KVM: SEV: Flush cache on non-coherent systems before RECEIVE_UPDATE_DATA
authorMasahiro Kozuka <masa.koz@kozuka.jp>
Tue, 14 Sep 2021 21:09:51 +0000 (14:09 -0700)
committerPaolo Bonzini <pbonzini@redhat.com>
Thu, 21 Oct 2021 17:01:25 +0000 (13:01 -0400)
commitc8c340a9b4149fe5caa433f3b62463a1c8e07a46
treeee3ab9a43c294ec0a53cd00fcb51df0092b312ee
parenta3ca5281bb771d8103ea16f0a6a8a5df9a7fb4f3
KVM: SEV: Flush cache on non-coherent systems before RECEIVE_UPDATE_DATA

Flush the destination page before invoking RECEIVE_UPDATE_DATA, as the
PSP encrypts the data with the guest's key when writing to guest memory.
If the target memory was not previously encrypted, the cache may contain
dirty, unecrypted data that will persist on non-coherent systems.

Fixes: 15fb7de1a7f5 ("KVM: SVM: Add KVM_SEV_RECEIVE_UPDATE_DATA command")
Cc: stable@vger.kernel.org
Cc: Peter Gonda <pgonda@google.com>
Cc: Marc Orr <marcorr@google.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Masahiro Kozuka <masa.koz@kozuka.jp>
[sean: converted bug report to changelog]
Signed-off-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20210914210951.2994260-3-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
arch/x86/kvm/svm/sev.c