KVM: SEV: Prohibit migration of a VM that has mirrors - wireguard-linux

diff options

author	Paolo Bonzini <pbonzini@redhat.com>	2021-11-22 19:50:34 -0500
committer	Paolo Bonzini <pbonzini@redhat.com>	2021-11-30 03:54:14 -0500
commit	17d44a96f000fe1040d4ba1c34e458c63be6b7ce (patch)
tree	759824b697177936ad53c887de4604947141e8c3 /scripts/gdb/linux/utils.py
parent	KVM: SEV: Do COPY_ENC_CONTEXT_FROM with both VMs locked (diff)
download	wireguard-linux-17d44a96f000fe1040d4ba1c34e458c63be6b7ce.tar.xz wireguard-linux-17d44a96f000fe1040d4ba1c34e458c63be6b7ce.zip

KVM: SEV: Prohibit migration of a VM that has mirrors

VMs that mirror an encryption context rely on the owner to keep the ASID allocated. Performing a KVM_CAP_VM_MOVE_ENC_CONTEXT_FROM would cause a dangling ASID: 1. copy context from A to B (gets ref to A) 2. move context from A to L (moves ASID from A to L) 3. close L (releases ASID from L, B still references it) The right way to do the handoff instead is to create a fresh mirror VM on the destination first: 1. copy context from A to B (gets ref to A) [later] 2. close B (releases ref to A) 3. move context from A to L (moves ASID from A to L) 4. copy context from L to M So, catch the situation by adding a count of how many VMs are mirroring this one's encryption context. Fixes: 0b020f5af092 ("KVM: SEV: Add support for SEV-ES intra host migration") Message-Id: <20211123005036.2954379-11-pbonzini@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

Diffstat (limited to 'scripts/gdb/linux/utils.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: