From patchwork Thu Mar 6 23:09:29 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kalra, Ashish" X-Patchwork-Id: 14005505 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2072.outbound.protection.outlook.com [40.107.244.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3FF231311AC; Thu, 6 Mar 2025 23:09:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.244.72 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1741302588; cv=fail; b=mqDa+5TQwbBIwW/NhnDsuObDr1F6V9/vXkvp7pt3sRwbUbaqIa2Fdpl2qD9dHPp5l38LH1dSHR5R4SRlE6FwzLuUx9JMOftVI1QBhKgCONLbqkgrYRVIm2ZYjRbq9gdu2QGFt//3i9M4KkFD5z6rDKqBBGGjiV29fVPlPMt+8bg= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1741302588; c=relaxed/simple; bh=dm61mEE+B5kJfT4XEi2fsMDw9XpWDjWXysZC80W4+3c=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=E5WqNpUrFreNGP2OtHXKbTbsls+TOG0i0Z8UpiXCEvdcpWrnOlnlvMHQ79shJgzG2fzSTb+ahB9Cb4UR7iYGy7my/YPk1KoI1n1neTIUiL5PZSAjAU2s9Je+bdpwoUM5IfsOyYYGqbf3dZaYp24AY4IzL39mzzuHKik60EeDFXo= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=PmFOlujr; arc=fail smtp.client-ip=40.107.244.72 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="PmFOlujr" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=BC0+Mz1Z+8XAkn+N7zSLhUuNiD9dOKhqd4M6riSHtZAJnHH0H/n1+K+uM/KYrKz2KmhvBjOCY+kk9aulOq4payUo9byMIf6F+BpSwka55QPJUsxB5mvXY8coWhayZlfQdSFxPlvbRQWhvHhmBpougzpn4g46V2WKma4AIuUVYBezlthwo8HsQiOAGil3cQM2R7X9+0o25ft7VBgxLMlDoc+buiXwNWSg901+/5qIXUvrJrmry/L0MYmQW7KGODU3Qk2EQn8KY6p71k2EiDO7dRzUixAHW7rBvk4+a8dNgP9QmH315CbyhMhxBshgsu4wed1SSQx/fpQ9H+QHQbpxgA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=8NqFREYQPYF99Pjehh3ZnLZIzayqfjC4lmTC2BENyj4=; b=eVMKfPVdq98/F77pB++pFpBI22t68DdP21K2T2Vt0Ymhrr6Et16I49/qfiJAi9uJKri5CzyJ7fk+VtNx0j+7cMv1HYp2j9ELG/rGrw2Ma09eyEbT4XsKuNdP2tS/TWUDwaRV5fvMTvyQOHOx9shAoxMiPjTuaezQiMtj8xD7kJfHrl5TgislT+qZa4ftezlQNhVXYcZGSWBe4V7mRwk3Jg/3ErDzXyHB9prP7atlCNBh1o9Q51QJ209Jh95oco+f7yHfKXP3id0gq7CuUGgOJatjidHlICU2jnN0VZ+OXYIgEDwuTIYbt8Jkq40YjV9H77nlhNPnrfG3bgeTZdIx5w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=google.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8NqFREYQPYF99Pjehh3ZnLZIzayqfjC4lmTC2BENyj4=; b=PmFOlujrpwE9nDbuy87RuJTb7WbHcK66DT7JRCo7hY70Ft5TLkGJfYhsQ8g8PjDGHM2lOjFLTacqx5E0SKMHG7Lu1TaA/erdjEYCWXSF1pzOVK1YOV0VzVIQmAcFEw70SS/TyT1UC+g4wyjXQIuhq5UcMAeIPRFldEWZ929yOoM= Received: from PH7P221CA0056.NAMP221.PROD.OUTLOOK.COM (2603:10b6:510:33c::30) by IA0PR12MB8715.namprd12.prod.outlook.com (2603:10b6:208:487::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8511.16; Thu, 6 Mar 2025 23:09:41 +0000 Received: from SN1PEPF000397B1.namprd05.prod.outlook.com (2603:10b6:510:33c:cafe::1c) by PH7P221CA0056.outlook.office365.com (2603:10b6:510:33c::30) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8511.18 via Frontend Transport; Thu, 6 Mar 2025 23:09:40 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF000397B1.mail.protection.outlook.com (10.167.248.55) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8511.15 via Frontend Transport; Thu, 6 Mar 2025 23:09:40 +0000 Received: from ethanolx7e2ehost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Thu, 6 Mar 2025 17:09:38 -0600 From: Ashish Kalra To: , , , , , , , , , , CC: , , , , , , , , , , Subject: [PATCH v6 1/8] crypto: ccp: Abort doing SEV INIT if SNP INIT fails Date: Thu, 6 Mar 2025 23:09:29 +0000 Message-ID: <9d8cae623934489b46dc5abdf65a3034800351d9.1741300901.git.ashish.kalra@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF000397B1:EE_|IA0PR12MB8715:EE_ X-MS-Office365-Filtering-Correlation-Id: d740717c-2a4b-4fba-b833-08dd5d03f91b X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|7416014|376014|36860700013|82310400026|921020; X-Microsoft-Antispam-Message-Info: 2XHpgtAhk4B95NTwFO3evxazklU8Pxywziatt6eaEU4loXeyDE+FjKulNeNgweIDOh0ST+eaLvePEvC420+5/+hlNZ9vLh0vWdK/ffaNWXSK06VQnZCbCBH1PbYmU0pfK5DDK55uYUVyiSMzl0C8hr2C6j1CcC5KJsv9pKphwNuKF3BM/8G3QuNkvdc8YhCBn1XlD7nmmkCR6l8RzfjQvXrHNLNA39L51bOHIaZJ7D2qMCSV+TBoinXFwXj+hbnBLePJrr6QZh86H4Lo345lS+Zb5AWcMdltAea3060801cnnSdcolr8m+aZnZjayvqoe6ibl2BBIpR8yQ1NTcuXwjqrJkgSFhGFNQosgCgE3mNnIef0risU1E6Q+6MNBDFRE1bHlPV8h/5gGHet2tCX4MGFXB+8OISDeT7WfIaiSJbFiJKEt8tBX/J2q9Tutlzuj555EU6Bhxnit3Vgf61dGW1Bm3+eI6De4TRtZxSs2DOhu0RRE2oMV5uxKCw4a1nPlo1IWWZOTnkT4CD1/yQgBTWF3i67nZjBIJ/iC3LjYJr+KRTAruIuAs63RFoeiZH76cv3gn7/5B7RiKgGce0zWvOiDgOqz+P8Ax1mxwY25PKFz+o16JKw0eLa9BPobUFgus/O5HIJr1brIopiag1uUWsKHwChzMT2xBIQ26fhDjn5cUkUeQWP6VFRNAvpYflltlMuV/LUz4oXE51mS25T/rrz//HRl92vIEcAHVuH+pem2NPKIecv7+mX2UqHMp4hP1ILMJWigyOznUfnVIcTU2Z+hAyTrx6z0QwZsO6Psp67CeMb50vMtC29dJmFK420/SSbT/On706azNMeaVTljO4eRBsRyYqNGa7Pv8M9yLrgs04hytK1wuhzmzbkyzmFgaVMp5pNsXykjuz5JCgjFuRidf3pC1/JC4xnSNJpEfpXyUltNNDbz+BA0YQ+S/ata3RzF3hgNYo5PJUYP8N/JtmkojIOUoOYA0eC+5IYdhl8O0IZS2zem/HrQSAYZrpzpfZna0isCBcTFodrhotw1Hi6njrwgQeNuv+0/Um8Vnh01evVdIF/UhPUm3rtP20XEsK9vAZJjuOEl13TwsSZEcV50tWulR4mkfA0LQn8SeVq/1XCBANOJ00Dv+i6Bap8YOjUEJ1Fjg+NZDCszpHSaTJNs5EvhWFOIzqMJxTwlJxxzmoFyL8yDqvTGeU1ThAKfQqALmHqAnPbBJB5rkz3vNsGmxbORkBIgXWFYY7h/cIdNVdI4WHaCFbAiTkX6LeToDhsvS2uGC9Sm1xPCJ8maSws76wS6V1b4Qmudh3PPbmNx/Ws5v7XGn5lUgUMqaksEPf0mvg/MFrpo5GUykKVfNyUs9GTULtEi4AiB9BdkvHKHlyllAWzhlPdZ5XGzAsWEvqvV+bOMVPy36DQMupWvBQzjVJbiG1dvTe9gbt8itxP/yh/npIbOkw0UAL+WtbfKSsxNAvYB2LWh3lr+JwHHTUH5mYfuBiREzkOLMUhqoNa6b35zuJGn98vLY6M9Nxk X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(1800799024)(7416014)(376014)(36860700013)(82310400026)(921020);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Mar 2025 23:09:40.1325 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: d740717c-2a4b-4fba-b833-08dd5d03f91b X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF000397B1.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA0PR12MB8715 From: Ashish Kalra If SNP host support (SYSCFG.SNPEn) is set, then RMP table must be initialized up before calling SEV INIT. In other words, if SNP_INIT(_EX) is not issued or fails then SEV INIT will fail once SNP host support (SYSCFG.SNPEn) is enabled. Fixes: 1ca5614b84eed ("crypto: ccp: Add support to initialize the AMD-SP for SEV-SNP") Signed-off-by: Ashish Kalra --- drivers/crypto/ccp/sev-dev.c | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 2e87ca0e292a..a0e3de94704e 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -1112,7 +1112,7 @@ static int __sev_snp_init_locked(int *error) if (!sev_version_greater_or_equal(SNP_MIN_API_MAJOR, SNP_MIN_API_MINOR)) { dev_dbg(sev->dev, "SEV-SNP support requires firmware version >= %d:%d\n", SNP_MIN_API_MAJOR, SNP_MIN_API_MINOR); - return 0; + return -EOPNOTSUPP; } /* SNP_INIT requires MSR_VM_HSAVE_PA to be cleared on all CPUs. */ @@ -1325,12 +1325,9 @@ static int _sev_platform_init_locked(struct sev_platform_init_args *args) */ rc = __sev_snp_init_locked(&args->error); if (rc && rc != -ENODEV) { - /* - * Don't abort the probe if SNP INIT failed, - * continue to initialize the legacy SEV firmware. - */ dev_err(sev->dev, "SEV-SNP: failed to INIT rc %d, error %#x\n", rc, args->error); + return rc; } /* Defer legacy SEV/SEV-ES support if allowed by caller/module. */ From patchwork Thu Mar 6 23:09:44 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kalra, Ashish" X-Patchwork-Id: 14005506 Received: from NAM02-DM3-obe.outbound.protection.outlook.com (mail-dm3nam02on2078.outbound.protection.outlook.com [40.107.95.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CA2D127CCE3; Thu, 6 Mar 2025 23:09:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.95.78 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1741302601; cv=fail; b=UqIX69uzyBSMzZ7rrq4Mx0TEv/IKtwYvX5xHRGj+bzEovpHYMu1EKYlW104AZfCVnm0k1mu5gEdKG7WVnmEkHO8OTDtEIY2pvgeN5Z9LV4HAU35C5FOLsojexNhNqv/0dUa30ixeDBEdZNqbtcR7sr/QTjqtBs9tT3g7o3eE2WM= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1741302601; c=relaxed/simple; bh=UoIyQkldedVuTN88EL4FhGUqrCl9/z/Ia7UL+92cHAA=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=JPSp0Uzkuh9/T/GHETQi5MRkbuapfoNLET35ik+pszZl81BfbryIih22NNpUNNwglrZBI2M7/C1VyoTHvaNHEx+qHFJV/vFNJJ5st0zvkqcajxr9Ts8ddDEjr0rvgpcxvNC1YNs4Zx+DYoGPJfHdWP2qUMt1ruQ3x8ukfALfzUM= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=aSJ6WYat; arc=fail smtp.client-ip=40.107.95.78 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="aSJ6WYat" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=vCAth8u97dnO72YTx5Tt/5KrP/NkRcvN3X2PsdwlvpY5+L1Os7f8SD2l7zXIiEi2nRt67tswbTJDhbYJ7gacw1yCtVWspiKZv+ae5q9mxvkO99nWVVC3PPL8nmn8PIgC7UCIoJyJTo24Fy+ADAjYvgjmdTlxBEg4kkD2aXYg2r/gc9kUbDVviVWI6vGMPnoIl2CJTHY9ODu+6GryT9qLxbfmPojOVj51DFyEQmpjrZ0vGMaVdBYkjhsTokFLJ6bzIeTwO+l7LXnkIkoRLR+kykfaOOUsOpnBHrIAI2uDhJGGl0Dh0GjqeMU4hyV9x9KalbgGCRqYyC0LWfbPGgjSRA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=aBKhe853dgLIjNuMtBJEm5godZxw9sBH743hHNzs13E=; b=iDHxhquyaPSauYRsRvEovi+ZgoDtMEV8SKP7oH4ijjnUvnYxJtcMxHHmY01FsAam7FTBifnqQYkhSMmk8IJl7c0GmZJ53PLvKGkuA/dULwpnP3suvvs0i2IlsfnaN3GE4RliYmexct836hzDqF4mvZ1s4OQ5h5DLuzbymYsIq0TeNQ6ja2ow0Vlo36Hm7BzNhEn4pu5jeUX18RDj0f68PlKPJ+PmSg2JQyftWZuK//t5LDfn6OuJo54OXn+Cfddoe5vqL9NApxDlo+ADSnQYeVL9h8ZPwubXZz5nw3/9+yzMlbPZSZfo/9Umw4wjooEqVzlSToR+4nR3jcsRpiWyDA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=google.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=aBKhe853dgLIjNuMtBJEm5godZxw9sBH743hHNzs13E=; b=aSJ6WYat2T6QeQzRSaEXEeEB6O35Ra5tKGv4KnDUQ4q49EijFqjQxdAnGclnUXU8Ca9KAAPibPH9Q8PLMxgIgxUaAACAX+dtZZz9RLj2QvMuFDD/IDSEdn9LLC9v458XjqpTVljJUJSeRdTB7V93lrTAjFs29BWHGi8rb+hhP9Q= Received: from SA1P222CA0044.NAMP222.PROD.OUTLOOK.COM (2603:10b6:806:2d0::9) by PH0PR12MB5680.namprd12.prod.outlook.com (2603:10b6:510:146::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8489.29; Thu, 6 Mar 2025 23:09:55 +0000 Received: from SN1PEPF000397B3.namprd05.prod.outlook.com (2603:10b6:806:2d0:cafe::41) by SA1P222CA0044.outlook.office365.com (2603:10b6:806:2d0::9) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8511.16 via Frontend Transport; Thu, 6 Mar 2025 23:09:54 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF000397B3.mail.protection.outlook.com (10.167.248.57) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8511.15 via Frontend Transport; Thu, 6 Mar 2025 23:09:54 +0000 Received: from ethanolx7e2ehost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Thu, 6 Mar 2025 17:09:53 -0600 From: Ashish Kalra To: , , , , , , , , , , CC: , , , , , , , , , , Subject: [PATCH v6 2/8] crypto: ccp: Move dev_info/err messages for SEV/SNP init and shutdown Date: Thu, 6 Mar 2025 23:09:44 +0000 Message-ID: <41ff363d1bfb339371b66aa16cde9a2ad2b8215b.1741300901.git.ashish.kalra@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF000397B3:EE_|PH0PR12MB5680:EE_ X-MS-Office365-Filtering-Correlation-Id: 9c758fd3-e828-4b63-3c69-08dd5d0401db X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|1800799024|36860700013|7416014|82310400026|921020; X-Microsoft-Antispam-Message-Info: DUjmRwETRuvNDGxT6LL91mybphL1ICxa1fYcpo7iuHWCGkpR/2zBdrINETq+5Ouc5P4mFup/X3cGczRb2NmieM+roc4XWc2RvtGMWeOMQGFiIfIl9Rn5xU4cqjNYGvXGzbjqFD3Q8Svsc+/E+vsCt0NL8MJmWSxv7bPTYSPzgozwVEVUIZ5oeyMLZ9ko4XjpVN4HEKzUADL93FP/lxqExc1KAjGKKmWLgfbd0t2onO/5Xds4V/raRtTBLZUNfv1mMwhRtXdyfbx5xiF8vRwjm2ln4Z0lxMj1m4gDz64eNl119JS/BBmcfRGLrXLHbqcPhTpEoPBkWlCN+UkG9V/DRQOOxVnrmz2kTzdJgNkEwCRPGifUnn+BY3TW+BrlSbI28ZmhqTbMAFH4WiY+RpAdSr1QtcgCWW64Gps4doDD/SqIxtvYBkOoB7xXvBU78SiNBPY64p0sVK5axwQX6GUWyJNbf9FgaoxX7zQYW1IK/XbVDByNWGW3jg/7sohyFnmkhCVBXJhk7loixKDR/k/+97ByUdrcRUdvDufmxu/0dXTb4eR5DVl0dnh/6XtizHRS58tIkcxbCTyWRw+4azlS9mcrKwhRgXloZkN/jK8IkXYF+kp6mAM712vCyHhbsw2/HkUmf4KJwDQq7E5nAqlRIsgKYSSNpvIvkw9ZLfEGMNyTg1tBiHBIsu/axj0IUFDQ1/qLK03QmnICJTqlpDMV3gJ5IM+kweQlUx3RpM1UuD25lhzgLrhOirI++icjCnG3IY+C4NxSSsRvGkQYWCSRcDxLZHboc40oE+knETzDN8+AyMaowsaTOEH2DvA7ITTVbTEbOk0pkfTIt59NxwwQhTT4LR6T5Gc59teB2ZKA8UMXrmAWlU+XoB5l/1Tjubl9EyHrYb8YWEPHx8G45s8emT5DRc5qKyvPw+W0PVsozxlZS6avU3Nje1LX1CjOeyTobi91l1c5psbeYUt+Kdnhtm0FcrIAxpvwwvyG83AkWkLdWIAesZIyUk7ZVVgpIGySkQeck4M1jioLpwtyMbo5boxvr1GJvzqwqWV7d6/+AzG8lvNb3acqUUxl22r2TyssMrl7GOehqFzYicEjqrejZN78xjYgWWL98ABwsKUrWhBeKpXUuy1vJ1iiELBc6SWEGYuweTjKULf65bkyM5npa92Gj+Z3q6YiUejQLomGNZksqk3+Nsd2ScIwJIN64PjQvznPCy/telCPAyKFFJFgANF8wRS2xrT4VJrKSfeVccFbfHYp44iJdcFUeZCZWtVgApnMUk/KVgjHVvj3WYMIe85zXXXpLWslLfd9oBIvO7UiwAr1PUwmfX1qCTfhEtbMdiw4k2D4TzYpUzldgg4rX/v9JauRDYCx0G/OJ8AExYqraOUnVRFtK8aTrplIi/45EN6EYljIeGhac+OF9X6OMf5ayC+50czsr18Z46OEDI+BnY0BTDxUKFd9ub97V4h/gF+47HgaRmvbAbU9h/oDEQ8S0Lf4amXG4W6uPsBNUqXQg+IKioy6mzHEll9+C7Ow X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(376014)(1800799024)(36860700013)(7416014)(82310400026)(921020);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Mar 2025 23:09:54.7938 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 9c758fd3-e828-4b63-3c69-08dd5d0401db X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF000397B3.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR12MB5680 From: Ashish Kalra Move dev_info and dev_err messages related to SEV/SNP initialization and shutdown into __sev_platform_init_locked(), __sev_snp_init_locked() and __sev_platform_shutdown_locked(), __sev_snp_shutdown_locked() so that they don't need to be issued from callers. This allows both _sev_platform_init_locked() and various SEV/SNP ioctls to call __sev_platform_init_locked(), __sev_snp_init_locked() and __sev_platform_shutdown_locked(), __sev_snp_shutdown_locked() for implicit SEV/SNP initialization and shutdown without additionally printing any errors/success messages. Reviewed-by: Tom Lendacky Signed-off-by: Ashish Kalra --- drivers/crypto/ccp/sev-dev.c | 49 ++++++++++++++++++++++++------------ 1 file changed, 33 insertions(+), 16 deletions(-) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index a0e3de94704e..ccd7cc4b36d1 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -1176,21 +1176,31 @@ static int __sev_snp_init_locked(int *error) wbinvd_on_all_cpus(); rc = __sev_do_cmd_locked(cmd, arg, error); - if (rc) + if (rc) { + dev_err(sev->dev, "SEV-SNP: %s failed rc %d, error %#x\n", + cmd == SEV_CMD_SNP_INIT_EX ? "SNP_INIT_EX" : "SNP_INIT", + rc, *error); return rc; + } /* Prepare for first SNP guest launch after INIT. */ wbinvd_on_all_cpus(); rc = __sev_do_cmd_locked(SEV_CMD_SNP_DF_FLUSH, NULL, error); - if (rc) + if (rc) { + dev_err(sev->dev, "SEV-SNP: SNP_DF_FLUSH failed rc %d, error %#x\n", + rc, *error); return rc; + } sev->snp_initialized = true; dev_dbg(sev->dev, "SEV-SNP firmware initialized\n"); + dev_info(sev->dev, "SEV-SNP API:%d.%d build:%d\n", sev->api_major, + sev->api_minor, sev->build); + sev_es_tmr_size = SNP_TMR_SIZE; - return rc; + return 0; } static void __sev_platform_init_handle_tmr(struct sev_device *sev) @@ -1287,16 +1297,22 @@ static int __sev_platform_init_locked(int *error) if (error) *error = psp_ret; - if (rc) + if (rc) { + dev_err(sev->dev, "SEV: %s failed %#x, rc %d\n", + sev_init_ex_buffer ? "INIT_EX" : "INIT", psp_ret, rc); return rc; + } sev->state = SEV_STATE_INIT; /* Prepare for first SEV guest launch after INIT */ wbinvd_on_all_cpus(); rc = __sev_do_cmd_locked(SEV_CMD_DF_FLUSH, NULL, error); - if (rc) + if (rc) { + dev_err(sev->dev, "SEV: DF_FLUSH failed %#x, rc %d\n", + *error, rc); return rc; + } dev_dbg(sev->dev, "SEV firmware initialized\n"); @@ -1324,11 +1340,8 @@ static int _sev_platform_init_locked(struct sev_platform_init_args *args) * so perform SEV-SNP initialization at probe time. */ rc = __sev_snp_init_locked(&args->error); - if (rc && rc != -ENODEV) { - dev_err(sev->dev, "SEV-SNP: failed to INIT rc %d, error %#x\n", - rc, args->error); + if (rc && rc != -ENODEV) return rc; - } /* Defer legacy SEV/SEV-ES support if allowed by caller/module. */ if (args->probe && !psp_init_on_probe) @@ -1364,8 +1377,11 @@ static int __sev_platform_shutdown_locked(int *error) return 0; ret = __sev_do_cmd_locked(SEV_CMD_SHUTDOWN, NULL, error); - if (ret) + if (ret) { + dev_err(sev->dev, "SEV: failed to SHUTDOWN error %#x, rc %d\n", + *error, ret); return ret; + } sev->state = SEV_STATE_UNINIT; dev_dbg(sev->dev, "SEV firmware shutdown\n"); @@ -1679,9 +1695,12 @@ static int __sev_snp_shutdown_locked(int *error, bool panic) ret = __sev_do_cmd_locked(SEV_CMD_SNP_SHUTDOWN_EX, &data, error); /* SHUTDOWN may require DF_FLUSH */ if (*error == SEV_RET_DFFLUSH_REQUIRED) { - ret = __sev_do_cmd_locked(SEV_CMD_SNP_DF_FLUSH, NULL, NULL); + int dfflush_error; + + ret = __sev_do_cmd_locked(SEV_CMD_SNP_DF_FLUSH, NULL, &dfflush_error); if (ret) { - dev_err(sev->dev, "SEV-SNP DF_FLUSH failed\n"); + dev_err(sev->dev, "SEV-SNP DF_FLUSH failed, ret = %d, error = %#x\n", + ret, dfflush_error); return ret; } /* reissue the shutdown command */ @@ -1689,7 +1708,8 @@ static int __sev_snp_shutdown_locked(int *error, bool panic) error); } if (ret) { - dev_err(sev->dev, "SEV-SNP firmware shutdown failed\n"); + dev_err(sev->dev, "SEV-SNP firmware shutdown failed, rc %d, error %#x\n", + ret, *error); return ret; } @@ -2419,9 +2439,6 @@ void sev_pci_init(void) dev_err(sev->dev, "SEV: failed to INIT error %#x, rc %d\n", args.error, rc); - dev_info(sev->dev, "SEV%s API:%d.%d build:%d\n", sev->snp_initialized ? - "-SNP" : "", sev->api_major, sev->api_minor, sev->build); - atomic_notifier_chain_register(&panic_notifier_list, &snp_panic_notifier); return; From patchwork Thu Mar 6 23:10:00 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kalra, Ashish" X-Patchwork-Id: 14005507 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2041.outbound.protection.outlook.com [40.107.237.