From patchwork Fri Oct 20 02:34:02 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 10018655 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 13DE260234 for ; Fri, 20 Oct 2017 02:39:14 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id EF16E28708 for ; Fri, 20 Oct 2017 02:39:13 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id E1C9F28785; Fri, 20 Oct 2017 02:39:13 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5F78C28708 for ; Fri, 20 Oct 2017 02:39:13 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752264AbdJTCft (ORCPT ); Thu, 19 Oct 2017 22:35:49 -0400 Received: from mail-bl2nam02on0071.outbound.protection.outlook.com ([104.47.38.71]:59884 "EHLO NAM02-BL2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1752232AbdJTCfj (ORCPT ); Thu, 19 Oct 2017 22:35:39 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=b6OOO2U/C31TC8ibYS7y4zICcje3WEZnkQ+TXCrn3gw=; b=FaX1+KfnLNZe4qSPBZg5cOTJgIygjGPhI6wY+7qqRVXKzhAvkpdb74kTYJDd61ZDB32sBDs99R+ixD5PmU/RS+wDDHYhY/B5hFRUE9f9gAJhb5WmuPd/LaZKYVOqsdbaWoh/d87qwTBn9U8hpPRHQ7kVJdWhvpWMZRIup7CwdxQ= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from ubuntu-010236106000.amd.com (165.204.78.1) by SN1PR12MB0157.namprd12.prod.outlook.com (10.162.3.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.156.4; Fri, 20 Oct 2017 02:35:25 +0000 From: Brijesh Singh To: kvm@vger.kernel.org Cc: bp@alien8.de, Brijesh Singh , Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Joerg Roedel , Borislav Petkov , Tom Lendacky , x86@kernel.org, linux-kernel@vger.kernel.org Subject: [Part2 PATCH v6 27/38] KVM: SVM: Add support for KVM_SEV_LAUNCH_START command Date: Thu, 19 Oct 2017 21:34:02 -0500 Message-Id: <20171020023413.122280-28-brijesh.singh@amd.com> X-Mailer: git-send-email 2.9.5 In-Reply-To: <20171020023413.122280-1-brijesh.singh@amd.com> References: <20171020023413.122280-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: MWHPR1701CA0020.namprd17.prod.outlook.com (10.172.58.30) To SN1PR12MB0157.namprd12.prod.outlook.com (10.162.3.144) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: a2575d76-2c1f-4157-56d4-08d517633970 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(48565401081)(4534020)(4602075)(4627075)(201703031133081)(201702281549075)(2017052603199); SRVR:SN1PR12MB0157; X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0157; 3:fbgxPIsWpgMT2QPlj2MdPhP8l19cOvWMVp/3k9aXTfgyBDu1rMxcKrfUnTxCBGgJUA2x1K22PQg1gCMuFgsfFaNqiZwzwydaFB8EWSFCfX6uObfknoJfOcKsAS1inwUz/5FtvL6I5Y1D+OUnRtChBmGNPLo/Og0F5WusbA+xnTIQH1RCi/4CK77mKEKts47c8bIoOhCCxw07ByjiwzxfJ/urVXrKVKFt+WfaO6adXqtmoeKzgGSjvy2lNmDyPOE+; 25:MxvA2ou416HaHHR23HYgXgALddYiVIll201PkBWLp7AwEYOnkaJ+KRCMcykM0F+IzrcuOQC1H/GRCDr1CzAvW+KrnLb7Nz4oWDKyGIsN57NzEkwo1uvUz8M4hH+C5obFR23jSBxV0Ja7/BcURxrNsv9FFJRQNN+ITYUL6qvoXVSjub+vzfVyIY/RCL8v1+EY48M12HiWOvThcJShvVldhDgCFv7c0ReFEO/Ac4tTcptbznsCL5dIH4SEHVCPFQYLmZ/ueqEL64JrGzhyld3rhvEfun2rhykAgmaA280vSdW02bqp/glrwmBIQr6RrENMXI1Pe7gD0jo00WhczvCD+g==; 