On Tue, Nov 02, 2021, Peter Gonda wrote: > This change moves the data corrupted retry of SEV_INIT into the Use imperative mood. > __sev_platform_init_locked() function. This is for upcoming INIT_EX > support as well as helping direct callers of > __sev_platform_init_locked() which currently do not support the > retry. > > Signed-off-by: Peter Gonda <pgonda@xxxxxxxxxx> > Reviewed-by: Marc Orr <marcorr@xxxxxxxxxx> > Acked-by: David Rientjes <rientjes@xxxxxxxxxx> > Acked-by: Tom Lendacky <thomas.lendacky@xxxxxxx> > Cc: Tom Lendacky <thomas.lendacky@xxxxxxx> > Cc: Brijesh Singh <brijesh.singh@xxxxxxx> > Cc: Marc Orr <marcorr@xxxxxxxxxx> > Cc: Joerg Roedel <jroedel@xxxxxxx> > Cc: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> > Cc: David Rientjes <rientjes@xxxxxxxxxx> > Cc: John Allen <john.allen@xxxxxxx> > Cc: "David S. Miller" <davem@xxxxxxxxxxxxx> > Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> > Cc: linux-crypto@xxxxxxxxxxxxxxx > Cc: linux-kernel@xxxxxxxxxxxxxxx > --- > drivers/crypto/ccp/sev-dev.c | 24 ++++++++++++------------ > 1 file changed, 12 insertions(+), 12 deletions(-) > > diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c > index ec89a82ba267..e4bc833949a0 100644 > --- a/drivers/crypto/ccp/sev-dev.c > +++ b/drivers/crypto/ccp/sev-dev.c > @@ -267,6 +267,18 @@ static int __sev_platform_init_locked(int *error) > } > > rc = __sev_do_cmd_locked(SEV_CMD_INIT, &data, error); > + if (rc && *error == SEV_RET_SECURE_DATA_INVALID) { There are no guarantees that @error is non-NULL as this is reachable via an exported function, sev_platform_init(). Which ties in with my complaints in the previous patch that the API is a bit of a mess. > + /* > + * INIT command returned an integrity check failure > + * status code, meaning that firmware load and > + * validation of SEV related persistent data has > + * failed and persistent state has been erased. > + * Retrying INIT command here should succeed. > + */ > + dev_dbg(sev->dev, "SEV: retrying INIT command"); > + rc = __sev_do_cmd_locked(SEV_CMD_INIT, &data, error); > + } > + > if (rc) > return rc; > > @@ -1091,18 +1103,6 @@ void sev_pci_init(void) > > /* Initialize the platform */ > rc = sev_platform_init(&error); > - if (rc && (error == SEV_RET_SECURE_DATA_INVALID)) { > - /* > - * INIT command returned an integrity check failure > - * status code, meaning that firmware load and > - * validation of SEV related persistent data has > - * failed and persistent state has been erased. > - * Retrying INIT command here should succeed. > - */ > - dev_dbg(sev->dev, "SEV: retrying INIT command"); > - rc = sev_platform_init(&error); > - } > - > if (rc) { > dev_err(sev->dev, "SEV: failed to INIT error %#x, rc %d\n", > error, rc); > -- > 2.33.1.1089.g2158813163f-goog >