KVM: SVM: WARN, but continue, if misc_cg_set_capacity() fails

WARN and continue if misc_cg_set_capacity() fails, as the only scenario
in which it can fail is if the specified resource is invalid, which should
never happen when CONFIG_KVM_AMD_SEV=y.  Deliberately not bailing "fixes"
a theoretical bug where KVM would leak the ASID bitmaps on failure, which
again can't happen.

If the impossible should happen, the end result is effectively the same
with respect to SEV and SEV-ES (they are unusable), while continuing on
has the advantage of letting KVM load, i.e. userspace can still run
non-SEV guests.

Reported-by: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com>
Link: https://lore.kernel.org/r/20230607004449.1421131-1-seanjc@google.com
Signed-off-by: Sean Christopherson <seanjc@google.com>

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index d65578d8784d834f5e3f9a283bb04485367d6cf5..07756b7348ae8edec8c5f0e0f41070eb2998a7e8 100644 (file)
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -2216,9 +2216,7 @@ void __init sev_hardware_setup(void)
        }
 
        sev_asid_count = max_sev_asid - min_sev_asid + 1;
-       if (misc_cg_set_capacity(MISC_CG_RES_SEV, sev_asid_count))
-               goto out;
-
+       WARN_ON_ONCE(misc_cg_set_capacity(MISC_CG_RES_SEV, sev_asid_count));
        sev_supported = true;
 
        /* SEV-ES support requested? */
@@ -2243,9 +2241,7 @@ void __init sev_hardware_setup(void)
                goto out;
 
        sev_es_asid_count = min_sev_asid - 1;
-       if (misc_cg_set_capacity(MISC_CG_RES_SEV_ES, sev_es_asid_count))
-               goto out;
-
+       WARN_ON_ONCE(misc_cg_set_capacity(MISC_CG_RES_SEV_ES, sev_es_asid_count));
        sev_es_supported = true;
 
 out: