From: Ashish Kalra <ashish.kalra@xxxxxxx> Remove initializing SEV/SNP functionality from PSP driver and instead add support to KVM to explicitly initialize the PSP if KVM wants to use SEV/SNP functionality. This removes SEV/SNP initialization at PSP module probe time and does on-demand SEV/SNP initialization when KVM really wants to use SEV/SNP functionality. This will allow running legacy non-confidential VMs without initializating SEV functionality. This will assist in adding SNP CipherTextHiding support and SEV firmware hotloading support in KVM without sharing SEV ASID management and SNP guest context support between PSP driver and KVM and keeping all that support only in KVM. The on-demand SEV initialization support requires a fix in QEMU to remove check for SEV initialization to be done prior to launching SEV/SEV-ES VMs. NOTE: With the above fix for QEMU, older QEMU versions will be broken with respect to launching SEV/SEV-ES VMs with the newer kernel/KVM as older QEMU versions require SEV initialization to be done before launching SEV/SEV-ES VMs. v2: - Added support for separate SEV and SNP platform initalization, while SNP platform initialization is done at KVM module load time, SEV platform initialization is done on demand at SEV/SEV-ES VM launch. - Added support for separate SEV and SNP platform shutdown, both SEV and SNP shutdown done at KVM module unload time, only SEV shutdown down when all SEV/SEV-ES VMs have been destroyed, this allows SEV firmware hotloading support anytime during system lifetime. - Updated commit messages for couple of patches in the series with reference to the feedback received on v1 patches. Ashish Kalra (9): crypto: ccp: Move dev_info/err messages for SEV/SNP initialization crypto: ccp: Fix implicit SEV/SNP init and shutdown in ioctls crypto: ccp: Reset TMR size at SNP Shutdown crypto: ccp: Register SNP panic notifier only if SNP is enabled crypto: ccp: Add new SEV platform shutdown API crypto: ccp: Add new SEV/SNP platform shutdown API crypto: ccp: Add new SEV/SNP platform initialization API KVM: SVM: Add support to initialize SEV/SNP functionality in KVM crypto: ccp: Move SEV/SNP Platform initialization to KVM arch/x86/kvm/svm/sev.c | 33 +++- drivers/crypto/ccp/sev-dev.c | 283 ++++++++++++++++++++++++----------- include/linux/psp-sev.h | 27 +++- 3 files changed, 248 insertions(+), 95 deletions(-) -- 2.34.1