31:ELxEUja752YbteNI3bSTplCSUuMhhbi11grvHNor4MSxGBgLA0T/Nk0iTJp7R/w0B1z1zL6E6JcYV7+jS3mJ4kTl57tQ5M4/GWetDqJsdaa75qSVUfQlgdx+uL+gn2W+y/dqjppUzd8lfRlyfDMJbwRUuB30HrNNjghWCETHm9gHiBhs3QVRktT8GV8iBe4J8ByyassRMyT+SIkf1H3g/rHzFhRhftjRjxiqYTQR37Y= X-MS-TrafficTypeDiagnostic: SN1PR12MB0157: X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0157; 20:IR08sPloCozLErRrJvdRLluGcKmLweWx9U4VJfUJ284dhK9ZqtZ2QOt1zR1r6IrFXIUWlToBy1TBN5IxDR0ZmgGV5XB8ir/2ZBJsL4lcegD4NsvpmPtaRLI/GZvw7cvoSw0XXeHj4TdvZriHbOQrhSz6/A+Nykp7yzvey5X6Ez5hLsd5Eu5qNJr0zYnj1ZkZ7n+A0blu2CYd3f+lv89nr4L6haE+wC871YNXRUNuBsXA9LCOfqSVsVv+mty8jb8OrtOVBTMwxIOxBVF8HoT3tqMSLWTanTtJd/rOIin2raLaYcn3kzDhudwgj6GSnIYGsJjk4/7GCNK9xCizYOCZt0VMUjUPT/4dNHjvGGlVUYAkQACOQ13D+2P1j5WJRYmKiPp2DliW71mMBUHRbTZvF4JZfhQGd0Rchc1TsOD3Lc+08EO1LzrkHABqTbit9OBZxwkrcT3kzDOp9JLDePD06e1BY9egMbqGwXBvAxmUH3hMZJinS+E3Xsd4lu/yHl+2; 4:pSmmiHZby1867uur+doV6qakg2nYyskYq/UVNFN/aYheu+ruvgNPplKPOg9ONyW47sENDcHLv17mrXJdh+KFWGc9yTMpbtcP9L6ZwLBKr5xg9/upAVy/C2KSnSok3aGqS+AJTgD5OW+sQkX0WDDPUfvNjJlGRsPHZTUXJ38qZtMJ5Ubj2l9f/GavSerXCK2aWOKcN3CgoDMGzZsdQcd1eE8Ue9C7fmZNJKOH4Qg4dyQvIhQz8AWhR5uo0Kbcl33FDzyLy0oFFVfJbcxFMyVlwxfxlslifrEXmtr8jfTUYhioz1lpdD2gNaGgQDi9rfcaD4qbttZgb3QDbndt7HE0PA== X-Exchange-Antispam-Report-Test: UriScan:(9452136761055)(767451399110); X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(3231020)(100000703101)(100105400095)(10201501046)(93006095)(93001095)(3002001)(6055026)(6041248)(20161123555025)(20161123564025)(20161123558100)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123562025)(20161123560025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:SN1PR12MB0157; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:SN1PR12MB0157; X-Forefront-PRVS: 0466CA5A45 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(6009001)(346002)(376002)(39860400002)(199003)(189002)(36756003)(7736002)(68736007)(50466002)(1076002)(478600001)(4326008)(16526018)(316002)(53936002)(6486002)(86362001)(575784001)(305945005)(53416004)(54906003)(50226002)(2351001)(106356001)(101416001)(81166006)(105586002)(8676002)(2361001)(76176999)(2870700001)(2906002)(50986999)(6916009)(23676002)(66066001)(47776003)(6666003)(97736004)(6116002)(2950100002)(189998001)(8936002)(3846002)(33646002)(81156014)(7416002)(5660300001)(25786009); DIR:OUT; SFP:1101; SCL:1; SRVR:SN1PR12MB0157; H:ubuntu-010236106000.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtTTjFQUjEyTUIwMTU3OzIzOkJISjk2dmxzMFJmWThTOWFWQUp0SVNuR0NR?= =?utf-8?B?Y2VYRE9GUmpGbVN6MXNLenZMbFFvQ2RoN3lKSEFzaEQrc2dLbVZUNWJReXJF?= =?utf-8?B?dkRSNFExWEhRR3JWVTZBN0tVNnRja1VUVFltM2thaDFTWGNZejJCU1F3RndY?