Hi Boris,
On 06/19/2018 04:46 AM, Borislav Petkov wrote:
On Thu, Jun 14, 2018 at 07:08:26AM -0500, Brijesh Singh wrote:
I think depends should look like this:
config KVM_AMD_SEV
def_bool y
bool "AMD Secure Encrypted Virtualization (SEV) support"
depends KVM_AMD && X86_64
depends CRYPTO_DEV_SP_PSP && !(KVM_AMD=y && CRYPTO_DEV_CCP_DD=m)
CRYPTO_DEV_CCP_DD - this still doesn't belong here. KVM_AMD_SEV doesn't
care about what kind of functionality the PSP needs to function and
select it - it should only depend on a single symbol.
It would be nice to have a single depends. But the main issue is, PSP
support is provided through the ccp driver (aka CRYPTO_DEV_CCP_DD).
Hence KVM_AMD_SEV need to have some level of dependency with ccp driver.
This is to ensure that the ccp was 'y' when kvm-amd=y for SEV to work.
Now, you can add a separate CRYPTO .config item which collects all
required functionality for SEV guests and have KVM_AMD_SEV depend
on that. Or a similar solution. But not have KVM_AMD_SEV poke into
CRYPTO...PSP dependencies because it doesn't need to know about it.
I am sorry but I am not able to follow you on how creating a separate
CRYPTO .config item will solve this problem. Creating a separate config
will be useful if we are okay with calling 'select' from kvm (i.e if
kvm-amd is 'y' then all the symbols from crypto will be 'y').
I looked at other drivers where they have similar situation and it seems
like solution is same as what I have used above.
-Brijesh