From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1ED97C47DA9 for ; Mon, 29 Jan 2024 20:11:11 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 70A156B008C; Mon, 29 Jan 2024 15:11:10 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 6BA6C6B0092; Mon, 29 Jan 2024 15:11:10 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 5334D6B0096; Mon, 29 Jan 2024 15:11:10 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 449046B008C for ; Mon, 29 Jan 2024 15:11:10 -0500 (EST) Received: from smtpin19.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 0FBC080B31 for ; Mon, 29 Jan 2024 20:11:10 +0000 (UTC) X-FDA: 81733442700.19.D63C853 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2042.outbound.protection.outlook.com [40.107.93.42]) by imf17.hostedemail.com (Postfix) with ESMTP id 9C8F040011 for ; Mon, 29 Jan 2024 20:11:06 +0000 (UTC) Authentication-Results: imf17.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=BF7e9mVn; spf=pass (imf17.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.93.42 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1706559066; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=FP2HbMCHGlfqGqtwHam1WgbNI/Scba3qLOcmTdHU/nY=; b=cyJdkWSsMMip/5noh6WlGD4X8YrPufr30MxZgIs1qamtGQTRTY2QSw1rzNB9c2IcA9eI45 a7dO/ixTstKGQpDeVAIfUwjZa61RNONedsuhzWJ3FykV3xwQ4xeB7kJIeTQpm12bLiGmlQ Hfn9u8eLo+Yly0oBQF7b6jRZHbYhn34= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1706559066; a=rsa-sha256; cv=pass; b=k7Pvj8On8qOtrOh6lFwG3hpcg7l3dx6GHmJmagqzn2B7UVUmJ2QHRjgWEZir5BTY7znOy3 JF1TlETEVelbNnXxPfEzlKGpzlHo3Wa1hBTGSWz21KQ1pxg+hyJ8ob+js7k+nvvS+RKpgA EyjSbznonihhtdxo0HsKDGUO1fyju1A= ARC-Authentication-Results: i=2; imf17.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=BF7e9mVn; spf=pass (imf17.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.93.42 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MMB6uYgtyo6Hn4QPbiTlNMS69fWyR0PGEZNOBcp11ZXuuEflwQfXW6ih9JFv9OiFpuDd4WKQQdrXd89LHJO4D2bEdyNLxkXPZ1IsZwQJ78LBp8tCKq1ZPoTKYju4qW0lL4vAhzlWB0XJC/t3zyGLWWaX3b5fKCnhDOaMabx4DEx98SyLfVe2dOEdNYliDV09Umr/degpK8Fuw6P/2IdXvtjCYSFwYNOOLBb670YJYmciJ82fKtLAs/8z+1DP1xuWpu4FGnu7cEVIaSXDkmtQg7H3sZXzLWlRUuv6k2hqKHoJW1sMrCFxOtZoZ1sJjzFkHITs60W12fh3THCLoF2Cpg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=FP2HbMCHGlfqGqtwHam1WgbNI/Scba3qLOcmTdHU/nY=; b=h88LLVqMu04SuftdFQaIXd1i0art5lFtvux627dGJLAeRiWVr6q2AVXJDSHjNQlDbqH98z4EscXrBFuaj335+h+kzGJq2p5TXGXKep+L8F/wyPm6r2dr+4J5nTYoMQh4K5DH0ENiva9OWwqfWrRKKso1VSM5P5fmop1ENUcCcyYIf1LBN9WicvN/fNkp0GjaAEUTRVrViPj6b4HxN9N9ppCd7jj0mSHhm35ASIuIhnteXaOp3q8j4IynGzXEbol5AtgkvONa81ERb5eCLwTSUL9Rjw9jNuQ760setWafBcXRHZHqQSeCYLeaGDpzQegQIEPa/gOXdr5oeahRF5qAYQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=oracle.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=FP2HbMCHGlfqGqtwHam1WgbNI/Scba3qLOcmTdHU/nY=; b=BF7e9mVnuLekXQxF7/ocIhqHgW5j+mg7M+CGgigflsqF1CFXgH/YObQHcdbPJOQ3t2gRCarZUWKf49Y7LI1mzrE7/6D6ZIfrL7w1V2gvgiDvOkgM1XmEjc8pHoW+F25g+AbPjEdrcMmdUCIaZy0ySpGgvcEpHahHhFp3Q2xvvs8= Received: from MW4PR04CA0224.namprd04.prod.outlook.com (2603:10b6:303:87::19) by SA1PR12MB7319.namprd12.prod.outlook.com (2603:10b6:806:2b5::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.32; Mon, 29 Jan 2024 20:11:02 +0000 Received: from MWH0EPF000989EC.namprd02.prod.outlook.com (2603:10b6:303:87:cafe::90) by MW4PR04CA0224.outlook.office365.com (2603:10b6:303:87::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.33 via Frontend Transport; Mon, 29 Jan 2024 20:11:02 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MWH0EPF000989EC.mail.protection.outlook.com (10.167.241.139) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7249.19 via Frontend Transport; Mon, 29 Jan 2024 20:11:01 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Mon, 29 Jan 2024 14:11:00 -0600 Date: Mon, 29 Jan 2024 14:10:39 -0600 From: Michael Roth To: Liam Merwick CC: "x86@kernel.org" , "kvm@vger.kernel.org" , "linux-coco@lists.linux.dev" , "linux-mm@kvack.org" , "linux-crypto@vger.kernel.org" , "linux-kernel@vger.kernel.org" , "tglx@linutronix.de" , "mingo@redhat.com" , "jroedel@suse.de" , "thomas.lendacky@amd.com" , "hpa@zytor.com" , "ardb@kernel.org" , "pbonzini@redhat.com" , "seanjc@google.com" , "vkuznets@redhat.com" , "jmattson@google.com" , "luto@kernel.org" , "dave.hansen@linux.intel.com" , "slp@redhat.com" , "pgonda@google.com" , "peterz@infradead.org" , "srinivas.pandruvada@linux.intel.com" , "rientjes@google.com" , "tobin@ibm.com" , "bp@alien8.de" , "vbabka@suse.cz" , "kirill@shutemov.name" , "ak@linux.intel.com" , "tony.luck@intel.com" , "sathyanarayanan.kuppuswamy@linux.intel.com" , "alpergun@google.com" , "jarkko@kernel.org" , "ashish.kalra@amd.com" , "nikunj.dadhania@amd.com" , "pankaj.gupta@amd.com" , Brijesh Singh , Alexey Kardashevskiy , Dionna Glaze Subject: Re: [PATCH v2 25/25] crypto: ccp: Add the SNP_SET_CONFIG command Message-ID: <20240129201039.7gi3o3tfuvimycye@amd.com> References: <20240126041126.1927228-1-michael.roth@amd.com> <20240126041126.1927228-26-michael.roth@amd.com> <57750667-92a2-4510-99fa-af7df8d887fc@oracle.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Disposition: inline In-Reply-To: <57750667-92a2-4510-99fa-af7df8d887fc@oracle.com> X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MWH0EPF000989EC:EE_|SA1PR12MB7319:EE_ X-MS-Office365-Filtering-Correlation-Id: 5ef9ecf0-e620-4d60-0e7d-08dc21066a82 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: IohQ03/Ydga1+YGtR/K04IHgb1m9b5sq0KPoIjOV2vyI9odaUaoENczXQxVx8lc3nScx9gI2dlxnJ+D75BkOROpYpFKFU+696txFSzahsdKMUOCZAF9C6J+RG2u6x4Mpg+ChIKgttVEDu8YPIWl0Bvmbn8MSn2wVjBjYW4RjlcmU21GeECJjK2R0SxwBrWDMtE6ijdXIS0Dg5hbaEg2/J7+9A0YSYF+lQpDAzfmkUaAXvWvc7ocD1okGxwwmAU2aSopse7MHpjwdJdrsxuWjUxbRrPItu63tX9OBAJKr5AQB1jnRZtkazRehQkyM5WPHT/Aj0CJle8R/hSEtW1Xw0OihTpVWDIgbIfJ5NxxGZOgk8RSDosuPWdCImxD8gk1GZp4/r3hojxeD65JHqxYoy0R6rx+wHomX7GR3GQ+NBNqDlh6r5Tvd6l7FBvMwW3wCS4DOwNY3HV7GkQlVyRDwDHsjl6Q4oyRcqslJgU4N+Qc/7UVNNsTtO8ALYb5m6iHpqlZJEvT6zMEEtyh2t41uSbGsnc1zRdiDoJy4dbZRqTxcekAbfvquac/Zz6a2zTpD3pBF1AIRW7gAH03XN7mG1Uxslk5wu2P38JfzPR7fq/f2Jv0fymnkqsQnDkD0+SzrV4hLjmNTjlaOpogvvSHj3ySHHs4OkZd0CS8AGOQvBui0fo9ztCPL9p9LwT9w4r3SKo3n4REXYzpDoIeCXnsh5vOGAZIXsqoCH13fJms68L0AXV/TeGhH68xr1CvHe2dYfMD8zmSwKVRAylHuwTMT3A== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(136003)(346002)(376002)(396003)(39860400002)(230922051799003)(82310400011)(1800799012)(186009)(64100799003)(451199024)(46966006)(40470700004)(36840700001)(40460700003)(40480700001)(16526019)(426003)(83380400001)(6666004)(336012)(53546011)(1076003)(36756003)(86362001)(82740400003)(26005)(356005)(81166007)(44832011)(8676002)(8936002)(41300700001)(4326008)(5660300002)(36860700001)(478600001)(316002)(47076005)(70206006)(6916009)(54906003)(7406005)(7416002)(966005)(2616005)(2906002)(70586007)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Jan 2024 20:11:01.8477 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 5ef9ecf0-e620-4d60-0e7d-08dc21066a82 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MWH0EPF000989EC.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR12MB7319 X-Rspamd-Queue-Id: 9C8F040011 X-Rspam-User: X-Stat-Signature: cpw3sz61x44ysess5p8gd89ryepfhg37 X-Rspamd-Server: rspam03 X-HE-Tag: 1706559066-357803 X-HE-Meta: U2FsdGVkX18BD9IPfc1QWvwwosRy4A1CaiiB8TAK8ISyBAH7ossxZr4rmlpP2miqBRShS7vljyjESCVPcSmhdMr9Eon4I/QnzIoUnX3lglwwY3lqJnMOHdbQZ2a1ipV7AcjILYT7wR8hMlnjwWZP5O/OQwY9pubgBjoJvdlbcD1aT5zyu1PyBpBcSweibWkxS88KxUB+LHw0tD5UmrhM3Whq0pJO0mmSjV3cNLsloJnjWqKv1oaxB23PwkVWr1ghGib36CYnHiGhHla8r8mm+QEdj6awYtgyp3RSS/onOZtvj/UsvacA5oxQdlLHe8mdUaJpvw4e8C+Ojd0jhk+1l0f1I0Bjg7hxpM1t5FH8/0QPWUxUjz0p6UDXhP6kiDt+RCgqQhzYwfdtCo7MDBlPPutapU10GZZ5KOaKp7b9umZ48HMYIvQ/W2sUWxI45360O2Isfay6rdOjGZtQrZFOy11npg9xliLP99lPGuqfjShhmkzoFhbgM5J2uBKnRtsmmMTAPNUTA+fcTNoi5VLhyHIuy3j6YS3UGEJuNQLUEcGeU3fVE54u4vR7sKuXzU27vOjcR4vsZGP5+AXZpYvg+YrNB3gJgo32KrniECPk5raKRQYjb/QM09VSS/f7LVvpYqJHSEmFHApmjoO/bLQIelLqBGdw6zDwUC/+a5kTFRxKesgYZV9B5GM1PheC+01sjT5tVHdchS0dbCLgdi0ZhsWbJNPA+trVVi6kRbptTC+70xdvRuFU01ISQGehecY+DrwHnTkcTRpFS1qhjb9C6dwvkJN+FltoDy0E9e9odcRqOwT1Lrqfo7rf3p+jCQGLhBaAMPe2qr8n+DzRq0gAChaGUvXDW+RioWF1htr2i+tvyp4SGA8Hgg0K52nh+EtLXv3PuitVeg16rPZllcKgQu78OylG3UAFsx7Y7FF/7ytIm6Mbi9X13Slk2Hstwf/mFJL5hHdjUkiLOE7uEZL iGKrPeQN zuj/aWk6Hi9Cai8K0GlrRUW0T8BstJwA2HMhKG/qBac1yVC7WAPgZzTMahX121E2vQJPtmWHHAfBoEOmPp2/7gxj4PdJacqs+iPUHnwUakjHKPo0CJoWONolVqYggC7PqKDNr2REe/9Os36yfnyYP+InHqn14ggT3H+q9l5AR+/d0u085szh5/Pkm+y45aSFRfuTIXcr+Eaz7ZkXB/q5NyhMS+xIhYI7n8GL24fq1imFx2A7X79sahjPNGDZzdqk7pKdN8nelGHXuJAa6Eo+U9EJStemePRUtICt6UaVIIIj9hywEqztXE4A1zkZL5wZ4joZJHrm3MuDnZrd3zkyd64mTVMONpbYwfLii+KoQ/W8WCDC+7Z+nor0HMSmgn6br+RAGjqlsnOOWkN9ltiP13M3wvtWW4UdpRaNNO59zl4p7MLjCWbBVOjwjhomEIkfhX5JyTh2IAXpt4NlvSLXRchy06QNaHqwg6VKt4YVd+7ytjyq/wZwv4IhFcCXrVYD29RC2x5NF6HiRFlQ= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Mon, Jan 29, 2024 at 07:18:54PM +0000, Liam Merwick wrote: > On 26/01/2024 04:11, Michael Roth wrote: > > From: Brijesh Singh > > > > The SEV-SNP firmware provides the SNP_CONFIG command used to set various > > system-wide configuration values for SNP guests, such as the reported > > TCB version used when signing guest attestation reports. Add an > > interface to set this via userspace. > > > > Signed-off-by: Brijesh Singh > > Co-developed-by: Alexey Kardashevskiy > > Signed-off-by: Alexey Kardashevskiy > > Co-developed-by: Dionna Glaze > > Signed-off-by: Dionna Glaze > > Signed-off-by: Ashish Kalra > > [mdr: squash in doc patch from Dionna, drop extended request/certificate > > handling and simplify this to a simple wrapper around SNP_CONFIG fw > > cmd] > > Signed-off-by: Michael Roth > > --- > > Documentation/virt/coco/sev-guest.rst | 13 +++++++++++++ > > drivers/crypto/ccp/sev-dev.c | 20 ++++++++++++++++++++ > > include/uapi/linux/psp-sev.h | 1 + > > 3 files changed, 34 insertions(+) > > > > diff --git a/Documentation/virt/coco/sev-guest.rst b/Documentation/virt/coco/sev-guest.rst > > index 007ae828aa2a..14c9de997b7d 100644 > > --- a/Documentation/virt/coco/sev-guest.rst > > +++ b/Documentation/virt/coco/sev-guest.rst > > @@ -162,6 +162,19 @@ SEV-SNP firmware SNP_COMMIT command. This prevents roll-back to a previously > > committed firmware version. This