Re: [PATCH 4/4] kvm: svm: Support KVM_SEV_SNP_PAGE_TYPE_VMSA at SNP_LAUNCH_UPDATE

Next message: Mikhail Malyshev: "Re: [PATCH 1/1] KVM: x86/mmu: Emulate, don't kill the VM, on access to a disabled passthrough BAR"
Previous message: Mingyu Wang: "Re: [PATCH] misc: ibmasm: Fix out-of-bounds MMIO access during module load"
In reply to: Tom Lendacky: "Re: [PATCH 4/4] kvm: svm: Support KVM_SEV_SNP_PAGE_TYPE_VMSA at SNP_LAUNCH_UPDATE"
Next in thread: Sean Christopherson: "Re: [PATCH 4/4] kvm: svm: Support KVM_SEV_SNP_PAGE_TYPE_VMSA at SNP_LAUNCH_UPDATE"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Jörg Rödel

Date: Tue Jun 23 2026 - 07:48:20 EST

On Tue, Jun 16, 2026 at 05:11:59PM -0500, Tom Lendacky wrote:
> On 6/11/26 07:35, Jörg Rödel wrote:
> > + if (sev_populate_args->type == KVM_SEV_SNP_PAGE_TYPE_VMSA) {
> > + accept_page = snp_check_launch_vmsa(sev, vmsa);
> > + if (accept_page)
> > + sev_features = vmsa->sev_features;
> > + }
>
> I don't think there is a race here given the way guest_memfd works
> today. I haven't followed in-place conversion closely, but will that
> result in a race between when the snp_check_launch_vmsa() check is
> performed and before the page is made a firmware page?

I don't know too much about the in-place conversion changes, but when they
directly pass user-memory to the PSP for encryption the code still needs to
make sure it is not mapped to user-space anymore once it is made private.

So with in-place conversion this might need changing so that the sev_features
check is placed after the page has been unmapped from user-mode and before it
is passed to the PSP.

> > + if (ret == 0 && sev_populate_args->type == KVM_SEV_SNP_PAGE_TYPE_VMSA)
>
> s/ret == 0/!ret/

Updated.

Thanks,

Joerg