public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed
From: Tycho Andersen <tycho@kernel.org>
To: Ashish Kalra <ashish.kalra@amd.com>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	John Allen <john.allen@amd.com>,
	Herbert Xu <herbert@gondor.apana.org.au>,
	"David S. Miller" <davem@davemloft.net>
Cc: linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org,
	Sean Christopherson <seanjc@google.com>,
	Kim Phillips <kim.phillips@amd.com>,
	Alexey Kardashevskiy <aik@amd.com>,
	"Tycho Andersen (AMD)" <tycho@kernel.org>,
	Nikunj A Dadhania <nikunj@amd.com>,
	"Pratik R. Sampat" <prsampat@amd.com>,
	Michael Roth <michael.roth@amd.com>
Subject: [RFC v1 0/6] Implement SNP DOWNLOAD_FIRMWARE_EX support
Date: Thu, 30 Apr 2026 10:07:10 -0600	[thread overview]
Message-ID: <20260430160716.1120553-1-tycho@kernel.org> (raw)

From: "Tycho Andersen (AMD)" <tycho@kernel.org>

Here is an implementation of the SEV-SNP firmware's DOWNLOAD_FIRMWARE_EX
command. The core difference between this and the previous implementation
https://lore.kernel.org/lkml/20241112232253.3379178-7-dionnaglaze@google.com/
is that it relies on the SEV firmware's state (WORKING) to indicate that there
are legacy VMs running instead of tracking things explicitly via ASID.

There is a race condition in slide 18 of
https://pretalx.com/media/kvm-forum-2025/submissions/TAMRR8/resources/SEV_FW_Hotl_zfT5e9Y.pdf
which this series does not address, I am still trying to understand what the
best way to fix that is.

Also note that patch 1 is a duplicate of
https://lore.kernel.org/all/20260416232329.3408497-2-seanjc@google.com/
so it can be dropped when that is applied.

Thanks,

Tycho

Tycho Andersen (AMD) (6):
  crypto/ccp: Hoist kernel part of SNP_PLATFORM_STATUS
  crypto/ccp: Allow snp_get_platform_data() after SNP init
  crypto/ccp: Add DOWNLOAD_FIRMWARE_EX message struct
  crypto/ccp: Reclaim command buffer when the PSP dies
  crypto/ccp: Register with fw_uploader and always fail
  crypto/ccp: Implement SNP firmware live update

 drivers/crypto/ccp/sev-dev.c | 416 +++++++++++++++++++++++++++++++----
 drivers/crypto/ccp/sev-dev.h |   3 +
 include/linux/psp-sev.h      |  20 ++
 3 files changed, 393 insertions(+), 46 deletions(-)


base-commit: 254f49634ee16a731174d2ae34bc50bd5f45e731
-- 
2.54.0


             reply	other threads:[~2026-04-30 16:08 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-04-30 16:07 Tycho Andersen [this message]
2026-04-30 16:07 ` [RFC v1 1/6] crypto/ccp: Hoist kernel part of SNP_PLATFORM_STATUS Tycho Andersen
2026-04-30 16:07 ` [RFC v1 2/6] crypto/ccp: Allow snp_get_platform_data() after SNP init Tycho Andersen
2026-04-30 16:07 ` [RFC v1 3/6] crypto/ccp: Add DOWNLOAD_FIRMWARE_EX message struct Tycho Andersen
2026-04-30 16:07 ` [RFC v1 4/6] crypto/ccp: Reclaim command buffer when the PSP dies Tycho Andersen
2026-04-30 16:07 ` [RFC v1 5/6] crypto/ccp: Register with fw_uploader and always fail Tycho Andersen
2026-04-30 16:07 ` [RFC v1 6/6] crypto/ccp: Implement SNP firmware live update Tycho Andersen
2026-05-03  3:18   ` Maxwell Doose
2026-05-03  3:25     ` Maxwell Doose
2026-05-04 13:57     ` Tycho Andersen
2026-05-04 18:43       ` Maxwell Doose

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260430160716.1120553-1-tycho@kernel.org \
    --to=tycho@kernel.org \
    --cc=aik@amd.com \
    --cc=ashish.kalra@amd.com \
    --cc=davem@davemloft.net \
    --cc=herbert@gondor.apana.org.au \
    --cc=john.allen@amd.com \
    --cc=kim.phillips@amd.com \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=michael.roth@amd.com \
    --cc=nikunj@amd.com \
    --cc=prsampat@amd.com \
    --cc=seanjc@google.com \
    --cc=thomas.lendacky@amd.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox