This change moves the data corrupted retry of SEV_INIT into the __sev_platform_init_locked() function. This is for upcoming INIT_EX support as well as helping direct callers of __sev_platform_init_locked() which currently do not support the retry. Signed-off-by: Peter Gonda <pgonda@xxxxxxxxxx> Reviewed-by: Marc Orr <marcorr@xxxxxxxxxx> Acked-by: David Rientjes <rientjes@xxxxxxxxxx> Acked-by: Tom Lendacky <thomas.lendacky@xxxxxxx> Cc: Tom Lendacky <thomas.lendacky@xxxxxxx> Cc: Brijesh Singh <brijesh.singh@xxxxxxx> Cc: Marc Orr <marcorr@xxxxxxxxxx> Cc: Joerg Roedel <jroedel@xxxxxxx> Cc: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Cc: David Rientjes <rientjes@xxxxxxxxxx> Cc: John Allen <john.allen@xxxxxxx> Cc: "David S. Miller" <davem@xxxxxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: linux-crypto@xxxxxxxxxxxxxxx Cc: linux-kernel@xxxxxxxxxxxxxxx --- drivers/crypto/ccp/sev-dev.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index ec89a82ba267..e4bc833949a0 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -267,6 +267,18 @@ static int __sev_platform_init_locked(int *error) } rc = __sev_do_cmd_locked(SEV_CMD_INIT, &data, error); + if (rc && *error == SEV_RET_SECURE_DATA_INVALID) { + /* + * INIT command returned an integrity check failure + * status code, meaning that firmware load and + * validation of SEV related persistent data has + * failed and persistent state has been erased. + * Retrying INIT command here should succeed. + */ + dev_dbg(sev->dev, "SEV: retrying INIT command"); + rc = __sev_do_cmd_locked(SEV_CMD_INIT, &data, error); + } + if (rc) return rc; @@ -1091,18 +1103,6 @@ void sev_pci_init(void) /* Initialize the platform */ rc = sev_platform_init(&error); - if (rc && (error == SEV_RET_SECURE_DATA_INVALID)) { - /* - * INIT command returned an integrity check failure - * status code, meaning that firmware load and - * validation of SEV related persistent data has - * failed and persistent state has been erased. - * Retrying INIT command here should succeed. - */ - dev_dbg(sev->dev, "SEV: retrying INIT command"); - rc = sev_platform_init(&error); - } - if (rc) { dev_err(sev->dev, "SEV: failed to INIT error %#x, rc %d\n", error, rc); -- 2.33.1.1089.g2158813163f-goog