From: Tom Lendacky <thomas.lendacky@amd.com>
To: Ard Biesheuvel <ardb+git@google.com>, linux-kernel@vger.kernel.org
Cc: linux-efi@vger.kernel.org, x86@kernel.org, mingo@kernel.org,
Ard Biesheuvel <ardb@kernel.org>,
Dionna Amalie Glaze <dionnaglaze@google.com>,
Kevin Loughlin <kevinloughlin@google.com>
Subject: Re: [PATCH v5 3/6] x86/sev: Split off startup code from core code
Date: Wed, 23 Apr 2025 10:22:31 -0500 [thread overview]
Message-ID: <cf878810-81ed-3017-52c6-ce6aa41b5f01@amd.com> (raw)
In-Reply-To: <20250418141253.2601348-11-ardb+git@google.com>
On 4/18/25 09:12, Ard Biesheuvel wrote:
> From: Ard Biesheuvel <ardb@kernel.org>
>
> Disentangle the SEV core code and the SEV code that is called during
> early boot. The latter piece will be moved into startup/ in a subsequent
> patch.
>
> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
This patch breaks SNP guests. The SNP guest boots, but no longer has
access to the VMPCK keys needed to communicate with the ASP, which is
used, for example, to obtain an attestation report.
It looks like the secrets_pa is defined as static in both startup.c and
core.c. It is set by a function in startup.c and so when used in core.c
its value will be 0.
The following fixed the issue for me. Let me know if it can be squashed
in or a full patch is needed. Although, it likely should be named
sev_secrets_pa since it is no longer static.
Thanks,
Tom
diff --git a/arch/x86/coco/sev/core.c b/arch/x86/coco/sev/core.c
index 617988a5f3d7..a2c984b31fc4 100644
--- a/arch/x86/coco/sev/core.c
+++ b/arch/x86/coco/sev/core.c
@@ -80,9 +80,6 @@ static const char * const sev_status_feat_names[] = {
[MSR_AMD64_SNP_SMT_PROT_BIT] = "SMTProt",
};
-/* Secrets page physical address from the CC blob */
-static u64 secrets_pa __ro_after_init;
-
/*
* For Secure TSC guests, the BSP fetches TSC_INFO using SNP guest messaging and
* initializes snp_tsc_scale and snp_tsc_offset. These values are replicated
diff --git a/arch/x86/coco/sev/startup.c b/arch/x86/coco/sev/startup.c
index 9f5dc70cfb44..9fd5c28c6417 100644
--- a/arch/x86/coco/sev/startup.c
+++ b/arch/x86/coco/sev/startup.c
@@ -55,7 +55,7 @@ struct ghcb *boot_ghcb __section(".data");
u64 sev_hv_features __ro_after_init;
/* Secrets page physical address from the CC blob */
-static u64 secrets_pa __ro_after_init;
+u64 secrets_pa __ro_after_init;
/* For early boot SVSM communication */
struct svsm_ca boot_svsm_ca_page __aligned(PAGE_SIZE);
diff --git a/arch/x86/include/asm/sev-internal.h b/arch/x86/include/asm/sev-internal.h
index 73cb774c3639..45a7fc24e37f 100644
--- a/arch/x86/include/asm/sev-internal.h
+++ b/arch/x86/include/asm/sev-internal.h
@@ -5,6 +5,7 @@
extern struct ghcb boot_ghcb_page;
extern struct ghcb *boot_ghcb;
extern u64 sev_hv_features;
+extern u64 secrets_pa;
/* #VC handler runtime per-CPU data */
struct sev_es_runtime_data {
> ---
> arch/x86/boot/compressed/sev.c | 2 +
> arch/x86/coco/sev/Makefile | 12 +-
> arch/x86/coco/sev/core.c | 1563 ++++----------------
> arch/x86/coco/sev/shared.c | 281 ----
> arch/x86/coco/sev/startup.c | 1395 +++++++++++++++++
> 5 files changed, 1652 insertions(+), 1601 deletions(-)
>
next prev parent reply other threads:[~2025-04-23 15:22 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-18 14:12 [PATCH v5 0/6] x86: Refactor and consolidate startup code Ard Biesheuvel
2025-04-18 14:12 ` [PATCH v5 1/6] vmlinux.lds: Include .data.rel[.local] into .data section Ard Biesheuvel
2025-04-18 14:12 ` [PATCH v5 2/6] x86/sev: Move noinstr NMI handling code into separate source file Ard Biesheuvel
2025-04-18 14:12 ` [PATCH v5 3/6] x86/sev: Split off startup code from core code Ard Biesheuvel
2025-04-23 15:22 ` Tom Lendacky [this message]
2025-04-23 15:50 ` Ard Biesheuvel
2025-04-24 9:37 ` Borislav Petkov
2025-04-24 15:34 ` [PATCH] x86/sev: Share the sev_secrets_pa value again Ingo Molnar
2025-04-24 16:04 ` Tom Lendacky
2025-04-18 14:12 ` [PATCH v5 4/6] x86/boot: Move SEV startup code into startup/ Ard Biesheuvel
2025-04-18 14:12 ` [PATCH v5 5/6] x86/boot: Drop RIP_REL_REF() uses from early SEV code Ard Biesheuvel
2025-04-18 14:13 ` [PATCH v5 6/6] x86/asm: Retire RIP_REL_REF() Ard Biesheuvel
2025-04-18 15:51 ` Uros Bizjak
2025-04-18 15:58 ` Ard Biesheuvel
2025-05-04 7:33 ` Uros Bizjak
2025-04-22 19:55 ` [PATCH v5 0/6] x86: Refactor and consolidate startup code Ingo Molnar
2025-04-22 21:09 ` Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cf878810-81ed-3017-52c6-ce6aa41b5f01@amd.com \
--to=thomas.lendacky@amd.com \
--cc=ardb+git@google.com \
--cc=ardb@kernel.org \
--cc=dionnaglaze@google.com \
--cc=kevinloughlin@google.com \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox