Commit 4b428e99 authored Mar 08, 2018 by Tom Lendacky Committed by Greg Kroah-Hartman Mar 21, 2018

KVM: x86: Fix device passthrough when SME is active



commit daaf216c06fba4ee4dc3f62715667da929d68774 upstream.

When using device passthrough with SME active, the MMIO range that is
mapped for the device should not be mapped encrypted.  Add a check in
set_spte() to insure that a page is not mapped encrypted if that page
is a device MMIO page as indicated by kvm_is_mmio_pfn().

Cc: <stable@vger.kernel.org> # 4.14.x-
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

parent 732f9a89

arch/x86/kvm/mmu.c

+3 −1

Original line number	Diff line number	Diff line
		@@ -2758,9 +2758,11 @@ static int set_spte(struct kvm_vcpu vcpu, u64 sptep,
		else
		pte_access &= ~ACC_WRITE_MASK;

		spte \|= (u64)pfn << PAGE_SHIFT;
		if (!kvm_is_mmio_pfn(pfn))
		spte \|= shadow_me_mask;

		spte \|= (u64)pfn << PAGE_SHIFT;

		if (pte_access & ACC_WRITE_MASK) {

		/*