From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, stable@vger.kerel.org,
Sean Christopherson <seanjc@google.com>,
Mingwei Zhang <mizhang@google.com>,
Paolo Bonzini <pbonzini@redhat.com>
Subject: [PATCH 5.15 110/124] KVM: SVM: Flush when freeing encrypted pages even on SME_COHERENT CPUs
Date: Tue, 26 Apr 2022 10:21:51 +0200 [thread overview]
Message-ID: <20220426081750.421291090@linuxfoundation.org> (raw)
In-Reply-To: <20220426081747.286685339@linuxfoundation.org>
From: Mingwei Zhang <mizhang@google.com>
commit d45829b351ee6ec5f54dd55e6aca1f44fe239fe6 upstream.
Use clflush_cache_range() to flush the confidential memory when
SME_COHERENT is supported in AMD CPU. Cache flush is still needed since
SME_COHERENT only support cache invalidation at CPU side. All confidential
cache lines are still incoherent with DMA devices.
Cc: stable@vger.kerel.org
Fixes: add5e2f04541 ("KVM: SVM: Add support for the SEV-ES VMSA")
Reviewed-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Mingwei Zhang <mizhang@google.com>
Message-Id: <20220421031407.2516575-3-mizhang@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
arch/x86/kvm/svm/sev.c | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -1990,11 +1990,14 @@ static void sev_flush_guest_memory(struc
unsigned long len)
{
/*
- * If hardware enforced cache coherency for encrypted mappings of the
- * same physical page is supported, nothing to do.
+ * If CPU enforced cache coherency for encrypted mappings of the
+ * same physical page is supported, use CLFLUSHOPT instead. NOTE: cache
+ * flush is still needed in order to work properly with DMA devices.
*/
- if (boot_cpu_has(X86_FEATURE_SME_COHERENT))
+ if (boot_cpu_has(X86_FEATURE_SME_COHERENT)) {
+ clflush_cache_range(va, PAGE_SIZE);
return;
+ }
/*
* If the VM Page Flush MSR is supported, use it to flush the page
next prev parent reply other threads:[~2022-04-26 8:54 UTC|newest]
Thread overview: 138+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-26 8:20 [PATCH 5.15 000/124] 5.15.36-rc1 review Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 001/124] fs: remove __sync_filesystem Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 002/124] block: remove __sync_blockdev Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 003/124] block: simplify the block device syncing code Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 004/124] vfs: make sync_filesystem return errors from ->sync_fs Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 005/124] xfs: return errors in xfs_fs_sync_fs Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 006/124] dma-mapping: remove bogus test for pfn_valid from dma_map_resource Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 007/124] arm64/mm: drop HAVE_ARCH_PFN_VALID Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 008/124] etherdevice: Adjust ether_addr* prototypes to silence -Wstringop-overead Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 009/124] mm: page_alloc: fix building error on -Werror=array-compare Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 010/124] perf tools: Fix segfault accessing sample_id xyarray Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 011/124] mm, kfence: support kmem_dump_obj() for KFENCE objects Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 012/124] gfs2: assign rgrp glock before compute_bitstructs Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 013/124] scsi: ufs: core: scsi_get_lba() error fix Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 014/124] net/sched: cls_u32: fix netns refcount changes in u32_change() Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 015/124] ALSA: usb-audio: Clear MIDI port active flag after draining Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 016/124] ALSA: hda/realtek: Add quirk for Clevo NP70PNP Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 017/124] ASoC: atmel: Remove system clock tree configuration for at91sam9g20ek Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 018/124] ASoC: topology: Correct error handling in soc_tplg_dapm_widget_create() Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 019/124] ASoC: rk817: Use devm_clk_get() in rk817_platform_probe Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 020/124] ASoC: msm8916-wcd-digital: Check failure for devm_snd_soc_register_component Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 021/124] ASoC: codecs: wcd934x: do not switch off SIDO Buck when codec is in use Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 022/124] dmaengine: idxd: fix device cleanup on disable Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 023/124] dmaengine: imx-sdma: Fix error checking in sdma_event_remap Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 024/124] dmaengine: mediatek:Fix PM usage reference leak of mtk_uart_apdma_alloc_chan_resources Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 025/124] dmaengine: dw-edma: Fix unaligned 64bit access Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 026/124] spi: spi-mtk-nor: initialize spi controller after resume Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 027/124] esp: limit skb_page_frag_refill use to a single page Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 028/124] spi: cadence-quadspi: fix incorrect supports_op() return value Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 029/124] igc: Fix infinite loop in release_swfw_sync Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 030/124] igc: Fix BUG: scheduling while atomic Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 031/124] igc: Fix suspending when PTM is active Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 032/124] ALSA: hda/hdmi: fix warning about PCM count when used with SOF Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 