From nobody Wed Oct 30 22:13:03 2024 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5626013E04C for ; Thu, 1 Aug 2024 23:53:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722556422; cv=none; b=eh0tpA5XSbsxkRdhRqDkGycAkLuAD8elRe2IW34n0NmoV2qu2ymuonn4WC/b6MzRhGZz4HEhef0Vb9PlCeIeO3LH2xacYGYvlWZUFdapnDjEjXaQtKyuvnBkieumJ52XNLwrKdnvEYxkD+JPGHi9PkHpnRXwJNHBQ9PUrG9L0HY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722556422; c=relaxed/simple; bh=0bZmjV35Y0DFFdYimWpib0vJhpUru5xOxkDSJHkavgU=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version:Content-Type; b=Rg2Gnnb/4TVI7/FVhAJw7M6o7K8IO60Fl16x5IO0dqfJpBcM4HrVJUs6mlSLEEvEKDAuZJZh6nxKVF8jxp4AIiA1A6NagGJ3tjL7gI+xZElQqufFkvXiGwr2C0NkBBgFh8zVhDGNscIZ9XtkuFrVmcQJ6UskgXdjHtGRhJ341y0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=JQn35Y0z; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="JQn35Y0z" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1722556419; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=OUSx7yeM//U7xgBRSiunnDzCLJUpTvy9KfWqh4xwHw4=; b=JQn35Y0zCbg4qvTKLp0DRPO6Ag6NGmptLqoDQ6KqOJr72kSkFg+vA+sByxNsgW25YuZryj c38YtOljpNrhafjZ3vHAioGT1PgB1I6JbJcHgiQ1DBMNiyk0C0UiIyESiF/R3GP9MVBEBw mLFLNF18oNHUGRTWerVoTqpnHPFZS8M= Received: from mail-lf1-f71.google.com (mail-lf1-f71.google.com [209.85.167.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-656-6_0573I0OumFmFTbWlFH-A-1; Thu, 01 Aug 2024 19:53:38 -0400 X-MC-Unique: 6_0573I0OumFmFTbWlFH-A-1 Received: by mail-lf1-f71.google.com with SMTP id 2adb3069b0e04-52f00c27b9cso2128596e87.1 for ; Thu, 01 Aug 2024 16:53:37 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722556416; x=1723161216; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=OUSx7yeM//U7xgBRSiunnDzCLJUpTvy9KfWqh4xwHw4=; b=panRS0jkY8w6YlmBz/ua3MNv/MZ6sJKElDvSiN1ZvqM9TKbfyT2DNlhyxb/WM6SY+8 PuJvwinPEyfW7kZKdKImWVCcKoHNpEXBVp61pujnRmfwVW4ta6UpEan0m/qkmrOMi2cg VsCLM59r1ca+rqATar1juQQ2kbwyuc+TReGCaKejGkqns1eMHGay23N2/LJAuSqhhfm+ x7VAshiYX9xDqKRTlIXQZC529O0xCw7ySYflqZj8tTE+EerQSd7LXEzdfGMsbNVNSyFx FoC9+8UfgZCtisqGcb55UYmXhorcMxMUCvKLn7XyYSoGw9b8ly9r5ue3gWT7RVgu0Lry zXDQ== X-Gm-Message-State: AOJu0Yz6douuQKwug2tXSPkuH0HYszD5OhXmYtX8qNvAb7eVnx1QiEW2 /579WvkLWluj1P6iBvG80Zmu3x+Xc/Whbu9x9gQ3B1yr1b9F5Q9/6YevoMRLsmGp1ykjgLCumQ2 Pm/O4m+WgRtGyifg+HE9gvIPyBo8sLw5+jXmUHlirRxX6W9A0cWP/D6qiJlSdymtQv6uEC9Fuhi YRwolqd5wJRA2B44smxFrbG++yreZFESVQFgLI0rATQPJ/bw== X-Received: by 2002:a05:6512:2805:b0:52c:dfa7:53a2 with SMTP id 2adb3069b0e04-530bb6c7b28mr976216e87.50.1722556415822; Thu, 01 Aug 2024 16:53:35 -0700 (PDT) X-Google-Smtp-Source: AGHT+IExnzW1SZ0twUMkNblcsaDTxDqmZnuFJH/xxGE6TmjBsdB/4VFoq/tSC1skMpS/DYOFOCcPiQ== X-Received: by 2002:a05:6512:2805:b0:52c:dfa7:53a2 with SMTP id 2adb3069b0e04-530bb6c7b28mr976202e87.50.1722556415163; Thu, 01 Aug 2024 16:53:35 -0700 (PDT) Received: from avogadro.local ([151.95.101.29]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a7dc9c0c58esm32725666b.86.2024.08.01.16.53.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 01 Aug 2024 16:53:34 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Michael Roth Subject: [PATCH] KVM: SEV: allow KVM_SEV_GET_ATTESTATION_REPORT for SNP guests Date: Fri, 2 Aug 2024 01:53:33 +0200 Message-ID: <20240801235333.357075-1-pbonzini@redhat.com> X-Mailer: git-send-email 2.45.2 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Even though KVM_SEV_GET_ATTESTATION_REPORT is not one of the commands that were added for SEV-SNP guests, it can be applied to them. Filtering it out, for example, makes the QEMU command query-sev-attestation-report fail. Cc: Michael Roth Signed-off-by: Paolo Bonzini --- arch/x86/kvm/svm/sev.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 5c125e4c1096..17307257d632 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -2587,7 +2587,9 @@ int sev_mem_enc_ioctl(struct kvm *kvm, void __user *a= rgp) * Once KVM_SEV_INIT2 initializes a KVM instance as an SNP guest, only * allow the use of SNP-specific commands. */ - if (sev_snp_guest(kvm) && sev_cmd.id < KVM_SEV_SNP_LAUNCH_START) { + if (sev_snp_guest(kvm) && + sev_cmd.id < KVM_SEV_SNP_LAUNCH_START && + sev_cmd.id !=3D KVM_SEV_GET_ATTESTATION_REPORT) { r =3D -EPERM; goto out; } --=20 2.45.2