From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 71C34C4707B for ; Thu, 18 Jan 2024 14:04:37 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 076206B0087; Thu, 18 Jan 2024 09:04:37 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 024BB6B0088; Thu, 18 Jan 2024 09:04:36 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id E2EBD6B0089; Thu, 18 Jan 2024 09:04:36 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id D2C1E6B0087 for ; Thu, 18 Jan 2024 09:04:36 -0500 (EST) Received: from smtpin11.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id A51761C1788 for ; Thu, 18 Jan 2024 14:04:36 +0000 (UTC) X-FDA: 81692602152.11.C2F643E Received: from mail.alien8.de (mail.alien8.de [65.109.113.108]) by imf27.hostedemail.com (Postfix) with ESMTP id 98C9140016 for ; Thu, 18 Jan 2024 14:04:32 +0000 (UTC) Authentication-Results: imf27.hostedemail.com; dkim=pass header.d=alien8.de header.s=alien8 header.b=Kt3H5wHF; dmarc=pass (policy=none) header.from=alien8.de; spf=pass (imf27.hostedemail.com: domain of bp@alien8.de designates 65.109.113.108 as permitted sender) smtp.mailfrom=bp@alien8.de ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1705586673; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=VoFIqBDZC2Z/liH3WDJQdK5q0qjW6OBA8h6YdVHmZ98=; b=P2he6EHk4Rn0+L3oRc/nIbXalJU1qHae4W9XPL1RotSTNqW4PsUAYPAPPlJ+0ktNNYDDuv N5jmLzfpQSPTqplYFkHSERnKOhprVQzUg2HNm1OmHzEq8KzjCxj38qPjNQ81bb7bhrl91u GtZRZbsVvKZH/0tCZ0ZqEfNvPPfLD9k= ARC-Authentication-Results: i=1; imf27.hostedemail.com; dkim=pass header.d=alien8.de header.s=alien8 header.b=Kt3H5wHF; dmarc=pass (policy=none) header.from=alien8.de; spf=pass (imf27.hostedemail.com: domain of bp@alien8.de designates 65.109.113.108 as permitted sender) smtp.mailfrom=bp@alien8.de ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1705586673; a=rsa-sha256; cv=none; b=h1dLJuKsw87NYRqRNQHPS3ICeJrIwnQLeotYCbc4I2V9c+jZa0cknR1c5Bjv9ZonIlaZn/ tHCi7bmRGfZNCYUe9uklDSkEOGBRQneeUHlU4lppSn5rbldDcmcAxy9DSS5gZm9I+F1NsF u1EE2bzY8sPdb4er1f6NjWAXcgjmn7g= Received: from localhost (localhost.localdomain [127.0.0.1]) by mail.alien8.de (SuperMail on ZX Spectrum 128k) with ESMTP id 30A1640E0196; Thu, 18 Jan 2024 14:04:28 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at mail.alien8.de Received: from mail.alien8.de ([127.0.0.1]) by localhost (mail.alien8.de [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id gLCyDuDGzu6c; Thu, 18 Jan 2024 14:04:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=alien8; t=1705586665; bh=VoFIqBDZC2Z/liH3WDJQdK5q0qjW6OBA8h6YdVHmZ98=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=Kt3H5wHF/tNwLtW0f/4BhPNVZfeZzR6mmo1JsyrecxQ+2GjqAAk0RKd5bm9OTceZV ZI4o3+1pW10/YCYAjSmp9UY18092RN0MwaIH0wIuYAegxBGvqSXma0EgQR8Sy6RcKl rBG4WgZ6pAD8UZbYEpW93HQM4eZuX5CQ9Y7UhuLrOK69EjAXTq3EMkECWHa2PTW4ue XW/SlAblPN+o9dG+CC22p6CNi8IB4fovTsV9CK4CWTp7hzv9f0Xrddo0UgWOYUWQju EZejyWpOy/70tZ4einnZMW+vh+90oPY6IDrBkcUGk6fK0dzQmz9rQ55dywi7JS1HWo FOR1rqhVcTEd6o1S0VvY6doKJMxIfFx8acDkSQ6SFhEkrYk1q/747p6PHa/ObA5Qa5 X18JH1GeIgQPZV0u5ZAeQON0wKpolt4u0Mm9y/60ACtbuU+nC0U9I4xjB6aiy0rySY glGjVUm1L+SycV0gvjuaZM0iEeuD4cUHW+PlExWusVm0PlQeuKS4WOoQ1pkk8YAbwo LPmS6KEkc7fAdpOUZb1UQnIPXB0ihX5/+qbd320usnEtD+9ts8haiaDrIj1TwhwGEn tqsZVPxmjb6GleGKcm3rQNfHV7dFtnCUQ8PyZnS9byl/kg/IKbV6mcGIRo0nUmvQ+P H1RPqdZLPDbBogXGZW/d2hqs= Received: from zn.tnic (pd9530f8c.dip0.t-ipconnect.de [217.83.15.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail.alien8.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 443BF40E0177; Thu, 18 Jan 2024 14:03:49 +0000 (UTC) Date: Thu, 18 Jan 2024 15:03:43 +0100 From: Borislav Petkov To: Michael Roth Cc: x86@kernel.org, kvm@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, tglx@linutronix.de, mingo@redhat.com, jroedel@suse.de, thomas.lendacky@amd.com, hpa@zytor.com, ardb@kernel.org, pbonzini@redhat.com, seanjc@google.com, vkuznets@redhat.com, jmattson@google.com, luto@kernel.org, dave.hansen@linux.intel.com, slp@redhat.com, pgonda@google.com, peterz@infradead.org, srinivas.pandruvada@linux.intel.com, rientjes@google.com, tobin@ibm.com, vbabka@suse.cz, kirill@shutemov.name, ak@linux.intel.com, tony.luck@intel.com, sathyanarayanan.kuppuswamy@linux.intel.com, alpergun@google.com, jarkko@kernel.org, ashish.kalra@amd.com, nikunj.dadhania@amd.com, pankaj.gupta@amd.com, liam.merwick@oracle.com Subject: Re: [PATCH v1 17/26] crypto: ccp: Handle non-volatile INIT_EX data when SNP is enabled Message-ID: <20240118140333.GJZakvtcJO1QYh8C8-@fat_crate.local> References: <20231230161954.569267-1-michael.roth@amd.com> <20231230161954.569267-18-michael.roth@amd.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20231230161954.569267-18-michael.roth@amd.com> X-Rspamd-Server: rspam09 X-Rspamd-Queue-Id: 98C9140016 X-Stat-Signature: 4n6em7po8kh5kpddcs5uf5u9tbqm7nwg X-Rspam-User: X-HE-Tag: 1705586672-756091 X-HE-Meta: U2FsdGVkX19fjoViTGmFRofLe8yLcc0Kpy+iqM+gJ3ZxhzIp6Khi9EPxsZchCm2BpqpMgmi953amFfH6U7PIn/qf1E9CaFQ3SeAdo0SQLG26DzwwgRyIbLCiCsgqINV6Ced7zA6+MR+kKh6QtIIxGGaK7kSuknRhTEUYEQMyG3eOerev2AJNoxMUdknOxFt/4mAW2AuxsQbRYaua4+4Osz5NYGw3yLmocvvPIcf7VYTd6aTI2OoL9WO6LP/zmcLmD3gwUbPZTuivXkdEyoJjgKiu4XMBLO4u05WsiTrKzbVbnKw7D0Kc8OEVZXFUB9o4fd7/SqKQUcRqQN6tv4NDVNHLsDhGdUNTYlJceOx6w6XmyA5sxklv5E4eM+UMuTB7Irt7CgtxsNyqHAD9yDwNGv9gT29aXIw3bgIOlR8eYx78cCk1T2sOoeylBJYxaLRIxqC6d2oU1J4Z/FhyBkHs1wfqlyLan2mOkvSCV51XeyhT5cFUeM0/PeqbnzcWgDU7rI9DfHLo/uMxBt6aRIM8tBBkMdEwURy8V0Dxu6HzUXYT4DB4gqWdm9BpTcsihfBh3xZUeLtcf8KE6sxL/zK2/Vgb1ZeQywvePlGNVOI/d9qk4HLBxkjV1DoQHl1W91GZNsEgCWqEHWjqN8mXd3iTAMHSbn2EFZjFpud3hPo3v+J9FeblzCpVUyYVfI522Advl8rHnhjCG/SYfzbM7CoSpxjEF1IMK3VwehTAyRyZ5XXs0oWF23S8Ctp5UfstMADX0/SXufuv/F/BtldJpqHama+9af+Ux78cDBWJbz5wRf9jachSDPmfOdLkPMIG8uFuPGZzI3QPKxIMBMICgzrrA5SZHGNyUdoJW9rF7I+mnRPK2Z/UVv8zrTtZuSbIp9wc37yPCKyXdZ6r0kMJem3Oypzw3GO3bCq5WNlGrvgqZU3oyPo4APFkKcnBqk+hHSfsKuy2EnXH2U/mFmLVNds