On Wed, Jul 31, 2024 at 08:37:57PM +0530, Nikunj A Dadhania wrote:
> Address the ignored failures from snp_init() in sme_enable(). Add error
> handling for scenarios where snp_init() fails to retrieve the SEV-SNP CC
> blob or encounters issues while parsing the CC blob.
Is this a real issue you've encountered or?
> This change ensures
Avoid having "This patch" or "This commit" or "This <whatever>" in the commit
message. It is tautologically useless.
Also, do
$ git grep 'This patch' Documentation/process
for more details.
> that SNP guests will error out early, preventing delayed error reporting or
> undefined behavior.
>
> Signed-off-by: Nikunj A Dadhania <nikunj@xxxxxxx>
> ---
> arch/x86/mm/mem_encrypt_identity.c | 7 +++++++
> 1 file changed, 7 insertions(+)
>
> diff --git a/arch/x86/mm/mem_encrypt_identity.c b/arch/x86/mm/mem_encrypt_identity.c
> index ac33b2263a43..e83b363c5e68 100644
> --- a/arch/x86/mm/mem_encrypt_identity.c
> +++ b/arch/x86/mm/mem_encrypt_identity.c
> @@ -535,6 +535,13 @@ void __head sme_enable(struct boot_params *bp)
> if (snp && !(msr & MSR_AMD64_SEV_SNP_ENABLED))
> snp_abort();
>
> + /*
> + * The SEV-SNP CC blob should be present and parsing CC blob should
> + * succeed when SEV-SNP is enabled.
> + */
> + if (!snp && (msr & MSR_AMD64_SEV_SNP_ENABLED))
> + snp_abort();
Any chance you could combine the above and this test?
Perhaps look around at the code before adding your check - there might be some
opportunity for aggregation and improvement...
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