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9531B259C9F; Thu, 6 Mar 2025 23:10:17 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.237.41 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1741302619; cv=fail; b=AvYud1wsMYxekbSQG2KpCdQZiAWgWzADK7VTeuDsK5A1j7vwmDOy3/rCOIanxfrH3V/IIk3OhXqHQbKulF1EQaq3ZrokcKVxLYGTj83x9TEzAl0CRmu8OYk17VOKSY349YSvDYWX3hLjeiUsEf5Wsj/foVCc0A3FFoeWEmQEmRc= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1741302619; c=relaxed/simple; bh=rrt7J0UIuKOCzgrPDDoHqeTRZI+iMcAiHRa089pBTVI=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=iEfhe47nCJIrPHWt4QqlbYw/aOZrfgJtupSlbN21SvRHC5S2oa+S8QEuF13BQ/zvNtKxLujMzrcDtq2Gwf+5Df5Rk96Vpq8fkJWr5orkilqhmlJ9sdyIdKjaWFdRJUhUR35zllcgW2NkxOW17OmnZw6YcakXf9yy/qFnaj9FPDc= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=45+Um7Dm; arc=fail smtp.client-ip=40.107.237.41 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="45+Um7Dm" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=R2QI2sS/xfFwjYD8+EmkCrbgD7dlQxJCYpoRFDv5DAUC7FJkXYYr4BexW8HGhZKmq5Gnw1qkZi4k2Km1HCNR4G23JZ63ZONe2psVqzZRKP7Uy/oImQDxVLZHuJIRYPXu0/cGGNu9AhIQppDAQfm0ZCGk94t9eCG/92PXipyHBHQmuUXK91xXAWdcqW2WUlw8F1wiTpixUmPIbK68Nhs3x36mCAbBGRjtFBap9cP/sr0ZEMINMv7tlQnV7/craILMefzzcSWBMg/6YH/dpWoiiBT0b34y4mzBtNlPeneQ72sT4jDNUoMWsO0H0KR/cWwGsGnp/W4OzPlwhrEh290xNQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=eiasAtEsNs6FRSSueAJgQ5Q3wcL/ypznsB8K2N6JcA0=; b=LKTlpCA6j7NlyxZERVBoXP8y67Mk4LIVYx6pBo9G1kOOF21Nt1XoPOKeOnTDgn4mcnWY0761ha/URoLU1Ea+tquBkugdfJG4SS8/Vm29JB1M7Gwll+BvYg8r1YoEGAN6kV1ZiHa7aY67/IH7HehiH5qjfqNr480Ht9WOimx3d0BSaIpem9y9UsQYLo81rdEe7/6tGuSM63WaykpFboCQodhcfOWh70nghi5PMltnUvoJYIckoqO3/d1H1twJyFfS3+6gQahMhZl+uTKbxGjKqc27OBul0OZL2df6V7+qecp1lootBUJRDevOKiuU0of6Izr/Rs/o9+ipbbjovem5sg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=google.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=eiasAtEsNs6FRSSueAJgQ5Q3wcL/ypznsB8K2N6JcA0=; b=45+Um7Dmt3I/pHDXspVtm280BPAoDKKoRdRYoHBdXYdyra7zqn427As3S8nswp5fi3MLGVIwhegQ1JCeB40wTnbxwmA4E7E/dBS+NO67WaaQbHXnT9STppeUt/1AeZ7OJtHnxvqo0cg0S2HSKocwXEzLjNhPXkZGmdbqqr2YdvU= Received: from MW3PR06CA0004.namprd06.prod.outlook.com (2603:10b6:303:2a::9) by PH7PR12MB5998.namprd12.prod.outlook.com (2603:10b6:510:1da::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8511.17; Thu, 6 Mar 2025 23:10:12 +0000 Received: from SJ5PEPF000001F6.namprd05.prod.outlook.com (2603:10b6:303:2a:cafe::5c) by MW3PR06CA0004.outlook.office365.com (2603:10b6:303:2a::9) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8511.17 via Frontend Transport; Thu, 6 Mar 2025 23:10:12 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SJ5PEPF000001F6.mail.protection.outlook.com (10.167.242.74) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8511.15 via Frontend Transport; Thu, 6 Mar 2025 23:10:11 +0000 Received: from ethanolx7e2ehost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Thu, 6 Mar 2025 17:10:09 -0600 From: Ashish Kalra To: , , , , , , , , , , CC: , , , , , , , , , , Subject: [PATCH v6 3/8] crypto: ccp: Ensure implicit SEV/SNP init and shutdown in ioctls Date: Thu, 6 Mar 2025 23:10:00 +0000 Message-ID: <4a94e1d47b5ac270d47b87d7b38be0aca11779a6.1741300901.git.ashish.kalra@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SJ5PEPF000001F6:EE_|PH7PR12MB5998:EE_ X-MS-Office365-Filtering-Correlation-Id: 1737b6b9-1f28-478f-ff3a-08dd5d040bd1 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|36860700013|82310400026|7416014|376014|1800799024|921020; X-Microsoft-Antispam-Message-Info: CAaklUqowEBA89+GfO+utJFbsyHsteWYu2gtzdAqsYbWy45G+RmseVpex9lHeMldQBFNYPZk1aaz6T6zqxGqYcT4GvZXp0l3df/NxdsEnNQZpEroBxSEQCLT2JD6UHyeARpUbTellUWUzjNCDglu0sqTsq0VkKqoknk/m7oCkv/cEbqyFn5RkriKXlWXx3zyVn/obEzdMwdPb0bzejSvFJWzYc6Md5QUCmLdm78TZ3cgkcKNw7NlrEX79OkbPdsBCbqJgt436XpLVMq275AJxsYHkKLEAHqsYYLRxvFaE/6o5SChMO0hzczR+pwmh4TWe/tGJvkPQN3bhvNVQLxHvGFHBQpzvOq57fegjxVSa6OfL0IZUCGhdkaz4BdLbuwSj3KMDCXfAsaYX8el0Hx8IyxzTUI0rpA7ZJ8vcIclDLS6aL6rvNnKRYF6kE+0MCZxMoCiuapEM5PgKeXEy++h6DaWnJShBqdwCnM+6uhTHAaYZ2Pm4gD2h/wWrSc1lvBvk6+8W4AZHIV8jTmvTfLh/25Ioa50y4K7MhQLkkQRQsxohlolk2RVl1jkONxt3wgIWg7c41+zoiSbRHWNWjROhgIq3Z2cpqpWrOojUlETVyitm0MtPAs0IisMTLMXPWFTWcY1pKZoXlsbnSEie7Ey37vP+sTqjareCCDHkOT6oWCkLGGrKAVMzPKpWkcM4tpJHlpn531/XYKQcMLz5la47yvEpQ83ZZjkOTMOBqjR+WrZcvz1Mwy2zILmO5xAh4V/fIPBkW25X5whV87CBMLkBnVkvyU+QsSGDySc6tIZohXFm7wSqSxrZUy2zgCkTsZs6Vk3C7X8l7JUiLH5dlOLslScZziO3vQZCF5WFLKPh0MG1y/tqdMT6EDqwVCecFRtH0cZ6vClngZQOfO4f7ziptXfDq56stOwJrLkBNIYXOco/FMiAbxefuHvCPi999Xrm/kvaKpof/9IPHX3SKim6AjAofRT1+XqSRQLkMSr6s63RChCIZY/0/4aRgicd1uWt+oZ0Vjiz8YcyTmOw3kOGRiWSNmjcFfUj8BuZO4v5ahqiPSfmlwXzDYB2cgD/qiK0GCSVxd/UrkszMArLY8Kmr3oVFHw0BeImEkstMpqZgLvbGAwRkt/xZfdDeT6/NfVE4ec6RN5ms1Tl0s4XQvrK1HIjavBvtfwVwXG+1/9pC9v3Ngqsb05kPYzrInvATypyv2882PTA9N4auDC4qkGLSEuncv2vBQYxaVndGaMav13M/uHpMS2qOqa5j2mMCR2n2GzkLV2dR5b2m/Nsc73AsuxF/5Wws4BwTIeS7NEAtqT2RBNLEQh2o4sdcAOgirR0Yam/hwIfmsUI4SnC+yUH4wTG6YgxIXiPQPXfSkdEcVsNBjra0xEHyn4wRZ6sx2y/BwJehdiG3kl5vlzSA4SQ7uOkSs9KiKPkqWy9YvPT7coC71Pl+2oxBM+6w62pA7ykAIQ2/PeYPVhT2EGIdsNF8GKK3QoUJd/m5UDhM/sFH6Ykr7bpRSkqAi3uaK3bi4O X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(36860700013)(82310400026)(7416014)(376014)(1800799024)(921020);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Mar 2025 23:10:11.5105 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 1737b6b9-1f28-478f-ff3a-08dd5d040bd1 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SJ5PEPF000001F6.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB5998 From: Ashish Kalra Modify the behavior of implicit SEV initialization in some of the SEV ioctls to do both SEV initialization and shutdown and add implicit SNP initialization and shutdown to some of the SNP ioctls so that the change of SEV/SNP platform initialization not being done during PSP driver probe time does not break userspace tools such as sevtool, etc. Prior to this patch, SEV has always been initialized before these ioctls as SEV initialization is done as part of PSP module probe, but now with SEV initialization being moved to KVM module load instead of PSP driver probe, the implied SEV INIT actually makes sense and gets used and additionally to maintain SEV platform state consistency before and after the ioctl SEV shutdown needs to be done after the firmware call. It is important to do SEV Shutdown here with the SEV/SNP initialization moving to KVM, an implicit SEV INIT here as part of the SEV ioctls not followed with SEV Shutdown will cause SEV to remain in INIT state and then a future SNP INIT in KVM module load will fail. Also ensure that for these SEV ioctls both implicit SNP and SEV INIT is done followed by both SEV and SNP shutdown as RMP table must be initialized before calling SEV INIT if SNP host support is enabled. Similarly, prior to this patch, SNP has always been initialized before these ioctls as SNP initialization is done as part of PSP module probe, therefore, to keep a consistent behavior, SNP init needs to be done here implicitly as part of these ioctls followed with SNP shutdown before returning from the ioctl to maintain the consistent platform state before and after the ioctl. Suggested-by: Tom Lendacky Signed-off-by: Ashish Kalra Reviewed-by: Tom Lendacky --- drivers/crypto/ccp/sev-dev.c | 142 +++++++++++++++++++++++++++++------ 1 file changed, 119 insertions(+), 23 deletions(-) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index ccd7cc4b36d1..5bd3df377370 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -109,6 +109,8 @@ static void *sev_init_ex_buffer; */ static struct sev_data_range_list *snp_range_list; +static void __sev_firmware_shutdown(struct sev_device *sev, bool panic); + static inline bool sev_version_greater_or_equal(u8 maj, u8 min) { struct sev_device *sev = psp_master->sev_data; @@ -1402,6 +1404,37 @@ static int sev_get_platform_state(int *state, int *error) return rc; } +static int sev_move_to_init_state(struct sev_issue_cmd *argp, bool *shutdown_required) +{ + struct sev_platform_init_args init_args = {0}; + int rc; + + rc = _sev_platform_init_locked(&init_args); + if (rc) { + argp->error = SEV_RET_INVALID_PLATFORM_STATE; + return rc; + } + + *shutdown_required = true; + + return 0; +} + +static int snp_move_to_init_state(struct sev_issue_cmd *argp, bool *shutdown_required) +{ + int error, rc; + + rc = __sev_snp_init_locked(&error); + if (rc) { + argp->error = SEV_RET_INVALID_PLATFORM_STATE; + return rc; + } + + *shutdown_required = true; + + return 0; +} + static int sev_ioctl_do_reset(struct sev_issue_cmd *argp, bool writable) { int state, rc; @@ -1454,24 +1487,31 @@ static int sev_ioctl_do_platform_status(struct