Re: [PATCH 4/4] kvm: svm: Support KVM_SEV_SNP_PAGE_TYPE_VMSA at SNP_LAUNCH_UPDATE

Next message: Brian Foster: "Re: [PATCH] NFS: invalidate i_blocks after COMMIT to fix stale block count on NFSv4"
Previous message: Haoxiang Li: "[PATCH] remoteproc: mediatek: Unregister init IPI on share buffer failure"
In reply to: J&#xF6;rg R&#xF6;del: "Re: [PATCH 4/4] kvm: svm: Support KVM_SEV_SNP_PAGE_TYPE_VMSA at SNP_LAUNCH_UPDATE"
Next in thread: J&#xF6;rg R&#xF6;del: "Re: [PATCH 4/4] kvm: svm: Support KVM_SEV_SNP_PAGE_TYPE_VMSA at SNP_LAUNCH_UPDATE"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Sean Christopherson

Date: Tue Jun 23 2026 - 09:40:29 EST

On Wed, Jun 17, 2026, Jörg Rödel wrote:
> On Wed, Jun 17, 2026 at 06:37:52AM -0700, Sean Christopherson wrote:
> > Ok, so it took us a few times to learn our lesson. I still don't see that as a
> > strong argument for new uAPI, especially not for VMSA pages. I am very firmly
> > of the opinion that letting anything but the host kernel configure the VMSA is
> > beyond stupid, but unfortunately we're stuck with AP_CREATION. Expanding that
> > surface has a very, very, VERY high bar to get over.
>
> The strongest argument in my view (and the main reason we are doing this) is
> actually the predictable launch measurement. On SEV-SNP this is a requirement
> to use platform VM-identity features like the ID Block.

And I'm saying that unless KVM *can't* provide a predictable launch measurement,
which AIUI isn't the case, then the launch measurement *must* be stable across
kernels because it's part of KVM's ABI. So as I see it, the issue isn't that
KVM is inherently unpredictable, it's that we lack tests to validate a thorny,
subtle piece of KVM's ABI.

In other words, I want tests, not more complexity in KVM.