Hi Tom,
On 8/15/2024 10:58 AM, Tom Lendacky wrote:
>> +
>> static bool psp_dead;
>> static int psp_timeout;
>>
>> @@ -1053,6 +1069,36 @@ static void snp_set_hsave_pa(void *arg)
>> wrmsrl(MSR_VM_HSAVE_PA, 0);
>> }
>>
>> +static void sev_snp_enable_ciphertext_hiding(struct sev_data_snp_init_ex *data, int *error)
>> +{
>> + struct psp_device *psp = psp_master;
>> + struct sev_device *sev;
>> + unsigned int edx;
>> +
>> + sev = psp->sev_data;
>> +
>> + /*
>> + * Check if CipherTextHiding feature is supported and enabled
>> + * in the Platform/BIOS.
>> + */
>> + if (sev->feat_info.ecx & FEAT_CIPHERTEXTHIDING_SUPPORTED &&
>> + sev->snp_plat_status.ciphertext_hiding_cap) {
> I'm not sure you need both checks. Either the platform status or the
> feature info check should be enough. Can you check on that?
>
FEATURE_INFO only indicates if SEV FW is capable of ciphertext hiding and SNP_PLATFORM_STATUS ciphertext_hiding_cap bit indicates if the CTH feature is enabled in BIOS, so both checks are needed.
Thanks, Ashish
