From patchwork Mon Dec 16 23:57:08 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ashish Kalra X-Patchwork-Id: 851290 Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on2074.outbound.protection.outlook.com [40.107.96.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 10BC21D9A48; Mon, 16 Dec 2024 23:57:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.96.74 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734393446; cv=fail; b=Lh02DjKSrgdUUPy1VRwesxzj3u3wpgfPZEV23KfIf8T0g8U65tZtvluHzY5btHJ3WmdFHxohkco3lhL/MOE9vP0F2AZsP/9XLqO6+96x+3fohyZH9y8EJaAu7eFmh4oGakIT0cYpUOg3EtRw4ms6H0ln9JFUI3dUpPYciNXcGNc= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734393446; c=relaxed/simple; bh=6FdxdC3qNIfl5cXPz6sqwQFZCfSEJDOg8y/TwaTsY/8=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=czdgwE+awkPebDqyJy5cADcFPPBYIJwHtDK6BBLrDl0a14AW2EKHJ+sSZ12bIf5DCVZfPeG2fsvJ0dh66ntqUdiXtRBVZTQFcdEY1M5UyNnhzuivCcvcsiGEwg85NojNxH0J2Bzyw1EE7VyV+7QEURnbtKt6TkS2nvv+SagoPfY= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=Rh2+9Gw/; arc=fail smtp.client-ip=40.107.96.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="Rh2+9Gw/" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=xXkiznv6lhzJOwwiol4mK8aF6ok/b6wWF9PUX2g5aRs4nrSZDVTdjGerjH8szq/001AfWVYyAs96+TFVmQRTGtJFEZt8ayg8VMw9p32zbl78YHQ6+xs2zMNjogzoUYPDjxRlo5alJk0F4YOFQwqT77oYllC3tlI0geoxzHsM09lCWL7NHeUpczMrkrgKuuG+z/jy7LZfHNgqgK3PkpRM4LGnj3kIlou+znPhV365/bzN0WxFjF3z+aso95uIqqb5qx+uG0Qm9NC6JSRcyblsFjK8QHJ5d8CuaCCOcnAZ4r5MWOkqkFNb5V+xYWIQlGZhl5BDLpn7RGhE8awLPN9akw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=y28cJaSX8GxadSnRF6IQ3KU7BGogRdcwSui/xAVveOs=; b=qAh/jnRJhsTSt3W5TAu08PPP6xQZnTTFoXdhyQh3nVFjwlPe4dSKs2sWS0Qlcy8qoe7yE5ejBtcD72KBbHW7pyAZ8TanGb13higWNPAhTJliIX8PeAykvKAtlB9HM8PBkUgfQrhWNa5r9vvGS3etX7JCzkdCyagILS56dGyBkYy4jRi3PSjksg4rnF14mQNhC+UaoE0dqGblxH6MunhkIfMWCY4MLDKk7ZxLd2HNthT/AjpESGUv1J4qV7QuDdZPRoKvac8IXedvIZ0cGMJUD/2Mm2n7QvFVYQ65Mz2XalVVXS9HM/spCluoIXtaqoFzFUML1RppAkpzUZcAs1ciZA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=google.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=y28cJaSX8GxadSnRF6IQ3KU7BGogRdcwSui/xAVveOs=; b=Rh2+9Gw/bhcHpwUwudxZpPHXHiG+d7Mfj+l1scMA7VydchuYzGEOgNy0Amwo3301Bu+SGRMcmUUA+aUMDtv6nRODSOQEuEkcXcviYewPxuWyQqlDKw/zKKWWQXg5Mgo9XRXDVLnrd7F6IqwL1blgRVie+njKrm0HvUImiZOp+3Y= Received: from SJ0PR03CA0181.namprd03.prod.outlook.com (2603:10b6:a03:2ef::6) by CY8PR12MB7289.namprd12.prod.outlook.com (2603:10b6:930:56::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8251.21; Mon, 16 Dec 2024 23:57:21 +0000 Received: from SJ5PEPF00000209.namprd05.prod.outlook.com (2603:10b6:a03:2ef:cafe::23) by SJ0PR03CA0181.outlook.office365.com (2603:10b6:a03:2ef::6) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8251.16 via Frontend Transport; Mon, 16 Dec 2024 23:57:21 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SJ5PEPF00000209.mail.protection.outlook.com (10.167.244.42) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8251.15 via Frontend Transport; Mon, 16 Dec 2024 23:57:21 +0000 Received: from ethanolx7e2ehost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Mon, 16 Dec 2024 17:57:19 -0600 From: Ashish Kalra To: , , , , , , , , , , , CC: , , , , , Subject: [PATCH v2 1/9] crypto: ccp: Move dev_info/err messages for SEV/SNP initialization Date: Mon, 16 Dec 2024 23:57:08 +0000 Message-ID: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SJ5PEPF00000209:EE_|CY8PR12MB7289:EE_ X-MS-Office365-Filtering-Correlation-Id: d775de56-7d24-465f-4243-08dd1e2d617c X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; ARA:13230040|82310400026|376014|7416014|1800799024|36860700013|921020; X-Microsoft-Antispam-Message-Info: JUNYI1YOtuqZkx+GRUMtw+OrxjMNwjPq1OMNTmNsfnMACu7j7pI8/PUq9T7PdmzUoYhqzs0waDLj3GO4Skk/AEQnNYlovnfIDwXId7QoIyP7aLTQk4Ss+T3Z1z/nfweMQvZr2cfryeLjN1etvmpA5fh5qBSmndZdTh6O6mCCgI/VwU65R78Olere2l8tvQY0gdp4smTsw3BvMTSjij/x+6G0O8UmotYqzo5FkzRV46U299uLbWzyvCuT12GHA6AQiYOD90MUqHlH1Yaop1b4d9slBPnm+QdIUp6EraV8zFeu0QN34MQODHaC3ogv15NpL1LHNe1tSCznGRUXjNmSf3IYpRPbsOV/r6Yofu5RQP6bx/V5h9ShXx2/RxjIfDeCt4R1QBK2wEDU6xxQB4B5c7E72ZVaDzintYeOlt4LNb0a+gRoJHeORe4SxjRO6czQRdIB4dDPvP03TKosrbXcPKYv1LY3FYx7GWGk9JpdVz95VcAgFaTIV9DSLUFY1bXH46sfORGdHCh2JKnKcAI8rbb6yyGhrpF53f3gYJk4Gg/ambkjwdz4ZVGlxf0yjl82Qb9r1maXUE0jaYntx2lewzJeFmQIVgCUG0uzqUAVprrU5JJFPoCxc5lulXJUappi/3nDxPY5p9w3XXblGgfr8j3LJTa3UUWTOETT0JbbyKP3WAEVWMo44mQl0AY8cTgG7wJlwsBJ9v+zxens5/mVJNouxQepHjcY0nD54PlJNJftxyle82QpYWFlWulEOB5jUgQBNROMFEDE/3kCVhz93DBZsb+/QrzRxOJOlRie8KXuOuP6HeZfAEar3TbEdmiZLBlOMF0MgGK/UcFt3sY+CDKuzg2bqO3y9shKYDtooOjOC3sTHoZDAm+5vFbmYJ/sWsHLHWuTiCS7SrgxAu2yO3gqoDLzGLaKNCx4+OUzWMA0QThD8TkCy5Omy//ENPn0HL4jy8cVWpb8ZT/R+8t6miAYdOa+E9aCHfBew2bN8/Ag4oT+c1sq2UuXwF7UhOkG2etSVk9aVBgBX3zu6nwRhAqAwSn/5C+n/LBvsrPMVJ83VS7jBGKYigYawBE6iAONF4iyjW+nbiuEIEdvAAbM3Z4jwzObLMDsaBlw+4xXIKHUl9QbiuMQW04FhX7oFvy8RKBilEkivu2X2anISN+56+orH2IVjsnbFxd9y2GWUJm0xa0LsXTYCBYmQointsXRLgnnwpOUbpTB60oD1H77Ero7mAs8qxFTmuwSi6b6QmQU6JjGbCy5PJEQ6Urty5pjI/ipb4GXL7kQz99yVGoeIl0v1wLH2WRgc2JstfKpAHd66HW/PX2n6oTFgF5bYB9Yq+dhjnqVeQRquxhsedg88trur8R9VTegLrdZy+kW77dBynEGMtCluW/9gTA6Nj8TvHSUPEQO2hju+k22CwRZCu/w3xuc+wE2MctSUMzBnDFGueTY4MSUXtntZLGE1tBubBMX3HRb41OJ8cdXsPLlCiAUWw2/Pz5idnvZ6OWoKImmyyA9zcuBsnm0eE1GcEvz X-Forefront-Antispam-Report: CIP:165.204.84.17; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:SATLEXMB04.amd.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(13230040)(82310400026)(376014)(7416014)(1800799024)(36860700013)(921020); DIR:OUT; SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Dec 2024 23:57:21.2810 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: d775de56-7d24-465f-4243-08dd1e2d617c X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17]; Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SJ5PEPF00000209.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY8PR12MB7289 From: Ashish Kalra Remove dev_info and dev_err messages related to SEV/SNP initialization from callers and instead move those inside __sev_platform_init_locked() and __sev_snp_init_locked(). This allows both _sev_platform_init_locked() and various SEV/SNP ioctls to call __sev_platform_init_locked() and __sev_snp_init_locked() for implicit SEV/SNP initialization and shutdown without additionally printing any errors/success messages. Signed-off-by: Ashish Kalra --- drivers/crypto/ccp/sev-dev.c | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index af018afd9cd7..1c1c33d3ed9a 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -1177,19 +1177,27 @@ static int __sev_snp_init_locked(int *error) rc = __sev_do_cmd_locked(cmd, arg, error); if (rc) - return rc; + goto err; /* Prepare for first SNP guest launch after INIT. */ wbinvd_on_all_cpus(); rc = __sev_do_cmd_locked(SEV_CMD_SNP_DF_FLUSH, NULL, error); if (rc) - return rc; + goto err; sev->snp_initialized = true; dev_dbg(sev->dev, "SEV-SNP firmware initialized\n"); + dev_info(sev->dev, "SEV-SNP API:%d.%d build:%d\n", sev->api_major, + sev->api_minor, sev->build); + sev_es_tmr_size = SNP_TMR_SIZE; + return 0; + +err: + dev_err(sev->dev, "SEV-SNP: failed to INIT rc %d, error %#x\n", + rc, *error); return rc; } @@ -1268,7 +1276,7 @@ static int __sev_platform_init_locked(int *error) rc = __sev_platform_init_handle_init_ex_path(sev); if (rc) - return rc; + goto err; rc = __sev_do_init_locked(&psp_ret); if (rc && psp_ret == SEV_RET_SECURE_DATA_INVALID) { @@ -1288,7 +1296,7 @@ static int __sev_platform_init_locked(int *error) *error = psp_ret; if (rc) - return rc; + goto err; sev->state = SEV_STATE_INIT; @@ -1296,7 +1304,7 @@ static int __sev_platform_init_locked(int *error) wbinvd_on_all_cpus(); rc = __sev_do_cmd_locked(SEV_CMD_DF_FLUSH, NULL, error); if (rc) - return rc; + goto err; dev_dbg(sev->dev, "SEV firmware initialized\n"); @@ -1304,6 +1312,11 @@ static int __sev_platform_init_locked(int *error) sev->api_minor, sev->build); return 0; + +err: + dev_err(sev->dev, "SEV: failed to INIT error %#x, rc %d\n", + psp_ret, rc); + return rc; } static int _sev_platform_init_locked(struct sev_platform_init_args *args) From patchwork Mon Dec 16 23:57:56 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ashish Kalra X-Patchwork-Id: 851504 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2044.outbound.protection.outlook.com [40.107.244.44]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 699C842A9B; Mon, 16 Dec 2024 23:58:11 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.244.44 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734393493; cv=fail; b=Jj6+5iSlUIPJV7JtsiR5FtY1IQ1IwvL6y+X6+vragCX+4X3nvATN8CcgYAe+HBV6d9bqGhCCGLttK+cmTdZuybfomGOle9UUyTbndMuT8Y9PUTvouBQGzJDz65PnyQCB0KxuksQm+IzknV2ymzS9nXIUjEL6MDT1vGujXLp2djY= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734393493; c=relaxed/simple; bh=wAjzagrjnQYlNz4RahDlYC60WiOzIIh8vYOQE4YSCvA=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=gbNbN1Y6LqwPq2SCQoEIJG1+8aYpqXqI6Z1Dxaq4oPpak3nU6OGzNCXDQUNuW/jBo9+nRcaAgwTDUMq4aex10wM3b4PfS+OpVbYmQ7fMvAMRy6+g5su0Yez0pQKmXxt1n5pKIu8ZpKFx4ZTtfV3hZ/YSYsRYVunhtUjbkj5f8rM= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=YWZZ5EG/; arc=fail smtp.client-ip=40.107.244.44 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="YWZZ5EG/" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=E6yToDZFfsLrvHfGyL3btM9E8IVkJ7TCcmlifZ7gg2eEz5TYVIyik/36S7oojb0uSSZtldnu0ySL/lI7j7YP71/wrOxveIy/A+N6/rc2LSUTPr1Xp5uAOjqAj2sFujpP2K6hl9/qlN39tz0YcrngJWMuVhvf1MQerJFxPRR0KpUL8Rs0eqC+8QUhBl5os9zeF8aN7Cxpj4ZFkjksoCNTxzWu3vApIT3nZuYcGYLj1nEqSgwRPXnSvI55aZRn01pCbzBt5BCBmXNGbyfw/bcYJJiwoFfayuOqzCNROCtmTV/9r3C7+N7Nf9mz4mvg8fuZ8IvGknxtLLd1Az0I6cqGkg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=1Ul4UykFP1ClnSkG/fx9CZiwqIzhD67N/nKgrRojTP4=; b=LZn7tpos73OiHpsjmXiK/nxvNPdXvRzI0TPGUwmRAbVCacZRS8Mx1QeB8L6ktDMI/QyKP2wrEgYEhKTIpS9X0u2oQ+0unokJoQ50EiH5pax01u6xKxalSN0IGtF6DvChJ7koHIWFt105GJHcIwaSdRlzMZjYNCZ4161LRXcjxRYOo5E/fSEo9Z339SbZjP5PgVfPRO/eM2Kc5OhBprENQVOLCGsdcKcfHV/4F/QDRoFYDvLiAFpgxOROkDWfDthlsIEyWi8qLEFH4fvFUA6fokG71znIN7sZmSh7x5id6Ky6N8s8SVCWKVaW796PU40vwP2Kdq6JvJCKSLnQt+7xpg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=google.