For in-place conversion, the source pointer is expected to be NULL since the data has already been written directly to guest memory and doesn't need to be copied in prior to encrypting it in-place for initial guest memory payload.
Signed-off-by: Michael Roth <[email protected]> --- target/i386/sev.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/target/i386/sev.c b/target/i386/sev.c index b44b5a1c2b..32a5e605bf 100644 --- a/target/i386/sev.c +++ b/target/i386/sev.c @@ -1186,6 +1186,8 @@ sev_snp_launch_update(SevSnpGuestState *sev_snp_guest, int ret, fw_error; SnpCpuidInfo snp_cpuid_info; struct kvm_sev_snp_launch_update update = {0}; + ConfidentialGuestSupport *cgs = + CONFIDENTIAL_GUEST_SUPPORT(OBJECT(sev_snp_guest)); if (!data->hva || !data->len) { error_report("SNP_LAUNCH_UPDATE called with invalid address" @@ -1199,7 +1201,14 @@ sev_snp_launch_update(SevSnpGuestState *sev_snp_guest, memcpy(&snp_cpuid_info, data->hva, sizeof(snp_cpuid_info)); } - update.uaddr = (__u64)(unsigned long)data->hva; + /* + * For in-place conversion, the source pointer is expected to be NULL + * since the data has already been written directly to guest memory + * and only needs to be encrypted in-place for secure access. + */ + if (!cgs->convert_in_place) { + update.uaddr = (__u64)(unsigned long)data->hva; + } update.gfn_start = data->gpa >> TARGET_PAGE_BITS; update.len = data->len; update.type = data->type; -- 2.43.0