sev_issue_cmd *argp) static int sev_ioctl_do_pek_pdh_gen(int cmd, struct sev_issue_cmd *argp, bool writable) { struct sev_device *sev = psp_master->sev_data; + bool shutdown_required = false; int rc; if (!writable) return -EPERM; if (sev->state == SEV_STATE_UNINIT) { - rc = __sev_platform_init_locked(&argp->error); + rc = sev_move_to_init_state(argp, &shutdown_required); if (rc) return rc; } - return __sev_do_cmd_locked(cmd, NULL, &argp->error); + rc = __sev_do_cmd_locked(cmd, NULL, &argp->error); + + if (shutdown_required) + __sev_firmware_shutdown(sev, false); + + return rc; } static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp, bool writable) { struct sev_device *sev = psp_master->sev_data; struct sev_user_data_pek_csr input; + bool shutdown_required = false; struct sev_data_pek_csr data; void __user *input_address; void *blob = NULL; @@ -1503,7 +1543,7 @@ static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp, bool writable) cmd: if (sev->state == SEV_STATE_UNINIT) { - ret = __sev_platform_init_locked(&argp->error); + ret = sev_move_to_init_state(argp, &shutdown_required); if (ret) goto e_free_blob; } @@ -1524,6 +1564,9 @@ static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp, bool writable) } e_free_blob: + if (shutdown_required) + __sev_firmware_shutdown(sev, false); + kfree(blob); return ret; } @@ -1743,6 +1786,7 @@ static int sev_ioctl_do_pek_import(struct sev_issue_cmd *argp, bool writable) struct sev_device *sev = psp_master->sev_data; struct sev_user_data_pek_cert_import input; struct sev_data_pek_cert_import data; + bool shutdown_required = false; void *pek_blob, *oca_blob; int ret; @@ -1773,7 +1817,7 @@ static int sev_ioctl_do_pek_import(struct sev_issue_cmd *argp, bool writable) /* If platform is not in INIT state then transition it to INIT */ if (sev->state != SEV_STATE_INIT) { - ret = __sev_platform_init_locked(&argp->error); + ret = sev_move_to_init_state(argp, &shutdown_required); if (ret) goto e_free_oca; } @@ -1781,6 +1825,9 @@ static int sev_ioctl_do_pek_import(struct sev_issue_cmd *argp, bool writable) ret = __sev_do_cmd_locked(SEV_CMD_PEK_CERT_IMPORT, &data, &argp->error); e_free_oca: + if (shutdown_required) + __sev_firmware_shutdown(sev, false); + kfree(oca_blob); e_free_pek: kfree(pek_blob); @@ -1897,18 +1944,9 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) struct sev_data_pdh_cert_export data; void __user *input_cert_chain_address; void __user *input_pdh_cert_address; + bool shutdown_required = false; int ret; - /* If platform is not in INIT state then transition it to INIT. */ - if (sev->state != SEV_STATE_INIT) { - if (!writable) - return -EPERM; - - ret = __sev_platform_init_locked(&argp->error); - if (ret) - return ret; - } - if (copy_from_user(&input, (void __user *)argp->data, sizeof(input))) return -EFAULT; @@ -1948,6 +1986,17 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) data.cert_chain_len = input.cert_chain_len; cmd: + /* If platform is not in INIT state then transition it to INIT. */ + if (sev->state != SEV_STATE_INIT) { + if (!writable) { + ret = -EPERM; + goto e_free_cert; + } + ret = sev_move_to_init_state(argp, &shutdown_required); + if (ret) + goto e_free_cert; + } + ret = __sev_do_cmd_locked(SEV_CMD_PDH_CERT_EXPORT, &data, &argp->error); /* If we query the length, FW responded with expected data. */ @@ -1974,6 +2023,9 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) } e_free_cert: + if (shutdown_required) + __sev_firmware_shutdown(sev, false); + kfree(cert_blob); e_free_pdh: kfree(pdh_blob); @@ -1983,12 +2035,13 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) static int sev_ioctl_do_snp_platform_status(struct sev_issue_cmd *argp) { struct sev_device *sev = psp_master->sev_data; + bool shutdown_required = false; struct sev_data_snp_addr buf; struct page *status_page; + int ret, error; void *data; - int ret; - if (!sev->snp_initialized || !argp->data) + if (!argp->data) return -EINVAL; status_page = alloc_page(GFP_KERNEL_ACCOUNT); @@ -1997,6 +2050,12 @@ static int sev_ioctl_do_snp_platform_status(struct sev_issue_cmd *argp) data = page_address(status_page); + if (!sev->snp_initialized) { + ret = snp_move_to_init_state(argp, &shutdown_required); + if (ret) + goto cleanup; + } + /* * Firmware expects status page to be in firmware-owned state, otherwise * it will report firmware error code INVALID_PAGE_STATE (0x1A). @@ -2025,6 +2084,9 @@ static int sev_ioctl_do_snp_platform_status(struct sev_issue_cmd *argp) ret = -EFAULT; cleanup: + if (shutdown_required) + __sev_snp_shutdown_locked(&error, false); + __free_pages(status_page, 0); return ret; } @@ -2033,21 +2095,33 @@ static int sev_ioctl_do_snp_commit(struct sev_issue_cmd *argp) { struct sev_device *sev = psp_master->sev_data; struct sev_data_snp_commit buf; + bool shutdown_required = false; + int ret, error; - if (!sev->snp_initialized) - return -EINVAL; + if (!sev->snp_initialized) { + ret = snp_move_to_init_state(argp, &shutdown_required); + if (ret) + return ret; + } buf.len = sizeof(buf); - return __sev_do_cmd_locked(SEV_CMD_SNP_COMMIT, &buf, &argp->error); + ret = __sev_do_cmd_locked(SEV_CMD_SNP_COMMIT, &buf, &argp->error); + + if (shutdown_required) + __sev_snp_shutdown_locked(&error, false); + + return ret; } static int sev_ioctl_do_snp_set_config(struct sev_issue_cmd *argp, bool writable) { struct sev_device *sev = psp_master->sev_data; struct sev_user_data_snp_config config; + bool shutdown_required = false; + int ret, error; - if (!sev->snp_initialized || !argp->data) + if (!argp->data) return -EINVAL; if (!writable) @@ -2056,17 +2130,29 @@ static int sev_ioctl_do_snp_set_config(struct sev_issue_cmd *argp, bool writable if (copy_from_user(&config, (void __user *)argp->data, sizeof(config))) return -EFAULT; - return __sev_do_cmd_locked(SEV_CMD_SNP_CONFIG, &config, &argp->error); + if (!sev->snp_initialized) { + ret = snp_move_to_init_state(argp, &shutdown_required); + if (ret) + return ret; + } + + ret = __sev_do_cmd_locked(SEV_CMD_SNP_CONFIG, &config, &argp->error); + + if (shutdown_required) + __sev_snp_shutdown_locked(&error, false); + + return ret; } static int sev_ioctl_do_snp_vlek_load(struct sev_issue_cmd *argp, bool writable) { struct sev_device *sev = psp_master->sev_data; struct sev_user_data_snp_vlek_load input; + bool shutdown_required = false; + int ret, error; void *blob; - int ret; - if (!sev->snp_initialized || !argp->data) + if (!argp->data) return -EINVAL; if (!writable) @@ -2085,8 +2171,18 @@ static int sev_ioctl_do_snp_vlek_load(struct sev_issue_cmd *argp, bool writable) input.vlek_wrapped_address = __psp_pa(blob); + if (!sev->snp_initialized) { + ret = snp_move_to_init_state(argp, &shutdown_required); + if (ret) + goto cleanup; + } + ret = __sev_do_cmd_locked(SEV_CMD_SNP_VLEK_LOAD, &input, &argp->error); + if (shutdown_required) + __sev_snp_shutdown_locked(&error, false); + +cleanup: kfree(blob); return ret; From patchwork Thu Mar 6 23:10:15 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kalra, Ashish" X-Patchwork-Id: 14005508 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2064.outbound.protection.outlook.com [40.107.93.64]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CB43320458B; Thu, 6 Mar 2025 23:10:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.93.64 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1741302631; cv=fail; b=dm2aif8wr0R+R1tOp3sOU41abRgl1BjZ+g8JkxZRcUu/R1sJQ7p5Bx+tOwL7o02pNNcF9OCUclweCw6C5AGtdSyk0uH95+eXEyvPvTVxFF+znQA4CEL6bjaY7t8qzy1grTD0nuRqrPZe2TySb3pyIYylu0/tbgM062oNGLJcWCA= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1741302631; c=relaxed/simple; bh=h0idtQKPZLSPA9p3DBpWA8DE+QhQcqieyJQqq0ysLes=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=XBy1sribD6OLJ772jiKBeaSE+tJdVtWC/0x9xHVKbLzJ/n9XYMsxV7QMb0smpq8sy3fjKOsS1ZYywB6R6NvSswVw2ISXbEhLT651MFzz1yFvXHfe7xt3JDFDTYqjwMcMeBa1ndTbfWd0RZBgXya6EaJu34VMIss70Gd1lQY/4kI= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=kU0XIbz8; arc=fail smtp.client-ip=40.107.93.64 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="kU0XIbz8" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=Ito4n+ztP/48uMS+yCOVmOzvKbDZ1bRcvuPSh0/3F26t+USj4Pzf7rqctRStD/1B69GTbiISEe1xZEkG4IqtGnPWBag4c3trAE/yARnR9pT7kN6ayTxhU0nIvSTMZw7FtQ9y/Q2ncDAtnAb/bujjoX+B/2KUr55EQSQkyfvRHtG8dR2bce6V1A7tnJejATIoSyp5o9hJafS/2PLrcDxlE88PuqU+wdWFUjuwcndR2GgUknn0rRV9VjHLLeuO5RikCKcGxehtgumGek2bRqfaW7kqpkr1pDrmXeHKqZnS3CDngDh80nDfWxHrRKQE7kvVmxPTSX0StxMoMaCP9iKrWw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=a9S5ixd8ovR+GatCwKB4CaC0KmwPJsHXJagfAeboRX8=; b=rueMSdiduzrrYAdN3+v7kcf5TOt/BXGU5kv6mMkS0/Vwv0yc5FIIw6ZAlp5tNcZTI/D6Hes+yM2Pz3cJSNppxUpQTbhx6EtZLmmkrrUFMJESwdUZDKO24+DKP5LzrqY+yeC9TAKUw0AXl71gg2Jb++KcKm4l3RY0nk6lArc58MnNZUtfDIBlFq5GjS6A0bHO2wEBxCnxzfsTgeAC5DwGCX2JcaYPKhaYW528sRdciObgllzO+50ie1ojiOzQK44wo1eIKIkBLAfa6HAzpnne9mXEXLnlDPoTc8ayVSYZ6IZdYLTZsibdHAL0l6mYs/M0ao/BYJBNbbAqPqeeQKdH7A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=google.