Re: [PATCH] crypto: ccp: Add support for SEV-ES to the PSP driver

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 4/21/20 7:33 AM, Joerg Roedel wrote:
Hi Tom,

On Mon, Apr 20, 2020 at 02:54:58PM -0500, Tom Lendacky wrote:
  static inline bool sev_version_greater_or_equal(u8 maj, u8 min)
  {
  	struct sev_device *sev = psp_master->sev_data;
@@ -214,6 +226,21 @@ static int __sev_platform_init_locked(int *error)
  	if (sev->state == SEV_STATE_INIT)
  		return 0;
+ if (sev_es_tmr) {
+		u64 tmr_pa;
+
+		/*
+		 * Do not include the encryption mask on the physical
+		 * address of the TMR (firmware should clear it anyway).
+		 */
+		tmr_pa = __pa(sev_es_tmr);
+		tmr_pa = ALIGN(tmr_pa, SEV_ES_TMR_ALIGN);

No need to manually align the region, see below.

+	/* Obtain the TMR memory area for SEV-ES use */
+	tmr_page = alloc_pages(GFP_KERNEL, get_order(SEV_ES_TMR_LEN));
+	if (tmr_page) {
+		sev_es_tmr = page_address(tmr_page);
+	} else {
+		sev_es_tmr = NULL;
+		dev_warn(sev->dev,
+			 "SEV: TMR allocation failed, SEV-ES support unavailable\n");
+	}

This allocates a 2M region where 1M is needed. The page allocator gives
you naturally aligned region for any allocation order, so when you
allocate 1M, it will automatically be 1M aligned.

Ah, I did not realize that. I'll update the patch to allocate just 1M then.

Thanks,
Tom


Other than that this patch looks good to me.

Regards,

	Joerg




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux