Skip to content

Commit

Permalink
KVM: x86: Fix device passthrough when SME is active
Browse files Browse the repository at this point in the history 
When using device passthrough with SME active, the MMIO range that is
mapped for the device should not be mapped encrypted.  Add a check in
set_spte() to insure that a page is not mapped encrypted if that page
is a device MMIO page as indicated by kvm_is_mmio_pfn().

Cc: <stable@vger.kernel.org> # 4.14.x-
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
  • Loading branch information
Tom Lendacky authored and Paolo Bonzini committed Mar 16, 2018
1 parent 52be7a4 commit daaf216
Showing 1 changed file with 3 additions and 1 deletion.
4 changes: 3 additions & 1 deletion arch/x86/kvm/mmu.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2770,8 +2770,10 @@ static int set_spte(struct kvm_vcpu *vcpu, u64 *sptep,
else
pte_access &= ~ACC_WRITE_MASK;

if (!kvm_is_mmio_pfn(pfn))
spte |= shadow_me_mask;

spte |= (u64)pfn << PAGE_SHIFT;
spte |= shadow_me_mask;

if (pte_access & ACC_WRITE_MASK) {

Expand Down

0 comments on commit daaf216

Please sign in to comment.