KVM: SEV: Allow some commands for mirror VM
authorPeter Gonda <pgonda@google.com>
Tue, 21 Sep 2021 15:03:45 +0000 (08:03 -0700)
committerPaolo Bonzini <pbonzini@redhat.com>
Wed, 22 Sep 2021 14:33:13 +0000 (10:33 -0400)
commit5b92b6ca92b65bef811048c481e4446f4828500a
treeed62e23007fb20b159a501848f730e16ef9d6523
parentf43c887cb7cb5b66c4167d40a4209027f5fdb5ce
KVM: SEV: Allow some commands for mirror VM

A mirrored SEV-ES VM will need to call KVM_SEV_LAUNCH_UPDATE_VMSA to
setup its vCPUs and have them measured, and their VMSAs encrypted. Without
this change, it is impossible to have mirror VMs as part of SEV-ES VMs.

Also allow the guest status check and debugging commands since they do
not change any guest state.

Signed-off-by: Peter Gonda <pgonda@google.com>
Cc: Marc Orr <marcorr@google.com>
Cc: Nathan Tempelman <natet@google.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Sean Christopherson <seanjc@google.com>
Cc: Steve Rutherford <srutherford@google.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: kvm@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Cc: stable@vger.kernel.org
Fixes: 54526d1fd593 ("KVM: x86: Support KVM VMs sharing SEV context", 2021-04-21)
Message-Id: <20210921150345.2221634-3-pgonda@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
arch/x86/kvm/svm/sev.c