= =?utf-8?B?MExzMzExZVZLQjU4S0o5YUI4WGJUc2xLTUYydkwrR1lTNWQrVW5XVGdrRmk3?= =?utf-8?B?OUxyWGVVM1NTVWtSTGszWUVuZ3JTSkVqNmN5ZVF4RHBvSmhGMDlBZk9VK0dK?= =?utf-8?B?UERzaDFkRGFOOXUxR2NCK0NOMHZQRzIwL25uWUhJd1pGc3FPUzN0Ym84NjVB?= =?utf-8?B?V3V3ejV5NXVzS3NFK214bUxFMUIwNDFJb3o5R01ubW1qK2lFTE1zaE9Lcncv?= =?utf-8?B?RWh6NDNMM0tBMDh6QnRFckErZndIZHlZbkI2cXBWem85YUFlTHRRTmVXNFhw?= =?utf-8?B?R3FUZW05RVFSUW5FUWFYNVBsS1V5eThSOFZPVWppYmRvU0QwQ2g4Ym12NXVF?= =?utf-8?B?dVdrTGF4TzN1M1JiNFlYcU42ZkRxb0VqbzZGZy9pc2NjNUV1NE9WMkZlYUZu?= =?utf-8?B?L0t0ZHpxU3hzVVBtZXN5LzFZNXVwSFdyL2xyaEVlbnJZTXNxZmtXZEhFRlE2?= =?utf-8?B?cUtWbHg0ekg0NWdndDlvVVNyZkhGRmZsTWpSdHJhdHZlTXhWWjM0VU9hb1FZ?= =?utf-8?B?ck96cnNzdGVzdXhyVVhYNnhUNlR4ZFVBZUNEY2dGMkNTcWplT093M2VYYzF2?= =?utf-8?B?ZHpSV3FsUVNQUUQ5RndXTGV0TkJWZktPTW1CcVBCemZscGE2RFM2LzcrTGxU?= =?utf-8?B?WWJ1emZ3ZFQzS1NPMW53bkxORU04dkZWU3EzNGkrNzVia3UvT1NodjIzdjdl?= =?utf-8?B?SEVIaWdib3dzQzM0U0ZtejJqdm9PSHVOK1lYTTdHQ2VIZ1M4aUNJbjRhMm9h?= =?utf-8?B?YTRNSmRKZGNPU2xWVjhSVWppc2hWb0ZPZ2lnNzFZSU5iR2hYUTlHT1FPQ2hq?= =?utf-8?B?cXVoNnI0aEdHN2Y5SlFrOUlLbkhsN0czMWJpd3lScFZrT1J5ZUlPcFdSZnQ1?= =?utf-8?B?eitKSXZ5RFhPZXdPazdibjlScE81RTVOY0lvSnkvTU0ybTFSRXEzb3hCbnc4?= =?utf-8?B?Q0VFOURyMjJTY1RqRHNOR2IvRFhRMS9qczJlWjhJOUxsYWYybXJZSzNPR0Zt?= =?utf-8?B?OERjY2dYcVVxT3I0SEYvRGloSEkrbXFLNUJFcVBoYTdyMTE3Y0RIUnM5a00w?= =?utf-8?B?dEtSdHNOeFFIUnpDRWZ6Z2w1dElKVFIwSUZhRVZnbkhFdlZncHd3Q2hPYTFa?= =?utf-8?B?U3l2ei81YncyZmd4QWd3MnJXd0gzcUozeEZoL2ZSOXNmUG1QUFBjb1Vhb2FP?= =?utf-8?B?dnVYVk9HRmJhSFEyeDhGR1IzYlRzVjZqUXdZbG44ZzNjZ1FUQW5kSVM1cU81?= =?utf-8?B?Q1pVY0srVnlkVnc2Q1pWaWRGUnlkL2tsZUlKdjMyNGNHdmg0OHhVRFVkcHlN?= =?utf-8?B?eXRRTjVnU015TjZrdmdIVVdlbk5YSzlrMm8xVTEvK0xyc0xlKzlOYUxPSEVF?= =?utf-8?B?L2dmTVRCQVBDT3lpNWhhSFBnTkJJcFE9PQ==?= X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0157; 6:LAWHVUQgqb3JXVhJx1FqrdL8evMPKH6n8lMedfzRMiraYJVSG+SHJ9QcIjHQ1x1EECYJxlRA22fzLNs+NtMu7jslQ3D/pVFzN1U5KsBQkNT1X5HMa/QyAHp6FXSkL3Q/2J60byPommfT57pN+aPgYAVE0HRMeLqSbeB8Tb6eekswR4fxLihhwqwraf7qcB7dCtOXXd6wfjcoXA9liJnHJnQv3lUrN++7mXMcQhwUsYlxEdWVfrhVac7NF7OliFo3Wdw5G4Vo/fOx9b3YEZGygAkbWAzI0pnM9ILFsTFaju1/FFC1vo1UV/1iP7WuzVDdZSr5D742ABUi3DgGLhJheA==; 5:g+HKnaylSy4fiJLLJ7nd1PVmefeLRfu2L2dN7JFWZcApKpUubljH4tL8ZbFhL37pwTj1WFEwpnKUAWJ0e8z8m/XfS05/rnQlJqTD4MRdSZlGrdqXxbm8q3h+6Q186uFvXGAnuIDkvHWUS5we4ySOmg==; 24:7ERF/HhnfdfbpH2M7Srg5Jo+cxvWC6RBZLm3h5gFn3JWC06gjFsB/rDdaGFqRNLaDZG47fgKyGYRIn+evzKeDnlWMFyumbrInKCqpqGtNWM=; 7:7QO+3Ay9r2W7peMha8yWhrEYnTMyc4XLQQppbavtG2OEKmsrDTv555NCP4ECCNJIl4cF6rW2TZnqUatuYlqOSfxtFLtgyHkX0kCWjmav/yEjHYjAnaSpkQVjyuVZyN0OjidY+OyhtuMbhSaYL95Ca0odkuLNj4DvKUYkeXH37lD5tkHxTueS9zZFWUBntD783xWxR2OvJvbGAl5HoIbCzGM+M7f/0vqaXc8i0PO0+aY= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0157; 