From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932460AbdJZT00 (ORCPT ); Thu, 26 Oct 2017 15:26:26 -0400 Received: from mail-sn1nam02on0060.outbound.protection.outlook.com ([104.47.36.60]:45472 "EHLO NAM02-SN1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751460AbdJZT0V (ORCPT ); Thu, 26 Oct 2017 15:26:21 -0400 Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Cc: brijesh.singh@amd.com, kvm@vger.kernel.org, Paolo Bonzini , =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= , Herbert Xu , Gary Hook , Tom Lendacky , linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [Part2 PATCH v6 13/38] crypto: ccp: Add Secure Encrypted Virtualization (SEV) command support To: Borislav Petkov References: <20171020023413.122280-1-brijesh.singh@amd.com> <20171020023413.122280-14-brijesh.singh@amd.com> <20171023092020.GB19523@nazgul.tnic> <20171026135614.GA12359@nazgul.tnic> <9258d8e7-b185-01d2-be92-d7d2820c7eb6@amd.com> <20171026174427.GB29782@nazgul.tnic> From: Brijesh Singh Message-ID: Date: Thu, 26 Oct 2017 14:26:15 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 MIME-Version: 1.0 In-Reply-To: <20171026174427.GB29782@nazgul.tnic> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: DM5PR10CA0023.namprd10.prod.outlook.com (2603:10b6:4:2::33) To DM2PR12MB0155.namprd12.prod.outlook.com (2a01:111:e400:50ce::18) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 0b73d3eb-d599-42ad-3b25-08d51ca76eed X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001)(48565401081)(4534020)(4602075)(4627075)(201703031133081)(201702281549075)(2017052603199);SRVR:DM2PR12MB0155; X-Microsoft-Exchange-Diagnostics: 1;DM2PR12MB0155;3:cyAXAr22b+8qIMV+cAwcT4nvTz84am+OHt63fXdptr+46XlVFfP3k0MeyOHXOHrNt1UCd8WpHcbxUAKBQElSytaqRHVtnrPOJY9i6i6JSv5dNl1HfZ4xFO+IOi5Z3RZnxW0ODyoRduV1I/JvoQpqAx0+b1CAjreWa08mxoVddo+vtZqZpGiq5CU7URHCFWQA+Y0yuIpfVYuureqCr+x9NPQwdDhSKgRWiYnNYYp6Bi+ucHLbx5asVR4o4irjr4oG;25:isj2wbMkbnC/+qnIAFswVa+N5kzpiw9ZVOS5EnuSwoDav2ooZ1AGXUxPxu7jJSueeYohS5vmug64wVRv0yAZDg9NzJHFEhBgKvHLVu6UUhx2waobdfRN4YQXVkLADMbT8dsv7G7XmLkxSgK+XAlInP57S1QaRtbZ1HmL3uh5NoYm9OWx7biGiHmFhRg5IPvT2Vs/2XruQUYSj34QHHy3mAsIcJYbEZ8Qzw0vSsqsGRkWAen8HdoLRg6nDRgnsWWZAuQNh9uMOecJlwVMPYaetFbPB4sN0LpqM8spNJtotK19Fz8kfrpKeCScil64TdKMvDA6M2asc8gXCmJq7k0s2g==;31:/GjLVlSXJHS8SgDTIT2Pjp+7EOVNFrIPN0wmTkXewA+KmViQSR0xriK1lHP8JS1APrVOFhuI3+C70SzDZIcR1vN8/TNiHr1E0Jw+eh+E1A6ue9U/HDHS+7ePUSaIo0uLZt7pz6mFGu9mJXxF/rkw1VSIvIyq9udq4VQcq64zQWRg47UL7ucAbkFUC3WvFwqnkpOmoMzfR2dAbjdxM7Mjms6DfLi2LPiC0NoitdCSByE= X-MS-TrafficTypeDiagnostic: DM2PR12MB0155: X-Microsoft-Exchange-Diagnostics: 