gVCWqEY7 5V31+gf8tt8hH7J0F1xFLcGVuMcxeLdPsy+8qqTgbbmbEStwpxR84gqCUZxu00HfJsYnyHy7F1cCRMYD++YLZT3bAQUxcFkJlO7NDfrF5KntuVbmypiua5YbE7ienMUd5GKPAjufr4kfMnOstO7Z8P6f2QbYILSRuo/46TxLVH1PitOElo+x0LCD0mqP5OAJXAPj4F7qAZYexvAxxkA4OS1GjGLVfHDCTlB0LT7cvASaM5ZIdnZDwRxitEQ== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Sat, Dec 30, 2023 at 10:19:45AM -0600, Michael Roth wrote: > drivers/crypto/ccp/sev-dev.c | 104 ++++++++++++++++++++++++++--------- > 1 file changed, 79 insertions(+), 25 deletions(-) Some minor cleanups ontop: diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index dfe7f7afc411..a72ed4466d7b 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -266,16 +266,15 @@ static int sev_read_init_ex_file(void) } /* - * When SNP is enabled, the pages comprising the buffer used to populate - * the file specified by the init_ex_path module parameter needs to be set - * to firmware-owned, which removes the mapping from the kernel direct - * mapping since generally the hypervisor does not access firmware-owned - * pages. However, in this case the hypervisor does need to read the - * buffer to transfer the contents to the file at init_ex_path, so this - * function is used to create a temporary virtual mapping to be used for - * this purpose. + * When SNP is enabled, the pages comprising the buffer used to populate the + * file specified by the init_ex_path module parameter needs to be set to + * firmware-owned. This removes the mapping from the kernel direct mapping since + * generally the hypervisor does not access firmware-owned pages. However, in + * this case the hypervisor does need to read the buffer to transfer the + * contents to the file at init_ex_path, so create a temporary virtual mapping + * to be used for this purpose. */ -static void *vmap_sev_init_ex_buffer(void) +static void *vmap_init_ex_buf(void) { struct page *pages[NV_PAGES]; unsigned long base_pfn; @@ -292,6 +291,11 @@ static void *vmap_sev_init_ex_buffer(void) return vmap(pages, NV_PAGES, VM_MAP, PAGE_KERNEL_RO); } +static void destroy_init_ex_buf(void *buf) +{ + vunmap(buf); +} + static int sev_write_init_ex_file(void) { struct sev_device *sev = psp_master->sev_data; @@ -315,7 +319,7 @@ static int sev_write_init_ex_file(void) return ret; } - sev_init_ex_buffer = vmap_sev_init_ex_buffer(); + sev_init_ex_buffer = vmap_init_ex_buf(); if (!sev_init_ex_buffer) { dev_err(sev->dev, "SEV: failed to map non-volative memory area\n"); return -EIO; @@ -329,12 +333,12 @@ static int sev_write_init_ex_file(void) dev_err(sev->dev, "SEV: failed to write %u bytes to non volatile memory area, ret %ld\n", NV_LENGTH, nwrite); - vunmap(sev_init_ex_buffer); + destroy_init_ex_buf(sev_init_ex_buffer); return -EIO; } dev_dbg(sev->dev, "SEV: write successful to NV file\n"); - vunmap(sev_init_ex_buffer); + destroy_init_ex_buf(sev_init_ex_buffer); return 0; } -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette