Message ID | 20220816193209.4057566-1-jackyli@google.com |
---|---|
Headers | show |
Series | Improve error handling during INIT_EX file initialization | expand |
On Tue, 16 Aug 2022, Jacky Li wrote: > Currently the OS fails the PSP initialization when the file specified at > 'init_ex_path' does not exist or has invalid content. However the SEV > spec just requires users to allocate 32KB of 0xFF in the file, which can > be taken care of by the OS easily. > > To improve the robustness during the PSP init, leverage the retry > mechanism and continue the init process: > > Before the first INIT_EX call, if the content is invalid or missing, > continue the process by feeding those contents into PSP instead of > aborting. PSP will then override it with 32KB 0xFF and return > SEV_RET_SECURE_DATA_INVALID status code. In the second INIT_EX call, > this 32KB 0xFF content will then be fed and PSP will write the valid > data to the file. > > In order to do this, sev_read_init_ex_file should only be called once > for the first INIT_EX call. Calling it again for the second INIT_EX call > will cause the invalid file content overwriting the valid 32KB 0xFF data > provided by PSP in the first INIT_EX call. > > Co-developed-by: Peter Gonda <pgonda@google.com> > Signed-off-by: Peter Gonda <pgonda@google.com> > Signed-off-by: Jacky Li <jackyli@google.com> > Reported-by: Alper Gun <alpergun@google.com> Acked-by: David Rientjes <rientjes@google.com>