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1Ul4UykFP1ClnSkG/fx9CZiwqIzhD67N/nKgrRojTP4=; b=YWZZ5EG/XGC0Zg/+VyibK0QqQO0BO37WcFS8/kWGP6O+RLPqzdJ3ILtjdHY+PMDqkx8neGa03FmaprrPvlAvmlN2kNStoSeCUGFNp6Gge4pYsqaT0JpChDAvZrefOU6knIN4BsQy7TX9kmlGwW+VFgOo3tHJOYOPAuHHFcRliU0= Received: from SJ0PR13CA0044.namprd13.prod.outlook.com (2603:10b6:a03:2c2::19) by MW4PR12MB7430.namprd12.prod.outlook.com (2603:10b6:303:224::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8251.20; Mon, 16 Dec 2024 23:58:07 +0000 Received: from SJ5PEPF00000206.namprd05.prod.outlook.com (2603:10b6:a03:2c2:cafe::de) by SJ0PR13CA0044.outlook.office365.com (2603:10b6:a03:2c2::19) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8272.7 via Frontend Transport; Mon, 16 Dec 2024 23:58:07 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SJ5PEPF00000206.mail.protection.outlook.com (10.167.244.39) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8251.15 via Frontend Transport; Mon, 16 Dec 2024 23:58:07 +0000 Received: from ethanolx7e2ehost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Mon, 16 Dec 2024 17:58:05 -0600 From: Ashish Kalra To: , , , , , , , , , , , CC: , , , , , Subject: [PATCH v2 2/9] crypto: ccp: Fix implicit SEV/SNP init and shutdown in ioctls Date: Mon, 16 Dec 2024 23:57:56 +0000 Message-ID: <1e96d3b18245577cb0c2ae510092701901bbe81b.1734392473.git.ashish.kalra@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SJ5PEPF00000206:EE_|MW4PR12MB7430:EE_ X-MS-Office365-Filtering-Correlation-Id: efcfdabd-2654-415b-1281-08dd1e2d7cc7 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; ARA:13230040|82310400026|1800799024|7416014|376014|36860700013|921020; X-Microsoft-Antispam-Message-Info: eZiyxToR51OtoYMNO/HXYuIKGuQGNOc5Guw6fcJ8LfvtbzLRW1zEiurvcj8ZVe4h0zEaxlYF5QMAb2/agQyTAptQ0eFNO7jcVnof/ZdZ8zSumFWMVRmloQUmirgCaNAIazgSGCf7YYIqIhqKAZSGWQbhAb+7eB/MG1qUGdATA52F+Q0JiuF4Zn2Rq6eWRw1FiZ4c9orJGxaTZSYKBQgs7AP3WP8BqukVZHNC+vJnrxI0v2ciDBQJdQUeLUWSufjrnacH5Cdp7yaDeMahLwgOkJXDjYBDxxYpcgLEhX13b5Jwk4GJP3h47kEMgjhEAU2PR5VtY/yOVVpMYzY8DSzWMEo36HOhdFmIq3qLCpSYURDN2P7PVWQ+yO50uaED2lWO3xT2ASWko05HcLbJ/WcEa9n6Hij+BYtkUtSH+iyZV4LvRonQ7IUUYkh1kdFP8C2ungY74O0EyeCWyBq/yQklotNZWmoj2TViZhkBoUjubc9agsetEPKcxH34+20uYxXMy9iSPH5SBrGJW0GzyJ7hOp3siYXPg6TppcxKaTEvFjpGA0Qlx1xJk8xrlz4ObRUrgtv0jkikpwETQ895ERUjEpSq5fukJO4XgrJLDl39GWiwup4L902IdDup/MS8zLHPD6t28H2maDwDxEK5AUEht3EsZ/lPVBrV0R+K4MLHobfJgMH9wyh3wFIrEfAIPeggj9To3cBMr4aQsLkSmjtrZo4kTwZhZIRJmWzeSdO9jbTcPe0nn4n40lNEjuUTw2NqaJEKHPbjXEY1St3nFdD+BKkFqIGDt0j8Yb6StImU5lcuyQ0OTZknVz2I86VRLSnhPDU7Y11YXxq0QvOdQWX/Nwq2zG7PHRY3f0NSett4KphsA3FxNMkIwzuE+uhtIycJn2kQ2z622aVh1hcWL4flzdLgv8TTC8gQgcKnwyw5L/uXh2ILHxPpin3Dyrcf1E66D/Oi1vyxaECOTZedmi6GUbcml8ltGycsIYLaBo3x7GJFBWzp2ANPlPmU8KBOyxmDe9TsdcO65hmn9rnGLoP6vwEugU23FLZdgPjnVo/FFl+JshiRo45H3wX0FTwfwO4nFgjLkjtF/zCdFN130Rr9GhkdZ1sxx6kXQHd8jzoF+IUVmF4kdeQbqGR5nuWzDYZzT/mRVeI/ugW3XX0TcmQfMj1/E3QCh0zSfgYCJ7EjOQN2+NhEBkRzy+7ak1L62ku5iUVDBEYChjyfWmyobPsPyv5+uQztfw2vgpi1z3sN1PHjy2eeHGVuIfLzzGuep/yHu330BNxYnrYjUChhsj0bXVhTRGOvIJ9LrB1KXUIte8kHw1EIu5IkIFAyPX18H0y4v2NvuM5W9EpmyNcL5WrtFUTQQyWXLII5IQVqbJd8qngQdnEEjh6JiYdhqdJMbprxNnkVMLrspYMo3BYDuMhcj4a0soMIEyydfwDMUixVtQUR413J1Th7hYX4gg/+qNPFltDtnEHjGk5o/UJg5P37C1VHxCDzdO1Q6e0koalybtksrbkgpXXWQ1eYw/8YqXgj X-Forefront-Antispam-Report: CIP:165.204.84.17; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:SATLEXMB04.amd.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(13230040)(82310400026)(1800799024)(7416014)(376014)(36860700013)(921020); DIR:OUT; SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Dec 2024 23:58:07.0698 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: efcfdabd-2654-415b-1281-08dd1e2d7cc7 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17]; Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SJ5PEPF00000206.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW4PR12MB7430 From: Ashish Kalra Modify the behavior of implicit SEV initialization in some of the SEV ioctls to do both SEV initialization and shutdown and adds implicit SNP initialization and shutdown to some of the SNP ioctls so that the change of SEV/SNP platform initialization not being done during PSP driver probe time does not break userspace tools such as sevtool, etc. Signed-off-by: Ashish Kalra --- drivers/crypto/ccp/sev-dev.c | 149 +++++++++++++++++++++++++++++------ 1 file changed, 125 insertions(+), 24 deletions(-) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 1c1c33d3ed9a..0ec2e8191583 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -1454,7 +1454,8 @@ static int sev_ioctl_do_platform_status(struct sev_issue_cmd *argp) static int sev_ioctl_do_pek_pdh_gen(int cmd, struct sev_issue_cmd *argp, bool writable) { struct sev_device *sev = psp_master->sev_data; - int rc; + bool shutdown_required = false; + int rc, ret, error; if (!writable) return -EPERM; @@ -1463,19 +1464,30 @@ static int sev_ioctl_do_pek_pdh_gen(int cmd, struct sev_issue_cmd *argp, bool wr rc = __sev_platform_init_locked(&argp->error); if (rc) return rc; + shutdown_required = true; + } + + rc = __sev_do_cmd_locked(cmd, NULL, &argp->error); + + if (shutdown_required) { + ret = __sev_platform_shutdown_locked(&error); + if (ret) + dev_err(sev->dev, "SEV: failed to SHUTDOWN error %#x, rc %d\n", + error, ret); } - return __sev_do_cmd_locked(cmd, NULL, &argp->error); + return rc; } static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp, bool writable) { struct sev_device *sev = psp_master->sev_data; struct sev_user_data_pek_csr input; + bool shutdown_required = false; struct sev_data_pek_csr data; void __user *input_address; + int ret, rc, error; void *blob = NULL; - int ret; if (!writable) return -EPERM; @@ -1506,6 +1518,7 @@ static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp, bool writable) ret = __sev_platform_init_locked(&argp->error); if (ret) goto e_free_blob; + shutdown_required = true; } ret = __sev_do_cmd_locked(SEV_CMD_PEK_CSR, &data, &argp->error); @@ -1524,6 +1537,13 @@ static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp, bool writable) } e_free_blob: + if (shutdown_required) { + rc = __sev_platform_shutdown_locked(&error); + if (rc) + dev_err(sev->dev, "SEV: failed to SHUTDOWN error %#x, rc %d\n", + error, rc); + } + kfree(blob); return ret; } @@ -1739,8 +1759,9 @@ static int sev_ioctl_do_pek_import(struct sev_issue_cmd *argp, bool writable) struct sev_device *sev = psp_master->sev_data; struct sev_user_data_pek_cert_import input; struct sev_data_pek_cert_import data; + bool shutdown_required = false; void *pek_blob, *oca_blob; - int ret; + int ret, rc, error; if (!writable) return -EPERM; @@ -1772,11 +1793,19 @@ static int sev_ioctl_do_pek_import(struct sev_issue_cmd *argp, bool writable) ret = __sev_platform_init_locked(&argp->error); if (ret) goto e_free_oca; + shutdown_required = true; } ret = __sev_do_cmd_locked(SEV_CMD_PEK_CERT_IMPORT, &data, &argp->error); e_free_oca: + if (shutdown_required) { + rc = __sev_platform_shutdown_locked(&error); + if (rc) + dev_err(sev->dev, "SEV: failed to SHUTDOWN error %#x, rc %d\n", + error, rc); + } + kfree(oca_blob); e_free_pek: kfree(pek_blob); @@ -1893,17 +1922,8 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) struct sev_data_pdh_cert_export data; void __user *input_cert_chain_address; void __user *input_pdh_cert_address; - int ret; - - /* If platform is not in INIT state then transition it to INIT. */ - if (sev->state != SEV_STATE_INIT) { - if (!writable) - return -EPERM; - - ret = __sev_platform_init_locked(&argp->error); - if (ret) - return ret; - } + bool shutdown_required = false; + int ret, rc, error; if (copy_from_user(&input, (void __user *)argp->data, sizeof(input))) return -EFAULT; @@ -1944,6 +1964,16 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) data.cert_chain_len = input.cert_chain_len; cmd: + /* If platform is not in INIT state then transition it to INIT. */ + if (sev->state != SEV_STATE_INIT) { + if (!writable) + return -EPERM; + ret = __sev_platform_init_locked(&argp->error); + if (ret) + goto e_free_cert; + shutdown_required = true; + } + ret = __sev_do_cmd_locked(SEV_CMD_PDH_CERT_EXPORT, &data, &argp->error); /* If we query the length, FW responded with expected data. */ @@ -1970,6 +2000,13 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) } e_free_cert: + if (shutdown_required) { + rc = __sev_platform_shutdown_locked(&error); + if (rc) + dev_err(sev->dev, "SEV: failed to SHUTDOWN error %#x, rc %d\n", + error, rc); + } + kfree(cert_blob); e_free_pdh: kfree(pdh_blob); @@ -1979,12 +2016,13 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) static int sev_ioctl_do_snp_platform_status(struct sev_issue_cmd *argp) { struct sev_device *sev = psp_master->sev_data; + bool shutdown_required = false; struct sev_data_snp_addr buf; struct page *status_page; + int ret, rc, error; void *data; - int ret; - if (!sev->snp_initialized || !argp->data) + if (!argp->data) return -EINVAL; status_page = alloc_page(GFP_KERNEL_ACCOUNT); @@ -1993,6 +2031,13 @@ static int sev_ioctl_do_snp_platform_status(struct sev_issue_cmd *argp) data = page_address(status_page); + if (!sev->snp_initialized) { + ret = __sev_snp_init_locked(&argp->error); + if (ret) + goto cleanup; + shutdown_required = true; + } + /* * Firmware expects status page to be in firmware-owned state, otherwise * it will report firmware error code INVALID_PAGE_STATE (0x1A). @@ -2021,6 +2066,13 @@ static int sev_ioctl_do_snp_platform_status(struct sev_issue_cmd *argp) ret = -EFAULT; cleanup: + if (shutdown_required) { + rc = __sev_snp_shutdown_locked(&error, false); + if (rc) + dev_err(sev->dev, "SEV-SNP: failed to SHUTDOWN error %#x, rc %d\n", + error, rc); + } + __free_pages(status_page, 0); return ret; } @@ -2029,21 +2081,38 @@ static int sev_ioctl_do_snp_commit(struct sev_issue_cmd *argp) { struct sev_device *sev = psp_master->sev_data; struct sev_data_snp_commit buf; + bool shutdown_required = false; + int ret, rc, error; - if (!sev->snp_initialized) - return -EINVAL; + if (!sev->snp_initialized) { + ret = __sev_snp_init_locked(&argp->error); + if (ret) + return ret; + shutdown_required = true; + } buf.len = sizeof(buf); - return __sev_do_cmd_locked(SEV_CMD_SNP_COMMIT, &buf, &argp->error); + ret = __sev_do_cmd_locked(SEV_CMD_SNP_COMMIT, &buf, &argp->error); + + if (shutdown_required) { + rc = __sev_snp_shutdown_locked(&error, false); + if (rc) + dev_err(sev->dev, "SEV-SNP: failed to SHUTDOWN error %#x, rc %d\n", + error, rc); + } + + return ret; } static int sev_ioctl_do_snp_set_config(struct sev_issue_cmd *argp, bool writable) { struct sev_device *sev = psp_master->sev_data; struct sev_user_data_snp_config config; + bool shutdown_required = false; + int ret, rc, error; - if (!sev->snp_initialized || !argp->data) + if (!argp->data) return -EINVAL; if (!writable) @@ -2052,17 +2121,34 @@ static int sev_ioctl_do_snp_set_config(struct sev_issue_cmd *argp, bool writable if (copy_from_user(&config, (void __user *)argp->data, sizeof(config))) return -EFAULT; - return __sev_do_cmd_locked(SEV_CMD_SNP_CONFIG, &config, &argp->error); + if (!sev->snp_initialized) { + ret = __sev_snp_init_locked(&argp->error); + if (ret) + return ret; + shutdown_required = true; + } + + ret = __sev_do_cmd_locked(SEV_CMD_SNP_CONFIG, &config, &argp->error); + + if (shutdown_required) { + rc = __sev_snp_shutdown_locked(&error, false); + if (rc) + dev_err(sev->dev, "SEV-SNP: failed to SHUTDOWN error %#x, rc %d\n", + error, rc); + } + + return ret; } static int sev_ioctl_do_snp_vlek_load(struct sev_issue_cmd *argp, bool writable) { struct sev_device *sev = psp_master->sev_data; struct sev_user_data_snp_vlek_load input; + bool shutdown_required = false; + int ret, rc, error; void *blob; - int ret; - if (!sev->snp_initialized || !argp->data) + if (!argp->data) return -EINVAL; if (!writable) @@ -2081,8 +2167,23 @@ static int sev_ioctl_do_snp_vlek_load(struct sev_issue_cmd *argp, bool writable) input.vlek_wrapped_address = __psp_pa(blob); + if (!sev->snp_initialized) { + ret = __sev_snp_init_locked(&argp->error); + if (ret) + goto cleanup; + shutdown_required = true; + } + ret = __sev_do_cmd_locked(SEV_CMD_SNP_VLEK_LOAD, &input, &argp->error); + if (shutdown_required) { + rc = __sev_snp_shutdown_locked(&error, false); + if (rc) + dev_err(sev->dev, "SEV-SNP: failed to SHUTDOWN error %#x, rc %d\n", + error, rc); + } + +cleanup: kfree(blob); return ret; From patchwork Mon Dec 16 23:58:15 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ashish Kalra X-Patchwork-Id: 851289 Received: from NAM04-BN8-obe.outbound.protection.outlook.com (mail-bn8nam04on2073.outbound.protection.outlook.com [40.107.100.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4CB0B1D63D9; Mon, 16 Dec 2024 23:58:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.100.73 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734393512; cv=fail; b=cZXCpXW/0tMSuvIIftZxzhoc11YMUgfCzg3kqzYthLpRQCwgUyhY3EbZPrVot2wD9IcV/Ai+9LEaO16rMWFA+pes9YJ9o7thQ+i9opHV3gN1cI2HcxVRco425LNVvxyPt7mNLaFO6pOw9zVjVhgoS1fq7Bypilsrd7ys9oreDs8= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734393512; c=relaxed/simple; bh=e3L9DsLMZta3TZFGP3V8ILR11hrCz4RTozquZEk9UcQ=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=Dj5A9tnrmnamTh9D1qOSuzeLkss00OXQ9i3cj9OztJu/WohnbBIJs7vdVvT1mUWLMVRscMahAeOAJ6bTK6wL2esyAqcdHPggHXzuCqh+gNU6blqdtsGi6Q/Uu58zYpZuYZTtrglYlVyBsR0MugocdTqdaQ+L3D5EH/Gf/MfhJ0g= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=hZ6UgaPe; arc=fail smtp.client-ip=40.107.100.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="hZ6UgaPe" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=j1XvHmktB8FPpMBzMz3bT732oVcUAgfU7K3KC0CKGCCnz7stwDO89IUDtFhWHlFpYN+DfAFRMoaYcTuN/brQodg5yy6EZ+qb0YUrTBkasvB+C1L5YQoG4LZwj8uiQweHzaLwG0PIUH1I/NBw1CMjrCizFgDPrGstx/+W7jF/iU3Z7sTqYzykxzi5dY3a97eV0/eUOp1ohcVfL6A8vCphSVGxluISvaER5A/7ZJv1V0VQCih3DfXU6uUbZoM1XyXxEy/x0g4ZR/EpqLRdRfqCVypu91JBO7qb3JvYTaDF8O0j9vTftunMIRIANKO55LNdT9JUgticqzJYcVdz0mnt4A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=wsggXyd3M7q7o8HxFouKHNcmagYw1VBF1z16lrf7JSA=; b=tZH9haKVWtwNHIhXssxAb5EzmQKYhg9kPxBMVO7h0Viz7xdzh7m5gYSqCaho7hHzQOvBpZoSujEzz93rf2ICX/MM1WmqueKQ/F5ZbBVfudMgjpJAvKmiXaKX+Zd3YbGhJpvePVZKpaSbbDjPUDQIuZJiXt+f1hwXyv0Zx9VXMcxrL6Dm356+Ev0sWcQhMwiPxeRB/XYXky//NHUwROK2VyPCr7f0BYWODoxeolxTqNpVyIZgT/leOiDDtczxZgsz09YzjsN60vEkver3jCVJz/Nxz4k9umyhq035hZsBGFPUJjvPKQHxYIPT2ILZTLgiw+HrCzGz1fOzBjJGl4QurA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=google.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=wsggXyd3M7q7o8HxFouKHNcmagYw1VBF1z16lrf7JSA=; b=hZ6UgaPeoTNfDhlUyJksKXYUcnUeeztttnVWBIwViyL/ZpLDaXpQKmsJjZXtuXVSwZHKjGxZvyEu1iw1OMDEV8ZMtHBkEV3GIDTKET3excdoLV8YL/HFOIZ4joHa+okowhMCCCcdcYopvLFlytCxbKEpgO0Ou6rc0mJy5i7WTbI= Received: from MW4PR04CA0156.namprd04.prod.outlook.com (2603:10b6:303:85::11) by PH8PR12MB6697.namprd12.prod.outlook.com (2603:10b6:510:1cc::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8251.21; Mon, 16 Dec 2024 23:58:27 +0000 Received: from SJ5PEPF00000208.namprd05.prod.outlook.com (2603:10b6:303:85:cafe::94) by MW4PR04CA0156.outlook.office365.com (2603:10b6:303:85::11) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8251.20 via Frontend Transport; Mon, 16 Dec 2024 23:58:26 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SJ5PEPF00000208.mail.protection.outlook.com (10.167.244.41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8251.15 via Frontend Transport; Mon, 16 Dec 2024 23:58:26 +0000 Received: from ethanolx7e2ehost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Mon, 16 Dec 2024 17:58:24 -0600 From: Ashish Kalra To: , , , , , , , , , , , CC: , , , , , Subject: [PATCH v2 3/9] crypto: ccp: Reset TMR size at SNP Shutdown Date: Mon, 16 Dec 2024 23:58:15 +0000 Message-ID: <3169b517645a1dea2926f71bcd1ad6ad447531af.1734392473.git.ashish.kalra@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SJ5PEPF00000208:EE_|PH8PR12MB6697:EE_ X-MS-Office365-Filtering-Correlation-Id: fa8295ee-1a4e-41d4-21b6-08dd1e2d8843 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; ARA:13230040|82310400026|376014|1800799024|7416014|36860700013|921020; X-Microsoft-Antispam-Message-Info: EcvK93V3C0OzJuNmJYSVV+Y8CHn4lSeJyJGdfy5ExG0C6+FLWED3g1FYcguuccnN5KB/A4k9oJ7o9NsTNpBYlbObedhKCuord+NT0nw2S9bm9PcQ/bPBxyxikutgblhib034M1BmgHDzMjhS1OvZYqKXN8iWGIj4Dlw28UL3EB1jQxRbF48f5T2NPYdncrD8CoBKFlre3xUa/6Ga5Opv3h/nE3cEW6n/qhNCw63RKiH2kOTtP6OPuSrnvNyt7N72kTR/KCYIXo/MPaR19cEUHtrjiW7GlmTeNs3WKYIv0un0VvkV+wLfosn0eWflYIDodCTn9I8uIfk6/EIESwq1E5mP0T+fSoFeWkIkMG1o6iZqOak8aArv8g8lOjm1xq4D7DCmN4QRvio1zz3d5aaaAFchfbHxjh8am6GNYaR7Hsnqcl9rB5y+h0XuTfgWMCH7B5Zf9R9n0V2QTNgGMh4hLi6aWCo8OBORm4Y9Fnyvoj981MC0A4tw9pAOd/QQMOk7gGh6c1oiCz8rYRzTxXgF6uNaywojXSKH67jmGvuiFu1UCuUvjMC8y5obvMAbOFKqZcZ8Y/vrOeOoMr5ABw3UBtsLj8XYTbQS4VmSb0rFdB4XHt+HIglSQ1g4U7Gv122fhQNaDxZQMugOddRmfUeULXqWh67y8JuFUu35AsERpcxYXlvoGUtfAQ4hp3kINqfZAJYuNPRZTMNOXqs6KUitv7ySl3j+5E+ofmitWtydZl6qLmAFnx8Xe4YC1Oa5n2BADlDpWr5Isvq992TtiWP4AqdO9jvs7W3e/7IKh8Bzs+H3VRDkuOEH2kV1uFo6f0Xq7n8JXBGlaTRn4ZeC/csOvTuBWq5uSchoNf/9QVYfCaNBJb+j85EtelAQBsKYfTwwIjB4vGfDd4Gzy+CniYtkwi9pL6PevEcBVeLvWk5EAq26bRDsb7NX+aRC8qtqhiWHvR1B85OXobdozCs4+M4cqklUvo7Fkv9z0oWxaDCu6JYuevyO1HNxRMXGR0xWZfRYarRPhWYTqJv2FCEwAw9zh6q/ksahvUH5qHFM0+9agd34DXN1R7FGnL5JBVCtM6Slu3952s9i85WocSRjJd141TiEX0VSwLO0yNiYxYw30ryiqhs+Ij4tQFEixbl+Uj0IA/IM3vMKLwtelS/mZ9KUxKuBDVjMxFg4bYr+CPQJ5Wf0cHIDWBabpEowhkP4uTg0+ZQj4GyTUoPoHVIJSVKvBbuQYr2HZxaJPMGHBqaSqeHZTZ91JpCZlyrueTC+u5ykNR3VFoEJEIU8WylThKH4/7N0wdPWiermTJxylBY6vvAmCSKD7Hf3SroiglKOxPDRQoTq5aDoe8RP8Snir1IkX69YGCBJ8oCqIWK9b/kZyyiyV1o/YH2TdAkiAUGjNQS1b0y3m6ktYA4DHBxvMLkz6KzEVsVsB4+38IiYcWTL6u9YLQU3D6TD8URFLy9nLbdgDB777LI8kxD8qFF+HXbRLdpKc4C+xjXiZLBJ41+XSPA= X-Forefront-Antispam-Report: CIP:165.204.84.17; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:SATLEXMB04.amd.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(13230040)(82310400026)(376014)(1800799024)(7416014)(36860700013)(921020); DIR:OUT; SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Dec 2024 23:58:26.3378 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: fa8295ee-1a4e-41d4-21b6-08dd1e2d8843 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17]; Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SJ5PEPF00000208.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH8PR12MB6697 From: Ashish Kalra When SEV-SNP is enabled the TMR needs to be 2MB aligned and 2MB sized, ensure that TMR size is reset back to default when SNP is shutdown as SNP initialization and shutdown as part of some SNP ioctls may leave TMR size modified and cause subsequent SEV only initialization to fail. Signed-off-by: Ashish Kalra --- drivers/crypto/ccp/sev-dev.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 0ec2e8191583..9632a9a5c92e 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -1751,6 +1751,9 @@ static int __sev_snp_shutdown_locked(int *error, bool panic) sev->snp_initialized = false; dev_dbg(sev->dev, "SEV-SNP firmware shutdown\n"); + /* Reset TMR size back to default */ + sev_es_tmr_size = SEV_TMR_SIZE; + return ret; } From patchwork Mon Dec 16 23:58:35 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ashish Kalra X-Patchwork-Id: 851503 Received: from NAM04-MW2-obe.outbound.protection.outlook.com (mail-mw2nam04on2060.outbound.protection.outlook.com [40.107.101.60]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D66851D9A48; Mon, 16 Dec 2024 23:58:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.101.60 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734393532; cv=fail; b=WlaPn1QtT0tQu1VXr4kViViVPntXxn0Q78uH39LTNJSnCscen9FQqBBB4RoLDbV7qnplaY9ImwKuBik75X63D5ZLTajxqQ/bU9Y0YMNYwlgAcR7huuRP/9KWZxPDx+Hk/GzPg3fO2syNo00h2Us33WCpDokMhCCa+zXKFAeq41I= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734393532; c=relaxed/simple; bh=syGqMyaizm6LEec9pfcxvi7BPhvLcG+T+ty2iLvU3mk=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=BFmTCp4My1l3THJtItsbGu+j+vgeIEziEGPZyAJrQCo2nDi82JSO8U+B09dy+ikBwqUAYX4nOpM+7BW0EiFJrxgjgiFsfukBhZ599U/IMJmDpZh+GVr05V/nV5dgoz86i3FY/1Ah8CWj5/YakvDNN12v3bt/Io4idcaoE8eEhWI= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=d8/FcNLI; arc=fail smtp.client-ip=40.107.101.60 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="d8/FcNLI" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=QPfnCGZRFkR8hPvugunwBKTpJOgXmhLgnvwTAHDKXIVRSZ1JwhmPU0p9z3T+69kKn2DyaN5l0ETvNdGnsujNW8qvitc8ud9W9po8T88hNfvM7rD2VamZ9J0gNXr/iwbDBkPhHZA/n4FrvELuJiqRCnvU+A7eyZFTVrEJqv7jnDvXIxyUUt8lqKdH9n7hDEq8lmoLycmzjsktNBRUnKmsKIZOAZ4PRYV1R2vJDOnzx5muVZyr5bB1EE5K59mCn0g+xrTDjRMrtj5rQ7KC3b/SdAXV1vOuKbUwLsIbWnvEsPbqMK6AZGep//cgG7yXjVavZE+PdlgdI62/LvlwXSjm2A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=rhTHE/dT4zAyu9CTo6Xv6Y3HGPzAIfnLVVr2hn0wfg4=; b=TiuRTQ+fYg830qTd/2CLa23wO4n/B0H0JaYREQQYlGwT50/nDFRqOitE+isVpUPvw5mpmv4/CAxWWjXocDZTXkQ2MqiZWkMYON8syuyS0v7a+PW6bx0Ov1KaB2R+Jdn41bfaZSHgargLEoD83yGq20ltkBY5sanloHt+Aa7OIdOVZ15s8RvRHrAZOgm41FoVma8IbhKewJESVWsVmyJAmhrUsCq50DOgtAKfOfcDMBoRQCPeGSzaDCuEVrqhpxiTK/VWG1K6DvBc9ibDGK8zHGXutgCYA26bb1FeKO3KW/PUKi9TGYWYPsYgPb+D7uJI6AQGujPuLups7GPmbexglQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=google.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=rhTHE/dT4zAyu9CTo6Xv6Y3HGPzAIfnLVVr2hn0wfg4=; b=d8/FcNLIkhgRyQRBzGosDokOyt0OKFPxBlI+9Jo71wJpDMGsXCn+2PNJylxMU66eL0hab4GhzKp+MwkCgY5Mpe8c/PuFOUdEtnyn1PfeytjGRAVMZ+gakbTxolMgbU57F7VGnGS8eTJt1mJ5UXADuJfz4jBxnRc6E03inIS4Bec= Received: from PH7PR17CA0072.namprd17.prod.outlook.com (2603:10b6:510:325::20) by DM4PR12MB5843.namprd12.prod.outlook.com (2603:10b6:8:66::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8251.21; Mon, 16 Dec 2024 23:58:46 +0000 Received: from SJ5PEPF00000204.namprd05.prod.outlook.com (2603:10b6:510:325:cafe::71) by PH7PR17CA0072.outlook.office365.com (2603:10b6:510:325::20) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8251.21 via Frontend Transport; Mon, 16 Dec 2024 23:58:46 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SJ5PEPF00000204.mail.protection.outlook.com (10.167.244.37) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8251.15 via Frontend Transport; Mon, 16 Dec 2024 23:58:46 +0000 Received: from ethanolx7e2ehost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Mon, 16 Dec 2024 17:58:44 -0600 From: Ashish Kalra To: , , , , , , , , , , , CC: , , , , , Subject: [PATCH v2 4/9] crypto: ccp: Register SNP panic notifier only if SNP is enabled Date: Mon, 16 Dec 2024 23:58:35 +0000 Message-ID: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SJ5PEPF00000204:EE_|DM4PR12MB5843:EE_ X-MS-Office365-Filtering-Correlation-Id: 3c8bc5b4-bb84-4083-ba7d-08dd1e2d941c X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; ARA:13230040|82310400026|7416014|376014|1800799024|36860700013|921020; X-Microsoft-Antispam-Message-Info: tX7UnQxgmZ6us/l0R7qQZyhC7jls6RHG0xS/8apCKq/RjR7SqM33s42t642DCsX4jImEIbbgT66zeG90PpT2iQ84v96VwQlftT+/xqjQHmfEl4hEtTa3vnf17otwYcu3juzb2Cjjydu64WwMljCd24Qh2vLPMNxJXVqAwKILlT0Mkj0v8ipR/QInamZsvzjyNwtlxroXY30j/7P8sndBwxz8GAgJK6yfqBll4ol3aLUL8IA4B/iTSjbPR5HobqJfOw+XA45Qvg4zrhX94AmHROzyDlls5a2LoqRf8gsdGntJk7sUFK94C9ISKJX1I+UoM3zdYDRYF0r5S8XZ8cMtHu46Qgof3UM1rFlFg/oiXnnjHZtcQnlVPFfuiexz++zQ07oZsOwFtjhPU418bt0467vgdrr97XITdVEEfpQlDRM0NcKHEiwtsgoreujIsP37L92y6ntoYBtjB4Aipr97wFYlqJjtC4bHOV8UnhDTb+k+6brSkZ2oaiFy3qtU5kUefJXLYX9qsh3MyAnKdkdS2AP936hn4tdf0PmK36Z/znnAwaC7po+fWBs4wjQrFn8AEyPoQLSaKOfBrAwvjsYOLmrNdxb2oxyUxFRFwl3RgYG6l7Bo175bh+8W1Lbe+8n9W5Rokn7yY/xWYS1QqUOTK/fBbeWgiGIxt7TH5atT4mP6b6kJ+4jDWz+dkk0KII+6gBGW/pG3WI5l5xp/0pYzn9gz8ehuYF+nGkSR5g1U8XsvW9FPwLeVc/D/xDBHDNV5XBNwIH2nW1bI0ULj/1mU9G7qzh6EL+mZ+AelDSHP6g8dh8YLdhxETY8FT2/Ev7BtPsRjJpmVThDYr/MnJoHRcwt9xb9x/b8W1mB9xV4E7grx/t89IXciWc8MAbsmWMeIa9n1wgIul0p0P3ho+8XLEjyqw6dVcJWkSG3RpfMhmcTsjKIt6yg5vH8GrrW7SbemGqfhYGwH9HluGM1D8DLPpEh/dZ+OI9Bp6tmTPrPLOfy5/GWMHd8OQ3Mdz01nToJK/ry6pXPawIGUhGFer3wEejwoX/fMhWUbHWZsBUgGNFT9/HtYZRxHYTV1le6Y83RGKG6lQOn3nr5MorzevhF+xTwCf6CyuUJzf0eaPeAjQDy9cYyoLKkug+s9F6UJm89jiuN7sdWS6lgfesM6QkQP4jWgBjKjch39UkrlVisHzAnYx0GbNdGM1Fp7fHEFRgEWNMRD9FH4cgbqpZL5GEhdndwPkwucO6Sz+4kZFl2pOuXpYn1g90RPSOzupfMmAem0+pOcqs8AIAEuEhQBTnVHRFfQoABN64D3Hm5okqFdjwzzuDqx4DddoleCYS/3+qpVguqZ24xUfLaAZQv0JDHODDtA65GzJTcJo16U+0+MTwbsAxZ92MJor0CJ67sq2nEFIvuw42VftkX8ztINJsKGMhlplAQhk3d86iov6z5bWED4B9sRKJaheUS853RG1AykcpsohUWQnY2ZNNAEYfSHgHy4IhdbhtZd3cPuVyPABJ3p34f3IDPaN4KgbXIIY/vW X-Forefront-Antispam-Report: CIP:165.204.84.17; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:SATLEXMB04.amd.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(13230040)(82310400026)(7416014)(376014)(1800799024)(36860700013)(921020); DIR:OUT; SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Dec 2024 23:58:46.2188 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 3c8bc5b4-bb84-4083-ba7d-08dd1e2d941c X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17]; Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SJ5PEPF00000204.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB5843 From: Ashish Kalra Register the SNP panic notifier if and only if SNP is actually initialized and deregistering the notifier when shutting down SNP in PSP driver when KVM module is unloaded. Currently the SNP panic notifier is being registered irrespective of SNP being enabled/initialized and with this change the SNP panic notifier is registered only if SNP support is enabled and initialized. Signed-off-by: Ashish Kalra --- drivers/crypto/ccp/sev-dev.c | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 9632a9a5c92e..7c15dec55f58 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -109,6 +109,13 @@ static void *sev_init_ex_buffer; */ static struct sev_data_range_list *snp_range_list; +static int snp_shutdown_on_panic(struct notifier_block *nb, + unsigned long reason, void *arg); + +static struct notifier_block snp_panic_notifier = { + .notifier_call = snp_shutdown_on_panic, +}; + static inline bool sev_version_greater_or_equal(u8 maj, u8 min) { struct sev_device *sev = psp_master->sev_data; @@ -1191,6 +1198,9 @@ static int __sev_snp_init_locked(int *error) dev_info(sev->dev, "SEV-SNP API:%d.%d build:%d\n", sev->api_major, sev->api_minor, sev->build); + atomic_notifier_chain_register(&panic_notifier_list, + &snp_panic_notifier); + sev_es_tmr_size = SNP_TMR_SIZE; return 0; @@ -1751,6 +1761,9 @@ static int __sev_snp_shutdown_locked(int *error, bool panic) sev->snp_initialized = false; dev_dbg(sev->dev, "SEV-SNP firmware shutdown\n"); + atomic_notifier_chain_unregister(&panic_notifier_list, + &snp_panic_notifier); + /* Reset TMR size back to default */ sev_es_tmr_size = SEV_TMR_SIZE; @@ -2490,10 +2503,6 @@ static int snp_shutdown_on_panic(struct notifier_block *nb, return NOTIFY_DONE; } -static struct notifier_block snp_panic_notifier = { - .notifier_call = snp_shutdown_on_panic, -}; - int sev_issue_cmd_external_user(struct file *filep, unsigned int cmd, void *data, int *error) { @@ -2542,8 +2551,6 @@ void sev_pci_init(void) dev_info(sev->dev, "SEV%s API:%d.%d build:%d\n", sev->snp_initialized ? "-SNP" : "", sev->api_major, sev->api_minor, sev->build); - atomic_notifier_chain_register(&panic_notifier_list, - &snp_panic_notifier); return; err: @@ -2561,6 +2568,4 @@ void sev_pci_exit(void) sev_firmware_shutdown(sev); - atomic_notifier_chain_unregister(&panic_notifier_list, - &snp_panic_notifier); } From patchwork Mon Dec 16 23:58:52 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ashish Kalra X-Patchwork-Id: 851288 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2086.outbound.protection.outlook.com [40.107.244.86]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4ED201DA305; Mon, 16 Dec 2024 23:59:05 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.244.86 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734393548; cv=fail; b=Q0dF3uXm2kdACaoaks1xStVd6DInwBZNEFrvnccPRYSS+Mu6VAluEOUkpmVrkPx1D080fn0Ar980V6LM8vik5wBxLmQmfezm9HuVAyNew13TTkJvjRuhi1ndHSWAjhSIfz8tOqwIwJmJFGdmeAztAIg1UG2ukyoz1XFJrlgFHIY= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734393548; c=relaxed/simple; bh=X+Tul13C2YnR5knAv/7vYzF3jklUIG51PvTE/u1niTA=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=FizVJkGw6zrIyukuZsPZJIQts1VDrldEnKLD1I8G4B8lOJTwTS5wGs/9TxKVJyW9OFEGJNMEbA4ke4QVu+IrS7pVi0VSoL2frPjSvU3JwjX1yt4WKq4ZngHmJDQUjY37XQ630OeIucDLedz4CIGm10IFNRiFQkiauEQPS8JeDLU= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=0AHslTqp; arc=fail smtp.client-ip=40.107.244.86 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="0AHslTqp" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=M5TOLr/Y5j4GT3ygPrPWswVaRyCfFsq3Bu620Je+eczVvT3X5PjKPs/tLkWAHsw9gnLxDiccx9KHmEEws67WTKszZ4Qn6ccehYJFmV8dNLp9P7J+ttYaRI7e2iC14Cq+FADpAOJd5IwBTwSInEr92AcFrsiBm+LV9ixL1vsYsg3M1g6D5P1T5ko2rodOqvN0cdifrAif/9x3mypN4j9PaCy5Tqcj/W74Y89mNcvaSZ+xT5ikbAq5LC+taF2aVOJZEShtvt16HJ0IgB3RG8VmeUFLdivwKX5prj8yWJgbzl9ij9aTdbjD1PJfA57Gx+onyDReVgpH1RtVJ/B+BFAuQA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=pE3ahtKGMBxz5RhM+/fBvQ+08387osZgTaWFX//dHwY=; b=Ekkz5bBKgwd12UkuUe78+jPFB58JrzUdbEghVvOMdwlm0/AT8K8TwE0Z8v4LoTvfPiDi1pqeXwhpqLXils0Ro4PvrDYjyJsehg7OvtnIg+Kz25QgClIGb43ajHUckOH75mnTxDN9knChQD3+ar2ZS/Lc/9HVPCDQk/cRsaLMB08UJ22Vw6l0WD6bU/iL6tALdLKlRAYALOcBkEcKYtJXHiCqG80CHrNrEN63Kju01xLkVNmTCm63tX3HysjAqiCV3+ggvzhFF+q7POCzXUc9MJg+C+cQ0F4oKHc7cROAmu1BEHQkDc3VNJbkcBb2gqGLChN0HrQ1U5Tv9clphY7h2w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=google.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pE3ahtKGMBxz5RhM+/fBvQ+08387osZgTaWFX//dHwY=; b=0AHslTqpX678Sx0dzETPjO1XsHxhCoQhkXQSZP4kfKqQm1hwokmoadyQqLv81MOoEOXsa9EJPYpZS+zt1SnD0dsK3Lc4gjS6f4MVLGN26dr5lawM65tlilrWT16hXCsd8rr9kjzCt//w7hHN7oG8ZhYL/NHBoCHnQzQwPBz6wg4= Received: from SJ0PR03CA0333.namprd03.prod.outlook.com (2603:10b6:a03:39c::8) by SN7PR12MB6912.namprd12.prod.outlook.com (2603:10b6:806:26d::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8251.21; Mon, 16 Dec 2024 23:59:03 +0000 Received: from SJ5PEPF00000205.namprd05.prod.outlook.com (2603:10b6:a03:39c:cafe::ec) by SJ0PR03CA0333.outlook.office365.com (2603:10b6:a03:39c::8) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8251.20 via Frontend Transport; Mon, 16 Dec 2024 23:59:02 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SJ5PEPF00000205.mail.protection.outlook.com (10.167.244.38) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8251.15 via Frontend Transport; Mon, 16 Dec 2024 23:59:02 +0000 Received: from ethanolx7e2ehost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Mon, 16 Dec 2024 17:59:01 -0600 From: Ashish Kalra To: , , , , , , , , , , , CC: , , , , , Subject: [PATCH v2 5/9] crypto: ccp: Add new SEV platform shutdown API Date: Mon, 16 Dec 2024 23:58:52 +0000 Message-ID: <2313ee66c9d5bdc8aeb6ab86b6f958315e77cdc4.1734392473.git.ashish.kalra@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SJ5PEPF00000205:EE_|SN7PR12MB6912:EE_ X-MS-Office365-Filtering-Correlation-Id: f3c7ebd6-2a10-4df9-75ed-08dd1e2d9df2 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; ARA:13230040|1800799024|36860700013|7416014|82310400026|376014|921020; X-Microsoft-Antispam-Message-Info: +yTadvtC0gjjhhBO0LhdB0s6NpiC2qEOEs3XqpnSCBOHohCdtpa9IvYAbwY688H2Fmkhe7c0YrJFUIudqWcL7ajwOLaK7o7o8EpEHM8DJx1kE3IqTPvr4Hh2P2sYz5kVQiZ425ICkKwgz6YXByNAZTSL92T/zY9TNxaym1ZNlzte3xSDqsQJxR+97Gk6egHB5ifTbL/0xoqFhWaQRkUw+Z9u3kPgWn/Ljnfy9/4y/JSaW2yN1XLPtBdzyvEts01yG+5rwVET4scZwMqZgoiv5ygKDE9lIr8uDAnfQJzplMbtU/QEzR1DPiTtDP92JcYIEzsfGN5+GdtyeISnRq8T8BHIKMsIpCtYORDa1b3m9dscG2aUK0iTXKB3CZnpWXqpMWocFECCNUb9kMsrzTcYorwNjqvXR0mNVv4cuXYmVBusFGHqyiti2Mgk81gf919Rkn/b6gHTQoxOqC9oH7n8sBgFGA76enLwZJFS+QyOGUnbZGeH8UGXev+5thXA7js5Rw5PPoIA5BYXBkCEgm5yaDLmaO/ESpB64fL7WoDkt41nW74K02aG1iphlhfojIVAiYCItQrINwcNIpS3n9sAPtWgvy+v+aUsCgXTXSssmTqpH5Ej9R22YlUFFqeLpgVN4O1IsmUtEvPiWAJ5Tc9+m4Amw3AljB1Je683nZbqlDTx1Jgf20GaMcV4i8fpfhvGLKIAAEIWk4fR3o3dakWagyVJyjTV/4qskso47/zGz2ALn0eK5yyj2JBOdoPIhst4qED1PTuzuBV1kSp89v2gfBuXCpKb8UZ1LyeGrt/wmDqfiKTqw+Bd6M5GaMuexsKtTU5Lm4hQjzcIOl1lp9U65ob8kUmMGoG6mYeVzxtbUfA74eHxngUR+De7UmWE74vOclI+vWbwPeiAvuVywbKW8tBmesl6BAB6STXdsiNFSG8CGF7eBJu9M70V5sVNPYVcPC7Y6Cdb/0fEgGSYggvyOAUIS/wCAEz2ecr6iYbJtHhDIUd3HT/sJfkQK7Ku2RUkQdCeWyiTgQXaz3MmI38dR2csx0hljrwA905SukfW/U2eO2DGjhLm9ee0wsvpwv/ATlYWwMe17Bjjmc3f9ZqmTHp9jvryEvfaaCqqsqVOPltr1P7SaBnjuR15QU6hrTsiX74DfUEQ4xw8I62FB+zqO083WNgcfz7oYK5w+iiRvtYo4YOs5vOy/rjrch52UtGuVHZiV9T1vQ+3eSIC4WiJvBBzuALU23Ho2Z4F8mQFOhhheLBO/5FZ0rOGxEDOtC4NPWLuKhEYgjFeEyv3aXohs99YewWH8kFvp0yjUhR7nXkNDJK98SXWWeTBluJi+ATP/jlmqOJ7iTa1ISiLEoETLpPv+umsLTUWikTJi0h2V5K/GyhPtKsv6bScnghrpMmimU8P2ifIEZdUx1tbWHlQuNDiIAWK6nVf58/LxxfIOTnmZ9R3UJtz/C4KZ7M9pxByAeKxHlhjA97/ZLgu8t+/JwrA2+VlKT1poNghxBFkRGWa4Tq1Y2neo8F6MXucnJYx X-Forefront-Antispam-Report: CIP:165.204.84.17; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:SATLEXMB04.amd.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(13230040)(1800799024)(36860700013)(7416014)(82310400026)(376014)(921020); DIR:OUT; SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Dec 2024 23:59:02.7190 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f3c7ebd6-2a10-4df9-75ed-08dd1e2d9df2 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17]; Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SJ5PEPF00000205.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB6912 From: Ashish Kalra Add new API interface to do SEV platform shutdown, separating SNP and SEV platform shutdown interfaces allow KVM the ability to shutdown SEV when last SEV VM is destroyed which will assist in SEV firmware hotloading as SEV must be in UNINIT state for SNP DOWNLOAD_FIRMWARE_EX command. Signed-off-by: Ashish Kalra --- drivers/crypto/ccp/sev-dev.c | 12 ++++++++++++ include/linux/psp-sev.h | 3 +++ 2 files changed, 15 insertions(+) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 7c15dec55f58..cef0b590ca66 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -2469,6 +2469,18 @@ static void sev_firmware_shutdown(struct sev_device *sev) mutex_unlock(&sev_cmd_mutex); } +void sev_platform_shutdown(void) +{ + if (!psp_master || !psp_master->sev_data) + return; + + mutex_lock(&sev_cmd_mutex); + __sev_platform_shutdown_locked(NULL); + mutex_unlock(&sev_cmd_mutex); + +} +EXPORT_SYMBOL_GPL(sev_platform_shutdown); + void sev_dev_destroy(struct psp_device *psp) { struct sev_device *sev = psp->sev_data; diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index 903ddfea8585..fea20fbe2a8a 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -945,6 +945,7 @@ int sev_do_cmd(int cmd, void *data, int *psp_ret); void *psp_copy_user_blob(u64 uaddr, u32 len); void *snp_alloc_firmware_page(gfp_t mask); void snp_free_firmware_page(void *addr); +void sev_platform_shutdown(void); #else /* !CONFIG_CRYPTO_DEV_SP_PSP */ @@ -979,6 +980,8 @@ static inline void *snp_alloc_firmware_page(gfp_t mask) static inline void snp_free_firmware_page(void *addr) { } +static inline void sev_platform_shutdown(void) { } + #endif /* CONFIG_CRYPTO_DEV_SP_PSP */ #endif /* __PSP_SEV_H__ */ From patchwork Mon Dec 16 23:59:08 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ashish Kalra X-Patchwork-Id: 851502 Received: from NAM04-MW2-obe.outbound.protection.outlook.com (mail-mw2nam04on2050.outbound.protection.outlook.com [40.107.101.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7288C1DA305; Mon, 16 Dec 2024 23:59:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.101.50 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734393563; cv=fail; b=qxZkS3RsFrC/GjNDSbWcmuTSFfmBHUCAvvIviEEKnf9w6/95FH8Rb/sv7iDfNT0Mzr8IampFxKegEZ8eqoEgmHF7iRYRho1respQBJ8wolMFpj4vTSfo4uqGTJNxnV2USo1sN/KDCwydhhs+RInFQML7zTh7o0RcEn35WGhLGlU= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734393563; c=relaxed/simple; bh=z96zz2l5e/UrE5xUTkiYFBvUSkoBjAbXT+XnOlMKlqE=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=BmZPWMXCMZX3HVm9jEH/BSdsJliaPKyfcW5vnZIE6eYTLtDr5GVT9aoh3jNK8lEhMJSOA9KazRCOf7DP7jgJVpjtDSoKGx2L2RTwfpCD3uBQ3YZBFJF5Whpt1EzDh2txK5x6Di0j13SVPnAlzX/d2f7D/HvouW93MGIeAMEVLOE= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=MUARCNxi; arc=fail smtp.client-ip=40.107.101.50 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="MUARCNxi" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=QAaa/nNqgPz1oyvxei0jKRNYKuaSiwOPAmIy7wseb9kvTcb4YvOK82BoMbtalg/g+3gQNg9NeLlwAOySA6Lg16ZMeDxHrlM3Uy0LMPYBK1J/dQ+cgncsyegzKOHUhV88XOeFqHnS6YWcmjSXBQRnw+OBn7wmeGLgHrb97I9GB4CKtFKJ6MVDfOxte7ihQMMHfn0AE/M50k2uqZ6rj8Ikiq1gjtY0AFQ5ST+EUrl+qyXEZl9smAKeIao8elLwD+MUfHmUPpGkq9R0wdXuQ8Dra6HrLCJBefLGOPZuevKHrhCr9ACQvaA4pReoWiKy2HGxOPhlEsc15o4RjvIsXpUfUQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=gWDt4j5npiNQiARNJc9xzgL4hq7NnujXlMDBc9bJRI4=; b=oQUQzmVnNLO9OOg8DTFvv0xFhNVDHz9ki6zswpRoRolx2y21Xocb2HL6Ri9+S/TVAQp4pUvYpTC24djIacSuPhOTBJCrlJq1DFpyXarub0Nh5t7QWs4DN+qoP3UAkmtRuREclVctR1l+cCDE1XO42KnJooRBeFgq2owSOiVPnSVtVZ5pwRxUE4BvXtQDdd6FzwGvy7UXO8N5r6zSq2xvrTTLux7lVfLAYuAVrDgTNKM/6CLr/pPLNxBAu1ESFMJHLCLmozn5uHpDZz567/iWhssYJoPlkEVMeteC2v/hn3LoBp72l2qq4yrd4rX6orevoDSCDJSb3ylwKOur8CvWnA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=google.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gWDt4j5npiNQiARNJc9xzgL4hq7NnujXlMDBc9bJRI4=; b=MUARCNxi0EJTe9HlUsrbEbJNwibsoW4n1CBKY6sQb+g4X3SScGAOoqB3NkhUmv8sNXb6A4Eqb/A4A8VCwHd2DoCVTb/a9zIKRY3MtMhCnKQvbh4/BgcxQOBVFzsFc9TCVFygBnhSRxsta5TeyHCPyKDtYbM+8iH7EAJRaVgZGrs= Received: from SJ0PR03CA0359.namprd03.prod.outlook.com (2603:10b6:a03:39c::34) by IA0PR12MB8896.namprd12.prod.outlook.com (2603:10b6:208:493::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8251.22; Mon, 16 Dec 2024 23:59:18 +0000 Received: from SJ5PEPF00000205.namprd05.prod.outlook.com (2603:10b6:a03:39c:cafe::b4) by SJ0PR03CA0359.outlook.office365.com (2603:10b6:a03:39c::34) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8251.21 via Frontend Transport; Mon, 16 Dec 2024 23:59:18 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SJ5PEPF00000205.mail.protection.outlook.com (10.167.244.38) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8251.15 via Frontend Transport; Mon, 16 Dec 2024 23:59:17 +0000 Received: from ethanolx7e2ehost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Mon, 16 Dec 2024 17:59:16 -0600 From: Ashish Kalra To: , , , , , , , , , , , CC: , , , , , Subject: [PATCH v2 6/9] crypto: ccp: Add new SEV/SNP platform shutdown API Date: Mon, 16 Dec 2024 23:59:08 +0000 Message-ID: <11ce67db2349a0c18fd549be41815ccccf401e64.1734392473.git.ashish.kalra@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SJ5PEPF00000205:EE_|IA0PR12MB8896:EE_ X-MS-Office365-Filtering-Correlation-Id: 138dad49-becf-4448-0e4d-08dd1e2da707 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; ARA:13230040|376014|1800799024|7416014|36860700013|82310400026|921020; X-Microsoft-Antispam-Message-Info: 6b3jpGxORKKk3jfgzwItAAOOEmOzMed0Uo+utmFmoHQvrvgj2cUD0uSuGZwE7MXqRdZQWrNOs+zTDltwdOB7twelwBQo6rT1ltW68bPsaYul2z+742eDXG3JqcZKDvLSgXB3+w7mSq9GKT9urusDWfajiCW6eKTrsEVlJVSXtgTdwC7hzGejVcyPWSgWE2FgybF6708DV3LyhuxVM2O4uFNAJ1MQ+x5uE8yLAS8ZDLvlJAYuzpqT1l+JBxRvgzvLSPKhxakUQpitMz9ceix2gh/3dlBWOy/Hvvt6vVDwJWnMz0hhng/sRApuIYi8GmeSiE2E8KeOsMpRSMLxQ8yJWBA8FvWBVx/Qj/1ZcmJTWKXZ4uDZPmQhFaS92pqQz0ItaBPDrl5HzvK8Bs1hn9vL0DNzsVYMZ2G6i7zKSERPgAtE7Sjqo2AMcwWqXN21bMNLlPQZE9kAt7CaDoNP36E6ZYBwyu1T/LUHLl6o2C45MtLGop1H0zlInJdYvp9NOY94jUkbvcO3UdAXxDPtJ8TcX2kSLNVmsSZveTNZD4a105Iq3RYBmiGrNQUJf0P62AQDdbHFjp8dGhrEhs7lznmPNPehrlFnBlZP95sM9yY+hAgKuQfmHzWkA4SMjprHlQdvgwa7df0trLMg+i3vlEpnuQFV5txfifRaxoqZkI6PKIAzKtUVIulLT/V3FW26AI/fiW06X7G7ktIK0yCkPdvjn7VU/eiMCtLLMwHzqsbJA/oA6phJO4gA1bK/aILU5CwISMpVcK0GWjfD6X7Sa/98LP2NYDUehcds1z9w0K9kEmie3YCkEnHFzEdW13Zh2lFjM7DDsMYJsbJbOwCenDdSEV6pikuVmZxtqua962PpORH6pRedHLmwBqYeLxYSV1tyF0Xl9t31Z7BvVn5T67fv71LUIIbqCpouZ/ue+HS92qIItgWdh+v+AemQnOAJPFMxZHP/RlyO+6d94fNbAwnkJC9AxEElsstvSKviwxXXXKWBROVusCeJ8NK0a1mjCOOszQeUCLdlYu+avsuE4Iik4/zz7ii8IAqak/GoeR0KHYlTPPThvm6+nXAtey7vBLZxGWhplsRMTt0wkRSLv3emqgp2aEXJLpWQ6yHeEgztnFOPcAk1bwCPdsxJxwJJV7jg1q5arEXxjwrfP0nmmDMOfkyJv+XoAmsXe+R3qr5UZnGCJu0PBqFyXIsDcEe6vFdqWKd+okWRf75qL5Hq9n+xj6COp+j/MGOuGyy02n40KhvkEk4/RTc3wFZNu4kW0mcH4s2NK/DoR/Ah5gXuZo2Hoy2JjjGpiUDsgKk4dq5yhBiTLtIsAygg3DL+OEiQ1h38j0oazc7PUifCHD5tq+JqHppONRGMYvcVfzj/+0RnuID1MWe8KE72BUtZ8I6842qTd/UZkDWA+p+71a7CW5GH4T/atgedFB0Y2kGcEQgNCp01rl5NcbFIOawqH7TcZZmlglPovFR7NU4JSRmipBwkozlJpsL+/hQ74pu2dtzHwY0= X-Forefront-Antispam-Report: CIP:165.204.84.17; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:SATLEXMB04.amd.