KVM: SEV: Lock all vCPUs for the duration of SEV-ES VMSA synchronization

Lock and unlock all vCPUs in a single batch when synchronizing SEV-ES VMSAs
during launch finish, partly to dedup the code by a tiny amount, but mostly
so that sev_launch_update_vmsa() uses the same logic/flow as all other SEV
ioctls that lock all vCPUs.

Link: https://patch.msgid.link/20260310234829.2608037-7-seanjc@google.com
Signed-off-by: Sean Christopherson <seanjc@google.com>

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index 709e611188c1c7ceb6099604877729c0acbae0ca..15086ffe6143ee056b6f7efa856288970b125845 100644 (file)
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -1037,19 +1037,18 @@ static int sev_launch_update_vmsa(struct kvm *kvm, struct kvm_sev_cmd *argp)
        if (kvm_is_vcpu_creation_in_progress(kvm))
                return -EBUSY;
 
-       kvm_for_each_vcpu(i, vcpu, kvm) {
-               ret = mutex_lock_killable(&vcpu->mutex);
-               if (ret)
-                       return ret;
+       ret = kvm_lock_all_vcpus(kvm);
+       if (ret)
+               return ret;
 
+       kvm_for_each_vcpu(i, vcpu, kvm) {
                ret = __sev_launch_update_vmsa(kvm, vcpu, &argp->error);
-
-               mutex_unlock(&vcpu->mutex);
                if (ret)
-                       return ret;
+                       break;
        }
 
-       return 0;
+       kvm_unlock_all_vcpus(kvm);
+       return ret;
 }
 
 static int sev_launch_measure(struct kvm *kvm, struct kvm_sev_cmd *argp)