From: "Pratik R. Sampat" <prsampat@amd.com>
To: <linux-kernel@vger.kernel.org>, <x86@kernel.org>,
<kvm@vger.kernel.org>, <linux-kselftest@vger.kernel.org>
Cc: <seanjc@google.com>, <pbonzini@redhat.com>,
<thomas.lendacky@amd.com>, <tglx@linutronix.de>,
<mingo@redhat.com>, <bp@alien8.de>, <dave.hansen@linux.intel.com>,
<shuah@kernel.org>, <pgonda@google.com>, <ashish.kalra@amd.com>,
<nikunj@amd.com>, <pankaj.gupta@amd.com>, <michael.roth@amd.com>,
<sraithal@amd.com>, <prsampat@amd.com>
Subject: [PATCH v8 01/10] KVM: SEV: Disable SEV-SNP support on initialization failure
Date: Wed, 5 Mar 2025 16:59:51 -0600 [thread overview]
Message-ID: <20250305230000.231025-2-prsampat@amd.com> (raw)
In-Reply-To: <20250305230000.231025-1-prsampat@amd.com>
During platform init, SNP initialization may fail for several reasons,
such as firmware command failures and incompatible versions. However,
the KVM capability may continue to advertise support for it. During
setup, query the SNP platform status to obtain the initialization state
and use it as an additional condition to determine support for SEV-SNP.
Fixes: 1dfe571c12cf ("KVM: SEV: Add initial SEV-SNP support")
Suggested-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Pratik R. Sampat <prsampat@amd.com>
---
v7..v8:
* Avoid exporting yet another API from CCP. Instead query
SNP_PLATFORM_STATUS to get the current the initialization state
within KVM (Tom)
---
arch/x86/kvm/svm/sev.c | 30 +++++++++++++++++++++++++++++-
1 file changed, 29 insertions(+), 1 deletion(-)
diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index 0dbb25442ec1..e21c3aa6f592 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -2950,6 +2950,32 @@ void __init sev_set_cpu_caps(void)
}
}
+static bool snp_initialized(void)
+{
+ struct sev_user_data_snp_status *status;
+ struct sev_data_snp_addr buf;
+ bool initialized = false;
+ void *data;
+ int error;
+
+ data = snp_alloc_firmware_page(GFP_KERNEL_ACCOUNT);
+ if (!data)
+ return initialized;
+
+ buf.address = __psp_pa(data);
+ if (sev_do_cmd(SEV_CMD_SNP_PLATFORM_STATUS, &buf, &error))
+ goto out;
+
+ status = (struct sev_user_data_snp_status *)data;
+ if (status->state)
+ initialized = true;
+
+out:
+ snp_free_firmware_page(data);
+
+ return initialized;
+}
+
void __init sev_hardware_setup(void)
{
unsigned int eax, ebx, ecx, edx, sev_asid_count, sev_es_asid_count;
@@ -3050,7 +3076,9 @@ void __init sev_hardware_setup(void)
sev_es_asid_count = min_sev_asid - 1;
WARN_ON_ONCE(misc_cg_set_capacity(MISC_CG_RES_SEV_ES, sev_es_asid_count));
sev_es_supported = true;
- sev_snp_supported = sev_snp_enabled && cc_platform_has(CC_ATTR_HOST_SEV_SNP);
+ sev_snp_supported = (sev_snp_enabled &&
+ cc_platform_has(CC_ATTR_HOST_SEV_SNP) &&
+ snp_initialized());
out:
if (boot_cpu_has(X86_FEATURE_SEV))
--
2.43.0
next prev parent reply other threads:[~2025-03-05 23:00 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-03-05 22:59 [PATCH v8 00/10] Basic SEV-SNP Selftests Pratik R. Sampat
2025-03-05 22:59 ` Pratik R. Sampat [this message]
2025-03-05 22:59 ` [PATCH v8 02/10] KVM: selftests: SEV-SNP test for KVM_SEV_INIT2 Pratik R. Sampat
2025-03-05 22:59 ` [PATCH v8 03/10] KVM: selftests: Add vmgexit helper Pratik R. Sampat
2025-03-06 4:38 ` Gupta, Pankaj
2025-03-05 22:59 ` [PATCH v8 04/10] KVM: selftests: Add SMT control state helper Pratik R. Sampat
2025-03-05 22:59 ` [PATCH v8 05/10] KVM: selftests: Replace assert() with TEST_ASSERT_EQ() Pratik R. Sampat
2025-03-05 22:59 ` [PATCH v8 06/10] KVM: selftests: Introduce SEV VM type check Pratik R. Sampat
2025-03-05 22:59 ` [PATCH v8 07/10] KVM: selftests: Add library support for interacting with SNP Pratik R. Sampat
2025-03-05 22:59 ` [PATCH v8 08/10] KVM: selftests: Force GUEST_MEMFD flag for SNP VM type Pratik R. Sampat
2025-03-05 22:59 ` [PATCH v8 09/10] KVM: selftests: Abstractions for SEV to decouple policy from type Pratik R. Sampat
2025-03-05 23:00 ` [PATCH v8 10/10] KVM: selftests: Add a basic SEV-SNP smoke test Pratik R. Sampat
2025-04-03 18:35 ` [PATCH v8 00/10] Basic SEV-SNP Selftests Pratik R. Sampat
2025-05-02 21:50 ` Sean Christopherson
2025-05-05 15:10 ` Pratik R. Sampat
2025-05-05 23:15 ` Sean Christopherson
2025-05-05 23:36 ` Kalra, Ashish
2025-05-06 0:56 ` Sean Christopherson
2025-05-06 17:06 ` Kalra, Ashish
2025-05-06 2:05 ` Pratik R. Sampat
2025-05-06 13:46 ` Sean Christopherson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250305230000.231025-2-prsampat@amd.com \
--to=prsampat@amd.com \
--cc=ashish.kalra@amd.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=michael.roth@amd.com \
--cc=mingo@redhat.com \
--cc=nikunj@amd.com \
--cc=pankaj.gupta@amd.com \
--cc=pbonzini@redhat.com \
--cc=pgonda@google.com \
--cc=seanjc@google.com \
--cc=shuah@kernel.org \
--cc=sraithal@amd.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox