Re: [Part2 PATCH v6 13/38] crypto: ccp: Add Secure Encrypted Virtualization (SEV) command support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





On 10/23/2017 04:20 AM, Borislav Petkov wrote:
On Thu, Oct 19, 2017 at 09:33:48PM -0500, Brijesh Singh wrote:
+static int __sev_platform_init(struct sev_data_init *data, int *error)
+{
+	int rc = 0;
+
+	mutex_lock(&fw_init_mutex);
+
+	if (!fw_init_count) {

I still don't like global semaphores. Can you get the status and check
for PSTATE.INIT state and do the init only if the platform is in
PSTATE.UNINIT?



Calling PLATFORM_GET_STATUS is not required, we can manage the state through a simple ref count variable. Issuing PSP commands will always be much more expensive compare to accessing a protected global variable. I would prefer to avoid invoking PSP command if possible. Additionally, the global semaphore is still needed to serialize the sev_platform_init() and sev_platform_shutdown() from multiple processes. e.g If process "A" calls sev_platform_init() and if it gets preempted due to whatever reason then we don't want another process to issue the shutdown command while process "A" is in middle of sev_platform_init().

-Brijesh



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux