Re: [PATCH v14 03/22] KVM: SEV: Add GHCB handling for Hypervisor Feature Support requests

From: Sean Christopherson
Date: Wed Apr 24 2024 - 16:22:06 EST

Next message: Eric W. Biederman: "Re: [RFC PATCH 0/9] kexec x86 purgatory cleanup"
Previous message: Fedor Pchelkin: "Re: [lvc-project] [PATCH 1/3] media: tuners: tda18271: fix error code handling in tda18271_attach()"
Next in thread: Michael Roth: "Re: [PATCH v14 03/22] KVM: SEV: Add GHCB handling for Hypervisor Feature Support requests"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Apr 21, 2024, Michael Roth wrote:
> diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
> index 6e31cb408dd8..1d2264e93afe 100644
> --- a/arch/x86/kvm/svm/sev.c
> +++ b/arch/x86/kvm/svm/sev.c
> @@ -33,9 +33,11 @@
> #include "cpuid.h"
> #include "trace.h"
>
> -#define GHCB_VERSION_MAX 1ULL
> +#define GHCB_VERSION_MAX 2ULL
> #define GHCB_VERSION_MIN 1ULL

This needs a userspace control. Being unable to limit the GHCB version advertised
to the guest is going to break live migration of SEV-ES VMs, e.g. if a pool of
hosts has some kernels running this flavor of KVM, and some hosts running an
older KVM that doesn't support v2.

Next message: Eric W. Biederman: "Re: [RFC PATCH 0/9] kexec x86 purgatory cleanup"
Previous message: Fedor Pchelkin: "Re: [lvc-project] [PATCH 1/3] media: tuners: tda18271: fix error code handling in tda18271_attach()"
Next in thread: Michael Roth: "Re: [PATCH v14 03/22] KVM: SEV: Add GHCB handling for Hypervisor Feature Support requests"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]