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(13230040)(376014)(1800799024)(7416014)(36860700013)(82310400026)(921020); DIR:OUT; SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Dec 2024 23:59:17.9535 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 138dad49-becf-4448-0e4d-08dd1e2da707 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17]; Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SJ5PEPF00000205.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA0PR12MB8896 From: Ashish Kalra Add new API interface to do SEV/SNP platform shutdown when KVM module is unloaded. This interface does a full SEV and SNP shutdown. Signed-off-by: Ashish Kalra --- drivers/crypto/ccp/sev-dev.c | 13 +++++++++++++ include/linux/psp-sev.h | 3 +++ 2 files changed, 16 insertions(+) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index cef0b590ca66..001e7a401a6d 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -2481,6 +2481,19 @@ void sev_platform_shutdown(void) } EXPORT_SYMBOL_GPL(sev_platform_shutdown); +void sev_snp_platform_shutdown(void) +{ + struct sev_device *sev; + + if (!psp_master || !psp_master->sev_data) + return; + + sev = psp_master->sev_data; + + sev_firmware_shutdown(sev); +} +EXPORT_SYMBOL_GPL(sev_snp_platform_shutdown); + void sev_dev_destroy(struct psp_device *psp) { struct sev_device *sev = psp->sev_data; diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index fea20fbe2a8a..335b29b31457 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -946,6 +946,7 @@ void *psp_copy_user_blob(u64 uaddr, u32 len); void *snp_alloc_firmware_page(gfp_t mask); void snp_free_firmware_page(void *addr); void sev_platform_shutdown(void); +void sev_snp_platform_shutdown(void); #else /* !CONFIG_CRYPTO_DEV_SP_PSP */ @@ -982,6 +983,8 @@ static inline void snp_free_firmware_page(void *addr) { } static inline void sev_platform_shutdown(void) { } +static inline void sev_snp_platform_shutdown(void) { } + #endif /* CONFIG_CRYPTO_DEV_SP_PSP */ #endif /* __PSP_SEV_H__ */ From patchwork Mon Dec 16 23:59:23 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ashish Kalra X-Patchwork-Id: 851287 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2072.outbound.protection.outlook.com [40.107.223.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CE4A01D45F2; Mon, 16 Dec 2024 23:59:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.223.72 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734393578; cv=fail; b=GdnN2kQG1MpkxcdR3SNz5//QpgYXOZCslqAgIyBtc5quo8y4k+N7FEKhusG/VLBhIjeUjstuKDPHejuCrF+qH481Ndz9UZB3QiPF7x/bzSZANGJTF8ItS0BGbokhkID6XkSHMO09W0BTmgxmac7QvKfFTO77tEc0rQix7nvjGAQ= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734393578; c=relaxed/simple; bh=0duPIt7pde62qBFgWC4Manbp7tIa3/7JuniaJjmyW60=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=miOLvjYZJ/BPYwS2O/jNWq8wG7b2wIsLZC3kGJyuen+OY7C29GfaflEDgdWAmJ6+s4JYOhuqfKEYwRvr8+s7uzO6cfIrafMUnUYBuHvoCcF2nxiaSo3DzOmEvJbb5dpi598+GRzB/j9n669vdKS2pMAFpg9iLr68zhO6zGKK2UU= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=Bz6rIiu2; arc=fail smtp.client-ip=40.107.223.72 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="Bz6rIiu2" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=vCF+bA/D7pP155iR2DytiJj7Bxvcfpe21uqLbQSo14J4JDgGeB/EE5giN6luvgZCkWAuOqRHxPVwSpVfdmQ/KHcEJfwyf12yZHUyARPPNU9pPtBN4EhDWkj5Y91UC9tVzyV1u61EHGKRhYUTLddv56Hxga8IiTQj0v5KRRey92WpKo9XWA7xqfjrNOzD6ySE5WuxDr8uUwXJhjRGZvJt4v5FfIa8/a7v3HKlGeL5H7E1MB7bDGyUV0AJ3NBEbNghDLO17aFUjqVHvLtSiLPiwvB4KefKTWy7SvVjWsBmQis6wzpjgxOsQkBD/aeQRTe4D79H7Dgliyyom4/sJKwInQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Pq7l/AAI+sd8lDvQMzzaAAjzwqysM8JSeEe0t0Gmsxg=; b=FC39FEPMO1Re/XeWljid+4Ucs5PizDx7uGYJiNi6p4oI9KbEDS56BJ3aCZFOUmHYBQkYjgdU3cTcbYz6k92TgTXC+w4wDXeiHmotY06jZE8xGnnG8O8vkBQY7RyN0Fg0eoxbIevW9zPjRjL3PFsgDIuLgDOUyQp0PN2WnCaTA3FHJMwkKEHJcgzwmB3KzXD86mZmGgMk+VND0BSG+m7zyT+Kr0+VQaJRpAxaTgc/8gaS2DJoBMGh5YkbNzUHkcE6/UemFaKqKjK0jZw7nOueMz0/a6zS6xfzgKCuGXbDZBGEnrYnkN4h592EOqLU+k7Oja1fAklR4BOHi5o/rFkJlQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=google.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Pq7l/AAI+sd8lDvQMzzaAAjzwqysM8JSeEe0t0Gmsxg=; b=Bz6rIiu2/Uqsn8l/3+uUVZW/t+H5Uf4Ky1syoFZLwDlXG5qwuTUlYZ+mA28+sCBEwsvGh6UPAbNCjZNXY/5iHmjOcR6nKemnccjV2B/zmsUyCMJmQ7z+w/L+JaZphRNIUQw8tUsuM5FR+ZhsiWMn1WzWblEMTP+TwedsVI5uaFk= Received: from SJ0PR13CA0034.namprd13.prod.outlook.com (2603:10b6:a03:2c2::9) by DM4PR12MB7645.namprd12.prod.outlook.com (2603:10b6:8:107::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8251.21; Mon, 16 Dec 2024 23:59:33 +0000 Received: from SJ5PEPF00000206.namprd05.prod.outlook.com (2603:10b6:a03:2c2:cafe::27) by SJ0PR13CA0034.outlook.office365.com (2603:10b6:a03:2c2::9) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8272.7 via Frontend Transport; Mon, 16 Dec 2024 23:59:33 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SJ5PEPF00000206.mail.protection.outlook.com (10.167.244.39) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8251.15 via Frontend Transport; Mon, 16 Dec 2024 23:59:33 +0000 Received: from ethanolx7e2ehost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Mon, 16 Dec 2024 17:59:31 -0600 From: Ashish Kalra To: , , , , , , , , , , , CC: , , , , , Subject: [PATCH v2 7/9] crypto: ccp: Add new SEV/SNP platform initialization API Date: Mon, 16 Dec 2024 23:59:23 +0000 Message-ID: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SJ5PEPF00000206:EE_|DM4PR12MB7645:EE_ X-MS-Office365-Filtering-Correlation-Id: 5c67cd06-5a33-49e7-7f8a-08dd1e2db040 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; ARA:13230040|82310400026|1800799024|7416014|376014|36860700013|921020; X-Microsoft-Antispam-Message-Info: GiQex63VHTTg9qXOBXYE0EkFM998b7N2LN2iJOeyNvHv0lf+ZpSsrWnoWPwuX3Y5Jv10j3DZ4Q5GSN+JyNfdTRLSZlYp04rWcA922cEnhFnv7WINkL87IRruVDKXyyXjHoK/Ecsvtzwz22XUxBp9DyXVdI8qu3A/2dZoMxtrF43vsK0HJa8v7/kGdEbMRlIyy1wk3+G5oH7vk9rQPrN5GOEo3xvduGcyxw0NLFoLElqMul0K68GaGbP0YXTiKwo37+Oi6f1DfGHcw8GqlYFKvlF9YxHcsXy8iz/TR1PF0Go6+WAZ7TyyiovaisyNb/REGngTtlNpPDDNCRN2ETdBLzpm2C+jtIYxhHwXVZV7WsYWT0HALH02H7uUkKb2zCdPsg18IUu/qu3zAF/LF0DzFS0zS3DjPKUHRqptyKV2kyqq+YzBO8uWe60G3vNehsQz2h1ftaY2DBPcSXP8xTrWwpjrk3DwEpjVv+e/jE6HG8JH3rTGqkIRDGjfsdG8DvHJvDR7fa4/XRCVG3M8cEA8fPjRgkPHLCIx2xOtkiHl5YMgJJQG8ZqcyK8DpS7UFJwUQkaSB/7jsmnd8gPlw3RESTmpmAWMbxnHP+Ow8VKdEiU9++LHMnMx7q/iLNQVh3aLYaKSNlo5IN2m7xcrG8vKsTku+gj3rFYlji1OPZA4E0m4jQdYfHv2K5rUBq5cyjejUfs8t7hEwWNooUl5bu5himjYMBYs0C0OKnprT52gVLykJiuW9jS//0I6FZ1UdLrfYEVE1zxNEz6WlP4jZwqrRnyI8J2EE2gqx/fapHUSuVTaSg1FyP4t0/WBxEE+96dyZPjjuR/6AsiNgsaREXy6hIjV21pGz0GWOOWwe4fpKaem7nlAlpxXRCD8b+rGXqXxzXTxDGMqkBjVFsvVDMwUA+VksCFDO1QxUr/SJJFBXKSexU5HZM1uPMIzCqWRulqdD5Uf4VWJFwTz2RP4cwtQXQBQWL7KlQGbBfnD27TZ7vxhLAwrZOg1pUf54s2zE8K8Xsf8HzNA1M18az88JOLD57obh/sUI/sdBTVMouF+4TS6rp4BFcqVxJJCFtUSNecWaaGsASGj/Tk5b9aRJAS0+d/P3nuVKUxlplNP/6ZzqLQm6f2MppKDbd0mH+Fn7IHOzZB1OMLL0oyC1jzBXDsiGirxw59+tHLBfi6IiC3JCw0eHriimciOk4NE70z+nky59xq/7+q/wBaQjDwbCcbQQ8HNJS0IueuC1YYQYmCQSODGRsGH6e8hnXits9BfxSxRo+ndkfNAntfijbN9oYoWXe8UFXw5fLg965+5Ivld5u+DPty63a3jjvDjj6y7rmx/oo0ANKLYuqh79m2cQTa1iukxB+oDR5Urff4OEUOCRZjVPAnzsIX0/y/vtxiCZCMQoo01uYGwkYvf1AV0tfw8EnZGswoqXRjA+iHRqv3D6q9xvHlRlpNNPT0P4si5ZTnF4kWu4mdqGDXxBOAILAqWXQgGRhyxKXW8FTtp1ivLPv4= X-Forefront-Antispam-Report: CIP:165.204.84.17; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:SATLEXMB04.amd.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(13230040)(82310400026)(1800799024)(7416014)(376014)(36860700013)(921020); DIR:OUT; SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Dec 2024 23:59:33.4294 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 5c67cd06-5a33-49e7-7f8a-08dd1e2db040 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17]; Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SJ5PEPF00000206.