On 02/03/2017 16:18, Brijesh Singh wrote: > +static int __sev_dbg_decrypt_page(struct kvm *kvm, unsigned long src, > + void *dst, int *error) > +{ > + inpages = sev_pin_memory(src, PAGE_SIZE, &npages); > + if (!inpages) { > + ret = -ENOMEM; > + goto err_1; > + } > + > + data->handle = sev_get_handle(kvm); > + data->dst_addr = __psp_pa(dst); > + data->src_addr = __sev_page_pa(inpages[0]); > + data->length = PAGE_SIZE; > + > + ret = sev_issue_cmd(kvm, SEV_CMD_DBG_DECRYPT, data, error); > + if (ret) > + printk(KERN_ERR "SEV: DEBUG_DECRYPT %d (%#010x)\n", > + ret, *error); > + sev_unpin_memory(inpages, npages); > +err_1: > + kfree(data); > + return ret; > +} > + > +static int sev_dbg_decrypt(struct kvm *kvm, struct kvm_sev_cmd *argp) > +{ > + void *data; > + int ret, offset, len; > + struct kvm_sev_dbg debug; > + > + if (!sev_guest(kvm)) > + return -ENOTTY; > + > + if (copy_from_user(&debug, (void *)argp->data, > + sizeof(struct kvm_sev_dbg))) > + return -EFAULT; > + /* > + * TODO: add support for decrypting length which crosses the > + * page boundary. > + */ > + offset = debug.src_addr & (PAGE_SIZE - 1); > + if (offset + debug.length > PAGE_SIZE) > + return -EINVAL; > + Please do add it, it doesn't seem very different from what you're doing in LAUNCH_UPDATE_DATA. There's no need for a separate __sev_dbg_decrypt_page function, you can just pin/unpin here and do a per-page loop as in LAUNCH_UPDATE_DATA. Paolo -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html