[PATCH 17/21] KVM: SEV: use mutex guard in sev_mem_enc_ioctl()
From: Sean Christopherson
Date: Tue Mar 10 2026 - 19:53:12 EST
From: Carlos López <clopez@xxxxxxx>
Simplify the error paths in sev_mem_enc_ioctl() by using a mutex guard,
allowing early return instead of using gotos.
Signed-off-by: Carlos López <clopez@xxxxxxx>
Link: https://patch.msgid.link/20260120201013.3931334-5-clopez@xxxxxxx
Signed-off-by: Sean Christopherson <seanjc@xxxxxxxxxx>
---
arch/x86/kvm/svm/sev.c | 25 ++++++++-----------------
1 file changed, 8 insertions(+), 17 deletions(-)
diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index b559d7141ae9..d71241e8de95 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -2637,30 +2637,24 @@ int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp)
if (copy_from_user(&sev_cmd, argp, sizeof(struct kvm_sev_cmd)))
return -EFAULT;
- mutex_lock(&kvm->lock);
+ guard(mutex)(&kvm->lock);
/* Only the enc_context_owner handles some memory enc operations. */
if (is_mirroring_enc_context(kvm) &&
- !is_cmd_allowed_from_mirror(sev_cmd.id)) {
- r = -EINVAL;
- goto out;
- }
+ !is_cmd_allowed_from_mirror(sev_cmd.id))
+ return -EINVAL;
/*
* Once KVM_SEV_INIT2 initializes a KVM instance as an SNP guest, only
* allow the use of SNP-specific commands.
*/
- if (sev_snp_guest(kvm) && sev_cmd.id < KVM_SEV_SNP_LAUNCH_START) {
- r = -EPERM;
- goto out;
- }
+ if (sev_snp_guest(kvm) && sev_cmd.id < KVM_SEV_SNP_LAUNCH_START)
+ return -EPERM;
switch (sev_cmd.id) {
case KVM_SEV_ES_INIT:
- if (!sev_es_enabled) {
- r = -ENOTTY;
- goto out;
- }
+ if (!sev_es_enabled)
+ return -ENOTTY;
fallthrough;
case KVM_SEV_INIT:
r = sev_guest_init(kvm, &sev_cmd);
@@ -2732,15 +2726,12 @@ int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp)
r = snp_enable_certs(kvm);
break;
default:
- r = -EINVAL;
- goto out;
+ return -EINVAL;
}
if (copy_to_user(argp, &sev_cmd, sizeof(struct kvm_sev_cmd)))
r = -EFAULT;
-out:
- mutex_unlock(&kvm->lock);
return r;
}
--
2.53.0.473.g4a7958ca14-goog