From patchwork Fri Dec 3 14:46:38 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Gonda X-Patchwork-Id: 520605 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9DE02C433FE for ; Fri, 3 Dec 2021 14:46:57 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1352610AbhLCOuT (ORCPT ); Fri, 3 Dec 2021 09:50:19 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57460 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1381600AbhLCOuK (ORCPT ); Fri, 3 Dec 2021 09:50:10 -0500 Received: from mail-io1-xd49.google.com (mail-io1-xd49.google.com [IPv6:2607:f8b0:4864:20::d49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1317DC061D7E for ; Fri, 3 Dec 2021 06:46:46 -0800 (PST) Received: by mail-io1-xd49.google.com with SMTP id m127-20020a6b3f85000000b005f045ba51f9so2474340ioa.4 for ; Fri, 03 Dec 2021 06:46:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=n9U31kqgJhRjTrQuE7/WsUbjvo3IuvChEsgfsakfCtM=; b=rd8pvcG1vzx/DDDuvYSdtXAbva5Itbs/PnhB2WR1urv/bO8ZPp1DXeuDB3jbK7bmyf 75UG+udWEFJy8HARO2Hsjt7/V3HgxUa5q1tD2eb8FUez3UnZ16pl+I/xkf7mtyqUuOWt StHChCjRJ3LEGPKWX2cyCvF60W7tn6tWuesxf6QVhunXkJ+oNLShrPBUJEpKRu7ZjJY8 oCWpUPIlDcJhu/dtw1NSeEGwFwHripXIlJChpleBS6lUg4pa7uYJjaJDZzyrOGgCZBjt 1mLvnBInioIoe2BKwg2LFcr+6Su5RMkhn5riAysWBEMbCplY2a2MUSLSZuLL3uTQqeEa LEMw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=n9U31kqgJhRjTrQuE7/WsUbjvo3IuvChEsgfsakfCtM=; b=s90mTWcNfn4jPnuNgTA/Y5cXGdtnrOD9dBiJoLBE21Ilg+PtX8Hf1rZL6qIQLQk8hL A9MMqWDKNc2mT5HardSDjbR+CEozcKopOHHVMagk2axnFrtd9FVIzVzAPrnMxsVAtlzQ /AS/lSAHHiB+4x1uSEzvW87UmDU34oSOPBDUwPL5A7z2IGsKQzLrEGbYpTpXfbeBC014 cMvc/Ip3mRnv8dTEnK74f6A953DZKemuxLqOUBpEJNW8vV+5Y5hSO4chMLWAC0aC4bRA 12172fHyPzvlxiXCS8y/+EKz+NJJh0oK95MvX6EJz5uCZ8vUczrfQGExvT/ujghLV8do G22A== X-Gm-Message-State: AOAM533oH53msdNbo+tTChm9fLf/txtUCAI+yqTsC+ynnTA8DCy4iGOh 42FrZeio1k45d19j0Tj3JMzpa7lvxt8= X-Google-Smtp-Source: ABdhPJzrzQYwNY4O2vuTS5sr2ZpqPQQ+UCFOGbe72sin34/pwiPQ5VQ0RpEhgLuzb96y4borqsRF0Z6nWwI= X-Received: from pgonda2.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:ac9]) (user=pgonda job=sendgmr) by 2002:a6b:700e:: with SMTP id l14mr20659616ioc.20.1638542805449; Fri, 03 Dec 2021 06:46:45 -0800 (PST) Date: Fri, 3 Dec 2021 14:46:38 +0000 In-Reply-To: <20211203144642.3460447-1-pgonda@google.com> Message-Id: <20211203144642.3460447-2-pgonda@google.com> Mime-Version: 1.0 References: <20211203144642.3460447-1-pgonda@google.com> X-Mailer: git-send-email 2.34.0.384.gca35af8252-goog Subject: [PATCH V5 1/5] crypto: ccp - Add SEV_INIT rc error logging on init From: Peter Gonda To: thomas.lendacky@amd.com Cc: Peter Gonda , Marc Orr , David Rientjes , Brijesh Singh , Joerg Roedel , Herbert Xu , John Allen , "David S. Miller" , Paolo Bonzini , linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Currently only the firmware error code is printed. This is incomplete and also incorrect as error cases exists where the firmware is never called and therefore does not set an error code. Signed-off-by: Peter Gonda Reviewed-by: Marc Orr Acked-by: David Rientjes Acked-by: Tom Lendacky Cc: Tom Lendacky Cc: Brijesh Singh Cc: Marc Orr Cc: Joerg Roedel Cc: Herbert Xu Cc: David Rientjes Cc: John Allen Cc: "David S. Miller" Cc: Paolo Bonzini Cc: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org --- drivers/crypto/ccp/sev-dev.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index e09925d86bf3..f527e5f9ed1f 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -1104,7 +1104,8 @@ void sev_pci_init(void) } if (rc) { - dev_err(sev->dev, "SEV: failed to INIT error %#x\n", error); + dev_err(sev->dev, "SEV: failed to INIT error %#x, rc %d\n", + error, rc); return; } From patchwork Fri Dec 3 14:46:39 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Gonda X-Patchwork-Id: 520603 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 41A33C4332F for ; Fri, 3 Dec 2021 14:47:05 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1381596AbhLCOu0 (ORCPT ); Fri, 3 Dec 2021 09:50:26 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57482 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1381543AbhLCOuP (ORCPT ); Fri, 3 Dec 2021 09:50:15 -0500 Received: from mail-il1-x14a.google.com (mail-il1-x14a.google.com [IPv6:2607:f8b0:4864:20::14a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 02841C061D7F for ; Fri, 3 Dec 2021 06:46:47 -0800 (PST) Received: by mail-il1-x14a.google.com with SMTP id a3-20020a92c543000000b0029e6ba13881so2215156ilj.11 for ; Fri, 03 Dec 2021 06:46:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=M8UHuMWhVxZJQGMzAZkZEJ9WyBjgWEVLzNxFlStluyE=; b=nFoFaOsZAw3z9Qh28b30bjPpE4ncomVVRcGjmmBXWrcIkjpWys13Juk7JixUepVnFn rLM426UOIje40G98phoDtkIvqWuJ1wBRIm82NpWYtXKbrf5Rl11fajHoKY4xLl0JHeCe EhTgU2K6w14frgDYWJPc1gFj7ILWlz3ZJ6P0J7iSMYAsBXfPg9MXUD4C4Y/ctqm6KGQq lh58fqg+rOZvSYf2D9q6v5kHQgo03X0jeXZMEt9rgJBXkZtlkP0dYSGdze2PO8uMWSB5 LVHVnjTzRjXQ2+lFa4dfrx2So9QNCF1BhEIJ2FFDA/1Z3zGLSD9U8Rn8GdUlZ4oDlv/l 9Gdg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=M8UHuMWhVxZJQGMzAZkZEJ9WyBjgWEVLzNxFlStluyE=; b=NL01PAq/MZtQ3gL26hD5jIGnfNLemj4g7vZJk+YuyLZj5pQX7xb7noxn7yDkBjvoS6 0Z5j7Z82nGFmkHpzO43bB2Xicwx3YsxEv14+8vj8aMoXgS2NsRM/Y/gKjmAezqA/v+G+ lNKrcNuaelNlgvtGWTLQIFxPqz1VlVePW+vL8gkerZ+ir8VQpgpukJ/sz1BxxDmovQpk da9W62XM08TrcXJAf1JTKYxq7kPa69HDNLfC3C2mHntAmWpeRcgWlrYSN419CyZyNm3O NFIprq0RkEh1WXPjZH0OHyAhBVIT1HCFoZ7HyBsUmX81LbUY7I/XYeko/WrZcFLc0OXh IWcQ== X-Gm-Message-State: AOAM530aEWUoJKH0ytzil0GIqhlZxdaK2ZP6oNWPk4ZwdNl8xiecb+1R Ctu+f5pz4RgXmqk5bwpiCnwuJZVsnAQ= X-Google-Smtp-Source: ABdhPJzg737bzNUVNy4xTAOGNkc7lNZQuRhKSPEosH93uOND9gdMzK5vqgX1yxw54sF8iPHnDXShThKvkfk= X-Received: from pgonda2.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:ac9]) (user=pgonda job=sendgmr) by 2002:a05:6638:148b:: with SMTP id j11mr24140032jak.114.1638542806335; Fri, 03 Dec 2021 06:46:46 -0800 (PST) Date: Fri, 3 Dec 2021 14:46:39 +0000 In-Reply-To: <20211203144642.3460447-1-pgonda@google.com> Message-Id: <20211203144642.3460447-3-pgonda@google.com> Mime-Version: 1.0 References: <20211203144642.3460447-1-pgonda@google.com> X-Mailer: git-send-email 2.34.0.384.gca35af8252-goog Subject: [PATCH V5 2/5] crypto: ccp - Move SEV_INIT retry for corrupted data From: Peter Gonda To: thomas.lendacky@amd.com Cc: Peter Gonda , Marc Orr , David Rientjes , Brijesh Singh , Joerg Roedel , Herbert Xu , John Allen , "David S. Miller" , Paolo Bonzini , linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Move the data corrupted retry of SEV_INIT into the __sev_platform_init_locked() function. This is for upcoming INIT_EX support as well as helping direct callers of __sev_platform_init_locked() which currently do not support the retry. Signed-off-by: Peter Gonda Reviewed-by: Marc Orr Acked-by: David Rientjes Acked-by: Tom Lendacky Cc: Tom Lendacky Cc: Brijesh Singh Cc: Marc Orr Cc: Joerg Roedel Cc: Herbert Xu Cc: David Rientjes Cc: John Allen Cc: "David S. Miller" Cc: Paolo Bonzini Cc: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org --- drivers/crypto/ccp/sev-dev.c | 30 ++++++++++++++++-------------- 1 file changed, 16 insertions(+), 14 deletions(-) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index f527e5f9ed1f..ef7e8b4c6e02 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -241,7 +241,7 @@ static int __sev_platform_init_locked(int *error) struct psp_device *psp = psp_master; struct sev_data_init data; struct sev_device *sev; - int rc = 0; + int psp_ret, rc = 0; if (!psp || !psp->sev_data) return -ENODEV; @@ -266,7 +266,21 @@ static int __sev_platform_init_locked(int *error) data.tmr_len = SEV_ES_TMR_SIZE; } - rc = __sev_do_cmd_locked(SEV_CMD_INIT, &data, error); + rc = __sev_do_cmd_locked(SEV_CMD_INIT, &data, &psp_ret); + if (rc && psp_ret == SEV_RET_SECURE_DATA_INVALID) { + /* + * Initialization command returned an integrity check failure + * status code, meaning that firmware load and validation of SEV + * related persistent data has failed. Retrying the + * initialization function should succeed by replacing the state + * with a reset state. + */ + dev_dbg(sev->dev, "SEV: retrying INIT command"); + rc = __sev_do_cmd_locked(SEV_CMD_INIT, &data, &psp_ret); + } + if (error) + *error = psp_ret; + if (rc) return rc; @@ -1091,18 +1105,6 @@ void sev_pci_init(void) /* Initialize the platform */ rc = sev_platform_init(&error); - if (rc && (error == SEV_RET_SECURE_DATA_INVALID)) { - /* - * INIT command returned an integrity check failure - * status code, meaning that firmware load and - * validation of SEV related persistent data has - * failed and persistent state has been erased. - * Retrying INIT command here should succeed. - */ - dev_dbg(sev->dev, "SEV: retrying INIT command"); - rc = sev_platform_init(&error); - } - if (rc) { dev_err(sev->dev, "SEV: failed to INIT error %#x, rc %d\n", error, rc); From patchwork Fri Dec 3 14:46:40 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Gonda X-Patchwork-Id: 520310 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 47831C433EF for ; Fri, 3 Dec 2021 14:47:04 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239268AbhLCOuZ (ORCPT ); Fri, 3 Dec 2021 09:50:25 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57490 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1351920AbhLCOuR (ORCPT ); Fri, 3 Dec 2021 09:50:17 -0500 Received: from mail-io1-xd4a.google.com (mail-io1-xd4a.google.com [IPv6:2607:f8b0:4864:20::d4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EDF52C0698C1 for ; Fri, 3 Dec 2021 06:46:47 -0800 (PST) Received: by mail-io1-xd4a.google.com with SMTP id a12-20020a056602148c00b005e7052734adso2391869iow.20 for ; Fri, 03 Dec 2021 06:46:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=JWEgLWnbDmFFCeBV+2I916S5Yu2gVv1q9zpW5VdLWgE=; b=ZzbKvfBV3bmgA43H10WPAaTGXXYoSVa+Dww2LGp9kjxCzVz7hZ7snCXI64n3H9Pdd5 DMyHaOYRDs7HhXCgsRhHTxgIoM9y2JqZ12v/AEAFeT5RL/C9tRJa9OB4NM87nruGsdR6 H3J7zA2SUexdcOKG22ctSLFtt4q+Gjx9L1RBQJgIZl8JGhyBqMGYQqcmNVp1PkDL1ZGR 0M9gJwtod2Fs7Z4Oy9O9gjoVHHNMh/dRNKHsDOSG20SYOLI5hVvvc4csztcjg2mfRqGG oZsjxDiZsEOIx4eyetjsVX5ENlGVV2w9dfRFG4QumtiU24G3egyCvHmdwsVofIqbWkLq fJYQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=JWEgLWnbDmFFCeBV+2I916S5Yu2gVv1q9zpW5VdLWgE=; b=Jjzss9ivdOUZQs4yF/NJdzdPnu42triABOccACsZuj8gOWTcE09iVacY2gXJ0K90Sh NhVI53mLkxvcB3rnmaYaWS2ssEAURXvhWyJJMxoSrvIdTiNIwWfKhCGIl18X5U4Ruj5P Np/VCg5LklH9RIopiHesygDxZrdN+GhaBofesUlW9s8GOiqPVVb7hoije2VNYyOjq7WP HESYBq5yQweBRdrcEWw15lP9blLYancfM2WTZTjfaXfCX2jn9DOxG0b0I6W6iSgiHo9A aUHOcIQ2bmVwi+52TVueALXhzmZwp8e5akiaKyqNidIBeWt1j3f7lZfSqhmZiVRh6IPx tysQ== X-Gm-Message-State: AOAM5309Exxm5m+xMVHZT9ipqW6Kr8OOjRXKGYF3SnxqU+8FqohsXzOn 6ez/FiC1O2cufpX4vQMRZA1xyEl69H8= X-Google-Smtp-Source: ABdhPJxWzE9JbFktJxQjM8pHkKtyo21ASglcbRwARNXd3BXCb7hC5T9Y/oTi3aA0eEJDvoekoMeQl7S59Zw= X-Received: from pgonda2.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:ac9]) (user=pgonda job=sendgmr) by 2002:a02:9586:: with SMTP id b6mr25416004jai.24.1638542807341; Fri, 03 Dec 2021 06:46:47 -0800 (PST) Date: Fri, 3 Dec 2021 14:46:40 +0000 In-Reply-To: <20211203144642.3460447-1-pgonda@google.com> Message-Id: <20211203144642.3460447-4-pgonda@google.com> Mime-Version: 1.0 References: <20211203144642.3460447-1-pgonda@google.com> X-Mailer: git-send-email 2.34.0.384.gca35af8252-goog Subject: [PATCH V5 3/5] crypto: ccp - Refactor out sev_fw_alloc() From: Peter Gonda To: thomas.lendacky@amd.com Cc: Peter Gonda , Marc Orr , David Rientjes , Brijesh Singh , Joerg Roedel , Herbert Xu , John Allen , "David S. Miller" , Paolo Bonzini , linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Create a helper function sev_fw_alloc() which can be used to allocate aligned memory regions for use by the PSP firmware. Currently only used for the SEV-ES TMR region but will be used for the SEV_INIT_EX NV memory region. Signed-off-by: Peter Gonda Reviewed-by: Marc Orr Acked-by: David Rientjes Cc: Tom Lendacky Cc: Brijesh Singh Cc: Marc Orr Cc: Joerg Roedel Cc: Herbert Xu Cc: David Rientjes Cc: John Allen Cc: "David S. Miller" Cc: Paolo Bonzini Cc: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org --- drivers/crypto/ccp/sev-dev.c | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index ef7e8b4c6e02..7f467921b1dc 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -141,6 +141,17 @@ static int sev_cmd_buffer_len(int cmd) return 0; } +static void *sev_fw_alloc(unsigned long len) +{ + struct page *page; + + page = alloc_pages(GFP_KERNEL, get_order(len)); + if (!page) + return NULL; + + return page_address(page); +} + static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret) { struct psp_device *psp = psp_master; @@ -1094,14 +1105,10 @@ void sev_pci_init(void) sev_get_api_version(); /* Obtain the TMR memory area for SEV-ES use */ - tmr_page = alloc_pages(GFP_KERNEL, get_order(SEV_ES_TMR_SIZE)); - if (tmr_page) { - sev_es_tmr = page_address(tmr_page); - } else { - sev_es_tmr = NULL; + sev_es_tmr = sev_fw_alloc(SEV_ES_TMR_SIZE); + if (!sev_es_tmr) dev_warn(sev->dev, "SEV: TMR allocation failed, SEV-ES support unavailable\n"); - } /* Initialize the platform */ rc = sev_platform_init(&error); From patchwork Fri Dec 3 14:46:41 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Gonda X-Patchwork-Id: 520604 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id C7F05C43217 for ; Fri, 3 Dec 2021 14:47:01 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S245039AbhLCOuU (ORCPT ); Fri, 3 Dec 2021 09:50:20 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57428 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1352632AbhLCOuS (ORCPT ); Fri, 3 Dec 2021 09:50:18 -0500 Received: from mail-io1-xd49.google.com (mail-io1-xd49.google.com [IPv6:2607:f8b0:4864:20::d49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0E60DC0698C2 for ; Fri, 3 Dec 2021 06:46:49 -0800 (PST) Received: by mail-io1-xd49.google.com with SMTP id r199-20020a6b2bd0000000b005e234972ddfso2388498ior.23 for ; Fri, 03 Dec 2021 06:46:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=5j0nTnnTae7ucgIsj28o/kyyvCBiva97gISeau3JhKc=; b=QP9nub4ojl3a0CqeB1HYfLmqbdzRPZJtR6+Pv9Y4KYnpLqqxYuti7T4iIrRtKO5Tyj AZZK1D2o46MTL6NY6ggIQXBTr3pgDcuXUriftsLS6diRDsG49LyzkTnVUD2AazhhCHRM +pifuHQDSO3XkQLpFMoP34TLHoKkv2hBYXI2nyoGkgaoQShwz5AYXMo7I8nz/FJfdEb2 A091FzWadb3jM2YJoQszaHNi/VQAg9FA7GU2gQzmNhM+3/249Qyknco2cSnvN3mseHQa screQz9BDzp07J0BuDTi0ERXxG0sYvTBQ84ByBzPuja7sApSKYZd3bqnHmk4FttDO7Hv SZOw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=5j0nTnnTae7ucgIsj28o/kyyvCBiva97gISeau3JhKc=; b=bVcI05HKTNDik3g5Q0h1btn39a035PrFi0qC3YzP4/WjnuAYZSu7qhcwmHjYxkRGAN oSFDgerHIbcNmSEyC3Noz/UnvZx1pL/5LBRCF7+FHBKudSI9574ov2cMR64KX7EVI/6n ne7owdiHPXLlIl1oFBcq8wIRY4ip/M3LMSnneMFkQ0yzv4uhe4xydcjoPZH8QBu14dmY qym4RCOg/9ezUY/MMjsUgaaWV4ZlqgYPym/+TiWV17AA59+uqUQK471FgjKWeJUP+oA+ IXrMCS0J7yHoE96OKJhLNXTE25lnFImVbmAbJomgCgMGAkGZl9AX1VuFbeIZZzT/kdp2 pX1g== X-Gm-Message-State: AOAM5317j7dj7Hcpq+kSqzztNZWYyBF7N3uaceKM4Bd9ndeuRy4rzDLM QxY1Iaao3VcsOWybPPDpSHWrCJ03Gs8= X-Google-Smtp-Source: ABdhPJwB8zssRzEx/gt0Lzegldks+iaNRzhixYi7GxjIg/Eh0N4oC3wOmR3IQnorTWwQ5aBItXckSQrCgCY= X-Received: from pgonda2.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:ac9]) (user=pgonda job=sendgmr) by 2002:a05:6602:1604:: with SMTP id x4mr21455462iow.84.1638542808479; Fri, 03 Dec 2021 06:46:48 -0800 (PST) Date: Fri, 3 Dec 2021 14:46:41 +0000 In-Reply-To: <20211203144642.3460447-1-pgonda@google.com> Message-Id: <20211203144642.3460447-5-pgonda@google.com> Mime-Version: 1.0 References: <20211203144642.3460447-1-pgonda@google.com> X-Mailer: git-send-email 2.34.0.384.gca35af8252-goog Subject: [PATCH V5 4/5] crypto: ccp - Add psp_init_on_probe module parameter From: Peter Gonda To: thomas.lendacky@amd.com Cc: Peter Gonda , Brijesh Singh , Marc Orr , Joerg Roedel , Herbert Xu , David Rientjes , John Allen , "David S. Miller" , Paolo Bonzini , linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Add psp_init_on_probe module parameter that allows for skipping the PSP's SEV platform initialization during module init. User may decouple module init from PSP init due to use of the INIT_EX support in upcoming patch which allows for users to save PSP's internal state to file. The file may be unavailable at module init. Also moves the PSP ABI version log message to after successful PSP init instead of module init in case this new parameter is used. Signed-off-by: Peter Gonda Cc: Tom Lendacky Cc: Brijesh Singh Cc: Marc Orr Cc: Joerg Roedel Cc: Herbert Xu Cc: David Rientjes Cc: John Allen Cc: "David S. Miller" Cc: Paolo Bonzini Cc: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org --- drivers/crypto/ccp/sev-dev.c | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 7f467921b1dc..ab3752799011 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -43,6 +43,10 @@ static int psp_probe_timeout = 5; module_param(psp_probe_timeout, int, 0644); MODULE_PARM_DESC(psp_probe_timeout, " default timeout value, in seconds, during PSP device probe"); +static bool psp_init_on_probe = true; +module_param(psp_init_on_probe, bool, 0444); +MODULE_PARM_DESC(psp_init_on_probe, " if true, the PSP will be initialized on module init. Else the PSP will be initialized on the first command requiring it"); + MODULE_FIRMWARE("amd/amd_sev_fam17h_model0xh.sbin"); /* 1st gen EPYC */ MODULE_FIRMWARE("amd/amd_sev_fam17h_model3xh.sbin"); /* 2nd gen EPYC */ MODULE_FIRMWARE("amd/amd_sev_fam19h_model0xh.sbin"); /* 3rd gen EPYC */ @@ -305,7 +309,10 @@ static int __sev_platform_init_locked(int *error) dev_dbg(sev->dev, "SEV firmware initialized\n"); - return rc; + dev_info(sev->dev, "SEV API:%d.%d build:%d\n", sev->api_major, + sev->api_minor, sev->build); + + return 0; } int sev_platform_init(int *error) @@ -1110,16 +1117,14 @@ void sev_pci_init(void) dev_warn(sev->dev, "SEV: TMR allocation failed, SEV-ES support unavailable\n"); + if (!psp_init_on_probe) + return; + /* Initialize the platform */ rc = sev_platform_init(&error); - if (rc) { + if (rc) dev_err(sev->dev, "SEV: failed to INIT error %#x, rc %d\n", error, rc); - return; - } - - dev_info(sev->dev, "SEV API:%d.%d build:%d\n", sev->api_major, - sev->api_minor, sev->build); return; From patchwork Fri Dec 3 14:46:42 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Gonda X-Patchwork-Id: 520311 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 48E9BC4332F for ; Fri, 3 Dec 2021 14:47:01 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1381574AbhLCOuV (ORCPT ); Fri, 3 Dec 2021 09:50:21 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57432 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1381555AbhLCOuS (ORCPT ); Fri, 3 Dec 2021 09:50:18 -0500 Received: from mail-il1-x149.google.com (mail-il1-x149.google.com [IPv6:2607:f8b0:4864:20::149]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2C02CC0698C4 for ; Fri, 3 Dec 2021 06:46:50 -0800 (PST) Received: by mail-il1-x149.google.com with SMTP id b4-20020a92c564000000b002a252da46e2so2236835ilj.5 for ; Fri, 03 Dec 2021 06:46:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=GkLWwamCLpeu755q7ahqpZmgGU2lUT+JeuNBLp8zyBc=; b=Xi8QyKx6s/gGK72hkYf9vgJYCLbypIxWU+OPYoteOcPJbqNxy8NRpx5PUIHi1PdSRN Tl9N0fZnIOBogMo/Gjjzw6Z/612XvGxhRzYtuN4FyRIuoevamGd2OpkSY1Rw4B5sVjSh ulu5Zt65DNM6rPzmTGbcCJN/jV9rAduPJVZnBw5+31eX+dHcdxcTwSnHlR1h3qEDz4VG mq8pFZzelTYxBn47km5ngJ/uXR84h+UdLDwZylI324GDzWgkqATjIcp3MI2usMId5zNN yJu0rlgGEo5DnsqqE25docVICX8eHRHUrjLkYEOPvBlluppNVYaYoU5aVK87t1pxPxGa qt9A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=GkLWwamCLpeu755q7ahqpZmgGU2lUT+JeuNBLp8zyBc=; b=RE5yLmGu0SCPIaEPKNm3dZbdE95JzW+UsxfnLbZESTfsl179wrtGQfbiXBjCAzOkDP aJsi9EA4fKtefBdLhda49FIGcwlF1JB/fk+OnXgTq+/lbtp7749XQgOIxxsHeJ2Pj/Ks jHUgxky6Eako3UgenO7/zfrTX4waRfEA2Ka/sC4OEQ+0bkvJ3BdlIOKR5WcazAtb7z/W HNEyzMLbRV8kAzcEiGtMeBV6I7Z6tVjPjEXB9ueaLQjps39D/qxhIv47zCkF02WlqKAu 6ts9O5m4AmuPte1omQckDrqvSVDMIOc99GLnBegJmBIaCmYBE5+RAX6dOl9tQef8KhIc Sx2A== X-Gm-Message-State: AOAM531/4n2z+ew8vzUnvZGmUMfI2iXWapt3LtKSSOnQp9+2tMqCYf1k 2Mmg5yzIHf01kRsXQIJvZQsa+mNen4A= X-Google-Smtp-Source: ABdhPJx5WTDXaVAellERAYEDARwYdEGCZNUyvhCxri6/aOCC7bjMfEtiPljPp8/1Pr2YsvnHj8oBSGaqsLE= X-Received: from pgonda2.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:ac9]) (user=pgonda job=sendgmr) by 2002:a6b:2ccf:: with SMTP id s198mr19254886ios.101.1638542809577; Fri, 03 Dec 2021 06:46:49 -0800 (PST) Date: Fri, 3 Dec 2021 14:46:42 +0000 In-Reply-To: <20211203144642.3460447-1-pgonda@google.com> Message-Id: <20211203144642.3460447-6-pgonda@google.com> Mime-Version: 1.0 References: <20211203144642.3460447-1-pgonda@google.com> X-Mailer: git-send-email 2.34.0.384.gca35af8252-goog Subject: [PATCH V5 5/5] crypto: ccp - Add SEV_INIT_EX support From: Peter Gonda To: thomas.lendacky@amd.com Cc: David Rientjes , Peter Gonda , Marc Orr , Brijesh Singh , Joerg Roedel , Herbert Xu , John Allen , "David S. Miller" , Paolo Bonzini , linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org From: David Rientjes Add new module parameter to allow users to use SEV_INIT_EX instead of SEV_INIT. This helps users who lock their SPI bus to use the PSP for SEV functionality. The 'init_ex_path' parameter defaults to NULL which means the kernel will use SEV_INIT, if a path is specified SEV_INIT_EX will be used with the data found at the path. On certain PSP commands this file is written to as the PSP updates the NV memory region. Depending on file system initialization this file open may fail during module init but the CCP driver for SEV already has sufficient retries for platform initialization. During normal operation of PSP system and SEV commands if the PSP has not been initialized it is at run time. If the file at 'init_ex_path' does not exist the PSP will not be initialized. The user must create the file prior to use with 32Kb of 0xFFs per spec. Signed-off-by: David Rientjes Co-developed-by: Peter Gonda Signed-off-by: Peter Gonda Reviewed-by: Marc Orr Cc: Tom Lendacky Cc: Brijesh Singh Cc: Marc Orr Cc: Joerg Roedel Cc: Herbert Xu Cc: David Rientjes Cc: John Allen Cc: "David S. Miller" Cc: Paolo Bonzini Cc: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org Reported-by: kernel test robot Reported-by: kernel test robot --- .../virt/kvm/amd-memory-encryption.rst | 6 + drivers/crypto/ccp/sev-dev.c | 193 ++++++++++++++++-- include/linux/psp-sev.h | 21 ++ 3 files changed, 205 insertions(+), 15 deletions(-) diff --git a/Documentation/virt/kvm/amd-memory-encryption.rst b/Documentation/virt/kvm/amd-memory-encryption.rst index 5c081c8c7164..1c6847fff304 100644 --- a/Documentation/virt/kvm/amd-memory-encryption.rst +++ b/Documentation/virt/kvm/amd-memory-encryption.rst @@ -85,6 +85,12 @@ guests, such as launching, running, snapshotting, migrating and decommissioning. The KVM_SEV_INIT command is used by the hypervisor to initialize the SEV platform context. In a typical workflow, this command should be the first command issued. +The firmware can be initialized either by using its own non-volatile storage or +the OS can manage the NV storage for the firmware using the module parameter +``init_ex_path``. The file specified by ``init_ex_path`` must exist. To create +a new NV storage file allocate the file with 32KB bytes of 0xFF as required by +the SEV spec. + Returns: 0 on success, -negative on error 2. KVM_SEV_LAUNCH_START diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index ab3752799011..d0d5962fa6aa 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -22,6 +22,7 @@ #include #include #include +#include #include @@ -43,6 +44,10 @@ static int psp_probe_timeout = 5; module_param(psp_probe_timeout, int, 0644); MODULE_PARM_DESC(psp_probe_timeout, " default timeout value, in seconds, during PSP device probe"); +static char *init_ex_path; +module_param(init_ex_path, charp, 0444); +MODULE_PARM_DESC(init_ex_path, " Path for INIT_EX data; if set try INIT_EX"); + static bool psp_init_on_probe = true; module_param(psp_init_on_probe, bool, 0444); MODULE_PARM_DESC(psp_init_on_probe, " if true, the PSP will be initialized on module init. Else the PSP will be initialized on the first command requiring it"); @@ -62,6 +67,14 @@ static int psp_timeout; #define SEV_ES_TMR_SIZE (1024 * 1024) static void *sev_es_tmr; +/* INIT_EX NV Storage: + * The NV Storage is a 32Kb area and must be 4Kb page aligned. Use the page + * allocator to allocate the memory, which will return aligned memory for the + * specified allocation order. + */ +#define NV_LENGTH (32 * 1024) +static void *sev_init_ex_buffer; + static inline bool sev_version_greater_or_equal(u8 maj, u8 min) { struct sev_device *sev = psp_master->sev_data; @@ -111,6 +124,7 @@ static int sev_cmd_buffer_len(int cmd) { switch (cmd) { case SEV_CMD_INIT: return sizeof(struct sev_data_init); + case SEV_CMD_INIT_EX: return sizeof(struct sev_data_init_ex); case SEV_CMD_PLATFORM_STATUS: return sizeof(struct sev_user_data_status); case SEV_CMD_PEK_CSR: return sizeof(struct sev_data_pek_csr); case SEV_CMD_PEK_CERT_IMPORT: return sizeof(struct sev_data_pek_cert_import); @@ -156,6 +170,101 @@ static void *sev_fw_alloc(unsigned long len) return page_address(page); } +static int sev_read_init_ex_file(void) +{ + struct sev_device *sev = psp_master->sev_data; + struct file *fp; + ssize_t nread; + + lockdep_assert_held(sev_cmd_mutex); + + if (!sev_init_ex_buffer) + return -EOPNOTSUPP; + + fp = filp_open(init_ex_path, O_RDONLY, 0); + if (IS_ERR(fp)) { + int ret = PTR_ERR(fp); + + dev_err(sev->dev, + "SEV: could not open %s for read, error %d\n", + init_ex_path, ret); + return ret; + } + + nread = kernel_read(fp, sev_init_ex_buffer, NV_LENGTH, NULL); + if (nread != NV_LENGTH) { + dev_err(sev->dev, + "SEV: failed to read %u bytes to non volatile memory area, ret %ld\n", + NV_LENGTH, nread); + return -EIO; + } + + dev_dbg(sev->dev, "SEV: read %ld bytes from NV file\n", nread); + filp_close(fp, NULL); + + return 0; +} + +static void sev_write_init_ex_file(void) +{ + struct sev_device *sev = psp_master->sev_data; + struct file *fp; + loff_t offset = 0; + ssize_t nwrite; + + lockdep_assert_held(sev_cmd_mutex); + + if (!sev_init_ex_buffer) + return; + + fp = filp_open(init_ex_path, O_CREAT | O_WRONLY, 0600); + if (IS_ERR(fp)) { + dev_err(sev->dev, + "SEV: could not open file for write, error %d\n", + PTR_ERR(fp)); + return; + } + + nwrite = kernel_write(fp, sev_init_ex_buffer, NV_LENGTH, &offset); + vfs_fsync(fp, 0); + filp_close(fp, NULL); + + if (nwrite != NV_LENGTH) { + dev_err(sev->dev, + "SEV: failed to write %u bytes to non volatile memory area, ret %ld\n", + NV_LENGTH, nwrite); + return; + } + + dev_dbg(sev->dev, "SEV: write successful to NV file\n"); +} + +static void sev_write_init_ex_file_if_required(int cmd_id) +{ + lockdep_assert_held(sev_cmd_mutex); + + if (!sev_init_ex_buffer) + return; + + /* + * Only a few platform commands modify the SPI/NV area, but none of the + * non-platform commands do. Only INIT(_EX), PLATFORM_RESET, PEK_GEN, + * PEK_CERT_IMPORT, and PDH_GEN do. + */ + switch (cmd_id) { + case SEV_CMD_FACTORY_RESET: + case SEV_CMD_INIT_EX: + case SEV_CMD_PDH_GEN: + case SEV_CMD_PEK_CERT_IMPORT: + case SEV_CMD_PEK_GEN: + break; + default: + return; + }; + + sev_write_init_ex_file(); +} + static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret) { struct psp_device *psp = psp_master; @@ -225,6 +334,8 @@ static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret) dev_dbg(sev->dev, "sev command %#x failed (%#010x)\n", cmd, reg & PSP_CMDRESP_ERR_MASK); ret = -EIO; + } else { + sev_write_init_ex_file_if_required(cmd); } print_hex_dump_debug("(out): ", DUMP_PREFIX_OFFSET, 16, 2, data, @@ -251,37 +362,71 @@ static int sev_do_cmd(int cmd, void *data, int *psp_ret) return rc; } -static int __sev_platform_init_locked(int *error) +static int __sev_init_locked(int *error) { - struct psp_device *psp = psp_master; struct sev_data_init data; - struct sev_device *sev; - int psp_ret, rc = 0; - if (!psp || !psp->sev_data) - return -ENODEV; + memset(&data, 0, sizeof(data)); + if (sev_es_tmr) { + /* + * Do not include the encryption mask on the physical + * address of the TMR (firmware should clear it anyway). + */ + data.tmr_address = __pa(sev_es_tmr); - sev = psp->sev_data; + data.flags |= SEV_INIT_FLAGS_SEV_ES; + data.tmr_len = SEV_ES_TMR_SIZE; + } - if (sev->state == SEV_STATE_INIT) - return 0; + return __sev_do_cmd_locked(SEV_CMD_INIT, &data, error); +} + +static int __sev_init_ex_locked(int *error) +{ + struct sev_data_init_ex data; + int ret; memset(&data, 0, sizeof(data)); - if (sev_es_tmr) { - u64 tmr_pa; + data.length = sizeof(data); + data.nv_address = __psp_pa(sev_init_ex_buffer); + data.nv_len = NV_LENGTH; + + ret = sev_read_init_ex_file(); + if (ret) + return ret; + if (sev_es_tmr) { /* * Do not include the encryption mask on the physical * address of the TMR (firmware should clear it anyway). */ - tmr_pa = __pa(sev_es_tmr); + data.tmr_address = __pa(sev_es_tmr); data.flags |= SEV_INIT_FLAGS_SEV_ES; - data.tmr_address = tmr_pa; data.tmr_len = SEV_ES_TMR_SIZE; } - rc = __sev_do_cmd_locked(SEV_CMD_INIT, &data, &psp_ret); + return __sev_do_cmd_locked(SEV_CMD_INIT_EX, &data, error); +} + +static int __sev_platform_init_locked(int *error) +{ + struct psp_device *psp = psp_master; + struct sev_device *sev; + int rc, psp_ret; + int (*init_function)(int *error); + + if (!psp || !psp->sev_data) + return -ENODEV; + + sev = psp->sev_data; + + if (sev->state == SEV_STATE_INIT) + return 0; + + init_function = sev_init_ex_buffer ? __sev_init_ex_locked : + __sev_init_locked; + rc = init_function(&psp_ret); if (rc && psp_ret == SEV_RET_SECURE_DATA_INVALID) { /* * Initialization command returned an integrity check failure @@ -291,7 +436,7 @@ static int __sev_platform_init_locked(int *error) * with a reset state. */ dev_dbg(sev->dev, "SEV: retrying INIT command"); - rc = __sev_do_cmd_locked(SEV_CMD_INIT, &data, &psp_ret); + rc = init_function(&psp_ret); } if (error) *error = psp_ret; @@ -1066,6 +1211,12 @@ static void sev_firmware_shutdown(struct sev_device *sev) get_order(SEV_ES_TMR_SIZE)); sev_es_tmr = NULL; } + + if (sev_init_ex_buffer) { + free_pages((unsigned long)sev_init_ex_buffer, + get_order(NV_LENGTH)); + sev_init_ex_buffer = NULL; + } } void sev_dev_destroy(struct psp_device *psp) @@ -1111,6 +1262,18 @@ void sev_pci_init(void) sev_update_firmware(sev->dev) == 0) sev_get_api_version(); + /* If an init_ex_path is provided rely on INIT_EX for PSP initialization + * instead of INIT. + */ + if (init_ex_path) { + sev_init_ex_buffer = sev_fw_alloc(NV_LENGTH); + if (!sev_init_ex_buffer) { + dev_err(sev->dev, + "SEV: INIT_EX NV memory allocation failed\n"); + goto err; + } + } + /* Obtain the TMR memory area for SEV-ES use */ sev_es_tmr = sev_fw_alloc(SEV_ES_TMR_SIZE); if (!sev_es_tmr) diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index d48a7192e881..1595088c428b 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -52,6 +52,7 @@ enum sev_cmd { SEV_CMD_DF_FLUSH = 0x00A, SEV_CMD_DOWNLOAD_FIRMWARE = 0x00B, SEV_CMD_GET_ID = 0x00C, + SEV_CMD_INIT_EX = 0x00D, /* Guest commands */ SEV_CMD_DECOMMISSION = 0x020, @@ -102,6 +103,26 @@ struct sev_data_init { u32 tmr_len; /* In */ } __packed; +/** + * struct sev_data_init_ex - INIT_EX command parameters + * + * @length: len of the command buffer read by the PSP + * @flags: processing flags + * @tmr_address: system physical address used for SEV-ES + * @tmr_len: len of tmr_address + * @nv_address: system physical address used for PSP NV storage + * @nv_len: len of nv_address + */ +struct sev_data_init_ex { + u32 length; /* In */ + u32 flags; /* In */ + u64 tmr_address; /* In */ + u32 tmr_len; /* In */ + u32 reserved; /* In */ + u64 nv_address; /* In/Out */ + u32 nv_len; /* In */ +} __packed; + #define SEV_INIT_FLAGS_SEV_ES 0x01 /**