diff options
author | Paolo Bonzini <pbonzini@redhat.com> | 2025-03-06 21:29:22 +0100 |
---|---|---|
committer | Paolo Bonzini <pbonzini@redhat.com> | 2025-03-14 14:20:03 -0400 |
commit | 74c1807f6c4feddb3c3cb1056c54531d4adbaea6 (patch) | |
tree | e39bef76c21a6af069d528e18e1a4dc568886712 /rust/helpers/security.c | |
parent | adafea1106004dba26ea12d3193f4f132b1f0065 (diff) |
KVM: x86: block KVM_CAP_SYNC_REGS if guest state is protected
KVM_CAP_SYNC_REGS does not make sense for VMs with protected guest state,
since the register values cannot actually be written. Return 0
when using the VM-level KVM_CHECK_EXTENSION ioctl, and accordingly
return -EINVAL from KVM_RUN if the valid/dirty fields are nonzero.
However, on exit from KVM_RUN userspace could have placed a nonzero
value into kvm_run->kvm_valid_regs, so check guest_state_protected
again and skip store_regs() in that case.
Cc: stable@vger.kernel.org
Fixes: 517987e3fb19 ("KVM: x86: add fields to struct kvm_arch for CoCo features")
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-ID: <20250306202923.646075-1-pbonzini@redhat.com>
Reviewed-by: Pankaj Gupta <pankaj.gupta@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'rust/helpers/security.c')
0 files changed, 0 insertions, 0 deletions