git.baikalelectronics.ru Git - kernel.git/commit

author	Tom Lendacky <thomas.lendacky@amd.com>
	Fri, 20 Mar 2020 16:07:07 +0000 (11:07 -0500)
committer	Paolo Bonzini <pbonzini@redhat.com>
	Mon, 23 Mar 2020 13:01:04 +0000 (09:01 -0400)
commit	0a8db472f5d1ff80d6fcf188cdab02ae0f73b8e2
tree	e1937efd10e18ce5c6d3d32142eeb40f359e4ea2	tree \| snapshot
parent	dc8f2fb16315244b01f80ce9790c8818224d16bf	commit \| diff

KVM: SVM: Issue WBINVD after deactivating an SEV guest

Currently, CLFLUSH is used to flush SEV guest memory before the guest is
terminated (or a memory hotplug region is removed). However, CLFLUSH is
not enough to ensure that SEV guest tagged data is flushed from the cache.

With be2af9553244 ("KVM: SVM: Reduce WBINVD/DF_FLUSH invocations"), the
original WBINVD was removed. This then exposed crashes at random times
because of a cache flush race with a page that had both a hypervisor and
a guest tag in the cache.

Restore the WBINVD when destroying an SEV guest and add a WBINVD to the
svm_unregister_enc_region() function to ensure hotplug memory is flushed
when removed. The DF_FLUSH can still be avoided at this point.

Fixes: be2af9553244 ("KVM: SVM: Reduce WBINVD/DF_FLUSH invocations")
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Message-Id: <c8bf9087ca3711c5770bdeaafa3e45b717dc5ef4.1584720426.git.thomas.lendacky@amd.com>
Cc: stable@vger.kernel.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>