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=a9S5ixd8ovR+GatCwKB4CaC0KmwPJsHXJagfAeboRX8=; b=kU0XIbz8H/Q8KzUuaQxg4wFbeJjqvAPg3qodV8SnrwKw/I9HctC5EOG4lJDAfpeY6Zdsa6BD8UnmCZwnUM6jasuybBbGrkq5Q3z87C/3mF3n45zh8y54bzpDIZvtNPUaEfd+eaeeVrg83CFCX9eIPpVPozLYG6/Rsci63zxWFJw= Received: from PH7P221CA0044.NAMP221.PROD.OUTLOOK.COM (2603:10b6:510:33c::14) by DM4PR12MB6009.namprd12.prod.outlook.com (2603:10b6:8:69::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8511.17; Thu, 6 Mar 2025 23:10:26 +0000 Received: from SN1PEPF000397B1.namprd05.prod.outlook.com (2603:10b6:510:33c:cafe::71) by PH7P221CA0044.outlook.office365.com (2603:10b6:510:33c::14) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8511.17 via Frontend Transport; Thu, 6 Mar 2025 23:10:26 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF000397B1.mail.protection.outlook.com (10.167.248.55) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8511.15 via Frontend Transport; Thu, 6 Mar 2025 23:10:25 +0000 Received: from ethanolx7e2ehost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Thu, 6 Mar 2025 17:10:24 -0600 From: Ashish Kalra To: , , , , , , , , , , CC: , , , , , , , , , , Subject: [PATCH v6 4/8] crypto: ccp: Reset TMR size at SNP Shutdown Date: Thu, 6 Mar 2025 23:10:15 +0000 Message-ID: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF000397B1:EE_|DM4PR12MB6009:EE_ X-MS-Office365-Filtering-Correlation-Id: 52602a3a-b14f-4562-59b8-08dd5d04145e X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|36860700013|1800799024|82310400026|376014|7416014|921020; X-Microsoft-Antispam-Message-Info: xqtABCePz9O2ZnJPZq0S6J4CVwm2OM3tVCJPQ8UN/lJ9JNDFSP+R+Bn4Px9ZFU1EFbJIAiGaChAjrfnQpCgztXICPX2bxGDl+FGVA49C+xDvrif8CrHnzalWs0+tCtYWWkDlwy6TBUvtMgBbenXCPAY2q7oAgkLVISRQAsVqRxKbvVUiW98YJCl3USO0Uc9qiuC/SdvbSe8J/inquBIH2ryhT6Q00PSIvEiMsK+4VriBp7tmpBudfpHQS3N+UAEx1g/DZuxniIxLQvZR1F1nbmrt+9GLHzOdrmUob0X3xgLJRtAHG+7owYCWkPKoc+bfJM8YYLBSsTyup0Iy9Szqg3V5+g49g3FUDBUrHj5+/DoVBBgZE2Bg4++RPsQHF1UJSh3+aNkscZJPX+89vmu8kU88dQQtZJYvs3dJgN3e8a363Yx1h6YSTY4teP6kxYSB8ZN2wvs1BevNUKPHvK/kku3P9+0GNj1ZrVjDJc+q9uUv9E6GrqyY73AMnLv9CwPA069AC9KHg3hjHQeICnuK7YvWT3TgAdh5yK9cqBWeKzxEJl85tB9YO77y5oxyKjKOJH3K7D2bmvfqNvKxSt3cvQR1eJOC9dvALkfgwUGjk4TODrQvsJvQ1e82LHJ3IH/AubA+xzFvqpiHHNWrjeBmMK0ewgpZOSiJ040gkWiayLG8TuTKlBb+VvszLs9IYDtpY+Oz+BeyLMmvgmaFtu/jzR3wB4NZW5GwYO91n7cIH2PRfWdvFMI23A1NQrNzRM3OI+DEREhQJqqLBfMdKPvWKnM2HFF9KwkZoP6yO1bZJN2hQwhSOrB2CgfE3xUqzCXI7eZNmd6Vg2fOU7Uj4iiTAYrrPY07hk+snB7NwKLboxX5zclWKQZIwnZRnuZe8Q9iI5jf7A8eNLPg8clHZjkrvnGyTtpZ/NZjTu7WdFvwd4EI6jy7lOoTaJxXqK1Brj9FmCNEef6L3ZFJohBEZv25LDdwbA/ko0lDQbngO0lHnYBMuKb7bd+R/afQ8mpSRMbN0jIs8V4nidg5fUWdGZGwcpxNn88UaE1ImgUbdCrF/FB/QqBEeqWWlMoFMk8Q+c8J4kewkx5D+UNhCCOsvTkBF0AOOZe8bv4hsM0v9lwNhBRxqvD6XnUGhB67/0Gm85pfT+8rdLgvjmDIOnknK7YdRiDWDd6NW08gem/xzM8sl7Ri1sx9Az78x+Cu/BuA1s0niTF+EaON3t7KNy1Jtt9jvhYvL2ON6PlZ6kX7+W1X3cc9fC5z81JDtXGt9X7bAyhazyTMVASi18iSsthFu+aA1g5GI+cVI3mknc7EHMK8zzQuTDlmwN/M/u4JdG4tETGuvEFLyxOaMaTvL2tYBjRGNnTX3td3oHieIBXxz0w5gtQulpi5SzSxoI9X2IzI+2wU62qqUJBTaU9rTyRt+DS7sgO8z4bDJOP0LHAcN2flS4eSQLrNXQi/r3S0MTflY1xUrbwSGjVYtOQ6fb6LkvzVHUHegbCwh+hccbEK4e0MI3hRPGYOMymv6nTNwTsuIEOZ X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(36860700013)(1800799024)(82310400026)(376014)(7416014)(921020);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Mar 2025 23:10:25.8520 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 52602a3a-b14f-4562-59b8-08dd5d04145e X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF000397B1.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB6009 From: Ashish Kalra Implicit SNP initialization as part of some SNP ioctls modify TMR size to be SNP compliant which followed by SNP shutdown will leave the TMR size modified and then subsequently cause SEV only initialization to fail, hence, reset TMR size to default at SNP Shutdown. Acked-by: Dionna Glaze Reviewed-by: Tom Lendacky Signed-off-by: Ashish Kalra --- drivers/crypto/ccp/sev-dev.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 5bd3df377370..08a6160f0072 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -1778,6 +1778,9 @@ static int __sev_snp_shutdown_locked(int *error, bool panic) sev->snp_initialized = false; dev_dbg(sev->dev, "SEV-SNP firmware shutdown\n"); + /* Reset TMR size back to default */ + sev_es_tmr_size = SEV_TMR_SIZE; + return ret; } From patchwork Thu Mar 6 23:10:31 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kalra, Ashish" X-Patchwork-Id: 14005509 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2077.outbound.protection.outlook.com [40.107.93.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2363027D776; Thu, 6 Mar 2025 23:10:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.93.77 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1741302648; cv=fail; b=Bf4Py4z6GM5D/Gz0ddp5yWDy5cBGySY+kwjx3XURBSWslUdnV/z//PNxZp4+P5fqJWiJSFi59+Hb1//F5qDbaG7woFwpDOYla3NqtvsH+nErYSA42IBCHq6V0H/+/alqYfMGtPIVSH8jzTIvgaIjH6TBwAm5eH13ITEfdNDUQSo= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1741302648; c=relaxed/simple; bh=2+Gl0E7T4TNASlzyyCu3MCRazEvBzjGW2+VNIxnkrD8=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=G/EfuiJCInMZTSWfX0nGBLmub77sjFzwo/io2d1hS3GFj+Pb9//08Bfl9P7LwpMdC57yaN7E3NGLY7QXDGJekG8yfM20wiXt5sjcF3qOeIWcgsMQ4K+vaQQ5h9f42gtbZvjSBSSDgxX1Yv+IESZOrzdfHIXN418A2tnj0uCUQpg= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=Inq+f9j8; arc=fail smtp.client-ip=40.107.93.77 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="Inq+f9j8" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=m3g1mcxfKeNPTn19rfDAI15ePOfSxRg78cZlKVG5ogPhmQB6vcIICq88mJSobTxUq5f8v16jUsjdPAAS0KPSjkruJI3D7sUNlEv1WZBsgVq90q8yHJHsmJdl13HkD81WLC/SYKWgZEv2D7thFTdgUYY4m25jbeqE6ni3UTjWNnsATdjVdpYkcAEqXLMf81xb2XUHXHFvyzJIz15bnwvReR0vdqm48e59Q+oFKOmDR3glXkif2KzOKqhmanHMxeGtNOkMjM0rso5LX8T+GGDOrw2Dy3h7qwO0dEI1MYue1Y5edq86yD+b/OJfyUGhWBZgQ7s07GDJL+gVHDdO6syZlw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=bJbOEd4dBzMu6JORQwK8OBcxVge5eG3OIbRLz/wOSKs=; b=KsfGYlOwwP0BiS8921/iQN79shJfr3CuP1tf5SV04Krwdxblgupq0IyB0XJI2u28X8VvcVZBVSNZfwujb25ET0fywf1lEYk2JfCesbL54HXr7ngeWE9KvpxJvKp8p+LpdwYMiCX/pyeuR2/KctajU8z8sfrO/JytAH4b2bcCyLpOK8p7Q8wcHKsirpAVz02h9kTprMBvP7r/UQt847KDcsDLnT0tFiOfbbc2UPk2dtYYMeuNrjV7MAAc4JCb/MUUCdv9nXGFB4dqihB2+gcl1Qy6PPNdFFoZslI2W+cEmOZ8ZmVfH9p2WMG/RzYbHCXIJjD8U3wb/GcNemuyaoYqeg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=google.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=bJbOEd4dBzMu6JORQwK8OBcxVge5eG3OIbRLz/wOSKs=; b=Inq+f9j8KyqukdZO++Qw6V5INYhNT/54S0yewOilco8TIjFg2t4snh+CqG415+cJ3lo8SB6H1M7s33LdipektlwLhPo/8WZCSLBXW1zNOX7qJ2NrxXYKb9cANCeXHp8uz/lVIpw1ZIhF0Sy6xVvtWsg1b6AilqmKO8ug/swPn0o= Received: from SA1P222CA0033.NAMP222.PROD.OUTLOOK.COM (2603:10b6:806:2d0::6) by PH7PR12MB9128.namprd12.prod.outlook.com (2603:10b6:510:2f7::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8511.17; Thu, 6 Mar 2025 23:10:42 +0000 Received: from SN1PEPF000397B3.namprd05.prod.outlook.com (2603:10b6:806:2d0:cafe::3) by SA1P222CA0033.outlook.office365.com (2603:10b6:806:2d0::6) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8511.17 via Frontend Transport; Thu, 6 Mar 2025 23:10:41 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF000397B3.mail.protection.outlook.com (10.167.248.57) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8511.15 via Frontend Transport; Thu, 6 Mar 2025 23:10:41 +0000 Received: from ethanolx7e2ehost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Thu, 6 Mar 2025 17:10:40 -0600 From: Ashish Kalra To: , , , , , , , , , , CC: , , , , , , , , , , Subject: [PATCH v6 5/8] crypto: ccp: Register SNP panic notifier only if SNP is enabled Date: Thu, 6 Mar 2025 23:10:31 +0000 Message-ID: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF000397B3:EE_|PH7PR12MB9128:EE_ X-MS-Office365-Filtering-Correlation-Id: e9b734cc-5e70-4b79-07f1-08dd5d041db4 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|82310400026|36860700013|7416014|376014|921020; X-Microsoft-Antispam-Message-Info: sq/UAWapXdeb6B+jZiZ2MUwCtkn0S1tcXwQ5NtHvYnVhecW91QXNjq0QAvdyHfti/HNeM0/GJq76vrQgFVAK8vrKFViIo3xNEZ5tfcvsbac2WgTPVr2V9ut3oK071xe+bWcw6v3gR1zwjvqDsxuBB4mtbX7oZjj2SzVbrVEdyg16iYKVP5KCsu1x3kMTYm5zdhdx6FZhV5u8U29fBN16lPmC/+1ctFUYzqJMErjEOxXifqybNO8rvFDkLdCvSaXyxcB+THg7vczTkTmPT05DGDb6pfNFm9z7nM5UoZT82rxQAWEON+0RuZLVlrSHo0qoFgU/fzn2CHXL1dIu8vSwD1lMrWtZF7zQvlmLmD/6O4XISeS3DwmABBdhoYhilEkY7imBqLlvLkcnRH5HIgKXtaBSfS+xnIt4tiw1/JDNXHGZJapWxZcLyCCgFVDvRcl/N5HtIWmBZJIGAfEIlr4paWTGViG0CIeiQnWIyxYpQEKvBkSFBXzTBSAUDoMKum6JJuf6G0G53+7NEXeyLgh3tsniS/+cz6o/gqsvwO1QNvYu8SyVBWdXDyMgdYgc7dJwAVanaDQ+Vgc7xPSyGHxG62LJ3PPYKo27IJ1kFoHHTUUOj+xp2oPnQ1L21h4FeiAeSnWNZlgnABXXo/kpwtvV+ks4MKApRgipWA2lEyOJKUEUE/Ph3wW7uYn/d/VkFMZUgUhrQ1U/NXsDGAkYhzi+pGobHkaFJdE0dnsl6zUN0q+imHUD1XxmvcCgJtXrjhiH9SCqbn8jkqjhfve6JhGPYPo/KVkZUHjZROKt80VX8+IEFAVIxDC0YAhfQz4iXaQk2SR3x0Ec78oHTVMXXuoSYTokaNg4yFB04uWh3CTdrm09+oixPUZAJ1BbOc8PmtXykA6o4ofA1IkSxKiAgZKjmnRUhsmBSDPnwgooPZo0qoYA//BfgO0Tvw2o0Zb527Gr0FwsGmTN5GqgJ77REfWOq69FPflGYLOq9SU20IlGLx9OOzTRTc8jmM+ckLPqFZXLUhTETC8llaOWZ3K6kpaVhMxVojyFR+CXPQR8RF0PWlO2xQYCNIgfaSRetNpv/YjR+9pjIkQ/6eZbwLHSiBO7JIMQOR5MxkXoVcbwn6x2pnlp39BTu+BMIA6F5pw4W5s5uESff/f5XVW6ZOtBYQypVX/OjXVRdw332xT7XR+zhlAwxejTeqJtsE5HqYoIPO5vkOohsS/1uYd1gZhBxkjAuljHHIPCn5ILyUcsJiPrvsIaMFHoj3qSuInNbwyCnc2izsYDRu08y2R/ADvzehHwZ2nuMdbx4GMoeK51mQE6mmYrru1ZjivomDkGY/XCpy8BCsFbBct+f13AEdcBTEJIg6i0OKz7+yntZAMVKTrgurK5mbD137tyZD6k0rbCdfwNZWrLySXuUyKm9FpO2hM9HRNdH7AGKALXZIxYfMd3aKJAuoWmzjbJXkLrVl3qgq1LdK+vq8vC3zFQhl5NJKODnL5HlYPsUz67Ypn/yLnQEhPcaaK0u+LiftnMAuwgk9Rr X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(1800799024)(82310400026)(36860700013)(7416014)(376014)(921020);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Mar 2025 23:10:41.5131 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: e9b734cc-5e70-4b79-07f1-08dd5d041db4 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF000397B3.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB9128 From: Ashish Kalra Currently, the SNP panic notifier is registered on module initialization regardless of whether SNP is being enabled or initialized. Instead, register the SNP panic notifier only when SNP is actually initialized and unregister the notifier when SNP is shutdown. Reviewed-by: Dionna Glaze Reviewed-by: Alexey Kardashevskiy Reviewed-by: Tom Lendacky Signed-off-by: Ashish Kalra --- drivers/crypto/ccp/sev-dev.c | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 08a6160f0072..6fdbb3bf44b5 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -111,6 +111,13 @@ static struct sev_data_range_list *snp_range_list; static void __sev_firmware_shutdown(struct sev_device *sev, bool panic); +static int snp_shutdown_on_panic(struct notifier_block *nb, + unsigned long reason, void *arg); + +static struct notifier_block snp_panic_notifier = { + .notifier_call = snp_shutdown_on_panic, +}; + static inline bool sev_version_greater_or_equal(u8 maj, u8 min) { struct sev_device *sev = psp_master->sev_data; @@ -1200,6 +1207,9 @@ static int __sev_snp_init_locked(int *error) dev_info(sev->dev, "SEV-SNP API:%d.%d build:%d\n", sev->api_major, sev->api_minor, sev->build); + atomic_notifier_chain_register(&panic_notifier_list, + &snp_panic_notifier); + sev_es_tmr_size = SNP_TMR_SIZE; return 0; @@ -1778,6 +1788,9 @@ static int __sev_snp_shutdown_locked(int *error, bool panic) sev->snp_initialized = false; dev_dbg(sev->dev, "SEV-SNP firmware shutdown\n"); + atomic_notifier_chain_unregister(&panic_notifier_list, + &snp_panic_notifier); + /* Reset TMR size back to default */ sev_es_tmr_size = SEV_TMR_SIZE; @@ -2489,10 +2502,6 @@ static int snp_shutdown_on_panic(struct notifier_block *nb, return NOTIFY_DONE; } -static struct notifier_block snp_panic_notifier = { - .notifier_call = snp_shutdown_on_panic, -}; - int sev_issue_cmd_external_user(struct file *filep, unsigned int cmd, void *data, int *error) { @@ -2538,8 +2547,6 @@ void sev_pci_init(void) dev_err(sev->dev, "SEV: failed to INIT error %#x, rc %d\n", args.error, rc); - atomic_notifier_chain_register(&panic_notifier_list, - &snp_panic_notifier); return; err: @@ -2556,7 +2563,4 @@ void sev_pci_exit(void) return; sev_firmware_shutdown(sev); - - atomic_notifier_chain_unregister(&panic_notifier_list, - &snp_panic_notifier); } From patchwork Thu Mar 6 23:10:46 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kalra, Ashish" X-Patchwork-Id: 14005510 Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on2040.outbound.protection.outlook.com [40.107.96.40]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BCFFB27D776; Thu, 6 Mar 2025 23:11:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.96.40 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1741302663; cv=fail; b=VkPHZmiN43yKMStRgHs9gJ61tSgXouXA3cfxPDSOyY9A4Yfc485AGCaosiefIRiwH9GEHUXlcacYS/B5Yp1TBSS7jnDRcZq3W3VJFdEVThX97TeYOZDZyA5y0LzVbW0TI1Jiiri8bTbP2FbrMbhaVgeomUel4QGVwpazrqRtVss= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1741302663; c=relaxed/simple; bh=D1h0iXoB6QY3u4U8OTYe6FPW+XQ8kRSQmpYXbv/yAfE=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=c8yuNYLSjPykR/tmkca1ZIqv0EiIq3MC76Q3cV7hPZEznMdy8bs+jawGuD8CoVJucQ2naT2i4/24ecqnwsvau182IQjCiex+vWUriM8ciloGVOUL6xgtXns3aJuoGJW163C0ml2Gox1EEDhCvVJvel4cFLxb2zMI/lIftDrp1ws= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=aHjV/cey; arc=fail smtp.client-ip=40.107.96.40 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="aHjV/cey" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=A89alWA5R3UtZWy/M75Zn9y+9tbA35gCzxRvgL4jD1lqhpW0jruNagjQQv2dVwcA8NcZaTF4ArMSGAD3NVfLfJFFTNS5qFqj+0imaZ0qW7ob2Wpy6dxNGorfXu+Vd8TJDsGUxvJgX03X/mgT8pOfCBMxKzlYLOc0uzXNPNbeRKoal6oPtWO7Kxo7ZbZcCHTun7zwNsE7VKScWuhcX1L2lIEn3FkwLxNnhY9+R/uA2MiSXGn2uSIxIiIdtSyb5IRNPCkidpcvQSHad0U60LcmoN24YwDlEJC0QeMe9d32zRhTy99W4mkwf0YYJHwifEa6wGI3rUBP/JkwVyauRuiDzQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=VK/ic4GADChmHiP2vA3I1ncWU2HoC068SbraXg09fPM=; b=b3e0RBKUL8ENwuTYrl92buh7COZ8JqYkouS2LwffzS/DbnGyRlwqPgxXruWXrDrIbvAEAE56lwOPdtCfgTYc0SObNHTD5R73EMKhu4G4K/07nbOy4FqufKX8m+Q61cxTWC4+IBD94DcgvI3w4MxRtWhxp0JFzIDRwBe71MVYVfa3n4g/WIb/hFHFdgo+yaMB7+RWSVt0MpHOKLNlCsyzkGTFz63jN2LsNW89CBHNIdeoIiN0O3bFOZfN/qypP2JUGG6ml/rnMRXcMJdK8xCUEBPKoSUpzAXIEky8iXxNldUpFqxrcJnWHr7wO0uWORc1/GJSKnG+0/nED314PXUtTA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=google.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=VK/ic4GADChmHiP2vA3I1ncWU2HoC068SbraXg09fPM=; b=aHjV/cey/TIL4XaKdBaLa1vJQp5+M9XGdYv/iST/sNp14wUq+iC6tv0LHStbIj9ev9mWZSoKex4Zxjna9AA0VW6F/fbsc4Lu1A059j7Af9yc+TVp+244ueo+9DuNjkI9qS9BuyJkO82noM7rgi1Ftvm7YkOWaIL4lJ6JsYYVYRM= Received: from SN7PR04CA0179.namprd04.prod.outlook.com (2603:10b6:806:125::34) by DM4PR12MB5722.namprd12.prod.outlook.com (2603:10b6:8:5d::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8511.19; Thu, 6 Mar 2025 23:10:58 +0000 Received: from SN1PEPF000397B4.namprd05.prod.outlook.com (2603:10b6:806:125:cafe::b5) by SN7PR04CA0179.outlook.office365.com (2603:10b6:806:125::34) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8511.18 via Frontend Transport; Thu, 6 Mar 2025 23:10:56 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF000397B4.mail.protection.outlook.com (10.167.248.58) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8511.15 via Frontend Transport; Thu, 6 Mar 2025 23:10:56 +0000 Received: from ethanolx7e2ehost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Thu, 6 Mar 2025 17:10:55 -0600 From: Ashish Kalra To: , , , , , , , , , , CC: , , , , , , , , , , Subject: [PATCH v6 6/8] crypto: ccp: Add new SEV/SNP platform shutdown API Date: Thu, 6 Mar 2025 23:10:46 +0000 Message-ID: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF000397B4:EE_|DM4PR12MB5722:EE_ X-MS-Office365-Filtering-Correlation-Id: 1c928fbe-e39c-4cec-3bf7-08dd5d0426c9 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|36860700013|82310400026|7416014|376014|921020; X-Microsoft-Antispam-Message-Info: AgVrrhdM9ZJuwIJQovSaIrcOOphDWuqNd/lCHndqpxxuveYS+hXCT734CYMtGDsU1dRpwpaknxcOl/JY1H3Zgoi8FnGBgh6ePNvmFL/nTvthahXLF7j1hOfc+7WaEC9Y3edzUx7mj3bTZaHCdP9itDfDQUWisv9ydWfsPmwi7JZXHgPVLKQ+Sx2uAm9Z+HhA6p2mfxjYLvNFod8q4BZy3m+7VjkqXlYjGAoRVJ3Kg9J9Qi5zk19Q7jQIs+YLQESdvxKHyRva6eFakvXc6035c94r0BybQ+XJ8evmMwDjEuZfSsQv50o3st75wBk+nCZf5U95l/FH7bMaerE/H5tB7sIYgbZW3nAUEpftDrRnnGgzIbpK0Jx03xPaUVjMYFwBCXUWEW7n43m5IXr/lOqdL8RNNXby8U3FnsG4noavVUDSFfHiagT10WX7qIHvoRM/BE7N7EXYxipN9n5RM36vB0NE/R66Ppy0EpNk28WvhE27qzXZw94+KoZMVQEmOCE4dSAUaZp+xqXYIdGmy8z6ceMgQTgAoHwFA2NN8ztOgTM1ExLo6f0+8SBCDYCxk0q1mOO/Cael+9AYj3uLVvbBQGtKUsONw3SAkiTTefOl04AdxmBgdC95atqYOzGWR1e1B5UssUB176T/GQSxwYxaIsSgV3raeYf3yxbDtF88gniGgs102VIe5C6Zt+xez1GYU3KNJVfANFrzA18bf0zni5Rp3x7sJMBx+U4JEvw1O2s7r0RRU/VFcjEtwM70jLq4zf4K+TWh+pj/MIqCcacla8WAyDFHqjHZOOCWu2a1HtZ71d7exaDc+eVJ+meuxNo6WfcHD/FcSKDqQEzjC/tcS8YGyAAVwL+WRlzfxCvFWRmTxkQ+Vv7lpqp+qpvM+r7pPo+NGC0utGOhpdYR+IkJ8pZRyy5Yg52NVae2ySUGPXjVXVDwsYqGW3DBt1RktKXjw43nX77nPgjsNyREJcUMXPqibJCOIrs+wGzgybsR1HxPO2d3jnvQBnIEQGkEPYU8Ftx9ZDQoGsQn/YCaF9Clb4ZL9ejz5RUCqGuXPr5kQ8A1S8mU7lHBIkCzAl6dxQLczPxxdYZxTlaj3kFzNCTfi7TCAnyC51Cml7xg43/5jIsEfUo1TPrHQLjCfEhCCzjM/+PmTrejFj8DrZn+bXnCtpDmgKw2zKbjPnAJxkbjZgI1vRaeiyVGVdEhO5XB+cPYePYLolVpVSVdemlX3WPIsnj10miE+E+U+40wzjpNRl0fMIRUhJOz020/9R58PsUsj2i/MpNiGZ0cso5kMCC+IXW9cAfiNV1aDRp6OhPCv36oHVhGLr9d1qeMkq8WPk+1pked0CTBN7Ha4gMfvyZ7sOWAAfnOao+22vIEAidFHcWtCmQuJ8D8yJaP1gRs5XSxQN0JCjkjHGBaU0FZsp0nezJBnsNXqLtVGVJyUJLwHJj8y9x0tuDE/Xzv4pbONwoNCsKuHjvh6iOT7RGzakuZVIJMvSLVR2ReQx3Rh3iUJFXEiNq9KchX4uN6VM2QyG8t X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(1800799024)(36860700013)(82310400026)(7416014)(376014)(921020);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Mar 2025 23:10:56.7671 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 1c928fbe-e39c-4cec-3bf7-08dd5d0426c9 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF000397B4.