diff mbox series

KVM: x86: Only advertise KVM_CAP_READONLY_MEM when supported by VM

Message ID 20240902144219.3716974-1-erbse.13@gmx.de (mailing list archive)
State New
Headers show
Series KVM: x86: Only advertise KVM_CAP_READONLY_MEM when supported by VM | expand

Commit Message

Tom Dohrmann Sept. 2, 2024, 2:42 p.m. UTC 
Until recently, KVM_CAP_READONLY_MEM was unconditionally supported on
x86, but this is no longer the case for SEV-ES and SEV-SNP VMs.

When KVM_CHECK_EXTENSION is invoked on a VM, only advertise
KVM_CAP_READONLY_MEM when it's actually supported.

Fixes: 66155de93bcf ("KVM: x86: Disallow read-only memslots for SEV-ES and SEV-SNP (and TDX)")
Cc: Sean Christopherson <seanjc@google.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Michael Roth <michael.roth@amd.com>
Signed-off-by: Tom Dohrmann <erbse.13@gmx.de>
---
 arch/x86/kvm/x86.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

--
2.34.1

Comments

Paolo Bonzini Sept. 2, 2024, 2:56 p.m. UTC | #1 
Queued, thanks.

Paolo
Shakeel Butt Sept. 6, 2024, 7:11 p.m. UTC | #2 
On Mon, Sep 02, 2024 at 02:42:19PM GMT, Tom Dohrmann wrote:
> Until recently, KVM_CAP_READONLY_MEM was unconditionally supported on
> x86, but this is no longer the case for SEV-ES and SEV-SNP VMs.
> 
> When KVM_CHECK_EXTENSION is invoked on a VM, only advertise
> KVM_CAP_READONLY_MEM when it's actually supported.
> 
> Fixes: 66155de93bcf ("KVM: x86: Disallow read-only memslots for SEV-ES and SEV-SNP (and TDX)")
> Cc: Sean Christopherson <seanjc@google.com>
> Cc: Paolo Bonzini <pbonzini@redhat.com>
> Cc: Michael Roth <michael.roth@amd.com>
> Signed-off-by: Tom Dohrmann <erbse.13@gmx.de>
> ---
>  arch/x86/kvm/x86.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> index 70219e406987..9ad7fe279e72 100644
> --- a/arch/x86/kvm/x86.c
> +++ b/arch/x86/kvm/x86.c
> @@ -4656,7 +4656,6 @@ int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext)
>  	case KVM_CAP_ASYNC_PF_INT:
>  	case KVM_CAP_GET_TSC_KHZ:
>  	case KVM_CAP_KVMCLOCK_CTRL:
> -	case KVM_CAP_READONLY_MEM:
>  	case KVM_CAP_IOAPIC_POLARITY_IGNORED:
>  	case KVM_CAP_TSC_DEADLINE_TIMER:
>  	case KVM_CAP_DISABLE_QUIRKS:
> @@ -4815,6 +4814,8 @@ int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext)
>  	case KVM_CAP_VM_TYPES:
>  		r = kvm_caps.supported_vm_types;
>  		break;
> +	case KVM_CAP_READONLY_MEM:
> +		r = kvm ? kvm_arch_has_readonly_mem(kvm) : 1;

Need a break here otherwise -Wimplicit-fallthrough option will warn.

>  	default:
>  		break;
>  	}
> --
> 2.34.1
Sean Christopherson Sept. 6, 2024, 9:15 p.m. UTC | #3 
On Fri, Sep 06, 2024, Shakeel Butt wrote:
> On Mon, Sep 02, 2024 at 02:42:19PM GMT, Tom Dohrmann wrote:
> > Until recently, KVM_CAP_READONLY_MEM was unconditionally supported on
> > x86, but this is no longer the case for SEV-ES and SEV-SNP VMs.
> > 
> > When KVM_CHECK_EXTENSION is invoked on a VM, only advertise
> > KVM_CAP_READONLY_MEM when it's actually supported.
> > 
> > Fixes: 66155de93bcf ("KVM: x86: Disallow read-only memslots for SEV-ES and SEV-SNP (and TDX)")
> > Cc: Sean Christopherson <seanjc@google.com>
> > Cc: Paolo Bonzini <pbonzini@redhat.com>
> > Cc: Michael Roth <michael.roth@amd.com>
> > Signed-off-by: Tom Dohrmann <erbse.13@gmx.de>
> > ---
> >  arch/x86/kvm/x86.c | 3 ++-
> >  1 file changed, 2 insertions(+), 1 deletion(-)
> > 
> > diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> > index 70219e406987..9ad7fe279e72 100644
> > --- a/arch/x86/kvm/x86.c
> > +++ b/arch/x86/kvm/x86.c
> > @@ -4656,7 +4656,6 @@ int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext)
> >  	case KVM_CAP_ASYNC_PF_INT:
> >  	case KVM_CAP_GET_TSC_KHZ:
> >  	case KVM_CAP_KVMCLOCK_CTRL:
> > -	case KVM_CAP_READONLY_MEM:
> >  	case KVM_CAP_IOAPIC_POLARITY_IGNORED:
> >  	case KVM_CAP_TSC_DEADLINE_TIMER:
> >  	case KVM_CAP_DISABLE_QUIRKS:
> > @@ -4815,6 +4814,8 @@ int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext)
> >  	case KVM_CAP_VM_TYPES:
> >  		r = kvm_caps.supported_vm_types;
> >  		break;
> > +	case KVM_CAP_READONLY_MEM:
> > +		r = kvm ? kvm_arch_has_readonly_mem(kvm) : 1;
> 
> Need a break here otherwise -Wimplicit-fallthrough option will warn.

Heh, Nathan beat you to it:

https://lore.kernel.org/all/20240905-kvm-x86-avoid-clang-implicit-fallthrough-v1-1-f2e785f1aa45@kernel.org
diff mbox series

Patch

diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 70219e406987..9ad7fe279e72 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -4656,7 +4656,6 @@  int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext)
 	case KVM_CAP_ASYNC_PF_INT:
 	case KVM_CAP_GET_TSC_KHZ:
 	case KVM_CAP_KVMCLOCK_CTRL:
-	case KVM_CAP_READONLY_MEM:
 	case KVM_CAP_IOAPIC_POLARITY_IGNORED:
 	case KVM_CAP_TSC_DEADLINE_TIMER:
 	case KVM_CAP_DISABLE_QUIRKS:
@@ -4815,6 +4814,8 @@  int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext)
 	case KVM_CAP_VM_TYPES:
 		r = kvm_caps.supported_vm_types;
 		break;
+	case KVM_CAP_READONLY_MEM:
+		r = kvm ? kvm_arch_has_readonly_mem(kvm) : 1;
 	default:
 		break;
 	}