diff options
author | Tom Lendacky <thomas.lendacky@amd.com> | 2018-03-08 17:17:31 -0600 |
---|---|---|
committer | Paolo Bonzini <pbonzini@redhat.com> | 2018-03-16 14:32:23 +0100 |
commit | daaf216c06fba4ee4dc3f62715667da929d68774 (patch) | |
tree | e9c04472a6219b67560ec95ab3d7c14c2cf490e1 /arch | |
parent | 52be7a467e4b45b0d8d3b700729fc65a9b8ebc94 (diff) |
KVM: x86: Fix device passthrough when SME is active
When using device passthrough with SME active, the MMIO range that is
mapped for the device should not be mapped encrypted. Add a check in
set_spte() to insure that a page is not mapped encrypted if that page
is a device MMIO page as indicated by kvm_is_mmio_pfn().
Cc: <stable@vger.kernel.org> # 4.14.x-
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'arch')
-rw-r--r-- | arch/x86/kvm/mmu.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c index f551962ac294..763bb3bade63 100644 --- a/arch/x86/kvm/mmu.c +++ b/arch/x86/kvm/mmu.c @@ -2770,8 +2770,10 @@ static int set_spte(struct kvm_vcpu *vcpu, u64 *sptep, else pte_access &= ~ACC_WRITE_MASK; + if (!kvm_is_mmio_pfn(pfn)) + spte |= shadow_me_mask; + spte |= (u64)pfn << PAGE_SHIFT; - spte |= shadow_me_mask; if (pte_access & ACC_WRITE_MASK) { |