| From beca2db05a84deeab6c0e87b611abd2d2392ce14 Mon Sep 17 00:00:00 2001 |
| From: Sasha Levin <sashal@kernel.org> |
| Date: Wed, 21 Apr 2021 19:11:11 -0700 |
| Subject: KVM: SVM: Zero out the VMCB array used to track SEV ASID association |
| |
| From: Sean Christopherson <seanjc@google.com> |
| |
| [ Upstream commit 3b1902b87bf11f1c6a84368470dc13da6f3da3bd ] |
| |
| Zero out the array of VMCB pointers so that pre_sev_run() won't see |
| garbage when querying the array to detect when an SEV ASID is being |
| associated with a new VMCB. In practice, reading random values is all |
| but guaranteed to be benign as a false negative (which is extremely |
| unlikely on its own) can only happen on CPU0 on the first VMRUN and would |
| only cause KVM to skip the ASID flush. For anything bad to happen, a |
| previous instance of KVM would have to exit without flushing the ASID, |
| _and_ KVM would have to not flush the ASID at any time while building the |
| new SEV guest. |
| |
| Cc: Borislav Petkov <bp@suse.de> |
| Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com> |
| Reviewed-by: Brijesh Singh <brijesh.singh@amd.com> |
| Fixes: 70cd94e60c73 ("KVM: SVM: VMRUN should use associated ASID when SEV is enabled") |
| Signed-off-by: Sean Christopherson <seanjc@google.com> |
| Message-Id: <20210422021125.3417167-2-seanjc@google.com> |
| Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> |
| Signed-off-by: Sasha Levin <sashal@kernel.org> |
| --- |
| arch/x86/kvm/svm/svm.c | 5 ++--- |
| 1 file changed, 2 insertions(+), 3 deletions(-) |
| |
| diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c |
| index c8033f2586f1..99592e03658b 100644 |
| --- a/arch/x86/kvm/svm/svm.c |
| +++ b/arch/x86/kvm/svm/svm.c |
| @@ -576,9 +576,8 @@ static int svm_cpu_init(int cpu) |
| clear_page(page_address(sd->save_area)); |
| |
| if (svm_sev_enabled()) { |
| - sd->sev_vmcbs = kmalloc_array(max_sev_asid + 1, |
| - sizeof(void *), |
| - GFP_KERNEL); |
| + sd->sev_vmcbs = kcalloc(max_sev_asid + 1, sizeof(void *), |
| + GFP_KERNEL); |
| if (!sd->sev_vmcbs) |
| goto free_save_area; |
| } |
| -- |
| 2.30.2 |
| |