• Sean Christopherson's avatar
    KVM: SVM: Use online_vcpus, not created_vcpus, to iterate over vCPUs · c36b16d2
    Sean Christopherson authored
    Use the kvm_for_each_vcpu() helper to iterate over vCPUs when encrypting
    VMSAs for SEV, which effectively switches to use online_vcpus instead of
    created_vcpus.  This fixes a possible null-pointer dereference as
    created_vcpus does not guarantee a vCPU exists, since it is updated at
    the very beginning of KVM_CREATE_VCPU.  created_vcpus exists to allow the
    bulk of vCPU creation to run in parallel, while still correctly
    restricting the max number of max vCPUs.
    
    Fixes: ad73109a ("KVM: SVM: Provide support to launch and run an SEV-ES guest")
    Cc: stable@vger.kernel.org
    Cc: Brijesh Singh <brijesh.singh@amd.com>
    Cc: Tom Lendacky <thomas.lendacky@amd.com>
    Signed-off-by: default avatarSean Christopherson <seanjc@google.com>
    Message-Id: <20210331031936.2495277-2-seanjc@google.com>
    Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
    c36b16d2
sev.c 50.8 KB