On 6/12/2024 10:47 PM, Borislav Petkov wrote: > On Fri, May 31, 2024 at 10:00:15AM +0530, Nikunj A Dadhania wrote: >> The sev-guest driver encryption code uses Crypto API for SNP guest >> messaging to interact with AMD Security processor. For enabling SecureTSC, >> SEV-SNP guests need to send a TSC_INFO request guest message before the >> smpboot phase starts. Details from the TSC_INFO response will be used to >> program the VMSA before the secondary CPUs are brought up. The Crypto API >> is not available this early in the boot phase. >> >> In preparation of moving the encryption code out of sev-guest driver to >> support SecureTSC and make reviewing the diff easier, start using AES GCM >> library implementation instead of Crypto API. >> >> Drop __enc_payload() and dec_payload() helpers as both are pretty small and >> can be moved to the respective callers. > > Please use this streamlined commit message for your next submission: > > "The sev-guest driver encryption code uses the crypto API for SNP guest messaging > with the AMD Security processor. In order to enable secure TSC, SEV-SNP guests > need to send such a TSC_INFO message before the APs are booted. Details from the > TSC_INFO response will then be used to program the VMSA before the APs are > brought up. > > However, the crypto API is not available this early in the boot process. > > In preparation for moving the encryption code out of sev-guest to support secure > TSC and to ease review, switch to using the AES GCM library implementation > instead. > > Drop __enc_payload() and dec_payload() helpers as both are small and can be > moved to the respective callers." > Sure Regards Nikunj
