Re: [PATCH v2 17/25] crypto: ccp: Handle non-volatile INIT_EX data when SNP is enabled

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Jan 25, 2024 at 10:11:17PM -0600, Michael Roth wrote:
> -	if (sev_init_ex_buffer) {
> +	/*
> +	 * If an init_ex_path is provided allocate a buffer for the file and
> +	 * read in the contents. Additionally, if SNP is initialized, convert
> +	 * the buffer pages to firmware pages.
> +	 */
> +	if (init_ex_path && !sev_init_ex_buffer) {
> +		struct page *page;
> +
> +		page = alloc_pages(GFP_KERNEL, get_order(NV_LENGTH));
> +		if (!page) {
> +			dev_err(sev->dev, "SEV: INIT_EX NV memory allocation failed\n");
> +			return -ENOMEM;
> +		}
> +
> +		sev_init_ex_buffer = page_address(page);
> +
>  		rc = sev_read_init_ex_file();
>  		if (rc)
>  			return rc;
> +
> +		/* If SEV-SNP is initialized, transition to firmware page. */
> +		if (sev->snp_initialized) {
> +			unsigned long npages;
> +
> +			npages = 1UL << get_order(NV_LENGTH);
> +			if (rmp_mark_pages_firmware(__pa(sev_init_ex_buffer),
> +						    npages, false)) {
> +				dev_err(sev->dev,
> +					"SEV: INIT_EX NV memory page state change failed.\n");
> +				return -ENOMEM;
> +			}
> +		}
>  	}

Ontop:

---
diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index c364ad33f376..5ec563611953 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -775,6 +775,48 @@ static void __sev_platform_init_handle_tmr(struct sev_device *sev)
 	}
 }
 
+/*
+ * If an init_ex_path is provided allocate a buffer for the file and
+ * read in the contents. Additionally, if SNP is initialized, convert
+ * the buffer pages to firmware pages.
+ */
+static int __sev_platform_init_handle_init_ex_path(struct sev_device *sev)
+{
+	struct page *page;
+	int rc;
+
+	if (!init_ex_path)
+		return 0;
+
+	if (sev_init_ex_buffer)
+		return 0;
+
+	page = alloc_pages(GFP_KERNEL, get_order(NV_LENGTH));
+	if (!page) {
+		dev_err(sev->dev, "SEV: INIT_EX NV memory allocation failed\n");
+		return -ENOMEM;
+	}
+
+	sev_init_ex_buffer = page_address(page);
+
+	rc = sev_read_init_ex_file();
+	if (rc)
+		return rc;
+
+	/* If SEV-SNP is initialized, transition to firmware page. */
+	if (sev->snp_initialized) {
+		unsigned long npages;
+
+		npages = 1UL << get_order(NV_LENGTH);
+		if (rmp_mark_pages_firmware(__pa(sev_init_ex_buffer), npages, false)) {
+			dev_err(sev->dev, "SEV: INIT_EX NV memory page state change failed.\n");
+			return -ENOMEM;
+		}
+	}
+
+	return 0;
+}
+
 static int __sev_platform_init_locked(int *error)
 {
 	int rc, psp_ret = SEV_RET_NO_FW_CALL;
@@ -790,39 +832,9 @@ static int __sev_platform_init_locked(int *error)
 
 	__sev_platform_init_handle_tmr(sev);
 
-	/*
-	 * If an init_ex_path is provided allocate a buffer for the file and
-	 * read in the contents. Additionally, if SNP is initialized, convert
-	 * the buffer pages to firmware pages.
-	 */
-	if (init_ex_path && !sev_init_ex_buffer) {
-		struct page *page;
-
-		page = alloc_pages(GFP_KERNEL, get_order(NV_LENGTH));
-		if (!page) {
-			dev_err(sev->dev, "SEV: INIT_EX NV memory allocation failed\n");
-			return -ENOMEM;
-		}
-
-		sev_init_ex_buffer = page_address(page);
-
-		rc = sev_read_init_ex_file();
-		if (rc)
-			return rc;
-
-		/* If SEV-SNP is initialized, transition to firmware page. */
-		if (sev->snp_initialized) {
-			unsigned long npages;
-
-			npages = 1UL << get_order(NV_LENGTH);
-			if (rmp_mark_pages_firmware(__pa(sev_init_ex_buffer),
-						    npages, false)) {
-				dev_err(sev->dev,
-					"SEV: INIT_EX NV memory page state change failed.\n");
-				return -ENOMEM;
-			}
-		}
-	}
+	rc = __sev_platform_init_handle_init_ex_path(sev);
+	if (rc)
+		return rc;
 
 	rc = __sev_do_init_locked(&psp_ret);
 	if (rc && psp_ret == SEV_RET_SECURE_DATA_INVALID) {


-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]
  Powered by Linux