Re: [PATCH 4/4] kvm: svm: Support KVM_SEV_SNP_PAGE_TYPE_VMSA at SNP_LAUNCH_UPDATE

Next message: Christian Brauner: "Re: [PATCH v1] iomap: release pages on atomic dio size mismatch"
Previous message: Onur &#xD6;zkan: "[PATCH v3 0/1] rust: workqueue: add cancel_sync support"
In reply to: Sean Christopherson: "Re: [EXTERNAL] Re: [PATCH 4/4] kvm: svm: Support KVM_SEV_SNP_PAGE_TYPE_VMSA at SNP_LAUNCH_UPDATE"
Next in thread: J&#xF6;rg R&#xF6;del: "Re: [PATCH 4/4] kvm: svm: Support KVM_SEV_SNP_PAGE_TYPE_VMSA at SNP_LAUNCH_UPDATE"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: James Bottomley

Date: Wed Jun 17 2026 - 09:18:32 EST

On Wed, 2026-06-17 at 08:45 +0200, Jörg Rödel wrote:
> On Tue, Jun 16, 2026 at 10:55:28AM -0700, Sean Christopherson wrote:
> > Isn't this essentially the same thing as hot-plugging vCPUs after
> > launch? I have yet to review it in depth (sorry Jethro), but it
> > looks a *lot* simpler.
>
> Replacing the VMSA after launch (as supported with the AP_CREATE GHCB
> call) is different because this has no influence on the launch
> measurement.

That's true for the launch measure, but you do have a vTPM inside the
SVSM which you could use to measure an updated GHCB if we could decide
on a PCR to use (and a logging specification).

Regards,

James