20:SCKktAlmThrbv4NRiSOS+lVoPrbLCcCppjvDAiJE/kqMW7TEdPCpXPG8qanRMuJlA2EH3dGkpg0bIYT6bsWx0dYYLbR7VujeaXyZWOIUk2YwoABJcucm5TGe28NlmJ0uF6sw9P4cdfJivWdmneZhj5O0+2Cn/iTtkh0ITz08UYfEOX96/s0kEoLaIlFNukvRJKLaVm35Xec9cjkwPvAAInucYwTnEaixmX21VHoXVOQf5CoS4k62PNwy1GhuTz2i X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Oct 2017 02:35:25.8470 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: a2575d76-2c1f-4157-56d4-08d517633970 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB0157 Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP The KVM_SEV_LAUNCH_START command is used to create a memory encryption context within the SEV firmware. In order to do so, the guest owner should provide the guest's policy, its public Diffie-Hellman (PDH) key and session information. The command implements the LAUNCH_START flow defined in SEV spec Section 6.2. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel Cc: Borislav Petkov Cc: Tom Lendacky Cc: x86@kernel.org Cc: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: Brijesh Singh --- arch/x86/include/asm/kvm_host.h | 2 + arch/x86/kvm/svm.c | 153 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 155 insertions(+) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index b8837cff22ec..f2654486b9a6 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -750,6 +750,8 @@ enum kvm_irqchip_mode { struct kvm_sev_info { bool active; /* SEV enabled guest */ unsigned int asid; /* ASID used for this guest */ + unsigned int handle; /* SEV firmware handle */ + int fd; /* SEV device fd */ }; struct kvm_arch { diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c index 2f10bb47359c..3bc0d4013aa6 100644 --- a/arch/x86/kvm/svm.c +++ b/arch/x86/kvm/svm.c @@ -1514,11 +1514,45 @@ static void sev_asid_free(struct kvm *kvm) } } +static void sev_unbind_asid(struct kvm *kvm, unsigned int handle) +{ + struct sev_data_decommission *decommission; + struct sev_data_deactivate *data; + + if (!handle) + return; + + data = kzalloc(sizeof(*data), GFP_KERNEL); + if (!data) + return; + + /* deactivate handle */ + data->handle = handle; + sev_guest_deactivate(data, NULL); + + wbinvd_on_all_cpus(); + sev_guest_df_flush(NULL); + kfree(data); + + decommission = kzalloc(sizeof(*decommission), GFP_KERNEL); + if (!decommission) + return; + + /* decommission handle */ + decommission->handle = handle; + sev_guest_decommission(decommission, NULL); + + kfree(decommission); +} + static void sev_vm_destroy(struct kvm *kvm) { + struct kvm_sev_info *sev = &kvm->arch.sev_info; + if (!sev_guest(kvm)) return; + sev_unbind_asid(kvm, sev->handle); sev_platform_shutdown(NULL); sev_asid_free(kvm); } @@ -5579,6 +5613,122 @@ static int sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp) return ret; } +static int sev_bind_asid(struct kvm *kvm, unsigned int handle, int *error) +{ + struct sev_data_activate *data; + int asid = sev_get_asid(kvm); + int ret; + + wbinvd_on_all_cpus(); + + ret = sev_guest_df_flush(error); + if (ret) + return ret; + + data = kzalloc(sizeof(*data), GFP_KERNEL); + if (!data) + return -ENOMEM; + + /* activate ASID on the given handle */ + data->handle = handle; + data->asid = asid; + ret = sev_guest_activate(data, error); + kfree(data); + + return ret; +} + +static int sev_issue_cmd(int fd, int id, void *data, int *error) +{ + struct fd f; + int ret; + + f = fdget(fd); + if (!f.file) + return -EBADF; + + ret = sev_issue_cmd_external_user(f.file, id, data, error); + + fdput(f); + return ret; +} + +static int sev_launch_start(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_info *sev = &kvm->arch.sev_info; + struct sev_data_launch_start *start; + struct kvm_sev_launch_start params; + void *dh_blob, *session_blob; + int *error = &argp->error; + int ret; + + if (!sev_guest(kvm)) + return -ENOTTY; + + if (copy_from_user(¶ms, (void __user *)(uintptr_t)argp->data, sizeof(params))) + return -EFAULT; + + start = kzalloc(sizeof(*start), GFP_KERNEL); + if (!start) + return -ENOMEM; + + dh_blob = NULL; + if (params.dh_uaddr) { + dh_blob = psp_copy_user_blob(params.dh_uaddr, params.dh_len); + if (IS_ERR(dh_blob)) { + ret = PTR_ERR(dh_blob); + goto e_free; + } + + start->dh_cert_address = __sme_set(__pa(dh_blob)); + start->dh_cert_len = params.dh_len; + } + + session_blob = NULL; + if (params.session_uaddr) { + dh_blob = psp_copy_user_blob(params.session_uaddr, params.session_len); + if (IS_ERR(session_blob)) { + ret = PTR_ERR(session_blob); + goto e_free_dh; + } + + start->session_address = __sme_set(__pa(session_blob)); + start->session_len = params.session_len; + } + + start->handle = params.handle; + start->policy = params.policy; + + /* create memory encryption context */ + ret = sev_issue_cmd(argp->sev_fd, SEV_CMD_LAUNCH_START, start, error); + if (ret) + goto e_free_session; + + /* Bind ASID to this guest */ + ret = sev_bind_asid(kvm, start->handle, error); + if (ret) + goto e_free_session; + + /* return handle to userspace */ + params.handle = start->handle; + if (copy_to_user((void __user *)(uintptr_t)argp->data, ¶ms, sizeof(params))) { + sev_unbind_asid(kvm, start->handle); + ret = -EFAULT; + goto e_free_session; + } + + sev->handle = start->handle; + sev->fd = argp->sev_fd; + +e_free_session: + kfree(session_blob); +e_free_dh: + kfree(dh_blob); +e_free: + kfree(start); + return ret; +} + static int svm_mem_enc_op(struct kvm *kvm, void __user *argp) { struct kvm_sev_cmd sev_cmd; @@ -5596,6 +5746,9 @@ static int svm_mem_enc_op(struct kvm *kvm, void __user *argp) case KVM_SEV_INIT: r = sev_guest_init(kvm, &sev_cmd); break; + case KVM_SEV_LAUNCH_START: + r = sev_launch_start(kvm, &sev_cmd); + break; default: r = -EINVAL; goto out;