Re: [RFC v2] crypto/ccp: Introduce SNP_VERIFY

The Linux Kernel Mailing List
 help / color / mirror / Atom feed

* Re: [RFC v2] crypto/ccp: Introduce SNP_VERIFY_MITIGATION command
       [not found] <20260501152051.17469-1-prsampat@amd.com>
@ 2026-05-04 14:32 ` Tycho Andersen
  2026-05-08 21:10   ` Pratik R. Sampat
  0 siblings, 1 reply; 5+ messages in thread
From: Tycho Andersen @ 2026-05-04 14:32 UTC (permalink / raw)
  To: Pratik R. Sampat
  Cc: ashish.kalra, thomas.lendacky, john.allen, herbert, davem,
	linux-crypto, linux-kernel, aik, nikunj, michael.roth

On Fri, May 01, 2026 at 11:20:51AM -0400, Pratik R. Sampat wrote:
>   - failed_status (read-only): firmware-reported failure status from the
>     last operation, as returned alongside the status vectors

"from the last operation" is not quite right here, it looks like it
re-runs the STATUS command and reports that error?

> +		failed_status: Read only interface that reports the status of
> +			       the verification operation.

This should probably also note that it runs a fresh operation.

I was trying to think of a nice way to report the status of the last
operation short of caching it, but I didn't come up with anything
good. I don't think it's important enough to cache, the failure codes
right now are all for things that would persist across runs.

Tycho

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [RFC v2] crypto/ccp: Introduce SNP_VERIFY_MITIGATION command
  2026-05-04 14:32 ` [RFC v2] crypto/ccp: Introduce SNP_VERIFY_MITIGATION command Tycho Andersen
@ 2026-05-08 21:10   ` Pratik R. Sampat
  2026-05-11 14:25     ` Tycho Andersen
  0 siblings, 1 reply; 5+ messages in thread
From: Pratik R. Sampat @ 2026-05-08 21:10 UTC (permalink / raw)
  To: Tycho Andersen
  Cc: ashish.kalra, thomas.lendacky, john.allen, herbert, davem,
	linux-crypto, linux-kernel, aik, nikunj, michael.roth

Hi Tycho,

Missed this one in my mailbox. Thanks for the review!

On 5/4/26 10:32 AM, Tycho Andersen wrote:
> On Fri, May 01, 2026 at 11:20:51AM -0400, Pratik R. Sampat wrote:
>>   - failed_status (read-only): firmware-reported failure status from the
>>     last operation, as returned alongside the status vectors
> 
> "from the last operation" is not quite right here, it looks like it
> re-runs the STATUS command and reports that error?

That is correct. It runs the STATUS command and reports the status of the
verification operation. Probably better to phrase it as the "last verification
operation" instead?

> 
>> +		failed_status: Read only interface that reports the status of
>> +			       the verification operation.
> 
> This should probably also note that it runs a fresh operation.
> 

Ack.

> I was trying to think of a nice way to report the status of the last
> operation short of caching it, but I didn't come up with anything
> good. I don't think it's important enough to cache, the failure codes
> right now are all for things that would persist across runs.
> 

Right, I didn't want to leave room for any ambiguity so avoided caching it for
one additional call.
If the failure status is set, we do fail the VERIFY op as well, but I wasn't
too sure how to report that failure without an additional interface like this.


--Pratik

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [RFC v2] crypto/ccp: Introduce SNP_VERIFY_MITIGATION command
  2026-05-08 21:10   ` Pratik R. Sampat
@ 2026-05-11 14:25     ` Tycho Andersen
  2026-05-11 16:21       ` Pratik R. Sampat
  0 siblings, 1 reply; 5+ messages in thread
From: Tycho Andersen @ 2026-05-11 14:25 UTC (permalink / raw)
  To: Pratik R. Sampat
  Cc: ashish.kalra, thomas.lendacky, john.allen, herbert, davem,
	linux-crypto, linux-kernel, aik, nikunj, michael.roth

On Fri, May 08, 2026 at 05:10:52PM -0400, Pratik R. Sampat wrote:
> Hi Tycho,
> 
> Missed this one in my mailbox. Thanks for the review!
> 
> On 5/4/26 10:32 AM, Tycho Andersen wrote:
> > On Fri, May 01, 2026 at 11:20:51AM -0400, Pratik R. Sampat wrote:
> >>   - failed_status (read-only): firmware-reported failure status from the
> >>     last operation, as returned alongside the status vectors
> > 
> > "from the last operation" is not quite right here, it looks like it
> > re-runs the STATUS command and reports that error?
> 
> That is correct. It runs the STATUS command and reports the status of the
> verification operation. Probably better to phrase it as the "last verification
> operation" instead?

Hmm, I'm not sure what you mean here. The FW spec 1.58 table 132 says:

    Command to request the firmware to return information regarding the
    currently supported (available) mitigations, and then the verified
    (processed and completed) mitigations. If DST_PADDR_EN is set,
    DST_PADDR will be populated with the SNP_VERIFY_MITIGATION_DST_PADDR
    structure.

so I don't think it has anything to do with the last VERIFY operation?

The spec is a bit messy here, though. Table 131 mentions a
MIT_REQ_CHECK operation, which I assume should really be _STATUS. It
describes what the output VECTOR should be for VERIFY in table 131,
but not what it is for STATUS. Table 132 suggests the output VECTOR is
the list of supported mitigations, which matches what I was seeing
when I played with this.

Tycho

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [RFC v2] crypto/ccp: Introduce SNP_VERIFY_MITIGATION command
  2026-05-11 14:25     ` Tycho Andersen
@ 2026-05-11 16:21       ` Pratik R. Sampat
  2026-05-11 16:52         ` Tycho Andersen
  0 siblings, 1 reply; 5+ messages in thread
From: Pratik R. Sampat @ 2026-05-11 16:21 UTC (permalink / raw)
  To: Tycho Andersen
  Cc: ashish.kalra, thomas.lendacky, john.allen, herbert, davem,
	linux-crypto, linux-kernel, aik, nikunj, michael.roth



On 5/11/26 10:25 AM, Tycho Andersen wrote:
> On Fri, May 08, 2026 at 05:10:52PM -0400, Pratik R. Sampat wrote:
>> Hi Tycho,
>>
>> Missed this one in my mailbox. Thanks for the review!
>>
>> On 5/4/26 10:32 AM, Tycho Andersen wrote:
>>> On Fri, May 01, 2026 at 11:20:51AM -0400, Pratik R. Sampat wrote:
>>>>   - failed_status (read-only): firmware-reported failure status from the
>>>>     last operation, as returned alongside the status vectors
>>>
>>> "from the last operation" is not quite right here, it looks like it
>>> re-runs the STATUS command and reports that error?
>>
>> That is correct. It runs the STATUS command and reports the status of the
>> verification operation. Probably better to phrase it as the "last verification
>> operation" instead?
> 
> Hmm, I'm not sure what you mean here. The FW spec 1.58 table 132 says:
> 
>     Command to request the firmware to return information regarding the
>     currently supported (available) mitigations, and then the verified
>     (processed and completed) mitigations. If DST_PADDR_EN is set,
>     DST_PADDR will be populated with the SNP_VERIFY_MITIGATION_DST_PADDR
>     structure.
> 
> so I don't think it has anything to do with the last VERIFY operation?
> 

Right, I had missed that. Table 133 says failure_status is the status of the
verification operation. It also looks like calling STATUS repopulates
SNP_VERIFY_MITIGATION_DST_PADDR anyway.

I am not keen on caching the result either though. For simplicity, we could just
drop the failed_status interface, log failure_status with pr_[err|warn](), and
return -EIO?

> The spec is a bit messy here, though. Table 131 mentions a
> MIT_REQ_CHECK operation, which I assume should really be _STATUS. It
> describes what the output VECTOR should be for VERIFY in table 131,
> but not what it is for STATUS. Table 132 suggests the output VECTOR is
> the list of supported mitigations, which matches what I was seeing
> when I played with this.
> 

That is a good catch! We should get that changed in spec.

--Pratik

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [RFC v2] crypto/ccp: Introduce SNP_VERIFY_MITIGATION command
  2026-05-11 16:21       ` Pratik R. Sampat
@ 2026-05-11 16:52         ` Tycho Andersen
  0 siblings, 0 replies; 5+ messages in thread
From: Tycho Andersen @ 2026-05-11 16:52 UTC (permalink / raw)
  To: Pratik R. Sampat
  Cc: ashish.kalra, thomas.lendacky, john.allen, herbert, davem,
	linux-crypto, linux-kernel, aik, nikunj, michael.roth

On Mon, May 11, 2026 at 12:21:35PM -0400, Pratik R. Sampat wrote:
> I am not keen on caching the result either though. For simplicity, we could just
> drop the failed_status interface, log failure_status with pr_[err|warn](), and
> return -EIO?

Yeah, that sounds reasonable to me.

> > The spec is a bit messy here, though. Table 131 mentions a
> > MIT_REQ_CHECK operation, which I assume should really be _STATUS. It
> > describes what the output VECTOR should be for VERIFY in table 131,
> > but not what it is for STATUS. Table 132 suggests the output VECTOR is
> > the list of supported mitigations, which matches what I was seeing
> > when I played with this.
> > 
> 
> That is a good catch! We should get that changed in spec.

Yep, I pinged our spec maintainer, hopefully it'll be resolved Real Soon.

Thanks,

Tycho

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2026-05-11 16:52 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
     [not found] <20260501152051.17469-1-prsampat@amd.com>
2026-05-04 14:32 ` [RFC v2] crypto/ccp: Introduce SNP_VERIFY_MITIGATION command Tycho Andersen
2026-05-08 21:10   ` Pratik R. Sampat
2026-05-11 14:25     ` Tycho Andersen
2026-05-11 16:21       ` Pratik R. Sampat
2026-05-11 16:52         ` Tycho Andersen

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox