KVM: SEV: Make it more obvious when KVM is writing back the current PSC index

Increment the guest-visible "cur_entry" index outside of the for-loop
when processing Page State Change entries, and add a comment to make it
more obvious which code is operating on trusted data, and which code is
touching guest-accessible data.

No functional change intended.

Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
Reviewed-by: Michael Roth <michael.roth@amd.com>
Signed-off-by: Sean Christopherson <seanjc@google.com>
Message-ID: <20260501202250.2115252-12-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-ID: <20260529183549.1104619-12-pbonzini@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index 62b5befe0eed90769273a6eea3ddfca8f9147da2..1982d13e71d9e1955eb013be5dc683a976179c66 100644 (file)
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -3947,7 +3947,7 @@ next_range:
        }
 
        /* Find the start of the next range which needs processing. */
-       for (idx = idx_start; idx <= idx_end; idx++, hdr->cur_entry++) {
+       for (idx = idx_start; idx <= idx_end; idx++) {
                entry_start = READ_ONCE(entries[idx]);
 
                gfn = entry_start.gfn;
@@ -3974,6 +3974,14 @@ next_range:
 
                if (npages)
                        break;
+
+               /*
+                * Increment the guest-visible index to communicate the current
+                * entry back to the guest, e.g. in case of failure.  No need
+                * for READ_ONCE() as KVM doesn't consume the field, i.e. a
+                * misbehaving guest can only break itself.
+                */
+               hdr->cur_entry++;
        }
 
        if (idx > idx_end) {