types

[Sean Christopherson]

KVM: SEV:

On Tue, Mar 03, 2026, Tycho Andersen wrote:
> From: "Tycho Andersen (AMD)" <tycho@kernel.org>
> 
> Commit 0aa6b90ef9d7 ("KVM: SVM: Add support for allowing zero SEV ASIDs")
> made it possible to make it impossible to use SEV VMs by not allocating
> them any ASIDs.
> 
> Commit 6c7c620585c6 ("KVM: SEV: Add SEV-SNP CipherTextHiding support") did
> the same thing for SEV-ES.
> 
> Do not export KVM_X86_SEV(_ES)_VM as exported types if in either of these
                                       ^^^^^^^^
                                       supported

> situations, so that userspace can use them to determine what is actually
> supported by the current kernel configuration.
> 
> Also move the buildup to a local variable so it is easier to add additional
> masking in future patches.
> 
> Link: https://lore.kernel.org/all/aZyLIWtffvEnmtYh@google.com/
> Suggested-by: Sean Christopherson <seanjc@google.com>
> Signed-off-by: Tycho Andersen (AMD) <tycho@kernel.org>
> ---
>  arch/x86/kvm/svm/sev.c | 14 +++++++++++---
>  1 file changed, 11 insertions(+), 3 deletions(-)
> 
> diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
> index 3f9c1aa39a0a..f941d48626d3 100644
> --- a/arch/x86/kvm/svm/sev.c
> +++ b/arch/x86/kvm/svm/sev.c
> @@ -2957,18 +2957,26 @@ void sev_vm_destroy(struct kvm *kvm)
>  
>  void __init sev_set_cpu_caps(void)
>  {
> +	int supported_vm_types = 0;

This should be a u32.

> +
>  	if (sev_enabled) {
>  		kvm_cpu_cap_set(X86_FEATURE_SEV);
> -		kvm_caps.supported_vm_types |= BIT(KVM_X86_SEV_VM);
> +
> +		if (min_sev_asid <= max_sev_asid)
> +			supported_vm_types |= BIT(KVM_X86_SEV_VM);
>  	}
>  	if (sev_es_enabled) {
>  		kvm_cpu_cap_set(X86_FEATURE_SEV_ES);
> -		kvm_caps.supported_vm_types |= BIT(KVM_X86_SEV_ES_VM);
> +
> +		if (min_sev_es_asid <= max_sev_es_asid)
> +			supported_vm_types |= BIT(KVM_X86_SEV_ES_VM);
>  	}
>  	if (sev_snp_enabled) {
>  		kvm_cpu_cap_set(X86_FEATURE_SEV_SNP);
> -		kvm_caps.supported_vm_types |= BIT(KVM_X86_SNP_VM);
> +		supported_vm_types |= BIT(KVM_X86_SNP_VM);
>  	}
> +
> +	kvm_caps.supported_vm_types |= supported_vm_types;
>  }
>  
>  static bool is_sev_snp_initialized(void)
> -- 
> 2.53.0
> 

Re: [PATCH 4/5] kvm/sev: mask off firmware unsupported vm types

[Sean Christopherson]

KVM: SEV:

On Tue, Mar 03, 2026, Tycho Andersen wrote:
> From: "Tycho Andersen (AMD)" <tycho@kernel.org>
> 
> In some configurations not all VM types are supported by the firmware.
> Reflect this information in the supported_vm_types that KVM exports.
> 
> Link: https://lore.kernel.org/all/aZyLIWtffvEnmtYh@google.com/
> Suggested-by: Sean Christopherson <seanjc@google.com>
> Signed-off-by: Tycho Andersen (AMD) <tycho@kernel.org>
> ---
>  arch/x86/kvm/svm/sev.c | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
> index f941d48626d3..eeae39af63a9 100644
> --- a/arch/x86/kvm/svm/sev.c
> +++ b/arch/x86/kvm/svm/sev.c
> @@ -2976,6 +2976,8 @@ void __init sev_set_cpu_caps(void)
>  		supported_vm_types |= BIT(KVM_X86_SNP_VM);
>  	}
>  
> +	supported_vm_types &= sev_firmware_supported_vm_types();
> +
>  	kvm_caps.supported_vm_types |= supported_vm_types;

To save one whole line (two, counting whitespace!), and to guard against future
changes, I vote for:

	kvm_caps.supported_vm_types |= supported_vm_types &
				       sev_firmware_supported_vm_types();

or if parentheses would make it clearer:

	kvm_caps.supported_vm_types |= (supported_vm_types &
				        sev_firmware_supported_vm_types());

I spent a silly amount of time fiddling with the code to try and avoid the local
variable, and failed.

Re: [PATCH 5/5] selftests/kvm: teach sev_*_test about revoking VM types

[Sean Christopherson]

KVM: selftests:

(though selftests/kvm is totally fine, but since you need to respin anyways...)

Re: [PATCH 0/5] Revoke supported SEV VM types

[Sean Christopherson]

On Tue, Mar 03, 2026, Tycho Andersen wrote:
> From: "Tycho Andersen (AMD)" <tycho@kernel.org>
> 
> Recent SEV firmware [1] does not support SEV-ES VMs when SNP is enabled.
> Sean suggested [2] adding an API so that userspace can check for this
> condition, so do that. Also introduce and use SNP_VERIFY_MITIGATION to
> determine whether it is present or not.
> 
> [1]: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3023.html
> [2]: https://lore.kernel.org/all/aZyLIWtffvEnmtYh@google.com/
> 
> Tycho Andersen (AMD) (5):
>   kvm/sev: don't expose unusable VM types
>   crypto/ccp: introduce SNP_VERIFY_MITIGATION
>   crypto/ccp: export firmware supported vm types
>   kvm/sev: mask off firmware unsupported vm types
>   selftests/kvm: teach sev_*_test about revoking VM types
> 
>  arch/x86/kvm/svm/sev.c                        | 16 +++-
>  drivers/crypto/ccp/sev-dev.c                  | 84 +++++++++++++++++++
>  include/linux/psp-sev.h                       | 56 +++++++++++++
>  .../selftests/kvm/x86/sev_init2_tests.c       | 14 ++--
>  .../selftests/kvm/x86/sev_migrate_tests.c     |  2 +-
>  .../selftests/kvm/x86/sev_smoke_test.c        |  4 +-
>  6 files changed, 162 insertions(+), 14 deletions(-)

Other than a few nits, this LGTM.  Even though the sev-dev.c changes are far more
extensive, I would prefer to take the KVM changes through kvm-x86 due to the
effective change in KVM's ABI.  I'd be happy to carry the whole thing, or use a
stable topic branch as a base (patch 1 can easily become patch 3).