[PATCH 2/4] KVM: SVM: Reject SNP VM creation if SNP platform initialization failed

From: Sean Christopherson
Date: Fri Feb 28 2025 - 13:09:48 EST

Next message: Sean Christopherson: "[PATCH 3/4] KVM: SVM: Ignore sev_platform_init() return code when creating SNP VM"
Previous message: Yury Norov: "Re: [PATCH v3 RESEND] uapi: Revert "bitops: avoid integer overflow in GENMASK(_ULL)""
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Explicitly check that SNP platform initialization succeeded prior to
creating SNP VMs. The return from sev_platform_init() only tracks "legacy"
SEV and SEV-ES support, i.e. can return '0' even if SNP setup fails.

Fixes: 1dfe571c12cf ("KVM: SEV: Add initial SEV-SNP support")
Signed-off-by: Sean Christopherson <seanjc@xxxxxxxxxx>
---
arch/x86/kvm/svm/sev.c | 4 ++++
1 file changed, 4 insertions(+)

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index 3fc87cdc95c8..dd001a293899 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -449,6 +449,10 @@ static int __sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp,

/* This needs to happen after SEV/SNP firmware initialization. */
if (vm_type == KVM_X86_SNP_VM) {
+ if (!init_args.snp_initialized) {
+ ret = -EIO;
+ goto e_free;
+ }
ret = snp_guest_req_init(kvm);
if (ret)
goto e_free;
--
2.48.1.711.g2feabab25a-goog

--ZxKkPI+e2NE34Qwk
Content-Type: text/x-diff; charset=us-ascii
Content-Disposition: attachment;
filename="0003-KVM-SVM-Ignore-sev_platform_init-return-code-when-cr.patch"

Next message: Sean Christopherson: "[PATCH 3/4] KVM: SVM: Ignore sev_platform_init() return code when creating SNP VM"
Previous message: Yury Norov: "Re: [PATCH v3 RESEND] uapi: Revert "bitops: avoid integer overflow in GENMASK(_ULL)""
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]