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB5722 From: Ashish Kalra Add new API interface to do SEV/SNP platform shutdown when KVM module is unloaded. Reviewed-by: Dionna Glaze Reviewed-by: Tom Lendacky Signed-off-by: Ashish Kalra --- drivers/crypto/ccp/sev-dev.c | 9 +++++++++ include/linux/psp-sev.h | 3 +++ 2 files changed, 12 insertions(+) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 6fdbb3bf44b5..671347702ae7 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -2468,6 +2468,15 @@ static void sev_firmware_shutdown(struct sev_device *sev) mutex_unlock(&sev_cmd_mutex); } +void sev_platform_shutdown(void) +{ + if (!psp_master || !psp_master->sev_data) + return; + + sev_firmware_shutdown(psp_master->sev_data); +} +EXPORT_SYMBOL_GPL(sev_platform_shutdown); + void sev_dev_destroy(struct psp_device *psp) { struct sev_device *sev = psp->sev_data; diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index f3cad182d4ef..0b3a36bdaa90 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -954,6 +954,7 @@ int sev_do_cmd(int cmd, void *data, int *psp_ret); void *psp_copy_user_blob(u64 uaddr, u32 len); void *snp_alloc_firmware_page(gfp_t mask); void snp_free_firmware_page(void *addr); +void sev_platform_shutdown(void); #else /* !CONFIG_CRYPTO_DEV_SP_PSP */ @@ -988,6 +989,8 @@ static inline void *snp_alloc_firmware_page(gfp_t mask) static inline void snp_free_firmware_page(void *addr) { } +static inline void sev_platform_shutdown(void) { } + #endif /* CONFIG_CRYPTO_DEV_SP_PSP */ #endif /* __PSP_SEV_H__ */ From patchwork Thu Mar 6 23:11:03 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kalra, Ashish" X-Patchwork-Id: 14005514 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2071.outbound.protection.outlook.com [40.107.94.71]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 23951278107; Thu, 6 Mar 2025 23:11:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.94.71 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1741302682; cv=fail; b=D1vn8Sfim1sfk7U8KTKS8UjbIorFuBfh3kSlxuJn9XKBlOxcBjuu3qG6eY/0ElxpG8vOiLF1QoCvjc9pfMxkE4d04QK44eluAzCw59GnYucG906iftrMGzOIB2pZ9AKt6fpon2CwP+48pY0RrSB6g+X1EbBwAAPfUCVGcZ7FYmY= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1741302682; c=relaxed/simple; bh=N3rUFLUIrPb+/yG2hrzRJGfkALzE0DdrDrJfAcb85Y0=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=HEaZ38+MVSFzH/LY2TXeMuxR5GtOR2sFVBR9uVeD4HWX5K3JoS6vokl/MnjXsEfQLE8zbTH/3FJ2ApIcCpLF4XXmup0VevT4kHf4NVCBFVj6TGBa+4xjBR8suoVSFR3ZsL0lNDdN5SnoBV3fwA+5QVC5Lrvx3SHjsrTDpvmUD58= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=gSyKwkb4; arc=fail smtp.client-ip=40.107.94.71 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="gSyKwkb4" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=iTwwBy3RqQsKx2ybVb225vyNGHnWXgfLcBu3cE8xn8iyOQp59km3Y0aNEeQXz/8PX3bxzl6Magp7orflSXtORN0Tl7nZkfGcH1bqrxyKmL8cKxbMh3hbnMLK0XwAcKKhB4nYrMIL0KaoJIJf0SOv1/HuGDLTC2YCPeDAsxV5CpbS1Rb4XJAb4fWx7QQ5zcMbk7aUSi+3zSVZ0aSXLXKf7x6RYBLte31jV8vVbXiMKm73cHFFwmHR9tgvK8CNCNSLyPNb6h7Jawcivqw/rklCHTDYesGeIZNMhKzyd1ZhvdLevBhW6wohEcFNWV4FnjraK6+HMjsLjVkn6MlGpPrVlw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=im+kXAXl1ngYXrrNsoXj2Bx8KGrOh4v3DFEgf74Bow4=; b=YguZrePmv4MjsAYkBOzdZ+yz5/r1Mn36z/kjx9uUsyr2Qg8y2w3o47jkZQVfL32Sve/M4SeZq2ExlilZFgSdk19cWnOl3Fj9FU5Ec0gQSGRr8JXtwCwg4uSTvGicwoyOARPTJmW8g8P81dbLj0HDuF87X+pWywPTW38OcPy6KfMdbHdzB+vWil5YwonNmgabMpR1/c5G3UvaUsvdVeHkEr6a3MgYGnKvjiFlSzBleKQ6sWAs+M7Bfob4EBeVL2i81zINFzwcIna6E/PpOecuMMu43xJZVYi0e2zgfxMs7uyOvlbmmfdELv80/IdRY+5ixn9zSn58HUkFay2S30ZJJg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=google.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=im+kXAXl1ngYXrrNsoXj2Bx8KGrOh4v3DFEgf74Bow4=; b=gSyKwkb4m2OFblpyg9i8IONlHwbe4DlQEdEei6UswCePs9iYE2Vk1aJgi/nMReF8eZvTjlON7OO4LDlcWSvf7eVORYWGEmhOBoNgjn/zegy+cQwjezaFfmNkp/jMmGbIpucYVWh3mQQ0JXH99bZP+VwiMkqc2WHE1c0ll7lRRFc= Received: from SA1P222CA0014.NAMP222.PROD.OUTLOOK.COM (2603:10b6:806:22c::23) by CH3PR12MB8970.namprd12.prod.outlook.com (2603:10b6:610:176::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8511.17; Thu, 6 Mar 2025 23:11:14 +0000 Received: from SN1PEPF000397B5.namprd05.prod.outlook.com (2603:10b6:806:22c:cafe::e0) by SA1P222CA0014.outlook.office365.com (2603:10b6:806:22c::23) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8511.19 via Frontend Transport; Thu, 6 Mar 2025 23:11:14 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF000397B5.mail.protection.outlook.com (10.167.248.59) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8511.15 via Frontend Transport; Thu, 6 Mar 2025 23:11:13 +0000 Received: from ethanolx7e2ehost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Thu, 6 Mar 2025 17:11:12 -0600 From: Ashish Kalra To: , , , , , , , , , , CC: , , , , , , , , , , Subject: [PATCH v6 7/8] KVM: SVM: Add support to initialize SEV/SNP functionality in KVM Date: Thu, 6 Mar 2025 23:11:03 +0000 Message-ID: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF000397B5:EE_|CH3PR12MB8970:EE_ X-MS-Office365-Filtering-Correlation-Id: 2f1a8e51-536a-460a-0c9e-08dd5d0430cb X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|36860700013|82310400026|376014|7416014|1800799024|921020|7053199007; X-Microsoft-Antispam-Message-Info: MjVoYjtv0brnZhG1DxrM+WgFaFl4IuooWLTu71nqwspE6wCSBZc46JI4rJTizXynIzMJ3Qe7jF2bA1QAyhC9LBp9Pz7InEhQSFc5wOyOOQ99+EJY/0IpjKPRMMKtSPt3k1WVPmd28kD49BOJ4qFYA/GvR/dnA1C+L6QvUn21c5oO1YXOqCrEnFsA1kgsmw/s21ITZc3t0wV3PQN1+6fv4yUWQjdA5lfKdlWDozHuCJrXz1zLBWvk6Z6SiGHb3ByXM4jLsk5X4qhY5/ERidhsnPXpfQHp5NckDS8IjJITR8aTbvWBkdNZKHlCMeBs+AX/l5pTc4PGGqURPo9W7+F7EtKre67NfOs0MvN5u+p+2UncYGQYRGvKLlxzoP5khjOg0s8K9rUlSnm4wmK770va8Tc0XRWAUXYfPzlTOAS/L2ydNNzIY6J3G+gBiqT3vLIafnlmlSlfQ8Z0R/xChrnQv8Jvkp3V4sP/LuVbqx1Mhs5x7fvg/0aLIEjjvv/cUE2CwwmPBEO2GfLt85IH8Ps+kUc5URTntRMRA93z6RUTexoBSFzy2RvlpY/y8OFOwIfSihh2MTwdNH9ZgtIb/VyNuJAVeG7PNh5G+WqIva/S5IMDbBCu8p4qo1DOKkFuwJUuWt9Q7MsbfWbkks1e+icmeQKw633PKlduUOr2sEez0h8LkNkC+zl03UynqO2EP3xdrtaou9IvqSn0ZUNrFjqUReORWfTXoUgbl+qMDnPLH15rX5RnEOyCpdrMg99jZHypqc6k7VFtF+3UOPD8zE1eHXAa2BzsknawIr9ckUpuvFzdMEMmFg4rUzmtNKgJquXgZAB1okdm6TffWZ3+/O+tllaXUVuB9XB0Y7EtKzOR1ETFpRVuN22S2+0YNucMkiPNkDWrKGzYf3SlDdCraqrkhHuqXCoWFY2JxMndyXlSa9pwbW7z80xGg0+v0fkQp3roJQu/8AHTviZQhRGEdohsBn4NqPH9NUwnOrdyMv3yuP06227mqO8b1bsQU4AdPzn2yLYeuBOMpaK0SfeX16+On+TOKXJpe7Ovxj5+n0i2K4ObE6TTWcCw/Osvup4qJe7mR1+cuPnxnOE+j76dg0qKiJCiNOPWlzEVT+foBHe1FLDb0VoDFS2XxdhcwdowaCMXg0Y++oM2JMsTOxsx8nGO8cxPtbmGUEer2omouE/ewVO9FDR1ZKXCsKHy+iMlkjCui5g/OtzUwXIWRQGj696yYUZqUAS0mItyj2ymywVu99NOCu0zrB13Gm6yvqc23CWoOY3scfUt3yR+1eHBd82Qmg/YYOnbbznByUSsBcL8kkhh5buBt5H3xzFWOpiVXBXPQfxqg8/Ow9MqCH9k6lD7uVEyX/pW6EiGtXGo4l98Gxrt0K92xWJvQUROtBGyUWJslB8SlIac9cGc3+XRGb6cxqu3D1hiAdc/uX/dmow9Gnr7xTDTUWprEKdVRHODfPcIRMhpI5ArTyj+nZNO5pKrCvOPjIoq+R7+uPDH4VE8QcQt8BfplwU/gU4Da8W6vZL2 X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(36860700013)(82310400026)(376014)(7416014)(1800799024)(921020)(7053199007);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Mar 2025 23:11:13.5406 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 2f1a8e51-536a-460a-0c9e-08dd5d0430cb X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF000397B5.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH3PR12MB8970 From: Ashish Kalra Move platform initialization of SEV/SNP from CCP driver probe time to KVM module load time so that KVM can do SEV/SNP platform initialization explicitly if it actually wants to use SEV/SNP functionality. Add support for KVM to explicitly call into the CCP driver at load time to initialize SEV/SNP. If required, this behavior can be altered with KVM module parameters to not do SEV/SNP platform initialization at module load time. Additionally, a corresponding SEV/SNP platform shutdown is invoked during KVM module unload time. Continue to support SEV deferred initialization as the user may have the file containing SEV persistent data for SEV INIT_EX available only later after module load/init. Suggested-by: Sean Christopherson Reviewed-by: Tom Lendacky Signed-off-by: Ashish Kalra --- arch/x86/kvm/svm/sev.