1;DM2PR12MB0155;20:C9jwKDg7lFST89aoPIsdY68CbheS4/y6x2DOp9qXj4LpZZUDkOwyVCUXWzuRhkGfbR05fBkWAO/UL1qXRP5Eju4uTQPdPoP2IIexNF9G29zMKRpBhHa1XaW3s+u1c4PIxFm1s5IpIBz1AEqn+EqwenQx3b8czLwTzAkKAnD/aOacZQP/Waz5n0Bcyxz2zlWKtcjyZzqL10QY900LgsuOOcv66YALrCADcWVmxjrLn8chqkiI3im2/X0Iec83BPVw04Gg038OqJYKus6qM3PVMb9mKu3PgF74jyylwyukVK/9a+sPZok3LnuAQkAkP5pTmShrngvqOE8GO/EDquaZ8vTCBAITsxqMiNXFhe0XBUtDsPG8Km/wpgy4vvDK65qPZ7UveJwPm7xIO1Ok6DEFMlo2qznUStOSmOp0GfhQUlSYPYsZE47rLfXQ7FP8aGaUEKWbkS1QlFZ9ttDUaKySt553mKxVOJUYM8hjQ2qmuFp5uJSaYc5rAVKznY6s144L;4:F5hFZ+9wwGdTDfc5g2nxjF+ZLxhJRuClYtx7jDY0H9/Tw4rbkq1pXQcLr2Gta+sZkIGW0I0QrmD5oAk6c6Vw3Dd+IuzJ0OtdXVCfBtiut7YYfwKhpwLtyUE8Aohxx76GsrWPlS1l/bPP1vzyMSuwwo4uG0Sg/xEHSc8wS+KJOl9xrvWgzhxptKAMkUClClVKa5WeuLNM/afedc3SRbVsvZcFUH5vtQ8tGk9axAB+U8h8lQq3iOUEI3RKSM+EOq21 X-Exchange-Antispam-Report-Test: UriScan:; X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(10201501046)(3002001)(3231020)(100000703101)(100105400095)(93006095)(93001095)(6055026)(6041248)(20161123564025)(20161123560025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123558100)(20161123555025)(20161123562025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095);SRVR:DM2PR12MB0155;BCL:0;PCL:0;RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095);SRVR:DM2PR12MB0155; X-Forefront-PRVS: 04724A515E X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(6049001)(6009001)(376002)(39860400002)(346002)(199003)(189002)(24454002)(86362001)(64126003)(25786009)(106356001)(47776003)(31686004)(6486002)(53936002)(53546010)(2906002)(54906003)(8936002)(8676002)(54356999)(4326008)(7736002)(65806001)(65956001)(50986999)(6246003)(77096006)(101416001)(16526018)(3846002)(16576012)(81156014)(97736004)(76176999)(6116002)(33646002)(305945005)(58126008)(81166006)(6916009)(6666003)(2950100002)(36756003)(105586002)(230700001)(23676002)(83506002)(66066001)(5660300001)(478600001)(65826007)(189998001)(93886005)(316002)(229853002)(68736007)(50466002)(31696002);DIR:OUT;SFP:1101;SCL:1;SRVR:DM2PR12MB0155;H:[10.236.136.62];FPR:;SPF:None;PTR:InfoNoRecords;A:1;MX:1;LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtETTJQUjEyTUIwMTU1OzIzOkZFS0R5VjZFM0lFMTlXd1hzNXRzencrQk95?= =?utf-8?B?RldybXBpeEdPcjkxM09YS0U1OFVLanVWSHE1SEhtUzZLblVUazhPVkx4UlND?= =?utf-8?B?ZlhucXRoVldZemJGaUNUSHBJclNXSk5lODlQWW5XRW9OQW53ZmdmTUsxTW1P?= =?utf-8?B?MzVqb1RIbkJXY0lsRFlpYnk2YUdmMnBKOXhyZkxjTTIxTVc5alJtcUkyNnVv?= =?utf-8?B?V1h6MmIzd2J3V2J0eTVFK2xOYlBxOFdpeG90amM3aWl4RWU4SUNWR0pNSlBS?= =?utf-8?B?dE1lVWwwaCtVS0lyRXhTNTRoVDFNSnU1c0EzVTRaZ3MrcEVnSFcxRzl6UkFa?= =?utf-8?B?Q2ZhczloODVxRWRBNW5FK0w5RlJiZW9yOTlxeC9aQlk2Y1FxRm5vYUx6TDdz?= =?utf-8?B?ZFM3MnlDckFLbmtDdUMzTUVFR3FITms2T2owSExWR0pvMnNxbjRyWHB5NzY4?= =?utf-8?B?SzB5emhrY2U3Ymp2V09obmI1MkdSenhaOWlSckJ1aGFzTjVtT000aVBKNkpj?= =?utf-8?B?dUhhdUJVbXN0OCtPbGdHV3BiY2Zibk9yVjAzc2pDY3hKT3pjK3VFb0RKaHZ3?= =?utf-8?B?b2MvN1VhZ3AvT2o2SnI3MkFtN3NvTkRMZXhPTTlvbGdGYnlpanJWY3NYMjdm?= =?utf-8?B?OEtpM2QwdFpjdld4aGZacFV3QnNrUy9KZ1dtMDlVNGh6K1VZR3J2VzV5UlF5?= =?utf-8?B?cGllcldnRFRRRWpqQ2hUT2EzMlo5V01zTVNMeHhNendUZldiZnU0ZGYwRUoz?= =?utf-8?B?RE45NE1pQzMzSGtuckEvdWptMkZqSi90bVdqK0p0WStnVDBuN2prU0FyMHc0?= =?utf-8?B?V25MVHMrQzlYN01mMXkvWWw5Szhkd3BKSVVJTmVWaE1sdVBHUlQ1TzV3dTZJ?= =?utf-8?B?bEtxVFJOZW9aTkxua0FKYitSdHc3WTFCSHdpcE8yTTZKaTQwaStBU3hxTVZv?= =?utf-8?B?SUdGV04zM0g5SitVMmlLRjhDVlU1RlcwM0REMjE3RWY3b21iMUNPWDRLZHpS?= =?utf-8?B?Y01qaWJwUzk3RUxIMkgzOUFrU1JDZXcxekRETUtLYVg2TncxY2JjeEVSLzV1?= =?utf-8?B?ZkxrbGJ5R3RwUnJxY3YrTmJwT0xJT083OEpmemhVekUvaDZ5cHZJMkV0dFli?= =?utf-8?B?QXA4UlRKUzFRaGxJdldCSzU3QnB2aFRwMkRRZzFxbEFGbEJFdnpNaG5mK3pE?= =?utf-8?B?NitENzU3b3luRnlmVXVpTGYxZFd6RWVLZlZ2bFFnOURhcGRBNkRxZUE2aUNX?= =?utf-8?B?NmdVSCtFT0NPWFdldjJWMjNDWmI4WVJFUG1yMTJaTTZJSitUcXVCMjdiQWVv?= =?utf-8?B?TWZvVVVESDAzWm1Nc2JKL3I2dlRCVkE0QjFJNFdJTEw1Y3NZcnd5d0xxb0Mw?= =?utf-8?B?a3BFZmF4ZnVRb1dYd1U0MGs1U2J6RFhJcURBQlZPQUgzWVFiZXVzOG5PNHRp?= =?utf-8?B?bFFuZmFNRjNXakpLRW9JRzVUUU42R2dGSE1jb0M4V2FhOEY3V3dVdzFGbXZn?= =?utf-8?B?YnBjejVIbHlKMlMyY0VDUVFaT1BvTnlVZTVzUVJFTVpGcmlJVE5VMy8rV3I4?= =?utf-8?B?NUEra1pSRGhuQkUrNWl4bkpMNXlKREtrTWwyZE5zTnBXOHJzWTVheXMrU1R4?= =?utf-8?B?MHRtRGlzRDZ5Q1FwNHFoQys5Yy9lRVBhVm1rcnN6NWpLVjdTaUxwT2ZOblZ1?= =?utf-8?B?MWZmRFNyb08zdDN5SW50WnlYSWhkRkFrYlg4bDhQOC91MWRaaVdUdmhiL2xQ?= =?utf-8?B?L3RkOHFrdlNBdUYxZ1owK2xkOE1rL1J2TFNhNURUN2NsTWE5dHh4U05yRTYw?= =?utf-8?B?YkdlQndkSXo1dnAyRGhVY0ZRdjkzTHpzd2R4R1NuRldvQTdybEwrQ2NweHk3?= =?utf-8?Q?ecjowI0f3EE=3D?= X-Microsoft-Exchange-Diagnostics: 1;DM2PR12MB0155;6:z4l3sNU2qobEHpjdMBAzVP7KJU4m3KrcsiiI1ZmxCMAT2M8EB1tqzh9NMdRJ+4VNhDGHWkGtL96C0wn6f/eg7QizAlaJChgALjJQNp//8hESWrdwuRgwcXth7e+YOAS7koknWuZe5hKv1PgTq1jLq3iZy42c+hfiP3mIXhOqeZ//nQu612a0garChVkGA4LI1nitwUpKOckR3a7EMaau4SRFTMhBOUJ022kYkSXtQDwyha31sweG5YvIMh6pkufy9/chdy8u+n24dFEwxA5LZdhcsoYzQFKT+JxBbFVMMlcDH0QceDUTfJhxTlDskJUyRvg/lwiFNQEaskz+vJt73g==;5:lKZC7l4Ni2Z/drByiRIzo3xbD03BYC4oG9YtTWj239uISgHW19CS7NVS/mc0CtPtp/WBQ/rNlzHkT3PDb6YgvOACdutd5MJVZOwB6VlZmdWdWC/f2rrMzPQZDZ8quEfRnkTWxQATdNpClE5qTfYKsw==;24:HjCJmNSfZ7dsWLDFNySl0adSAqvH7KJok+Gqb8YNQUPt/7VuLjC5CAyjxUcOe1UwT/9DtbgH1iEMPXp9TxScSy+weO8UUZZVhwKEvIpB9jM=;7:LTwq/e6sggs3N6R76HxxqO1d9pbRDREKsNbVGEnyhWs0Ac57tyFZlaGVYBZGNK1UOf0lwd3fXINsL5D72A2WxlC3BqD9j0yK+DoMb7M6DOivX6scTrkq9Mgi70VIrLN3dpMuPgYEDtStzFFpUtpOZuX+BW449EywNHjLLbzjJ8hLrMeFAeB3IFCGGJEk+V6GbK+Q8oryX+2YOVL6pQ9Ixpy2MOtm4AKzXDr2vmYHnwA= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;DM2PR12MB0155;20:aM3Xzr0YFoFL76Iz2AgpVB7vftTr3HF5OEc0pl9knkcUfAO7ULyY3e7GLCBHStOY7j/GSIx/lQOOXqba0SVSZRTtJ/LKlYFUkZSBNlpU6a3cW4hLgglhpNSzszI/WTPNX92Se0+AiUxbbzl93tSHLsZKvV3LCg9vvHHdCGfUkIVylTMC77JTMaWnnZP0UJxgcf3pxYm3CKeMX9DM6EzadViAnVcgRe8bs/EA5WD0qqbaeZ9z9/inpoqNUzDfAPB1 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Oct 2017 19:26:18.3012 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 0b73d3eb-d599-42ad-3b25-08d51ca76eed X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR12MB0155 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 10/26/2017 12:44 PM, Borislav Petkov wrote: > On Thu, Oct 26, 2017 at 11:56:57AM -0500, Brijesh Singh wrote: >> The variable is used as ref counter. > > ... and it can't be converted to a boolean because...? > SHUTDOWN command unconditionally transitions a platform to uninitialized state. The command does not care how many processes are actively using the PSP. We don't want to shutdown the firmware while other process is still using it. e.g consider three processes (A, B, C) Process A: ---------- sev_platform_init() sev_do_cmd(..) ... ... sev_do_cmd(..) ... sev_platform_shutdown() Process B: ----------- sev_platform_init() sev_do_cmd(...) sev_platform_shutdown() Process C: ---------- sev_platform_init() sev_do_cmd(...) sev_do_cmd(...) sev_do_cmd(...) sev_platform_shutdown() As per the SEV spec section 5.1.2 (platform state machine), several commands require that platform should be initialized before issuing the actual command. As you can see Process B may finish quickly and SHUTDOWN from process B will simply uninitialize the firmware and cause unexpected result to process A and C. >> In your previous reply you comments on global semaphore (fw_init_mutex) and >> in response I tried to highlight why we need the global semaphore. Did I >> misunderstood your comment ? > > Yes, what happens if you get preempted while holding the mutex? Will the other > process be able to do anything? > If other process tries to issue the sev_platform_init/shutdown() then they have to wait. The sev_platform_init() and sev_platform_shutdown() uses the same global mutex. See the original code below. +static int __sev_platform_init(struct sev_data_init *data, int *error) +{ + int rc = 0; + + mutex_lock(&fw_init_mutex); + + if (!fw_init_count) { + rc = sev_do_cmd(SEV_CMD_INIT, data, error); + if (rc) + goto unlock; + } + + fw_init_count++; + +unlock: + mutex_unlock(&fw_init_mutex); + return rc; + +} + +int sev_platform_shutdown(int *error) +{ + int rc = 0; + + mutex_lock(&fw_init_mutex); + + if (!fw_init_count) + goto unlock; + + if (fw_init_count == 1) { + rc = sev_do_cmd(SEV_CMD_SHUTDOWN, 0, error); + if (rc) + goto unlock; + } + + fw_init_count--; + +unlock: + mutex_unlock(&fw_init_mutex); + return rc; +}