From: Tycho Andersen <tycho@kernel.org>
To: Ashish Kalra <ashish.kalra@amd.com>,
Tom Lendacky <thomas.lendacky@amd.com>,
John Allen <john.allen@amd.com>,
Herbert Xu <herbert@gondor.apana.org.au>,
"David S. Miller" <davem@davemloft.net>
Cc: linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org,
Sean Christopherson <seanjc@google.com>,
Kim Phillips <kim.phillips@amd.com>,
Alexey Kardashevskiy <aik@amd.com>,
"Tycho Andersen (AMD)" <tycho@kernel.org>,
Nikunj A Dadhania <nikunj@amd.com>,
"Pratik R. Sampat" <prsampat@amd.com>,
Michael Roth <michael.roth@amd.com>
Subject: [RFC v1 2/6] crypto/ccp: Allow snp_get_platform_data() after SNP init
Date: Thu, 30 Apr 2026 10:07:12 -0600 [thread overview]
Message-ID: <20260430160716.1120553-3-tycho@kernel.org> (raw)
In-Reply-To: <20260430160716.1120553-1-tycho@kernel.org>
From: "Tycho Andersen (AMD)" <tycho@kernel.org>
In preparation for refreshing the cached SNP platform status and feature
information after a successful firmware live update, allow
snp_get_platform_data() to be called when the SNP firmware is in the INIT
state.
When SNP is initialized the firmware additionally requires status pages to
be in the firmware-owned RMP state. __sev_do_snp_platform_status() already
handles this for SNP_PLATFORM_STATUS, so switch to that helper for that
command. Add the same mark/reclaim dance around the SNP_FEATURE_INFO
page.
Signed-off-by: Tycho Andersen (AMD) <tycho@kernel.org>
---
drivers/crypto/ccp/sev-dev.c | 31 +++++++++++++++++++++----------
1 file changed, 21 insertions(+), 10 deletions(-)
diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index 22bc4ef27a63..7ca29ccda0e7 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -132,6 +132,9 @@ static void __sev_firmware_shutdown(struct sev_device *sev, bool panic);
static int snp_shutdown_on_panic(struct notifier_block *nb,
unsigned long reason, void *arg);
+static int __sev_do_snp_platform_status(struct sev_user_data_snp_status *status,
+ int *error);
+
static struct notifier_block snp_panic_notifier = {
.notifier_call = snp_shutdown_on_panic,
};
@@ -1264,19 +1267,12 @@ static int snp_get_platform_data(struct sev_device *sev, int *error)
{
struct sev_data_snp_feature_info snp_feat_info;
struct snp_feature_info *feat_info;
- struct sev_data_snp_addr buf;
struct page *page;
int rc;
- /*
- * This function is expected to be called before SNP is
- * initialized.
- */
- if (sev->snp_initialized)
- return -EINVAL;
-
- buf.address = __psp_pa(&sev->snp_plat_status);
- rc = sev_do_cmd(SEV_CMD_SNP_PLATFORM_STATUS, &buf, error);
+ mutex_lock(&sev_cmd_mutex);
+ rc = __sev_do_snp_platform_status(&sev->snp_plat_status, error);
+ mutex_unlock(&sev_cmd_mutex);
if (rc) {
dev_err(sev->dev, "SNP PLATFORM_STATUS command failed, ret = %d, error = %#x\n",
rc, *error);
@@ -1305,17 +1301,32 @@ static int snp_get_platform_data(struct sev_device *sev, int *error)
return -ENOMEM;
feat_info = page_address(page);
+
+ if (sev->snp_initialized) {
+ if (rmp_mark_pages_firmware(__pa(feat_info), 1, false)) {
+ rc = -EFAULT;
+ goto free_page;
+ }
+ }
+
snp_feat_info.length = sizeof(snp_feat_info);
snp_feat_info.ecx_in = 0;
snp_feat_info.feature_info_paddr = __psp_pa(feat_info);
rc = sev_do_cmd(SEV_CMD_SNP_FEATURE_INFO, &snp_feat_info, error);
+
+ if (sev->snp_initialized) {
+ if (snp_reclaim_pages(__pa(feat_info), 1, false))
+ return -EFAULT;
+ }
+
if (!rc)
sev->snp_feat_info_0 = *feat_info;
else
dev_err(sev->dev, "SNP FEATURE_INFO command failed, ret = %d, error = %#x\n",
rc, *error);
+free_page:
__free_page(page);
return rc;
--
2.54.0
next prev parent reply other threads:[~2026-04-30 16:08 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-30 16:07 [RFC v1 0/6] Implement SNP DOWNLOAD_FIRMWARE_EX support Tycho Andersen
2026-04-30 16:07 ` [RFC v1 1/6] crypto/ccp: Hoist kernel part of SNP_PLATFORM_STATUS Tycho Andersen
2026-04-30 16:07 ` Tycho Andersen [this message]
2026-04-30 16:07 ` [RFC v1 3/6] crypto/ccp: Add DOWNLOAD_FIRMWARE_EX message struct Tycho Andersen
2026-04-30 16:07 ` [RFC v1 4/6] crypto/ccp: Reclaim command buffer when the PSP dies Tycho Andersen
2026-04-30 16:07 ` [RFC v1 5/6] crypto/ccp: Register with fw_uploader and always fail Tycho Andersen
2026-04-30 16:07 ` [RFC v1 6/6] crypto/ccp: Implement SNP firmware live update Tycho Andersen
2026-05-03 3:18 ` Maxwell Doose
2026-05-03 3:25 ` Maxwell Doose
2026-05-04 13:57 ` Tycho Andersen
2026-05-04 18:43 ` Maxwell Doose
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260430160716.1120553-3-tycho@kernel.org \
--to=tycho@kernel.org \
--cc=aik@amd.com \
--cc=ashish.kalra@amd.com \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=john.allen@amd.com \
--cc=kim.phillips@amd.com \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=michael.roth@amd.com \
--cc=nikunj@amd.com \
--cc=prsampat@amd.com \
--cc=seanjc@google.com \
--cc=thomas.lendacky@amd.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.