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB7645 From: Ashish Kalra Add new SNP platform initialization API to allow separate SEV and SNP initialization. Signed-off-by: Ashish Kalra --- drivers/crypto/ccp/sev-dev.c | 15 +++++++++++++++ include/linux/psp-sev.h | 17 +++++++++++++++++ 2 files changed, 32 insertions(+) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 001e7a401a6d..53c438b2b712 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -1375,6 +1375,21 @@ int sev_platform_init(struct sev_platform_init_args *args) } EXPORT_SYMBOL_GPL(sev_platform_init); +int sev_snp_platform_init(struct sev_platform_init_args *args) +{ + int rc; + + if (!psp_master || !psp_master->sev_data) + return -ENODEV; + + mutex_lock(&sev_cmd_mutex); + rc = __sev_snp_init_locked(&args->error); + mutex_unlock(&sev_cmd_mutex); + + return rc; +} +EXPORT_SYMBOL_GPL(sev_snp_platform_init); + static int __sev_platform_shutdown_locked(int *error) { struct psp_device *psp = psp_master; diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index 335b29b31457..e50643aef8a9 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -828,6 +828,21 @@ struct sev_data_snp_commit { */ int sev_platform_init(struct sev_platform_init_args *args); +/** + * sev_snp_platform_init - perform SNP INIT command + * + * @args: struct sev_platform_init_args to pass in arguments + * + * Returns: + * 0 if the SEV successfully processed the command + * -%ENODEV if the SNP support is not enabled + * -%ENOMEM if the SNP range list allocation failed + * -%E2BIG if the HV_Fixed list is too big + * -%ETIMEDOUT if the SEV command timed out + * -%EIO if the SEV returned a non-zero return code + */ +int sev_snp_platform_init(struct sev_platform_init_args *args); + /** * sev_platform_status - perform SEV PLATFORM_STATUS command * @@ -955,6 +970,8 @@ sev_platform_status(struct sev_user_data_status *status, int *error) { return -E static inline int sev_platform_init(struct sev_platform_init_args *args) { return -ENODEV; } +static inline int sev_snp_platform_init(struct sev_platform_init_args *args) { return -ENODEV; } + static inline int sev_guest_deactivate(struct sev_data_deactivate *data, int *error) { return -ENODEV; } From patchwork Mon Dec 16 23:59:58 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ashish Kalra X-Patchwork-Id: 851501 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2040.outbound.protection.outlook.com [40.107.93.40]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BC03B1DC1AB; Tue, 17 Dec 2024 00:00:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.93.40 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734393616; cv=fail; b=iFOP1uCUc/1b/ZKY1FU/S2W2dRVgRQji4ZO8OjnS1FQfqd/+bGcv66PuZWrVcJc84WCCUajC/HenxIBOPNDrKVTBHEcGFyT1Eh+3TiWb0Z26k0FdSMQtT0b25kGGeGB25ubbW/Du0voI1t8wtwDopWsgUC8HszQJmgdcZLzZNjs= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734393616; c=relaxed/simple; bh=PZqpkQkI5q5yC6HiU1zkPx5QkhFsN10540a8ZSxmCGA=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=M0J4F9W1qx646nYyYpqzgL8yEp6H40V4PEfkQBEa6IAU8gF7mAXrh4lycWqDgUEUdEGqjOjEBvvC5P68YAiBkA1Wd2uNkHhRyQJ8UOoqCyfYbe++0GW/QdiaXvcRKT9O1nNod9Y/2OUuO3LToeBBKnf7UKee9r+TyN7aXNpzfq8= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=mhgFkrVU; arc=fail smtp.client-ip=40.107.93.40 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="mhgFkrVU" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=lp3gB5zoVVHgTWefC9thS4YbhjRf59fX/uYyhWbLiP1NQQvrLIjy+OgTbNPeL67gSZtDj2r0HzPkB6K99HiXB3DO1uyKxBxBFgVj80lwwB7m5q7npBO49oh+0b6/wr6tZxZxvubkntlm6VmW2KhashBv5pE3Syezx6gco/ZqN77i4+yLGYveAeGezhXtli4/TrilOGOFmXetUQTX5wOlVgbaWqAj2AunDonlluNjWxl6007CkcFihvPCkEH+YPR0sq4TlJhSv197oqzMtVOgG0p+4fybtcYvUrwUb7OPo/Tj5semjAzFDPF0fOO1e1lxzWpYZ5PYleFzbzYaMtlheA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=/L0ESsB4XPvQz9gVYZy61h+6bZPX1Eh4KsvIiZkkPZE=; b=oCsR/IIXlFrCX0JsCrvn/LWpyR+r0kjycGlJGcPcSj5IWoDaZ5Oqk7cmj9sdIbDG2Wm/Bzgnzm2E69URhSJYw77+ugmE8t6KG5iOBphx+W2hdLCJBwl2qs0z+GYL0S1es0PZBgd9eJODSHtjTfmxL06ZygmkSxDrF5wbwkboL6CkKT+mKp4wQ99k6RdTRcCDpRUfNeO9hbVH8P0CVDxv8yOaf2+hgz2vT0SMEZDs/rlGNQPpKYwwWmT1+vcXhovtnKzikrf8mDMpKE6DSi05+noBDvY8T11VoATJBMNe1TsJTzF6PyxmUyMcsfHsYzku9l6Soakoxglk2vdr+F/g/g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=google.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/L0ESsB4XPvQz9gVYZy61h+6bZPX1Eh4KsvIiZkkPZE=; b=mhgFkrVU1jlbGkhSMLdb/bCCpwh41dEDJ4MJ+p3qDMhCPnsmkGMAh1+bqxRgpFbzO9ZZ+zF6agV0dUW19VS1yzJHD9M6q5owvz2A9n8BbVF2ojk1GVuEmrLi/P6QEm/VK9pO8hQJPFOAi4I8X+QPt/wFTI/iQucEcMJOqsPQwl0= Received: from BN9PR03CA0421.namprd03.prod.outlook.com (2603:10b6:408:113::6) by DS0PR12MB7826.namprd12.prod.outlook.com (2603:10b6:8:148::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8251.21; Tue, 17 Dec 2024 00:00:09 +0000 Received: from BN1PEPF0000468D.namprd05.prod.outlook.com (2603:10b6:408:113:cafe::4e) by BN9PR03CA0421.outlook.office365.com (2603:10b6:408:113::6) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8251.21 via Frontend Transport; Tue, 17 Dec 2024 00:00:09 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BN1PEPF0000468D.mail.protection.outlook.com (10.167.243.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8251.15 via Frontend Transport; Tue, 17 Dec 2024 00:00:09 +0000 Received: from ethanolx7e2ehost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Mon, 16 Dec 2024 18:00:07 -0600 From: Ashish Kalra To: , , , , , , , , , , , CC: , , , , , Subject: [PATCH v2 8/9] KVM: SVM: Add support to initialize SEV/SNP functionality in KVM Date: Mon, 16 Dec 2024 23:59:58 +0000 Message-ID: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN1PEPF0000468D:EE_|DS0PR12MB7826:EE_ X-MS-Office365-Filtering-Correlation-Id: 73adc577-1112-41b2-93c4-08dd1e2dc592 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; ARA:13230040|82310400026|7416014|376014|1800799024|36860700013|921020; X-Microsoft-Antispam-Message-Info: qugFO2isgNUelLp09P9NLUTMvWLQccJf977yXlwODm+F4rhiTx/ywuGCUOwXuQWeeXyfAYqCCg2bBNMGEmEPUmUujJwjIV+qWqZ9qvbpmKhSfu56D/l1MYDAAQxbNeeEF6wF/VhHqlLwApk4Qa6hhqjvBuuJxNn3cdgvjxQeuJ9VsxHGplhVG2sKu9HgHgW3wqIVkzN8enBQWnp0l1zwS3ovrBo6OfozVhSenphTZiujmpDVoFaxUkFXPB9JN36Z7GEdV3cbdK5UArIloRJMdBYNs17F/S04kZbDaXtLU5ZTcAWtxH3gUKEEo2vM1RxocGNOfa2zCA9pGfzxUIkFugwhCqQRLrUNes8rI/GevdXfYoa+THOs4x4Jzv2wSN18Idi2rcF44rRW7M2TNsZ6EOgu4zF2ske0+BZfx6iTSfgP1iik06VBK94HGWKaWKRLDJZ7lye0zRrb59aVqNI1XIm67OBkafKVOsE+YYoTW6fk8bdlh4I0ODPmwjYSiLAVMeRiUyEwRM1soMDVCogjohwO7poZCZiXBJn0r0DOsGD0UkRfCvsOgOjXCBv0K5CwQl4lKTcF6umNPCGrl2jffA+RIn/bjY26UH7FR8xPBNvHXxbTL04uyco5+d9Gj6cAuvEyPJvjtXZGAEUsHyGYfAo3/EA317DIyXmGzKKx5sLkw8/o+dE0MIfIRdButSGzG63Gxz0JGfZlMLVNdTQTr3fe9ZW/h0P3537E+HoijjVTCSj7LiBt1TaRqdEIx/q7SeQM8KR1ROdFhZkYKhkPReTLxibGqpXvRXVBxWKNPlu04Byl+QgmtzzBgmK0AjGvIu7VQsJnP4eLunRht8eE3AfxySTb3vJVttHM3dRYyWVFKVU0AsAptLLCRxJZP1bH4Y7kbJnbSyNlgYLBTqR4EVmPwOkQVVyZYxnPGpKO077jmQbIUJwW9OatwySVEvu0vkIrHaIJrocAAybKYOJ02T6FlVpgPh7/E6exu1dVjpfu0uyUUBuX2kJnCyIa24vo3nICBs7ejQAjp2I+PEN4MWCyjMhQL4Zrd43o358qhnvjho6+cu7b0/NZeutRhDHyduASgr16wF3JzaG9Uga8LbTJ1vAT/QawtMGz5JZ5IGEGu43aCCjpA+UlH7XUo35rK7RwT7fuqYDS2s0lCB610c2lUUzWOqply1VLd7vIoZFFW2ZuWRoqSOeOkqDl8FPYhjw9EpS32FDah60R3+NchC82VU2fijXNTH0/3QHNluDtclrF6Pzkh1l9HwH3Xun2IiG4+LWSKaykPJfXiH1xY5t6BXABtE8R0XFE5Xv6hojGNNMctICOQLktbY9Q+atZdB9wCQeRoTOVAF3nAMeWn0kscuFCROYewEHWrzU8z1C9Jx+XrEigLzlXk/OpR01eDHEL8+xlm/UtFfc94bTu31DcTn2yYDqTN0Q//aYD63dafij/5Ug2+hs/tI8zH7xShzl1GUs8yQZ26m8yHstfibGwbn7gr0nPTiMgNAtBDuRAU4pqbFa/9+gdP3DHQICr X-Forefront-Antispam-Report: CIP:165.204.84.17; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:SATLEXMB04.amd.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(13230040)(82310400026)(7416014)(376014)(1800799024)(36860700013)(921020); DIR:OUT; SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Dec 2024 00:00:09.2932 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 73adc577-1112-41b2-93c4-08dd1e2dc592 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17]; Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BN1PEPF0000468D.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB7826 From: Ashish Kalra Remove platform initialization of SEV/SNP from PSP driver probe time and move it to KVM module load time so that KVM can do SEV/SNP platform initialization explicitly if it actually wants to use SEV/SNP functionality. With this patch, KVM will explicitly call into the PSP driver at load time to initialize SNP by default while SEV initialization is done on-demand when SEV/SEV-ES VMs are being launched. Additionally do SEV platform shutdown when all SEV/SEV-ES VMs have been destroyed to support SEV firmware hotloading and do full SEV and SNP platform shutdown during KVM module unload time. Signed-off-by: Ashish Kalra --- arch/x86/kvm/svm/sev.c | 33 +++++++++++++++++++++++++++++---- 1 file changed, 29 insertions(+), 4 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 72674b8825c4..d55e281ac798 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -86,6 +86,7 @@ unsigned int max_sev_asid; static unsigned int min_sev_asid; static unsigned long sev_me_mask; static unsigned int nr_asids; +static unsigned int nr_sev_vms_active; static unsigned long *sev_asid_bitmap; static unsigned long *sev_reclaim_asid_bitmap; @@ -444,10 +445,16 @@ static int __sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp, if (ret) goto e_no_asid; - init_args.probe = false; - ret = sev_platform_init(&init_args); - if (ret) - goto e_free; + if ((vm_type == KVM_X86_SEV_VM) || + (vm_type == KVM_X86_SEV_ES_VM)) { + down_write(&sev_deactivate_lock); + ret = sev_platform_init(&init_args); + if (!ret) + ++nr_sev_vms_active; + up_write(&sev_deactivate_lock); + if (ret) + goto e_free; + } /* This needs to happen after SEV/SNP firmware initialization. */ if (vm_type == KVM_X86_SNP_VM) { @@ -2942,6 +2949,10 @@ void sev_vm_destroy(struct kvm *kvm) return; } else { sev_unbind_asid(kvm, sev->handle); + down_write(&sev_deactivate_lock); + if (--nr_sev_vms_active == 0) + sev_platform_shutdown(); + up_write(&sev_deactivate_lock); } sev_asid_free(sev); @@ -2966,6 +2977,7 @@ void __init sev_set_cpu_caps(void) void __init sev_hardware_setup(void) { unsigned int eax, ebx, ecx, edx, sev_asid_count, sev_es_asid_count; + struct sev_platform_init_args init_args = {0}; bool sev_snp_supported = false; bool sev_es_supported = false; bool sev_supported = false; @@ -3082,6 +3094,16 @@ void __init sev_hardware_setup(void) sev_supported_vmsa_features = 0; if (sev_es_debug_swap_enabled) sev_supported_vmsa_features |= SVM_SEV_FEAT_DEBUG_SWAP; + + if (!sev_enabled) + return; + + /* + * NOTE: Always do SNP INIT regardless of sev_snp_supported + * as SNP INIT has to be done to launch legacy SEV/SEV-ES + * VMs in case SNP is enabled system-wide. + */ + sev_snp_platform_init(&init_args); } void sev_hardware_unsetup(void) @@ -3097,6 +3119,9 @@ void sev_hardware_unsetup(void) misc_cg_set_capacity(MISC_CG_RES_SEV, 0); misc_cg_set_capacity(MISC_CG_RES_SEV_ES, 0); + + /* Do SEV and SNP Shutdown */ + sev_snp_platform_shutdown(); } int sev_cpu_init(struct svm_cpu_data *sd) From patchwork Tue Dec 17 00:00:26 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ashish Kalra X-Patchwork-Id: 851286 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2041.outbound.protection.outlook.com [40.107.94.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1576838DFC; Tue, 17 Dec 2024 00:00:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.94.41 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734393641; cv=fail; b=t9LwIafTkIxRVd5WC2YJsh7kLAG2np2rTvwyPuG3sw/lbpMn45F0/d7tRkag+D/yqRwF4RUvRjfNvb3ODw3ZbOF9G13Ud/2IpoPf0TMNUelvbDn4HTA/wtsMv6YCRoIG/zc7n042zhqviOuac6/Ywkt6u/aTqUK696VT39fIxGM= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734393641; c=relaxed/simple; bh=PebFWXEvxsjrQYh6nYq6ZCWbChYEbjXWUE/LfFMhB3s=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=RipyLdxuYWf3dM3PT2ryrf6ksDsGC88NrvhkJ6+zxv00mtHyae7BzwaV6fKiO+qfBA3IVnHqSLLc+wAJJqiBENURciSd5mg5lDx4tgSguBAs9URmA43c11uQ7vhYaq2nY3QPEx+nImBdVAMa8bEISsaPcaJnQzVEi7x69RLlPKk= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=dxOVpn9F; arc=fail smtp.client-ip=40.107.94.41 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="dxOVpn9F" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=iJipte6snzIuYuJ2TsoswrYPThu25B8rVNDw6wcYPhjjsuR2ASBbQiD8Lk07rxX3lInOa/nI99jWzaHRCRBSM3AHam2510NESOmYkymFayKJop5KJE507GnBT2GS/ZU4k3xQoszyE3yppuwJ1XvK7TJiX6oDQZLPvOY1w+VBiyK87QG5uNayhCf512n4BLCr/zoe2jKm5jJEc7c3bFY2+OcrDVhSZHODDBKqjZFhmFIPG6EmbGkmW4n1xPFpeD+p3HxtxZbO7U3kCkJDyWK+nq9ez8cXklv8EdRkNJrM8jwfLuQyp5kDu9dMlMxREiEylYddcVVn5j/Z4EilwXcbqg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=5Ebe++m3yQETovXXaW1Z1bLMYtiw/m6q/PNJ8zPBVJc=; b=Jydc89lhD5RT0FK4/7Jq1v0B/MIY+FEmUBJecwH0gAaPZi6swocQ8frnsO0YAzUMPaN3oGTCpJU3IulyTK9zbsP9rodw+S6W0YPqyLPl9tesu8s1AQsuvEg7yFq2BGadvNsJ58o5R7qnv7Ts3HptTKXFCJJw4B3w0sERsaW8s/XGGYJlQSOgU1/VdNl7CUm8ENiS0oYjs39drH0iNXqW+NGG8aVc/zkxiZJ6K3ZhYt5sRbP1zqDB2zPw+5Rdo4V6JPpRZQcJNUtKdYe38IsNjp4PdSOR89mzRLdIkld5dv81vzP69oYL9TuzzaxXPDZs0WHSWh1iuN0HblC5iTGTog== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=google.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=5Ebe++m3yQETovXXaW1Z1bLMYtiw/m6q/PNJ8zPBVJc=; b=dxOVpn9FdZ+Ufn9NinPwwcuyaWNAPgNEuz/aF/66GCu8x4nety9y5S33h4j0R2KUsQJyBIo8HZwwE7KhzntLpJ+TlUOiPTEedTpyWYmFvme2+3luDB/y9t2gqrgNNsdrycqn4+fuZRD2R8eb86nMf7d10kblcx8e8JQiLjcVOMQ= Received: from BN9PR03CA0444.namprd03.prod.outlook.com (2603:10b6:408:113::29) by CYYPR12MB8856.namprd12.prod.outlook.com (2603:10b6:930:c0::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8251.22; Tue, 17 Dec 2024 00:00:36 +0000 Received: from BN1PEPF0000468D.namprd05.prod.outlook.com (2603:10b6:408:113:cafe::ec) by BN9PR03CA0444.outlook.office365.com (2603:10b6:408:113::29) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8251.22 via Frontend Transport; Tue, 17 Dec 2024 00:00:36 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BN1PEPF0000468D.mail.protection.outlook.com (10.167.243.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8251.15 via Frontend Transport; Tue, 17 Dec 2024 00:00:36 +0000 Received: from ethanolx7e2ehost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Mon, 16 Dec 2024 18:00:35 -0600 From: Ashish Kalra To: , , , , , , , , , , , CC: , , , , , Subject: [PATCH v2 9/9] crypto: ccp: Move SEV/SNP Platform initialization to KVM Date: Tue, 17 Dec 2024 00:00:26 +0000 Message-ID: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN1PEPF0000468D:EE_|CYYPR12MB8856:EE_ X-MS-Office365-Filtering-Correlation-Id: f140c2c4-41a7-4d9e-56e3-08dd1e2dd5a3 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; ARA:13230040|82310400026|7416014|376014|1800799024|36860700013|921020; X-Microsoft-Antispam-Message-Info: BXVDuu9N/2dK2DAIgqVH2jHKAVLb0rCpSdnJ66yMOCJs/8x2MuHEWWdWvhSzWLC0ogzud3B7eZoFN0YJN+xiOiZETcy9nihHv3lQMtohYheTXjcuEYqwjgqhdh9vvMyCk2yRS8dddWqt1lCfl9pww7JWLVv7QOOALsDTsQEHIAUuxmSl6zgwotv4NDz10yQDBxL2lEZ5yTCHrkB/TSi8XKV84vMU7NQBLQ4o9MdwEYuRyBG6Je+HpSrJB8EHM623qYAABEYelDAKuRXQN3wBHgd7X8+trUq5QfFGDi502QIIs2ZSmNj0FRjrN4vuohKJFuXfq61vFt5BJUXvGIkhQvcL1fwcNpYi6FIcpfC9JrPynPwucv/eBO3RQ7cK8CVt7uzNys5/j1aBHItq2sXplEecoz0jIlVVx2dzfHjynyM6jMJPaU/WoGYJ3jCaQoT4lOFL8NZCWXyxQrZKtM0rh1WotLsJq3e2rLHi6Yqg4RvVyfYrzepXoTIb8S1eHXr0XuuIUpUZdSk42Ygud4/KgVLrkX8UWLuy7kXSE5kQsonnt7EHSBrXkJ2JWHPPJHkex68l0twgOYLdMGd2xwY4bpWPYQAOFKvmJw0Xv8+CEsQ3FTcNHIZXJOKmjly1f8X6rzWLpO6MxF4r5sGsUJWQDzaPIT3B6CpXu5DTPoTaMyBIlK2+vbLzxRTnJ16bqzHbEiKjMaVAIJjvpKAewF6RS1oBZ0umeBpnpAkqAEogURdgN/II7/0UfhiqYVpciOYEmMVYCb7Z4v8Nk0P3e7OTb9jLKFDm/DdgbzY69ugo2xVbNwJ40/kCGXLab5ODm5X9c9oHfZCTVQTAs8f4CCSDba3NNqzP5n5IXD5nZBWXZ6Ri+lEXC1UHF3W8QNkqQc9aacW9KM6uoi9MrnGceeqZomr1y/BacHOduXCyLu3Q8gl+whn7pcIZavgi32XHSZgTAm6jskgaCSPX020xl6A8uEsxcyJ7JcBk8ic1WxXnyJggHok3QvSspVfgGSZGFkS2U3AT1KU46emNcCsOVNiaW8evvZJOIxXIqB8xLIRbsUAHGyfXa41pM1NAcBXHKsMAvzfwPyRxSZTALYy/v8cuisC+KFWUxkwN7ptFy9I6xOD6xGgVG362qrRVBWATpSm2YIXoRM+5MFsoqro1uz5CRLYUtsJkuDBId3QbEPYJE3vIaKOOVdDTr29K7JvKQi4bfuGyZrFAPhXuGYAHn5kQnUd78CwdrWhon1HRjFs8bsbKy1WgypWVSLPvGkCPQOTpx78lT7tVLrsGreQIPpSys7ZjmDZdFkn1b+CvJyL5FYYrqT5va/MQfyPZ0+5hCm+96exd9Rb2IaMqwaMNcwnr6GAgKksB6CNEGUpddXK1jQq2p8OIFf5g6oCBRuekm5E3q7mwkUJJ773X9fnAV39fmrdswXWnyONzdsY8x/tUktmVlkrNMvLJEWONVuU0N86FRin+yDpUs1UbIPEFui7Pryzi/EdR3Hi9cDDq0qLiQILH2OTccm8T586Hu7v2tsHb X-Forefront-Antispam-Report: CIP:165.204.84.17; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:SATLEXMB04.amd.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(13230040)(82310400026)(7416014)(376014)(1800799024)(36860700013)(921020); DIR:OUT; SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Dec 2024 00:00:36.2310 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f140c2c4-41a7-4d9e-56e3-08dd1e2dd5a3 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17]; Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BN1PEPF0000468D.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CYYPR12MB8856 From: Ashish Kalra SNP initialization is forced during PSP driver probe purely because SNP can't be initialized if VMs are running. But the only in-tree user of SEV/SNP functionality is KVM, and KVM depends on PSP driver for the same. Forcing SEV/SNP initialization because a hypervisor could be running legacy non-confidential VMs make no sense. This patch removes SEV/SNP initialization from the PSP driver probe time and moves the requirement to initialize SEV/SNP functionality to KVM if it wants to use SEV/SNP. Remove the psp_init_on_probe parameter as it not used anymore. Remove the probe field from struct sev_platform_init_args as it is not used anymore. Remove _sev_platform_init_locked() as it not used anymore and to support separate SNP and SEV initialization sev_platform_init() is now modified to do only SEV initialization and call __sev_platform_init_locked() directly. Signed-off-by: Ashish Kalra --- drivers/crypto/ccp/sev-dev.c | 55 +----------------------------------- include/linux/psp-sev.h | 4 --- 2 files changed, 1 insertion(+), 58 deletions(-) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 53c438b2b712..fbae688e4b7d 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -69,10 +69,6 @@ static char *init_ex_path; module_param(init_ex_path, charp, 0444); MODULE_PARM_DESC(init_ex_path, " Path for INIT_EX data; if set try INIT_EX"); -static bool psp_init_on_probe = true; -module_param(psp_init_on_probe, bool, 0444); -MODULE_PARM_DESC(psp_init_on_probe, " if true, the PSP will be initialized on module init. Else the PSP will be initialized on the first command requiring it"); - MODULE_FIRMWARE("amd/amd_sev_fam17h_model0xh.sbin"); /* 1st gen EPYC */ MODULE_FIRMWARE("amd/amd_sev_fam17h_model3xh.sbin"); /* 2nd gen EPYC */ MODULE_FIRMWARE("amd/amd_sev_fam19h_model0xh.sbin"); /* 3rd gen EPYC */ @@ -1329,46 +1325,12 @@ static int __sev_platform_init_locked(int *error) return rc; } -static int _sev_platform_init_locked(struct sev_platform_init_args *args) -{ - struct sev_device *sev; - int rc; - - if (!psp_master || !psp_master->sev_data) - return -ENODEV; - - sev = psp_master->sev_data; - - if (sev->state == SEV_STATE_INIT) - return 0; - - /* - * Legacy guests cannot be running while SNP_INIT(_EX) is executing, - * so perform SEV-SNP initialization at probe time. - */ - rc = __sev_snp_init_locked(&args->error); - if (rc && rc != -ENODEV) { - /* - * Don't abort the probe if SNP INIT failed, - * continue to initialize the legacy SEV firmware. - */ - dev_err(sev->dev, "SEV-SNP: failed to INIT rc %d, error %#x\n", - rc, args->error); - } - - /* Defer legacy SEV/SEV-ES support if allowed by caller/module. */ - if (args->probe && !psp_init_on_probe) - return 0; - - return __sev_platform_init_locked(&args->error); -} - int sev_platform_init(struct sev_platform_init_args *args) { int rc; mutex_lock(&sev_cmd_mutex); - rc = _sev_platform_init_locked(args); + rc = __sev_platform_init_locked(&args->error); mutex_unlock(&sev_cmd_mutex); return rc; @@ -2556,9 +2518,7 @@ EXPORT_SYMBOL_GPL(sev_issue_cmd_external_user); void sev_pci_init(void) { struct sev_device *sev = psp_master->sev_data; - struct sev_platform_init_args args = {0}; u8 api_major, api_minor, build; - int rc; if (!sev) return; @@ -2581,16 +2541,6 @@ void sev_pci_init(void) api_major, api_minor, build, sev->api_major, sev->api_minor, sev->build); - /* Initialize the platform */ - args.probe = true; - rc = sev_platform_init(&args); - if (rc) - dev_err(sev->dev, "SEV: failed to INIT error %#x, rc %d\n", - args.error, rc); - - dev_info(sev->dev, "SEV%s API:%d.%d build:%d\n", sev->snp_initialized ? - "-SNP" : "", sev->api_major, sev->api_minor, sev->build); - return; err: @@ -2605,7 +2555,4 @@ void sev_pci_exit(void) if (!sev) return; - - sev_firmware_shutdown(sev); - } diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index e50643aef8a9..dec89fc0b356 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -794,13 +794,9 @@ struct sev_data_snp_shutdown_ex { * struct sev_platform_init_args * * @error: SEV firmware error code - * @probe: True if this is being called as part of CCP module probe, which - * will defer SEV_INIT/SEV_INIT_EX firmware initialization until needed - * unless psp_init_on_probe module param is set */ struct sev_platform_init_args { int error; - bool probe; }; /**