KVM: SEV: Flush cache on non-coherent systems before RECEIVE_UPDATE_DATA (c8c340a9) · Commits · Mirrors / git.yoctoproject.org / linux-yocto

Commit c8c340a9 authored Sep 14, 2021 by

Masahiro Kozuka Committed by Paolo Bonzini Oct 21, 2021

KVM: SEV: Flush cache on non-coherent systems before RECEIVE_UPDATE_DATA

Flush the destination page before invoking RECEIVE_UPDATE_DATA, as the
PSP encrypts the data with the guest's key when writing to guest memory.
If the target memory was not previously encrypted, the cache may contain
dirty, unecrypted data that will persist on non-coherent systems.

Fixes: 15fb7de1 ("KVM: SVM: Add KVM_SEV_RECEIVE_UPDATE_DATA command")
Cc: stable@vger.kernel.org
Cc: Peter Gonda <pgonda@google.com>
Cc: Marc Orr <marcorr@google.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Masahiro Kozuka <masa.koz@kozuka.jp>
[sean: converted bug report to changelog]
Signed-off-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20210914210951.2994260-3-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

parent a3ca5281

Hide whitespace changes

Inline Side-by-side

Please register or to comment