| Message ID | 20240102133747.27053-1-kirill.shutemov@linux.intel.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | x86/sev: Fix SEV check in sev_map_percpu_data() | expand |
On Tue, Jan 02, 2024 at 04:37:47PM +0300, Kirill A. Shutemov wrote: > The function sev_map_percpu_data() checks if it is running on an SEV > platform by checking the CC_ATTR_GUEST_MEM_ENCRYPT attribute. However, > this attribute is also defined for TDX. > > To avoid false positives, add a cc_vendor check. > > Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> Fixes: 4d96f9109109 ("x86/sev: Replace occurrences of sev_active() with cc_platform_has()") Suggested-by: Borislav Petkov (AMD) <bp@alien8.de> Thx.
On Tue, 2 Jan 2024, Kirill A. Shutemov wrote: > The function sev_map_percpu_data() checks if it is running on an SEV > platform by checking the CC_ATTR_GUEST_MEM_ENCRYPT attribute. However, > this attribute is also defined for TDX. > > To avoid false positives, add a cc_vendor check. > > Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> Acked-by: David Rientjes <rientjes@google.com>
diff --git a/arch/x86/kernel/kvm.c b/arch/x86/kernel/kvm.c index 0ddb3bd0f1aa..5b495cfc79bc 100644 --- a/arch/x86/kernel/kvm.c +++ b/arch/x86/kernel/kvm.c @@ -434,7 +434,8 @@ static void __init sev_map_percpu_data(void) { int cpu; - if (!cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)) + if (cc_vendor != CC_VENDOR_AMD || + !cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)) return; for_each_possible_cpu(cpu) {
The function sev_map_percpu_data() checks if it is running on an SEV platform by checking the CC_ATTR_GUEST_MEM_ENCRYPT attribute. However, this attribute is also defined for TDX. To avoid false positives, add a cc_vendor check. Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> --- arch/x86/kernel/kvm.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)