Go to file
Tom Lendacky ad5b353240 KVM: SVM: Do not terminate SEV-ES guests on GHCB validation failure
Currently, an SEV-ES guest is terminated if the validation of the VMGEXIT
exit code or exit parameters fails.

The VMGEXIT instruction can be issued from userspace, even though
userspace (likely) can't update the GHCB. To prevent userspace from being
able to kill the guest, return an error through the GHCB when validation
fails rather than terminating the guest. For cases where the GHCB can't be
updated (e.g. the GHCB can't be mapped, etc.), just return back to the
guest.

The new error codes are documented in the lasest update to the GHCB
specification.

Fixes: 291bd20d5d ("KVM: SVM: Add initial support for a VMGEXIT VMEXIT")
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Message-Id: <b57280b5562893e2616257ac9c2d4525a9aeeb42.1638471124.git.thomas.lendacky@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-12-05 03:02:04 -05:00
arch KVM: SVM: Do not terminate SEV-ES guests on GHCB validation failure 2021-12-05 03:02:04 -05:00
block blk-mq: don't insert FUA request with data into scheduler queue 2021-11-19 06:28:18 -07:00
certs certs: Add support for using elliptic curve keys for signing modules 2021-08-23 19:55:42 +03:00
crypto Update to zstd-1.4.10 2021-11-13 15:32:30 -08:00
Documentation Power management fixes for 5.16-rc2 2021-11-18 14:46:28 -08:00
drivers Pin control fixes for the v5.16 kernel series: 2021-11-20 10:59:03 -08:00
fs pstore/blk: Use "%lu" to format unsigned long 2021-11-21 09:44:19 -08:00
include Merge branch 'akpm' (patches from Andrew) 2021-11-20 13:17:24 -08:00
init kbuild: Fix -Wimplicit-fallthrough=5 error for GCC 5.x and 6.x 2021-11-14 18:59:49 -08:00
ipc shm: extend forced shm destroy to support objects from several IPC nses 2021-11-20 10:35:54 -08:00
kernel Tracing fixes: 2021-11-19 13:50:48 -08:00
lib kasan: test: silence intentional read overflow warnings 2021-11-20 10:35:54 -08:00
LICENSES LICENSES/dual/CC-BY-4.0: Git rid of "smart quotes" 2021-07-15 06:31:24 -06:00
mm kmap_local: don't assume kmap PTEs are linear arrays in memory 2021-11-20 10:35:54 -08:00
net Networking fixes for 5.16-rc2, including fixes from bpf, mac80211. 2021-11-18 12:54:24 -08:00
samples s390 updates for 5.16-rc2 2021-11-20 10:55:50 -08:00
scripts coccinelle patches for 5.16-rc1 2021-11-13 10:45:17 -08:00
security net,lsm,selinux: revert the security_sctp_assoc_established() hook 2021-11-14 12:21:53 +00:00
sound sound fixes for 5.16-rc1 2021-11-12 12:17:30 -08:00
tools KVM: SEV: Prohibit migration of a VM that has mirrors 2021-11-30 03:54:14 -05:00
usr initramfs: Check timestamp to prevent broken cpio archive 2021-10-24 13:48:40 +09:00
virt KVM: downgrade two BUG_ONs to WARN_ON_ONCE 2021-11-26 06:43:28 -05:00
.clang-format clang-format: Update with the latest for_each macro list 2021-05-12 23:32:39 +02:00
.cocciconfig
.get_maintainer.ignore
.gitattributes
.gitignore .gitignore: ignore only top-level modules.builtin 2021-05-02 00:43:35 +09:00
.mailmap MAINTAINERS: update email address of Christian Borntraeger 2021-11-18 17:50:54 +01:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS MAINTAINERS: Move Daniel Drake to credits 2021-09-21 08:34:58 +03:00
Kbuild kbuild: rename hostprogs-y/always to hostprogs/always-y 2020-02-04 01:53:07 +09:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS s390 updates for 5.16-rc2 2021-11-20 10:55:50 -08:00
Makefile Linux 5.16-rc2 2021-11-21 13:47:39 -08:00
README

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.