[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 3/4] i386/sev: Update checks and information related to reduc
|
From: |
Dr. David Alan Gilbert |
|
Subject: |
Re: [PATCH 3/4] i386/sev: Update checks and information related to reduced-phys-bits |
|
Date: |
Thu, 13 Oct 2022 14:31:12 +0100 |
|
User-agent: |
Mutt/2.2.7 (2022-08-07) |
* Tom Lendacky (thomas.lendacky@amd.com) wrote:
> The value of the reduced-phys-bits parameter is propogated to the CPUID
> information exposed to the guest. Update the current validation check to
> account for the size of the CPUID field (6-bits), ensuring the value is
> in the range of 1 to 63.
>
> Maintain backward compatibility, to an extent, by allowing a value greater
> than 1 (so that the previously documented value of 5 still works), but not
> allowing anything over 63.
>
> Fixes: d8575c6c02 ("sev/i386: add command to initialize the memory encryption
> context")
> Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
> ---
> target/i386/sev.c | 17 ++++++++++++++---
> 1 file changed, 14 insertions(+), 3 deletions(-)
>
> diff --git a/target/i386/sev.c b/target/i386/sev.c
> index 32f7dbac4e..78c2d37eba 100644
> --- a/target/i386/sev.c
> +++ b/target/i386/sev.c
> @@ -932,15 +932,26 @@ int sev_kvm_init(ConfidentialGuestSupport *cgs, Error
> **errp)
> host_cpuid(0x8000001F, 0, NULL, &ebx, NULL, NULL);
> host_cbitpos = ebx & 0x3f;
>
> + /*
> + * The cbitpos value will be placed in bit positions 5:0 of the EBX
> + * register of CPUID 0x8000001F. No need to verify the range as the
> + * comparison against the host value accomplishes that.
> + */
> if (host_cbitpos != sev->cbitpos) {
> error_setg(errp, "%s: cbitpos check failed, host '%d' requested
> '%d'",
> __func__, host_cbitpos, sev->cbitpos);
> goto err;
> }
>
> - if (sev->reduced_phys_bits < 1) {
> - error_setg(errp, "%s: reduced_phys_bits check failed, it should be
> >=1,"
> - " requested '%d'", __func__, sev->reduced_phys_bits);
> + /*
> + * The reduced-phys-bits value will be placed in bit positions 11:6 of
> + * the EBX register of CPUID 0x8000001F, so verify the supplied value
> + * is in the range of 1 to 63.
> + */
> + if (sev->reduced_phys_bits < 1 || sev->reduced_phys_bits > 63) {
> + error_setg(errp, "%s: reduced_phys_bits check failed,"
> + " it should be in the range of 1 to 63, requested '%d'",
> + __func__, sev->reduced_phys_bits);
> goto err;
> }
>
> --
> 2.37.3
>
>
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- Re: [PATCH 3/4] i386/sev: Update checks and information related to reduced-phys-bits,
Dr. David Alan Gilbert <=