Commit f0da6f7a authored by hanliyang's avatar hanliyang
Browse files

KVM: SVM: Unmap ghcb pages if they're still mapped when destroy guest 

hygon inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I98WPG


CVE: NA

---------------------------

The ghcb pages might be mapped when KVM handling the VMGEXIT events, and
these ghcb pages will be unmapped when prepare to switch to guest mode.
If we try to kill the userspace VMM (e.g. qemu) of a guest, it's
possible that the mapped ghcb pages will never be unmapped which will
cause memory leak. We exposed a serious memory leak by creating and
killing multiple qemu processes for state encrypted guests frequently.

In order to solve this issue, unmap ghcb pages if they're sill mapped
when destroy guest.

Fixes: ce7ea0cf ("KVM: SVM: Move GHCB unmapping to fix RCU warning")
Fixes: 291bd20d ("KVM: SVM: Add initial support for a VMGEXIT VMEXIT")
Signed-off-by: default avatarhanliyang <hanliyang@hygon.cn>
parent dc86f610

arch/x86/kvm/svm/sev.c

+3 −0
Original line number Diff line number Diff line
@@ -2454,6 +2454,9 @@ void sev_free_vcpu(struct kvm_vcpu *vcpu) 


	__free_page(virt_to_page(svm->sev_es.vmsa));



	if (svm->sev_es.ghcb)

		kvm_vcpu_unmap(vcpu, &svm->sev_es.ghcb_map, false);



	if (svm->sev_es.ghcb_sa_free)

		kvfree(svm->sev_es.ghcb_sa);