KVM: SEV: On Tue, Mar 03, 2026, Tycho Andersen wrote: > From: "Tycho Andersen (AMD)" <[email protected]> > > Commit 0aa6b90ef9d7 ("KVM: SVM: Add support for allowing zero SEV ASIDs") > made it possible to make it impossible to use SEV VMs by not allocating > them any ASIDs. > > Commit 6c7c620585c6 ("KVM: SEV: Add SEV-SNP CipherTextHiding support") did > the same thing for SEV-ES. > > Do not export KVM_X86_SEV(_ES)_VM as exported types if in either of these ^^^^^^^^ supported
> situations, so that userspace can use them to determine what is actually > supported by the current kernel configuration. > > Also move the buildup to a local variable so it is easier to add additional > masking in future patches. > > Link: https://lore.kernel.org/all/[email protected]/ > Suggested-by: Sean Christopherson <[email protected]> > Signed-off-by: Tycho Andersen (AMD) <[email protected]> > --- > arch/x86/kvm/svm/sev.c | 14 +++++++++++--- > 1 file changed, 11 insertions(+), 3 deletions(-) > > diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c > index 3f9c1aa39a0a..f941d48626d3 100644 > --- a/arch/x86/kvm/svm/sev.c > +++ b/arch/x86/kvm/svm/sev.c > @@ -2957,18 +2957,26 @@ void sev_vm_destroy(struct kvm *kvm) > > void __init sev_set_cpu_caps(void) > { > + int supported_vm_types = 0; This should be a u32. > + > if (sev_enabled) { > kvm_cpu_cap_set(X86_FEATURE_SEV); > - kvm_caps.supported_vm_types |= BIT(KVM_X86_SEV_VM); > + > + if (min_sev_asid <= max_sev_asid) > + supported_vm_types |= BIT(KVM_X86_SEV_VM); > } > if (sev_es_enabled) { > kvm_cpu_cap_set(X86_FEATURE_SEV_ES); > - kvm_caps.supported_vm_types |= BIT(KVM_X86_SEV_ES_VM); > + > + if (min_sev_es_asid <= max_sev_es_asid) > + supported_vm_types |= BIT(KVM_X86_SEV_ES_VM); > } > if (sev_snp_enabled) { > kvm_cpu_cap_set(X86_FEATURE_SEV_SNP); > - kvm_caps.supported_vm_types |= BIT(KVM_X86_SNP_VM); > + supported_vm_types |= BIT(KVM_X86_SNP_VM); > } > + > + kvm_caps.supported_vm_types |= supported_vm_types; > } > > static bool is_sev_snp_initialized(void) > -- > 2.53.0 >