033/124] rxrpc: Restore removed timer deletion Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 034/124] net/smc: Fix sock leak when release after smc_shutdown() Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 035/124] net/packet: fix packet_sock xmit return value checking Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 036/124] ip6_gre: Avoid updating tunnel->tun_hlen in __gre6_xmit() Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 037/124] ip6_gre: Fix skb_under_panic " Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 038/124] net: restore alpha order to Ethernet devices in config Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 039/124] net/sched: cls_u32: fix possible leak in u32_init_knode() Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 040/124] l3mdev: l3mdev_master_upper_ifindex_by_index_rcu should be using netdev_master_upper_dev_get_rcu Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 041/124] ipv6: make ip6_rt_gc_expire an atomic_t Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 042/124] can: isotp: stop timeout monitoring when no first frame was sent Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 043/124] net: dsa: hellcreek: Calculate checksums in tagger Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 044/124] net: mscc: ocelot: fix broken IP multicast flooding Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 045/124] netlink: reset network and mac headers in netlink_dump() Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 046/124] drm/i915/display/psr: Unset enable_psr2_sel_fetch if other checks in intel_psr2_config_valid() fails Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 047/124] net: stmmac: Use readl_poll_timeout_atomic() in atomic state Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 048/124] dmaengine: idxd: add RO check for wq max_batch_size write Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 049/124] dmaengine: idxd: add RO check for wq max_transfer_size write Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 050/124] dmaengine: idxd: skip clearing device context when device is read-only Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 051/124] selftests: mlxsw: vxlan_flooding: Prevent flooding of unwanted packets Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 052/124] arm64: mm: fix p?d_leaf() Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 053/124] ARM: vexpress/spc: Avoid negative array index when !SMP Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 054/124] reset: renesas: Check return value of reset_control_deassert() Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 055/124] reset: tegra-bpmp: Restore Handle errors in BPMP response Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 056/124] platform/x86: samsung-laptop: Fix an unsigned comparison which can never be negative Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 057/124] ALSA: usb-audio: Fix undefined behavior due to shift overflowing the constant Greg Kroah-Hartman
2022-04-26 8:20 ` [PATCH 5.15 058/124] drm/msm/disp: check the return value of kzalloc() Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 059/124] arm64: dts: imx: Fix imx8*-var-som touchscreen property sizes Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 060/124] vxlan: fix error return code in vxlan_fdb_append Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 061/124] cifs: Check the IOCB_DIRECT flag, not O_DIRECT Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 062/124] net: atlantic: Avoid out-of-bounds indexing Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 063/124] mt76: Fix undefined behavior due to shift overflowing the constant Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 064/124] brcmfmac: sdio: " Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 065/124] dpaa_eth: Fix missing of_node_put in dpaa_get_ts_info() Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 066/124] drm/msm/mdp5: check the return of kzalloc() Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 067/124] net: macb: Restart tx only if queue pointer is lagging Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 068/124] scsi: iscsi: Release endpoint ID when its freed Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 069/124] scsi: iscsi: Merge suspend fields Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 070/124] scsi: iscsi: Fix NOP handling during conn recovery Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 071/124] scsi: qedi: Fix failed disconnect handling Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 072/124] stat: fix inconsistency between struct stat and struct compat_stat Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 073/124] VFS: filename_create(): fix incorrect intent Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 074/124] nvme: add a quirk to disable namespace identifiers Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 075/124] nvme-pci: disable namespace identifiers for the MAXIO MAP1002/1202 Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 076/124] nvme-pci: disable namespace identifiers for Qemu controllers Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 077/124] EDAC/synopsys: Read the error count from the correct register Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 078/124] mm/memory-failure.c: skip huge_zero_page in memory_failure() Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 079/124] memcg: sync flush only if periodic flush is delayed Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 080/124] mm, hugetlb: allow for "high" userspace addresses Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 081/124] oom_kill.c: futex: delay the OOM reaper to allow time for proper futex cleanup Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 082/124] mm/mmu_notifier.c: fix race in mmu_interval_notifier_remove() Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 083/124] ata: pata_marvell: Check the bmdma_addr beforing reading Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 084/124] dma: at_xdmac: fix a missing check on list iterator Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 085/124] dmaengine: imx-sdma: fix init of uart scripts Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 086/124] net: atlantic: invert deep par in pm functions, preventing null derefs Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 087/124] Input: omap4-keypad - fix pm_runtime_get_sync() error checking Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 088/124] scsi: sr: Do not leak information in ioctl Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 089/124] sched/pelt: Fix attach_entity_load_avg() corner case Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 090/124] perf/core: Fix perf_mmap fail when CONFIG_PERF_USE_VMALLOC enabled Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 091/124] drm/panel/raspberrypi-touchscreen: Avoid NULL deref if not initialised Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 092/124] drm/panel/raspberrypi-touchscreen: Initialise the bridge in prepare Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 093/124] KVM: PPC: Fix TCE handling for VFIO Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 094/124] drm/vc4: Use pm_runtime_resume_and_get to fix pm_runtime_get_sync() usage Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 095/124] powerpc/perf: Fix power9 event alternatives Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 096/124] powerpc/perf: Fix power10 " Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 097/124] perf script: Always allow field data_src for auxtrace Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 098/124] perf report: Set PERF_SAMPLE_DATA_SRC bit for Arm SPE event Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 099/124] xtensa: patch_text: Fixup last cpu should be master Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 100/124] xtensa: fix a7 clobbering in coprocessor context load/store Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 101/124] openvswitch: fix OOB access in reserve_sfa_size() Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 102/124] gpio: Request interrupts after IRQ is initialized Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 103/124] ASoC: soc-dapm: fix two incorrect uses of list iterator Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 104/124] e1000e: Fix possible overflow in LTR decoding Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 105/124] ARC: entry: fix syscall_trace_exit argument Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 106/124] arm_pmu: Validate single/group leader events Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 107/124] KVM: x86/pmu: Update AMD PMC sample period to fix guest NMI-watchdog Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 108/124] KVM: x86: Pend KVM_REQ_APICV_UPDATE during vCPU creation to fix a race Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 109/124] KVM: nVMX: Defer APICv updates while L2 is active until L1 is active Greg Kroah-Hartman
2022-04-26 8:21 ` Greg Kroah-Hartman [this message]
2022-04-26 8:21 ` [PATCH 5.15 111/124] netfilter: conntrack: convert to refcount_t api Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 112/124] netfilter: conntrack: avoid useless indirection during conntrack destruction Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 113/124] ext4: fix fallocate to use file_modified to update permissions consistently Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 114/124] ext4: fix symlink file size not match to file content Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 115/124] ext4: fix use-after-free in ext4_search_dir Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 116/124] ext4: limit length to bitmap_maxbytes - blocksize in punch_hole Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 117/124] ext4, doc: fix incorrect h_reserved size Greg Kroah-Hartman
2022-04-26 8:21 ` [PATCH 5.15 118/124] ext4: fix overhead calculation to account for the reserved gdt blocks Greg Kroah-Hartman
2022-04-26 8:22 ` [PATCH 5.15 119/124] ext4: force overhead calculation if the s_overhead_cluster makes no sense Greg Kroah-Hartman
2022-04-26 8:22 ` [PATCH 5.15 120/124] netfilter: nft_ct: fix use after free when attaching zone template Greg Kroah-Hartman
2022-04-26 8:22 ` [PATCH 5.15 121/124] jbd2: fix a potential race while discarding reserved buffers after an abort Greg Kroah-Hartman
2022-04-26 8:22 ` [PATCH 5.15 122/124] spi: atmel-quadspi: Fix the buswidth adjustment between spi-mem and controller Greg Kroah-Hartman
2022-04-26 8:22 ` [PATCH 5.15 123/124] block/compat_ioctl: fix range check in BLKGETSIZE Greg Kroah-Hartman
2022-04-26 8:22 ` [PATCH 5.15 124/124] arm64: dts: qcom: add IPA qcom,qmp property Greg Kroah-Hartman
2022-04-26 16:20 ` [PATCH 5.15 000/124] 5.15.36-rc1 review Jon Hunter
2022-04-26 17:30 ` Florian Fainelli
2022-04-26 17:37 ` john.p.donnelly
2022-04-26 17:52 ` Greg Kroah-Hartman
2022-04-26 17:24 ` John Donnelly
2022-04-26 18:38 ` Greg Kroah-Hartman
2022-04-26 18:55 ` John Donnelly
2022-04-26 18:39 ` Naresh Kamboju
2022-04-26 20:13 ` Guenter Roeck
2022-04-26 20:14 ` Shuah Khan
2022-04-27 1:54 ` Slade Watkins
2022-04-27 7:04 ` Ron Economos
2022-04-27 11:11 ` Sudip Mukherjee
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220426081750.421291090@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mizhang@google.com \
--cc=pbonzini@redhat.com \
--cc=seanjc@google.com \
--cc=stable@vger.kerel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).