Commit d26638b
committed
KVM: SVM: Don't change target vCPU state on AP Creation VMGEXIT error
If KVM rejects an AP Creation event, leave the target vCPU state as-is.
Nothing in the GHCB suggests the hypervisor is *allowed* to muck with vCPU
state on failure, let alone required to do so. Furthermore, kicking only
in the !ON_INIT case leads to divergent behavior, and even the "kick" case
is non-deterministic.
E.g. if an ON_INIT request fails, the guest can successfully retry if the
fixed AP Creation request is made prior to sending INIT. And if a !ON_INIT
fails, the guest can successfully retry if the fixed AP Creation request is
handled before the target vCPU processes KVM's
KVM_REQ_UPDATE_PROTECTED_GUEST_STATE.
Fixes: e366f92 ("KVM: SEV: Support SEV-SNP AP Creation NAE event")
Cc: stable@vger.kernel.org
Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
Reviewed-by: Pankaj Gupta <pankaj.gupta@amd.com>
Link: https://lore.kernel.org/r/20250227012541.3234589-5-seanjc@google.com
Signed-off-by: Sean Christopherson <seanjc@google.com>1 parent 72d1271 commit d26638b
1 file changed
Lines changed: 6 additions & 7 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
3963 | 3963 | | |
3964 | 3964 | | |
3965 | 3965 | | |
3966 | | - | |
3967 | | - | |
| 3966 | + | |
3968 | 3967 | | |
3969 | 3968 | | |
3970 | 3969 | | |
3971 | 3970 | | |
3972 | 3971 | | |
3973 | | - | |
3974 | | - | |
3975 | | - | |
3976 | 3972 | | |
3977 | 3973 | | |
3978 | 3974 | | |
| |||
4018 | 4014 | | |
4019 | 4015 | | |
4020 | 4016 | | |
| 4017 | + | |
4021 | 4018 | | |
4022 | 4019 | | |
4023 | 4020 | | |
4024 | 4021 | | |
4025 | 4022 | | |
4026 | | - | |
| 4023 | + | |
4027 | 4024 | | |
4028 | 4025 | | |
4029 | | - | |
| 4026 | + | |
| 4027 | + | |
4030 | 4028 | | |
4031 | 4029 | | |
4032 | 4030 | | |
4033 | 4031 | | |
4034 | 4032 | | |
| 4033 | + | |
4035 | 4034 | | |
4036 | 4035 | | |
4037 | 4036 | | |
| |||
0 commit comments