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 0bc708ee2788..7be4e1647903 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -2933,6 +2933,7 @@ void __init sev_set_cpu_caps(void) void __init sev_hardware_setup(void) { unsigned int eax, ebx, ecx, edx, sev_asid_count, sev_es_asid_count; + struct sev_platform_init_args init_args = {0}; bool sev_snp_supported = false; bool sev_es_supported = false; bool sev_supported = false; @@ -3059,6 +3060,15 @@ void __init sev_hardware_setup(void) sev_supported_vmsa_features = 0; if (sev_es_debug_swap_enabled) sev_supported_vmsa_features |= SVM_SEV_FEAT_DEBUG_SWAP; + + if (!sev_enabled) + return; + + /* + * Do both SNP and SEV initialization at KVM module load. + */ + init_args.probe = true; + sev_platform_init(&init_args); } void sev_hardware_unsetup(void) @@ -3074,6 +3084,8 @@ void sev_hardware_unsetup(void) misc_cg_set_capacity(MISC_CG_RES_SEV, 0); misc_cg_set_capacity(MISC_CG_RES_SEV_ES, 0); + + sev_platform_shutdown(); } int sev_cpu_init(struct svm_cpu_data *sd) From patchwork Thu Mar 6 23:11:19 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kalra, Ashish" X-Patchwork-Id: 14005515 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2043.outbound.protection.outlook.com [40.107.236.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8883427E1A5; Thu, 6 Mar 2025 23:11:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.236.43 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1741302697; cv=fail; b=Qtb6jcQ1nyJ95tKnj7BB4jgYRbElqKHnonL7SMRf8TrxG6G1dMveblYu5fHqD76Y0mdDIPX8rmiVVptB4YadEFdR15UOTJHnc5WJwES+QqKO7fVk+pttjRsS1setIUuex23iBnpe6WgWyh1ENI5WMae9LYHvxA2u7rvE1IRTW2U= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1741302697; c=relaxed/simple; bh=LTlAm50khwx7MyGHDUe/J9IemorC42ny7oeVhuaTFEE=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=bvJoD0bd3VLy2e2MunTqu39H0fAHqXyFXHmcV1g8Hzd3LxOHASPM4oDgTshCbhS+BUhfZvfGc+JH5YLysF9JSuQTbzGBD94J1M9e6hMXjgZ1+BYWo+mSVZgbdOnFB4QiZdnl9wGv1YZFbQI4neZIaubnrBv9cIHyb50W6LCzqLc= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=Cl0Q4Bd1; arc=fail smtp.client-ip=40.107.236.43 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="Cl0Q4Bd1" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=eVzH8ZRxkXdoEYuMRHCJ0bv6/a/4Sy5vjgHiI6qlPqYTFn6SKe6dSi85G0aInDDDVuoJjCAabqmia8KvPKm+471r7DepXpJ1ta7G9r4Ro0qaMnP1RRExtDge+TSh/iwVafy1eCzYTqdOPkvBInRxB94lX8IPxe/uc3xvsehFY6/dD/vxqCOhp/NwJPLy9q2NWS3o6PH5SnpqEbbph44VaR4jmmdpqdgGOxqGXt1+gHOfx90BGmAd5O+Wtf5a5ZZ6Tpme0snOEETzGAFkYykrA11/jCs59xLxpglbqTATehJKIE9DMbxIsNh/eHh/9nWW/L6kSMEoW6cMoYXKZ8i+Kg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2cNuKj6mGvdKVap2fHNknx2ahhzqXtraUwGyw/xoIZ4=; b=vPtmQKKkBCJkkNgkhXfsHfTQrUgdpbtad4LomL6eOjSy7fB9hQ1RDuz+4UtXnnVV8hhEWrCM1av9SkVkLnvdS1oUlkJsbpBWLzflv4yGGfKhcKayp1H44d18lWmrKkPoPzcc0zKa3nBwEkA8dBZlcwIe6yqRT7v4zWCn4jukCVVZJ+qrSEO8GCTWPUJflffs5YkAZOzBHnK8SGlYK7kZy81f66nsZQRV73nN15+Gi2myXgVOqQcM6alSzdXTX/lMS1NnuS7ey6ACKyXHP0f8Ktx0T4Mj+jLpHBWIXBAI11y4JiNffitMbV1xMfA+PC+ouGmLXHSta7fxw4iFgxwY0g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=google.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2cNuKj6mGvdKVap2fHNknx2ahhzqXtraUwGyw/xoIZ4=; b=Cl0Q4Bd1e9dBL+y73JKxTi7rDJRmcSvWvtEug0ZRORv9RR9eF4ydVd4zS2BEa8CpVCGsHocvQOZ8YsXSv3RW8jXdtaX41Rebep7OjngoTwqkng0yqgHwppcJVx51mFLWdTFyoJlAr+KXFITib3K8su2SkQZmVHXEsT0P1w80Riw= Received: from SN7PR04CA0179.namprd04.prod.outlook.com (2603:10b6:806:125::34) by SN7PR12MB8103.namprd12.prod.outlook.com (2603:10b6:806:355::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8511.22; Thu, 6 Mar 2025 23:11:29 +0000 Received: from SN1PEPF000397AE.namprd05.prod.outlook.com (2603:10b6:806:125:cafe::5c) by SN7PR04CA0179.outlook.office365.com (2603:10b6:806:125::34) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8511.18 via Frontend Transport; Thu, 6 Mar 2025 23:11:29 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF000397AE.mail.protection.outlook.com (10.167.248.52) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8511.15 via Frontend Transport; Thu, 6 Mar 2025 23:11:29 +0000 Received: from ethanolx7e2ehost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Thu, 6 Mar 2025 17:11:27 -0600 From: Ashish Kalra To: , , , , , , , , , , CC: , , , , , , , , , , Subject: [PATCH v6 8/8] crypto: ccp: Move SEV/SNP Platform initialization to KVM Date: Thu, 6 Mar 2025 23:11:19 +0000 Message-ID: <9bd5f652bd8a41a91cf296658c1f62142d56319a.1741300901.git.ashish.kalra@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF000397AE:EE_|SN7PR12MB8103:EE_ X-MS-Office365-Filtering-Correlation-Id: 2fbdf2f1-5d54-43f9-7622-08dd5d043a0a X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|82310400026|7416014|1800799024|36860700013|376014|7053199007|921020; X-Microsoft-Antispam-Message-Info: dL4bS9YQ8CZSJN/Vn54qCK5R3Z3D2+yMXbvn8Mp3WF/+d/R+HltPKU+nKefXr2AizsgqTLphulo51BwwGKTXFqTQoAMKc2Rdbfk6b+gvn3Y1YsRm+PNar2+Kki6c42MvIlx9Ks5FgmD+wu6P1yjgAdsg4eB0jnNLa3FLYpZQCB96I/ZfUgOVmE6YbP39qXzP0kpLQd805PUDAQIdbE1mAq618mkcNiXQ+LgXhHiA9La85ylSAm/Eqc9P9NC4IT6fSYK6LdSmy3tQzOLvrw9J2g8N6IjKxcX7pTLx/vKoGBFPWA8b56J66IqD0UjvL2ZbcK1N1+DbsUp3bBgpaeTjl+gMX2gLEF+aiyXxCYJ7kFkpPnmOL99Dsfr9AiDdQpZ+3o98tAbKtnx0V8rRim2DtIIEwB1DE1d8oEoOEI2coc3gU+JRzxay4XhE5QSoqQ+4vPSUeG+8xrkNW1Q7CiZ37caf0sU+WfrNrDhywFpzv9aIk/F04Tpo5OFNGebNjlYU0pc7O5Nlt1GN87i0GghzBNoxHerwZIyD3GTUs95kBcOu6/8mE5+8rcvVvCUbPpH+Qq8ghk3iFwWI6PUj4UeGp240faoXTzqk+s+q1TVXLL/Wnm5YI3tbkxTNZReet5Uwp188V1qiy7GOAmv3SWigq1MlObHm5muStIV6YxBQ6PMcv8P8IWibNZ290xmVlPib+7kT7akMbU7qrcH1d0G1m77kDyCYkOEcj8m04fO/zaikA+WyVqdzwwEKdr9OyVC+dLqdQXuORYd4mjO1y/TD4eOviY8HUyveHQ4gkI3L75go0xq+VNGIht1HDO1AbHqXFxVen7PH0f0nmb151XWu4F9XdI6IPnmmotsUQIE5xhYn7BgmT1yVr8LDkOOSeuG9HGlok8skpwDan0QU29o5U0rLKh5eLiNCNckCW2Q/XNARrN1rvNcUDXCjt7KsRZntYRZ6lpERWvToBIHtEL/Bagm3aTpO8U/+wGjIrywpde/aYGOw5/kK2mF3pm2ExPJcqnRzW+jkAb6WTaMouJv7TkyeCPrDl+lFUbZaPB9e5dwKau0tp8fbgNFlgdOTI1K4nb3N0SZhtDmGjsyNEzmp588E0603G7i4PqNxJQDOvZclOuUUVlzvtl/4hTPNh1GCmNk1AMbfvdV8S9SZhGvesO+GTEMEG0h9CSSxlpjgtQueaK85LJjnB0O/ow6dj3OZpZ6UvJ8puLEiaEiXiSiSDadhW/kiEPvm3JdFOmcAZiveDeDMAb95nuIQfHXNK9TNKXT37Nii4EAO4yaeBXncMOzp7+ucckt3vnsQbgeHuYk0SWZmecU5AjuIpi6yC6VuvZ8pCW79hWiK6LIPSd+kxz2raaJPxJxXKYUkTICAwu3D29C2UzF7gFOej0cLiyOutbQcmPIrTMW7uFu1M5xNWel46hV00C66EwahmVYN/gzoUr/9TBrVDjQNVbF8/odjDb4sCM3A68oKcIYycwMKAMVetzaUpCY7n2UUNHNtMpKjpIemVDc/CKv+Brb2JpkK X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(82310400026)(7416014)(1800799024)(36860700013)(376014)(7053199007)(921020);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Mar 2025 23:11:29.0557 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 2fbdf2f1-5d54-43f9-7622-08dd5d043a0a X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF000397AE.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB8103 From: Ashish Kalra SNP initialization is forced during PSP driver probe purely because SNP can't be initialized if VMs are running. But the only in-tree user of SEV/SNP functionality is KVM, and KVM depends on PSP driver for the same. Forcing SEV/SNP initialization because a hypervisor could be running legacy non-confidential VMs make no sense. This patch removes SEV/SNP initialization from the PSP driver probe time and moves the requirement to initialize SEV/SNP functionality to KVM if it wants to use SEV/SNP. Suggested-by: Sean Christopherson Reviewed-by: Alexey Kardashevskiy Signed-off-by: Ashish Kalra --- drivers/crypto/ccp/sev-dev.c | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 671347702ae7..980b3d296dc6 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -1347,10 +1347,6 @@ static int _sev_platform_init_locked(struct sev_platform_init_args *args) if (sev->state == SEV_STATE_INIT) return 0; - /* - * Legacy guests cannot be running while SNP_INIT(_EX) is executing, - * so perform SEV-SNP initialization at probe time. - */ rc = __sev_snp_init_locked(&args->error); if (rc && rc != -ENODEV) return rc; @@ -2524,9 +2520,7 @@ EXPORT_SYMBOL_GPL(sev_issue_cmd_external_user); void sev_pci_init(void) { struct sev_device *sev = psp_master->sev_data; - struct sev_platform_init_args args = {0}; u8 api_major, api_minor, build; - int rc; if (!sev) return; @@ -2549,13 +2543,6 @@ void sev_pci_init(void) api_major, api_minor, build, sev->api_major, sev->api_minor, sev->build); - /* Initialize the platform */ - args.probe = true; - rc = sev_platform_init(&args); - if (rc) - dev_err(sev->dev, "SEV: failed to INIT error %#x, rc %d\n", - args.error, rc); - return; err: