From patchwork Fri Jan 3 20:00:22 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kalra, Ashish" X-Patchwork-Id: 854914 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2074.outbound.protection.outlook.com [40.107.223.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B06431BC073; Fri, 3 Jan 2025 20:00:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.223.74 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1735934442; cv=fail; b=u03INa81rqs570ny5ht3/L+hC5Sbv6KKxGga8poaY9AyL43LAiAq4Exr9cRbdfGQ0v42n6I82v47UZP4OIMVuEhJlenFPLwVWNeN7dzP61u/xhup2lmoNY1fzNfVNtKKTT87nMZ8C+TndXJgL4NGUvOXq0phLCbL286YltWxiec= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1735934442; c=relaxed/simple; bh=wAjzagrjnQYlNz4RahDlYC60WiOzIIh8vYOQE4YSCvA=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=ETEXILRK+++7xJqfeqpbEZkRiGGAMoYcP6DdbkTzUbFzAImtk6EW6Ie0ekE6QwxDJyhRq9cLL3Q3okk5JDpRDNTkdsAHZE22VAjomNp4rZFJG+2sKvCUUjjtWqK9mzDawzDuOk+AKP1obyRiwGBUZmYP1I8o4eERFZzsjUBWA+c= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=Kpb6Qgfy; arc=fail smtp.client-ip=40.107.223.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="Kpb6Qgfy" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=gp6wET3ZVd/T7m+a5GphMCSZlcCe0zW0rLf9lKCSRXn06n4dbDB4ZYARyAHiTVrRinZXmx0hUD8/3+9wO7iBwjGmTH6NXfV4N8C8Ll4pEdSu7x5tg5TXGJ1EWWibtRWBifQpLFoTqLqwo7H1tVXqgrcUtVRyRsSqnngO8h3UjGPYzh4affwAXDLHgYC8ROVlNz/kBvDrvjYjpD4RBWa6LkAroBeEvRmtzmweEjceRyENNZGgdWR/RXjqOFmMaMQo6wKukBb4h6iDMBdOkmY7UoihdC0MuMoLllytWmbE7Kqw/CfX2TUe/z7zXiPmncWPrtMsdW50aA2Q8GgNwzLBpg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=1Ul4UykFP1ClnSkG/fx9CZiwqIzhD67N/nKgrRojTP4=; b=goI/C5w5fJSGHNEj3Vv1ltpv+1wy2ehuML8NBlRnJxH4aBuiOnQ5LNN3UDJByJrP7Jf9cptKhxyydRCdCxcQtXInoGpCWZ8d7EbwuHfE+PyS5X5lATUWO2Fa1+ov8zUV6p6RnCquR7KCK1nQ2R2t2m2L8X4YbpHVh3XLh68kB01rrBz3PDsgoU5CAd7c4LOenkEEeUnNf3NqnQZBLC8cEtrQ7+IaUDkSfEs97pDyZqgr12hmGIpGuPvTVsQyZCXr09WYrkSr/IZIrIkBuSfQJ7MEGo4WZx7R20heKMvw7UKm7ZjHuapMsUzjl/lkoLpjzhsytEeFRWhWG4MoihGDPQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=google.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1Ul4UykFP1ClnSkG/fx9CZiwqIzhD67N/nKgrRojTP4=; b=Kpb6QgfycGX4ZbXA/1HcKJRI0LrN31mhmNEH4SSuH/tcIRIikH8F46aAPWgZymWxtIEtwyAVgTUxcLKke39MtdEicLriQFnOkYiCsgmO4Ecv0iuA3F+cm/hwHn3t43l7rK5u7wXMEwSNvtj4KdK5LWlKB14n1PmbCysnoqKKC00= Received: from SJ0PR13CA0037.namprd13.prod.outlook.com (2603:10b6:a03:2c2::12) by DS0PR12MB7560.namprd12.prod.outlook.com (2603:10b6:8:133::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8314.13; Fri, 3 Jan 2025 20:00:33 +0000 Received: from SJ1PEPF000023D2.namprd02.prod.outlook.com (2603:10b6:a03:2c2:cafe::5d) by SJ0PR13CA0037.outlook.office365.com (2603:10b6:a03:2c2::12) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8335.5 via Frontend Transport; Fri, 3 Jan 2025 20:00:33 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SJ1PEPF000023D2.mail.protection.outlook.com (10.167.244.9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8335.7 via Frontend Transport; Fri, 3 Jan 2025 20:00:32 +0000 Received: from ethanolx7e2ehost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Fri, 3 Jan 2025 14:00:31 -0600 From: Ashish Kalra To: , , , , , , , , , , , CC: , , , , , Subject: [PATCH v3 2/7] crypto: ccp: Fix implicit SEV/SNP init and shutdown in ioctls Date: Fri, 3 Jan 2025 20:00:22 +0000 Message-ID: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SJ1PEPF000023D2:EE_|DS0PR12MB7560:EE_ X-MS-Office365-Filtering-Correlation-Id: 32b18807-91b1-4d6b-c39f-08dd2c31480e X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; ARA:13230040|36860700013|1800799024|82310400026|7416014|376014|921020; X-Microsoft-Antispam-Message-Info: gtTIzIm/MkHFnBEtha+nvEO42JFYQS8CR5+RKuWN+p/f6joRym7QdigYFn2SOsZHMZUuFSoG3QMYluwUra9OeZUyUFavj7/ZHHgvxYnTCNCTykYYM/xOYduXPY9eB6y/2mksHocAevrgP/rfXXUnKt65mM2vfaaoORDAa6nSUF/B7JrX7lJ2iLJhdcpsWjm6muqCCep/S0XEBniCMv0YiKyseGZ3+/n36dEOvb4mGk1uLnlZ8SAuKgDC5IrkWkwreO2bM6GTSGdyJIy91lfQ3OU4hUgxoy//wnmZpCaNOgGtKPirltuogyd2mle7E+XbAIcBZ457iSN4TBQxhcYWgc+9c69/F9kwZIY/ICbp81U4TEl4g01UNp0gvo4SULlb3FOM1dO3+1FzIeyLxpwAjXzzCtjGozHc9LcmvJ39Qckd+Nw8D1aNUmFwnu4wiPCTOrEFmlCIFCU5cYr2IwxSgmNVyLo5o/sgUwGOSzfW6Pl/pRId/8uf9KlQBG6K1J3VQfmE2gGIaCvOzPbuq+rlZQ6oEUlE3WcGGL/22oDXFm0vIXj+VEKG+nLOLirLjb/3qRP8E5e55bn6SfzyNCBD5pQJGRAuEdPOUhgG9wpVXkn8aOKW7aELt/vmnvNiY1HwbRfopPfD/zX5lzISVgLwS9KzkLggkrNV+tbgNPL9x6GEN7gcU5D7Y1R10vPms4ASWEnABMKbZbt0XrVp/z8Iy3i3wWf25Ythqplc31gYbjZXth/2Io0iXd3c/feI6m0d+9kO8mYVKN+eRGcpORxdyOPannqft9xTKdx0gtblYS7a3PLwo+Qr9Ur5EPL05EA225FP9K6ZW5g9h8Nb+yjojt0JzutjinB++7Q6eWIZgctYWnyY1EGlBFB6OdJZ70Wb2sslbSwM6GADlgePChVVhCHFWwcdWg6kmQ+KzVjoqoOwvZJC8x4+ccEXaeALsflcr2SPVXVHaN4QKdI7br/HAQI8X7KFGeG30qhEU4pddQpk7b+xc/EYIulDQJFlBFrhcJrCAc5J2tuPTwEpVXKSdvhxT3wnlfMUikJ3RROWd0nGeDYXn/51eGMCYToRAnZqdU2NWECfHrbYw9OEI0JyLorLkyJtUDERI8UDHyfiheTYAUEL2NgLu4KDuq4AXaTtyl2QaxWUI/yba8ebJHM5KOqu3B0dc/nLza1Ii41kCsc9cGa/ZJ6NXcE25maRuqsbnFZ251FdJv6n/hJS77Gec8OQGYQK+SQ0D7xKB5uGzqvIKF4zrLKBL7bdd/3qRsxnLPaulY9ljylKZumVrpbDmfNNYYwZVsx1Nh/XIMYNi9xemvh7Ib7Ra5qJ9V/RB8QTXVhKcnD6g3yZCpr7+e0sKT2k1h3eUKQwJA2eAO/KiOn5KuYsdJj5tw0uWg//1jiCCaiWD7Kw1C1HO2XKGHRj/O2sSz+pNzPUb58DV433CbRrZRZLZG2WGQF9m2YOeD4DYyGFiw2TuftitWcqvjEj7JZ2TkceQp57oONxd5eoQVdqYD3kT9A98VpWf7psy2WO X-Forefront-Antispam-Report: CIP:165.204.84.17; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:SATLEXMB04.amd.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(13230040)(36860700013)(1800799024)(82310400026)(7416014)(376014)(921020); DIR:OUT; SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Jan 2025 20:00:32.8862 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 32b18807-91b1-4d6b-c39f-08dd2c31480e X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17]; Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SJ1PEPF000023D2.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB7560 From: Ashish Kalra Modify the behavior of implicit SEV initialization in some of the SEV ioctls to do both SEV initialization and shutdown and adds implicit SNP initialization and shutdown to some of the SNP ioctls so that the change of SEV/SNP platform initialization not being done during PSP driver probe time does not break userspace tools such as sevtool, etc. Signed-off-by: Ashish Kalra --- drivers/crypto/ccp/sev-dev.c | 149 +++++++++++++++++++++++++++++------ 1 file changed, 125 insertions(+), 24 deletions(-) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 1c1c33d3ed9a..0ec2e8191583 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -1454,7 +1454,8 @@ static int sev_ioctl_do_platform_status(struct sev_issue_cmd *argp) static int sev_ioctl_do_pek_pdh_gen(int cmd, struct sev_issue_cmd *argp, bool writable) { struct sev_device *sev = psp_master->sev_data; - int rc; + bool shutdown_required = false; + int rc, ret, error; if (!writable) return -EPERM; @@ -1463,19 +1464,30 @@ static int sev_ioctl_do_pek_pdh_gen(int cmd, struct sev_issue_cmd *argp, bool wr rc = __sev_platform_init_locked(&argp->error); if (rc) return rc; + shutdown_required = true; + } + + rc = __sev_do_cmd_locked(cmd, NULL, &argp->error); + + if (shutdown_required) { + ret = __sev_platform_shutdown_locked(&error); + if (ret) + dev_err(sev->dev, "SEV: failed to SHUTDOWN error %#x, rc %d\n", + error, ret); } - return __sev_do_cmd_locked(cmd, NULL, &argp->error); + return rc; } static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp, bool writable) { struct sev_device *sev = psp_master->sev_data; struct sev_user_data_pek_csr input; + bool shutdown_required = false; struct sev_data_pek_csr data; void __user *input_address; + int ret, rc, error; void *blob = NULL; - int ret; if (!writable) return -EPERM; @@ -1506,6 +1518,7 @@ static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp, bool writable) ret = __sev_platform_init_locked(&argp->error); if (ret) goto e_free_blob; + shutdown_required = true; } ret = __sev_do_cmd_locked(SEV_CMD_PEK_CSR, &data, &argp->error); @@ -1524,6 +1537,13 @@ static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp, bool writable) } e_free_blob: + if (shutdown_required) { + rc = __sev_platform_shutdown_locked(&error); + if (rc) + dev_err(sev->dev, "SEV: failed to SHUTDOWN error %#x, rc %d\n", + error, rc); + } + kfree(blob); return ret; } @@ -1739,8 +1759,9 @@ static int sev_ioctl_do_pek_import(struct sev_issue_cmd *argp, bool writable) struct sev_device *sev = psp_master->sev_data; struct sev_user_data_pek_cert_import input; struct sev_data_pek_cert_import data; + bool shutdown_required = false; void *pek_blob, *oca_blob; - int ret; + int ret, rc, error; if (!writable) return -EPERM; @@ -1772,11 +1793,19 @@ static int sev_ioctl_do_pek_import(struct sev_issue_cmd *argp, bool writable) ret = __sev_platform_init_locked(&argp->error); if (ret) goto e_free_oca; + shutdown_required = true; } ret = __sev_do_cmd_locked(SEV_CMD_PEK_CERT_IMPORT, &data, &argp->error); e_free_oca: + if (shutdown_required) { + rc = __sev_platform_shutdown_locked(&error); + if (rc) + dev_err(sev->dev, "SEV: failed to SHUTDOWN error %#x, rc %d\n", + error, rc); + } + kfree(oca_blob); e_free_pek: kfree(pek_blob); @@ -1893,17 +1922,8 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) struct sev_data_pdh_cert_export data; void __user *input_cert_chain_address; void __user *input_pdh_cert_address; - int ret; - - /* If platform is not in INIT state then transition it to INIT. */ - if (sev->state != SEV_STATE_INIT) { - if (!writable) - return -EPERM; - - ret = __sev_platform_init_locked(&argp->error); - if (ret) - return ret; - } + bool shutdown_required = false; + int ret, rc, error; if (copy_from_user(&input, (void __user *)argp->data, sizeof(input))) return -EFAULT; @@ -1944,6 +1964,16 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) data.cert_chain_len = input.cert_chain_len; cmd: + /* If platform is not in INIT state then transition it to INIT. */ + if (sev->state != SEV_STATE_INIT) { + if (!writable) + return -EPERM; + ret = __sev_platform_init_locked(&argp->error); + if (ret) + goto e_free_cert; + shutdown_required = true; + } + ret = __sev_do_cmd_locked(SEV_CMD_PDH_CERT_EXPORT, &data, &argp->error); /* If we query the length, FW responded with expected data. */ @@ -1970,6 +2000,13 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) } e_free_cert: + if (shutdown_required) { + rc = __sev_platform_shutdown_locked(&error); + if (rc) + dev_err(sev->dev, "SEV: failed to SHUTDOWN error %#x, rc %d\n", + error, rc); + } + kfree(cert_blob); e_free_pdh: kfree(pdh_blob); @@ -1979,12 +2016,13 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) static int sev_ioctl_do_snp_platform_status(struct sev_issue_cmd *argp) { struct sev_device *sev = psp_master->sev_data; + bool shutdown_required = false; struct sev_data_snp_addr buf; struct page *status_page; + int ret, rc, error; void *data; - int ret; - if (!sev->snp_initialized || !argp->data) + if (!argp->data) return -EINVAL; status_page = alloc_page(GFP_KERNEL_ACCOUNT); @@ -1993,6 +2031,13 @@ static int sev_ioctl_do_snp_platform_status(struct sev_issue_cmd *argp) data = page_address(status_page); + if (!sev->snp_initialized) { + ret = __sev_snp_init_locked(&argp->error); + if (ret) + goto cleanup; + shutdown_required = true; + } + /* * Firmware expects status page to be in firmware-owned state, otherwise * it will report firmware error code INVALID_PAGE_STATE (0x1A). @@ -2021,6 +2066,13 @@ static int sev_ioctl_do_snp_platform_status(struct sev_issue_cmd *argp) ret = -EFAULT; cleanup: + if (shutdown_required) { + rc = __sev_snp_shutdown_locked(&error, false); + if (rc) + dev_err(sev->dev, "SEV-SNP: failed to SHUTDOWN error %#x, rc %d\n", + error, rc); + } + __free_pages(status_page, 0); return ret; } @@ -2029,21 +2081,38 @@ static int sev_ioctl_do_snp_commit(struct sev_issue_cmd *argp) { struct sev_device *sev = psp_master->sev_data; struct sev_data_snp_commit buf; + bool shutdown_required = false; + int ret, rc, error; - if (!sev->snp_initialized) - return -EINVAL; + if (!sev->snp_initialized) { + ret = __sev_snp_init_locked(&argp->error); + if (ret) + return ret; + shutdown_required = true; + } buf.len = sizeof(buf); - return __sev_do_cmd_locked(SEV_CMD_SNP_COMMIT, &buf, &argp->error); + ret = __sev_do_cmd_locked(SEV_CMD_SNP_COMMIT, &buf, &argp->error); + + if (shutdown_required) { + rc = __sev_snp_shutdown_locked(&error, false); + if (rc) + dev_err(sev->dev, "SEV-SNP: failed to SHUTDOWN error %#x, rc %d\n", + error, rc); + } + + return ret; } static int sev_ioctl_do_snp_set_config(struct sev_issue_cmd *argp, bool writable) { struct sev_device *sev = psp_master->sev_data; struct sev_user_data_snp_config config; + bool shutdown_required = false; + int ret, rc, error; - if (!sev->snp_initialized || !argp->data) + if (!argp->data) return -EINVAL; if (!writable) @@ -2052,17 +2121,34 @@ static int sev_ioctl_do_snp_set_config(struct sev_issue_cmd *argp, bool writable if (copy_from_user(&config, (void __user *)argp->data, sizeof(config))) return -EFAULT; - return __sev_do_cmd_locked(SEV_CMD_SNP_CONFIG, &config, &argp->error); + if (!sev->snp_initialized) { + ret = __sev_snp_init_locked(&argp->error); + if (ret) + return ret; + shutdown_required = true; + } + + ret = __sev_do_cmd_locked(SEV_CMD_SNP_CONFIG, &config, &argp->error); + + if (shutdown_required) { + rc = __sev_snp_shutdown_locked(&error, false); + if (rc) + dev_err(sev->dev, "SEV-SNP: failed to SHUTDOWN error %#x, rc %d\n", + error, rc); + } + + return ret; } static int sev_ioctl_do_snp_vlek_load(struct sev_issue_cmd *argp, bool writable) { struct sev_device *sev = psp_master->sev_data; struct sev_user_data_snp_vlek_load input; + bool shutdown_required = false; + int ret, rc, error; void *blob; - int ret; - if (!sev->snp_initialized || !argp->data) + if (!argp->data) return -EINVAL; if (!writable) @@ -2081,8 +2167,23 @@ static int sev_ioctl_do_snp_vlek_load(struct sev_issue_cmd *argp, bool writable) input.vlek_wrapped_address = __psp_pa(blob); + if (!sev->snp_initialized) { + ret = __sev_snp_init_locked(&argp->error); + if (ret) + goto cleanup; + shutdown_required = true; + } + ret = __sev_do_cmd_locked(SEV_CMD_SNP_VLEK_LOAD, &input, &argp->error); + if (shutdown_required) { + rc = __sev_snp_shutdown_locked(&error, false); + if (rc) + dev_err(sev->dev, "SEV-SNP: failed to SHUTDOWN error %#x, rc %d\n", + error, rc); + } + +cleanup: kfree(blob); return ret; From patchwork Fri Jan 3 20:00:59 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kalra, Ashish" X-Patchwork-Id: 854913 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2063.outbound.protection.outlook.com [40.107.93.63]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AA5871B4F17; Fri, 3 Jan 2025 20:01:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.93.63 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1735934493; cv=fail; b=qp6zAKUOrVkZKNv96b+uMxA+y8z+Ad9JunHFdFUPqir8BwGSVSRqeFnyfJB4ycJUWoUbPjYEa4vw98TVyM+K2Ff0ofrg3n8fusY9Ujk5WtccyDUYGFkWBxSOGESK+BM0ikrAPLo5ZKby5d/GdxqqZU2bzhcKhYPz7IZQzzmAltY= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1735934493; c=relaxed/simple; bh=syGqMyaizm6LEec9pfcxvi7BPhvLcG+T+ty2iLvU3mk=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=L/eKXcEeWWmXxfpQE5V9cbnBk/+/O5EL/B5Lh3lVK0L855TGT3vOGsqGJpll4TkjKQE+V24YdCjnAI/biAIHaX3lHx+VTVgoYuN9KfnIKMCmqtiC7e1xUhuNEI9CUq8Fz2JqLQEDiHs1VycBH5RxEHzS63QZV72vAlYJZtUNXk8= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=P0NTGel9; arc=fail smtp.client-ip=40.107.93.63 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="P0NTGel9" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=MbKt8ze1EE0jx9AWGi3ahQ+u1zK0qY13r1ViBSPx0LCq/tERER7fF3rJNMigwsO3L5dkYQszZmCDbPTIQ9RW/W7JuPCJiJqze6xzt36T3SgTvrcqUGTBmLS/P//2uHBZNABKppCPGjIwmDOAF2fGt08L3620f1wHqUjrQQpjqi1Fr1mcL/7JjTiR4UqVmQc0sAC+WLaOH5EmfFAN8dcmx2yT9AOgl+sCo/axhhDmgiF0GC40Kdfxd64vyjJKUY2nyMPxsZoiIDA2L08kM9PFOIghqkIAloq/KVuHZdo6QgpJwm3t5ABqTBmDpBy5BRdt6v+MqZqPiNoRl9HfYplrtg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=rhTHE/dT4zAyu9CTo6Xv6Y3HGPzAIfnLVVr2hn0wfg4=; b=V2cJSz8VTuzTiiFKoCPYHA9nmOwDjNykAep4WUr+bKRMmWlD8GJqUMUFa5he+ZnHpqE4rlAO/67UxxWFQMFk56NOrOPIA8wgSQgyuc65py3NIWAqeBmUkebCyMjJ+FibMtuiscnasKGTPkjapB9pD8Xjn96Kyz2PeKAdZxPUdN5lUIqXovrRme8AxL/LvAw9pqsRwK1i7jUC4akB89Jp4PLaSkYSYyvdcgOgK8mqUMTFxouIDyefnPk3YbPlttxwp6rwlb6djhFsJc/EQCuj5Dn3tQGeg/Mk3Btyt/Gcl4b3OoOvxyoZENHWZoJg+e8JCQEr/aUoPD+L6XGOViFCSQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=google.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=rhTHE/dT4zAyu9CTo6Xv6Y3HGPzAIfnLVVr2hn0wfg4=; b=P0NTGel9h7vYvvq63ZLZf1+IUoQNU4emGqOpgCJS04LsSUCwyT+DEeyv7korkDkMnEcZ0+UfsFnUge+9z9OwpuAtBO0WKhubz32JIIQ71sv9mYu9MRm3qdD66KHfaHNRFmEkE+ZtYQcfJpI9TeXFEfTegkX41y1KD/wkmQqkOlA= Received: from CH0P223CA0024.NAMP223.PROD.OUTLOOK.COM (2603:10b6:610:116::12) by PH7PR12MB7985.namprd12.prod.outlook.com (2603:10b6:510:27b::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8314.12; Fri, 3 Jan 2025 20:01:16 +0000 Received: from CH1PEPF0000A34C.namprd04.prod.outlook.com (2603:10b6:610:116:cafe::b7) by CH0P223CA0024.outlook.office365.com (2603:10b6:610:116::12) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8314.14 via Frontend Transport; Fri, 3 Jan 2025 20:01:16 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CH1PEPF0000A34C.mail.protection.outlook.com (10.167.244.6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8335.7 via Frontend Transport; Fri, 3 Jan 2025 20:01:16 +0000 Received: from ethanolx7e2ehost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Fri, 3 Jan 2025 14:01:15 -0600 From: Ashish Kalra To: , , , , , , , , , , , CC: , , , , , Subject: [PATCH v3 4/7] crypto: ccp: Register SNP panic notifier only if SNP is enabled Date: Fri, 3 Jan 2025 20:00:59 +0000 Message-ID: <674affc649968994f95b6259f162d5f0732b102c.1735931639.git.ashish.kalra@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CH1PEPF0000A34C:EE_|PH7PR12MB7985:EE_ X-MS-Office365-Filtering-Correlation-Id: ecab5043-c0bb-4a1f-cc8f-08dd2c316220 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; ARA:13230040|7416014|36860700013|82310400026|376014|1800799024|921020; X-Microsoft-Antispam-Message-Info: M6xfg7RMdNuyrZDl6oT0/BQ1xKLPaqVTW6iGZ8oQ8xi2ZUGE/p285YKcxZH9FCAcn1VZtvVyLlftUF5RtqiZprELcmSeVmuFLZe024Za8UIaFgwVxrIlWjSncECTKL+ee0g8gBbmdnu4ne7GjcyuBAbkHhe6szspjT2HcYENxrj7tmNYzoUT7J8fX5l5G4aRZNLm/OPVvhHWKsQo3ojaEFHKY4csMjWwP1vd7Yra1xJNhH1XpDdLqTOxHNZijjGkziOALH/KHM4t30B8NAMmJ4F1NVomSfYYQYGEbMflN5sN9t+1hYOM76hIWjwb2xxc9hL1IPlfY8zl65HTkODSRRH1/yqYovF2vZmJCBSZC8hTfw/8Qk7ztfNVft7qTN4TVdPlvEMwx/uN5sNiVIL5SF9NrG91zGzzKmWtKu+H1dN0NoBwOq/959WhGc3ht+1bnCFxFRPvYb3d6etbZzWAsleejKpe4IRfyNe26D0XKMGZbTLXcFVjekVAPFbeEYi0dDL+I6RIN8fU/qYWEQJzRKNlJ+kmuTKMNxVcRkfSpLOlGT0Nt2EldSQjJYz1szt2X0G0+wOUUlFyNSW0iAUjy9M33FWVKn+JmL/vozmHtTAJ05gJs2oLt8qPQdOae6AKMrnNrZinuWAuKWnDQcXFzQFCDSVgBoiLWXD9+e8WIeZhCmU7Tw8wOtoMFbIwRjEXFnuefbNXXNhGOPNakk2dCyrtVW1C3BRP32YHbUqkMqroM4hOvkhFPZ5UtwrEjEOWp761+VlVNwowXFLwWCU1scsl8yUvhTvnuTuEXY0iX5gOde9D1ZaBlfFU4MZwJnGXYbp7PmC5Efpg7Fatyjtzhj5JPphVB3DLNvqJX3dt/hX2whRAFYD1QMXzdw1735WmZD43gVve6O5JNxg3fw2XLbCjJvI3VljaBiEaIi/mRVSw2W6f6thge3zNreWf9EHkqkmAywSQQ/ddoT+tKOsUUUhOh9SyAY5+GyJzfoRT33ZPe0N9kSvZ7aekVs4V8HHyb5s8r3BQZJ/y5ESYnUqTaCy4rbvVutiAY8SA7pkOruC3AkQi2M6yfPJtxApw+oVLXYkFeQVVY/56dFpg2xXPGDdeKZs5oPyseWfFaKWDRyTm0sCj8JJ0FvzUd58ax8fC2mvmrg1gOj0iOs7EVB1Z6TCHH0o8K8kBjcBgCVo0tkJ3LChwD02Kxz14QOhau7KuGRFhAbWbGiAQVReZ7mHJtwdU9qfRQLCRTgFG1v/m+wjui4QVePmZkhm63Ydz8U+mbrc6UEhu/03vAm2v3Lxd/+RwIvra09I3M76k3tJCylj6DTYY6kwYDh07NJLbuyj3Gku+HElhE+MDYdI6vREJOMz5ZjbMCJjl/SWxzgv9wdJq2msls1iemh1j+is0MB+G/3b/Bar71/m1yuhXIN23kPIgFvEbbOijnXFGwl2TQfTxJM7tRJdWvGz5fvJ/F6/F5q7io0z+EHxz47RiZLHRm3YVRBsEO3otm01cJ1ecibwHXmSk8P+y1Naf2kO6ld4n X-Forefront-Antispam-Report: CIP:165.204.84.17; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:SATLEXMB04.amd.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(13230040)(7416014)(36860700013)(82310400026)(376014)(1800799024)(921020); DIR:OUT; SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Jan 2025 20:01:16.7033 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: ecab5043-c0bb-4a1f-cc8f-08dd2c316220 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17]; Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CH1PEPF0000A34C.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB7985 From: Ashish Kalra Register the SNP panic notifier if and only if SNP is actually initialized and deregistering the notifier when shutting down SNP in PSP driver when KVM module is unloaded. Currently the SNP panic notifier is being registered irrespective of SNP being enabled/initialized and with this change the SNP panic notifier is registered only if SNP support is enabled and initialized. Signed-off-by: Ashish Kalra Reviewed-by: Dionna Glaze --- drivers/crypto/ccp/sev-dev.c | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 9632a9a5c92e..7c15dec55f58 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -109,6 +109,13 @@ static void *sev_init_ex_buffer; */ static struct sev_data_range_list *snp_range_list; +static int snp_shutdown_on_panic(struct notifier_block *nb, + unsigned long reason, void *arg); + +static struct notifier_block snp_panic_notifier = { + .notifier_call = snp_shutdown_on_panic, +}; + static inline bool sev_version_greater_or_equal(u8 maj, u8 min) { struct sev_device *sev = psp_master->sev_data; @@ -1191,6 +1198,9 @@ static int __sev_snp_init_locked(int *error) dev_info(sev->dev, "SEV-SNP API:%d.%d build:%d\n", sev->api_major, sev->api_minor, sev->build); + atomic_notifier_chain_register(&panic_notifier_list, + &snp_panic_notifier); + sev_es_tmr_size = SNP_TMR_SIZE; return 0; @@ -1751,6 +1761,9 @@ static int __sev_snp_shutdown_locked(int *error, bool panic) sev->snp_initialized = false; dev_dbg(sev->dev, "SEV-SNP firmware shutdown\n"); + atomic_notifier_chain_unregister(&panic_notifier_list, + &snp_panic_notifier); + /* Reset TMR size back to default */ sev_es_tmr_size = SEV_TMR_SIZE; @@ -2490,10 +2503,6 @@ static int snp_shutdown_on_panic(struct notifier_block *nb, return NOTIFY_DONE; } -static struct notifier_block snp_panic_notifier = { - .notifier_call = snp_shutdown_on_panic, -}; - int sev_issue_cmd_external_user(struct file *filep, unsigned int cmd, void *data, int *error) { @@ -2542,8 +2551,6 @@ void sev_pci_init(void) dev_info(sev->dev, "SEV%s API:%d.%d build:%d\n", sev->snp_initialized ? "-SNP" : "", sev->api_major, sev->api_minor, sev->build); - atomic_notifier_chain_register(&panic_notifier_list, - &snp_panic_notifier); return; err: @@ -2561,6 +2568,4 @@ void sev_pci_exit(void) sev_firmware_shutdown(sev); - atomic_notifier_chain_unregister(&panic_notifier_list, - &snp_panic_notifier); } From patchwork Fri Jan 3 20:01:47 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kalra, Ashish" X-Patchwork-Id: 854912 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2058.outbound.protection.outlook.com [40.107.223.58]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9A2301BBBF1; Fri, 3 Jan 2025 20:02:05 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.223.58 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1735934529; cv=fail; b=jTFb/ZZyd86Ek6zIE2Qf1OLX1F+bgRGsvD6JE3mTO+fObF2VkzAeOh/z3uCrzeiR8TAnqxXBNVaNYm/vusjg2BVq4hVWaCG0B+KjERZtVMQmY4EO7klz5L3/+o9yw5khgxuRUpKm7S3OQHCGKzyLbczoyafDY7+tf1QV/kz8OXs= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1735934529; c=relaxed/simple; bh=3WVBlN6W2cc3jq7KTXYDW0VvO1JMun4z1wdx2ZFHe3o=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=ZGaHjqu1yhjNLPPTrOIyhfm86GmRrrsirlCGWNsHQAOxcTHRFJZzt6/0DT67bs5LHQA/YXt+EBgFPH7ARPvvAioVgV3hhehi8TKQYK/rFolg3lJOMzQPQVEOzMb5jRCVhyLEvwyAlBmEFBSHDvdBBYF9u1fAxQJ+r/NFuobv3dM= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=2psI60Qh; arc=fail smtp.client-ip=40.107.223.58 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="2psI60Qh" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=Gb0Ng/1YNOMgLcEJ3jU26msG1KpZEdWPFuiOkhBWnZI/5uZQJtuemGG+a84VdiLeTJJp3ohNsSCCeA0bxZw1HjczFwwGP0p4j83aty2K77WITB6yuhrRa61yUZyabcuQ2DISNSWQt7sEuDQQhpEYJxleMNyX+vFqj2OseVDPiDMnXSOkZNziFHNgCJUgHLsWl6WbAuOaHPAL2DGx3tE1+ZUCJxlXVx1vZN63A5diiQWM+DVpqR43/Z2y4VXCzMdfmgQHb71nwK8l2fhWlnIspwDw6KG8P20gZKU2Lp1PpTdDV4HuDURSaHKc9gpmV1wLL8wVvxz5XbWDOPaDEUBKaA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=fJp5bO021neq9pm8lBDqNpqpM5PPNhfaH5qCwyw4Prg=; b=ilKQTVPZ0I5Y8tm7nyu47BW4MUpF24egOFQBH00AcxFZQMc1CrloHxDpDyJZIXxHoEuYIcsiQwXjPRVUiIj1Xfr2w1nZ8X3VfsOhf8zheelp1NmLj6agePymbTxweOYdvFa9pRN+pkHc60Nxb2LKs0YlrxV2MtdWteihfV2SmUqoqyqHRJUZnl5PvduXIfSocu5Eg31XjjJWNFJ4kLW8ObFOqv5QF/lzt9nUdJLgqpXg9uM1UFit/0TIci29j42pFXP8sKtvVYCNknPLnSV7vHZqjUMakNfSKjgd14QYDyXSoiH4C0U2JsbOTapXroDlXD0cjURVdNxJO64HG8yPsg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=google.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=fJp5bO021neq9pm8lBDqNpqpM5PPNhfaH5qCwyw4Prg=; b=2psI60QhWbwERj2BI1OdthH1RRavcLNKYh5D94d+OnUBfMfOx6F1YEd2KKZVeZ/53Ms3LzOX9bE01hZkRRMHH1UY9RU/UoTZD5ji5NEsgOYvacskrt6MTJgfoYNtS8K60+FGMf9auH/ZVPz78sMNMQnagD3EF4SAsMO2YQkFnfc= Received: from CH0PR13CA0036.namprd13.prod.outlook.com (2603:10b6:610:b2::11) by MN6PR12MB8516.namprd12.prod.outlook.com (2603:10b6:208:46f::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8314.11; Fri, 3 Jan 2025 20:01:57 +0000 Received: from CH1PEPF0000A346.namprd04.prod.outlook.com (2603:10b6:610:b2:cafe::ae) by CH0PR13CA0036.outlook.office365.com (2603:10b6:610:b2::11) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8335.6 via Frontend Transport; Fri, 3 Jan 2025 20:01:57 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CH1PEPF0000A346.mail.protection.outlook.com (10.167.244.11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8335.7 via Frontend Transport; Fri, 3 Jan 2025 20:01:57 +0000 Received: from ethanolx7e2ehost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Fri, 3 Jan 2025 14:01:56 -0600 From: Ashish Kalra To: , , , , , , , , , , , CC: , , , , , Subject: [PATCH v3 6/7] KVM: SVM: Add support to initialize SEV/SNP functionality in KVM Date: Fri, 3 Jan 2025 20:01:47 +0000 Message-ID: <14f97f58d6150c6784909261db7f9a05d8d32566.1735931639.git.ashish.kalra@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CH1PEPF0000A346:EE_|MN6PR12MB8516:EE_ X-MS-Office365-Filtering-Correlation-Id: b33d7066-6869-44eb-bf7e-08dd2c317a55 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; ARA:13230040|1800799024|36860700013|82310400026|376014|7416014|921020; X-Microsoft-Antispam-Message-Info: eIn1hxulqCYQGbasD1CXokWxWftffDD3x2Na0bo+xOO4gvVpi59h90102+FLBAK6cXRfzLlfjSd3MZJaGFnVmPOeWs64T8HCCH10LdKktLLad1U6aaB5l2S1r4qyulCiDI3SFtgIt23ykKRsVaNDtsuE54lydVsatSwL5OiAmXs1Xiru4nPzZLokOY6mXgL/qOKUTKhA6z7QbjNM5vSKepySBx+hwSpabqpqeGHP26+WbXqdnB4uAO9xM7FkabFp2v0Z//ROUSQhJQ4Dg2utHwKO9gwjyEF3vz14Nnb1QC86hrNcuUL1gpgC+SlFaa0DT2HOARRIwWlHL/u3HLHfGKDPB+sIEr/YoNHFbMa2RzT1Lr9Y+VMVeoko+wggr/9VN4aLOYUIVNMiXuvVEOKy/UIPe+H6dfCnTPTIQdTfzHMlUpFEt6Je6Rf7eHWOSgJ05mCXNSF2kdwsL3B35Ix64+4ZIhZf8/m3Q2KyvVHvyuGhSd+cCTyqmHRM67jDPBeUXjnYAiPzZS5D24ikgECaYLuw99NLXTTFFYdhfAjhWzSFGdIjFdhMTUjUtBm0jqCB+8mCcuSut4/uIrPacXGHtHufANbDGmNpo/xlPq3pHKJ41S1tIr4gkcWQ7vttx+uPFO3UA65zpf9DonpgQ0JBa1FkQSZED2az3GNIgaopp/78msuuVS+LUySwkKQ5aQ/syhGrx3g1nngCjcM2m1QKNhCQcftW3JItTgPcWwxZjm9bSbViHkbf+MuMSKizDJSjS+3KNzCToaUCddcf11Unw/USPwCFoucSnmUfKRipa0Ua1OjF2PthlbRXi5ll3MI9zHegyNZ6u4vUzsb4XsKaJoyF4DqGrARrYWWJ1OqFL2eCPo37tBuHvkM0j/sWf9/SOBHAt6E5dSvcpnjENPgPL3O+gocmptr1oHZ7l0csc8ix0Ndz2oqTnoxok08ha77yMHMYcjO2s2l/+XlZo7/0R9kNmmDmSMl/e/PAXui7VUlrFmHPA4pOjIjeDHoxrRVPovi9wNoWAS1OsNxAUpLwb5JxwYW9+g83Zis9JxUbVQPZAs20Bq7KrlewSP4NejFnkp8quPLmG8Crj/M+DELv6vAOg51qfm2W7fwxSG0zmoJ4ltKiTf+hT4ntzD4XRNe9FWdyV/MSp6aeklzCSCDwF6WyBSbHHkt+KJZLKOQfu3i1rWDp88IyIRvtUQQe2J5y26uWFIfKrSDRnaA4kvs/ZkBRAoBpdsGpwbyIrkRMEowYytUVtuOc8oD12B+4ngCGPnQoCe7E0x1o2B7keCbGuGvF6h0ilgx4hbVfxpL0ONKiGla2J78UMSeVQszFgFQBdmz/JCr2EALFq7ZuneqUB1hA3STtxNvBW67oitWwHJNjqdq4eY4dvFCS1Rh1BYG1VbXBTujVg+M37igjWLcyXN2y4uWSeUEScx6tgTWXSb9IetFynDdhM6LsYodez2nkccEQTbuevNa680FtFA+KPqvz2XdsOEFqn1mW3mDkEc617Gj1hfxnJMpcZRkZG1t0 X-Forefront-Antispam-Report: CIP:165.204.84.17; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:SATLEXMB04.amd.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(13230040)(1800799024)(36860700013)(82310400026)(376014)(7416014)(921020); DIR:OUT; SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Jan 2025 20:01:57.3155 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: b33d7066-6869-44eb-bf7e-08dd2c317a55 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17]; Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CH1PEPF0000A346.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN6PR12MB8516 From: Ashish Kalra Remove platform initialization of SEV/SNP from PSP driver probe time and move it to KVM module load time so that KVM can do SEV/SNP platform initialization explicitly if it actually wants to use SEV/SNP functionality. With this patch, KVM will explicitly call into the PSP driver at load time to initialize SEV/SNP by default but this behavior can be altered with KVM module parameters to not do SEV/SNP platform initialization at module load time if required. Additionally SEV/SNP platform shutdown is invoked during KVM module unload time. Signed-off-by: Ashish Kalra --- arch/x86/kvm/svm/sev.c | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 943bd074a5d3..0dc8294582c6 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -444,7 +444,6 @@ static int __sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp, if (ret) goto e_no_asid; - init_args.probe = false; ret = sev_platform_init(&init_args); if (ret) goto e_free; @@ -2953,6 +2952,7 @@ void __init sev_set_cpu_caps(void) void __init sev_hardware_setup(void) { unsigned int eax, ebx, ecx, edx, sev_asid_count, sev_es_asid_count; + struct sev_platform_init_args init_args = {0}; bool sev_snp_supported = false; bool sev_es_supported = false; bool sev_supported = false; @@ -3069,6 +3069,16 @@ void __init sev_hardware_setup(void) sev_supported_vmsa_features = 0; if (sev_es_debug_swap_enabled) sev_supported_vmsa_features |= SVM_SEV_FEAT_DEBUG_SWAP; + + if (!sev_enabled) + return; + + /* + * NOTE: Always do SNP INIT regardless of sev_snp_supported + * as SNP INIT has to be done to launch legacy SEV/SEV-ES + * VMs in case SNP is enabled system-wide. + */ + sev_platform_init(&init_args); } void sev_hardware_unsetup(void) @@ -3084,6 +3094,9 @@ void sev_hardware_unsetup(void) misc_cg_set_capacity(MISC_CG_RES_SEV, 0); misc_cg_set_capacity(MISC_CG_RES_SEV_ES, 0); + + /* Do SEV and SNP Shutdown */ + sev_platform_shutdown(); } int sev_cpu_init(struct svm_cpu_data *sd)