From: "Kalra, Ashish" <ashish.kalra@amd.com>
To: Kim Phillips <kim.phillips@amd.com>,
corbet@lwn.net, seanjc@google.com, pbonzini@redhat.com,
tglx@linutronix.de, mingo@redhat.com, bp@alien8.de,
dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com,
thomas.lendacky@amd.com, john.allen@amd.com,
herbert@gondor.apana.org.au, davem@davemloft.net,
akpm@linux-foundation.org, rostedt@goodmis.org,
paulmck@kernel.org
Cc: nikunj@amd.com, Neeraj.Upadhyay@amd.com, aik@amd.com,
ardb@kernel.org, michael.roth@amd.com, arnd@arndb.de,
linux-doc@vger.kernel.org, linux-crypto@vger.kernel.org,
linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Subject: Re: [PATCH v5 7/7] KVM: SEV: Add SEV-SNP CipherTextHiding support
Date: Wed, 2 Jul 2025 17:43:29 -0500 [thread overview]
Message-ID: <7598ff2a-fab1-4890-a245-9853d8546269@amd.com> (raw)
In-Reply-To: <790fd770-de75-4bdf-a1dd-492f880b5fd6@amd.com>
Hello Kim,
On 7/2/2025 4:46 PM, Kim Phillips wrote:
> Hi Ashish,
>
> I can confirm that this v5 series fixes v4's __sev_do_cmd_locked
> assertion failure problem, thanks. More comments inline:
>
> On 7/1/25 3:16 PM, Ashish Kalra wrote:
>> From: Ashish Kalra <ashish.kalra@amd.com>
>
> Extra From: line not necessary.
>
>> @@ -2913,10 +2921,46 @@ static bool is_sev_snp_initialized(void)
>> return initialized;
>> }
>> +static bool check_and_enable_sev_snp_ciphertext_hiding(void)
>> +{
>> + unsigned int ciphertext_hiding_asid_nr = 0;
>> +
>> + if (!sev_is_snp_ciphertext_hiding_supported()) {
>> + pr_warn("Module parameter ciphertext_hiding_asids specified but ciphertext hiding not supported or enabled\n");
>> + return false;
>> + }
>> +
>> + if (isdigit(ciphertext_hiding_asids[0])) {
>> + if (kstrtoint(ciphertext_hiding_asids, 10, &ciphertext_hiding_asid_nr)) {
>> + pr_warn("Module parameter ciphertext_hiding_asids (%s) invalid\n",
>> + ciphertext_hiding_asids);
>> + return false;
>> + }
>> + /* Do sanity checks on user-defined ciphertext_hiding_asids */
>> + if (ciphertext_hiding_asid_nr >= min_sev_asid) {
>> + pr_warn("Requested ciphertext hiding ASIDs (%u) exceeds or equals minimum SEV ASID (%u)\n",
>> + ciphertext_hiding_asid_nr, min_sev_asid);
>> + return false;
>> + }
>> + } else if (!strcmp(ciphertext_hiding_asids, "max")) {
>> + ciphertext_hiding_asid_nr = min_sev_asid - 1;
>> + } else {
>> + pr_warn("Module parameter ciphertext_hiding_asids (%s) invalid\n",
>> + ciphertext_hiding_asids);
>> + return false;
>> + }
>
> This code can be made much simpler if all the invalid
> cases were combined to emit a single pr_warn().
>
There definitely has to be a different pr_warn() for the sanity check case and invalid parameter cases and sanity check has to be done if the
specified parameter is an unsigned int, so the check needs to be done separately.
I can definitely add a branch just for the invalid cases.
>> @@ -3036,7 +3090,9 @@ void __init sev_hardware_setup(void)
>> min_sev_asid, max_sev_asid);
>> if (boot_cpu_has(X86_FEATURE_SEV_ES))
>> pr_info("SEV-ES %s (ASIDs %u - %u)\n",
>> - str_enabled_disabled(sev_es_supported),
>> + sev_es_supported ? min_sev_es_asid < min_sev_asid ? "enabled" :
>> + "unusable" :
>> + "disabled",
>> min_sev_es_asid, max_sev_es_asid);
>> if (boot_cpu_has(X86_FEATURE_SEV_SNP))
>> pr_info("SEV-SNP %s (ASIDs %u - %u)\n",
>
> If I set ciphertext_hiding_asids=99, I get the new 'unusable':
>
> kvm_amd: SEV-SNP ciphertext hiding enabled
> ...
> kvm_amd: SEV enabled (ASIDs 100 - 1006)
> kvm_amd: SEV-ES unusable (ASIDs 100 - 99)
> kvm_amd: SEV-SNP enabled (ASIDs 1 - 99)
>
> Ok.
Which is correct.
This is similar to the SEV case where min_sev_asid can be greater than max_sev_asid and that also emits similarly :
SEV unusable (ASIDs 1007 - 1006) (this is an example of that case).
>
> Now, if I set ciphertext_hiding_asids=0, I get:
>
> kvm_amd: SEV-SNP ciphertext hiding enabled
> ...
> kvm_amd: SEV enabled (ASIDs 100 - 1006)
> kvm_amd: SEV-ES enabled (ASIDs 1 - 99)
> kvm_amd: SEV-SNP enabled (ASIDs 1 - 0)
>
> ..where SNP is unusable this time, yet it's not flagged as such.
>
Actually SNP still needs to be usable/enabled in this case, as specifying ciphertext_hiding_asids=0 is same as specifying that ciphertext hiding feature should
not be enabled, so code-wise this is behaving correctly, but messaging needs to be fixed, which i will fix.
Thanks,
Ashish
> If there's no difference between "unusable" and not enabled, then
> I think it's better to keep the not enabled messaging behaviour
> and just not emit the line at all: It's confusing to see the
> invalid "100 - 99" and "1 - 0" ranges.
>
> Thanks,
>
> Kim
next prev parent reply other threads:[~2025-07-02 22:43 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-01 20:14 [PATCH v5 0/7] Add SEV-SNP CipherTextHiding feature support Ashish Kalra
2025-07-01 20:14 ` [PATCH v5 1/7] crypto: ccp - New bit-field definitions for SNP_PLATFORM_STATUS command Ashish Kalra
2025-07-01 20:15 ` [PATCH v5 2/7] crypto: ccp - Cache SEV platform status and platform state Ashish Kalra
2025-07-07 15:37 ` Tom Lendacky
2025-07-01 20:15 ` [PATCH v5 3/7] crypto: ccp - Add support for SNP_FEATURE_INFO command Ashish Kalra
2025-07-07 16:01 ` Tom Lendacky
2025-07-01 20:15 ` [PATCH v5 4/7] crypto: ccp - Introduce new API interface to indicate SEV-SNP Ciphertext hiding feature Ashish Kalra
2025-07-07 16:19 ` Tom Lendacky
2025-07-01 20:15 ` [PATCH v5 5/7] crypto: ccp - Add support to enable CipherTextHiding on SNP_INIT_EX Ashish Kalra
2025-07-07 16:49 ` Tom Lendacky
2025-07-01 20:16 ` [PATCH v5 6/7] KVM: SEV: Introduce new min,max sev_es and sev_snp asid variables Ashish Kalra
2025-07-07 16:57 ` Tom Lendacky
2025-07-01 20:16 ` [PATCH v5 7/7] KVM: SEV: Add SEV-SNP CipherTextHiding support Ashish Kalra
2025-07-02 21:46 ` Kim Phillips
2025-07-02 22:43 ` Kalra, Ashish [this message]
2025-07-07 6:16 ` Kalra, Ashish
2025-07-07 21:32 ` Kim Phillips
2025-07-07 17:35 ` Tom Lendacky
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7598ff2a-fab1-4890-a245-9853d8546269@amd.com \
--to=ashish.kalra@amd.com \
--cc=Neeraj.Upadhyay@amd.com \
--cc=aik@amd.com \
--cc=akpm@linux-foundation.org \
--cc=ardb@kernel.org \
--cc=arnd@arndb.de \
--cc=bp@alien8.de \
--cc=corbet@lwn.net \
--cc=dave.hansen@linux.intel.com \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=hpa@zytor.com \
--cc=john.allen@amd.com \
--cc=kim.phillips@amd.com \
--cc=kvm@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=michael.roth@amd.com \
--cc=mingo@redhat.com \
--cc=nikunj@amd.com \
--cc=paulmck@kernel.org \
--cc=pbonzini@redhat.com \
--cc=rostedt@goodmis.org \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).