Commit 1bd00a42 authored by Sean Christopherson's avatar Sean Christopherson Committed by Paolo Bonzini
Browse files

KVM: SEV: WARN if SEV-ES is marked active but SEV is not 



WARN if the VM is tagged as SEV-ES but not SEV.  KVM relies on SEV and
SEV-ES being set atomically, and guards common flows with "is SEV", i.e.
observing SEV-ES without SEV means KVM has a fatal bug.

Signed-off-by: default avatarSean Christopherson <seanjc@google.com>
Message-Id: <20211109215101.2211373-5-seanjc@google.com>
Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
parent a41fb26e

arch/x86/kvm/svm/svm.h

+1 −1
Original line number Diff line number Diff line
@@ -242,7 +242,7 @@ static inline bool sev_es_guest(struct kvm *kvm) 
#ifdef CONFIG_KVM_AMD_SEV

	struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info;



	return sev_guest(kvm) && sev->es_active;

	return sev->es_active && !WARN_ON_ONCE(!sev->active);

#else

	return false;

#endif