Re: [PATCH RFC v8 54/56] x86/sev: Add KVM commands for instance certs

From: Zhi Wang
Date: Thu Mar 02 2023 - 06:27:16 EST


On Wed, 1 Mar 2023 17:41:11 -0800
Dionna Amalie Glaze <dionnaglaze@xxxxxxxxxx> wrote:

> > > @@ -2089,6 +2089,7 @@ static void *snp_context_create(struct kvm *kvm, struct kvm_sev_cmd *argp)
> > > goto e_free;
> > >
> > > sev->snp_certs_data = certs_data;
> > > + sev->snp_certs_len = 0;
> > >
> > > return context;
> > >
> >
> > Better to move the fix to PATCH 45.
> >
>
> This part isn't a fix, but part of the implementation since
> snp_certs_len is added in this patch here
>

I see. My bad. Was thinking it was the snp_serts_len in the global sev as
they has the same name.

> > > diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h
> > > index 221b38d3c845..dced46559508 100644
> > > --- a/arch/x86/kvm/svm/svm.h
> > > +++ b/arch/x86/kvm/svm/svm.h
> > > @@ -94,6 +94,7 @@ struct kvm_sev_info {
> > > u64 snp_init_flags;
> > > void *snp_context; /* SNP guest context page */
> > > void *snp_certs_data;
> > > + unsigned int snp_certs_len; /* Size of instance override for certs */
> > > struct mutex guest_req_lock; /* Lock for guest request handling */
> > >
> > > u64 sev_features; /* Features set at VMSA creation */
>
>