will also update the reported TCB to match > > that of the currently installed firmware. > > > > +2.6 SNP_SET_CONFIG > > +------------------ > > +:Technology: sev-snp > > +:Type: hypervisor ioctl cmd > > +:Parameters (in): struct sev_user_data_snp_config > > +:Returns (out): 0 on success, -negative on error > > + > > +SNP_SET_CONFIG is used to set the system-wide configuration such as > > +reported TCB version in the attestation report. The command is similar > > +to SNP_CONFIG command defined in the SEV-SNP spec. The current values of > > +the firmware parameters affected by this command can be queried via > > +SNP_PLATFORM_STATUS. > > + > > 3. SEV-SNP CPUID Enforcement > > ============================ > > > > diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c > > index 73ace4064e5a..398ae932aa0b 100644 > > --- a/drivers/crypto/ccp/sev-dev.c > > +++ b/drivers/crypto/ccp/sev-dev.c > > @@ -1982,6 +1982,23 @@ static int sev_ioctl_do_snp_commit(struct sev_issue_cmd *argp) > > return __sev_do_cmd_locked(SEV_CMD_SNP_COMMIT, &buf, &argp->error); > > } > > > > +static int sev_ioctl_do_snp_set_config(struct sev_issue_cmd *argp, bool writable) > > +{ > > + struct sev_device *sev = psp_master->sev_data; > > Should this check that psp_master is not NULL? Like the fix for > https://lore.kernel.org/all/20240125231253.3122579-1-kim.phillips@amd.com/ It wouldn't hurt, but sev_ioctl() will check for it before getting here, so I don't think it's a reachable condition. There's a number of spots where existing SEV/legacy code relies on psp_pci_init() always setting psp_master before sev_pci_init(). Kim's patch fixes 1 exception that's reachable if you synthetically force a driver remove via DEBUG_TEST_DRIVER_REMOVE before the psp_pci_init() call is made during probe, which generally wouldn't happen in practice. But there may be other cases like the one Kim hit where "not work" isn't handled gracefully. Fortunately the other obvious spot, sev_do_cmd(), also checks for !psp_master, so that covers most of the internal users of sev-dev.c. But a general cleanup to introduce a helper like get_sev_device() that handles !psp_master might be a nice follow-up to make things more robust. -Mike > > Otherwise, > Reviewed-by: Liam Merwick > > > + struct sev_user_data_snp_config config; > > + > > + if (!sev->snp_initialized || !argp->data) > > + return -EINVAL; > > + > > + if (!writable) > > + return -EPERM; > > + > > + if (copy_from_user(&config, (void __user *)argp->data, sizeof(config))) > > + return -EFAULT; > > + > > + return __sev_do_cmd_locked(SEV_CMD_SNP_CONFIG, &config, &argp->error); > > +} > > + > > static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) > > { > > void __user *argp = (void __user *)arg; > > @@ -2039,6 +2056,9 @@ static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) > > case SNP_COMMIT: > > ret = sev_ioctl_do_snp_commit(&input); > > break; > > + case SNP_SET_CONFIG: > > + ret = sev_ioctl_do_snp_set_config(&input, writable); > > + break; > > default: > > ret = -EINVAL; > > goto out; > > diff --git a/include/uapi/linux/psp-sev.h b/include/uapi/linux/psp-sev.h > > index 35c207664e95..b7a2c2ee35b7 100644 > > --- a/include/uapi/linux/psp-sev.h > > +++ b/include/uapi/linux/psp-sev.h > > @@ -30,6 +30,7 @@ enum { > > SEV_GET_ID2, > > SNP_PLATFORM_STATUS, > > SNP_COMMIT, > > + SNP_SET_CONFIG, > > > > SEV_MAX, > > }; >