Commit 6131e119 authored by Ashish Kalra's avatar Ashish Kalra Committed by Herbert Xu
Browse files

crypto: ccp - Abort doing SEV INIT if SNP INIT fails 



If SNP host support (SYSCFG.SNPEn) is set, then the RMP table must
be initialized before calling SEV INIT.

In other words, if SNP_INIT(_EX) is not issued or fails then
SEV INIT will fail if SNP host support (SYSCFG.SNPEn) is enabled.

Signed-off-by: default avatarAshish Kalra <ashish.kalra@amd.com>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 39ccd0e5

drivers/crypto/ccp/sev-dev.c

+2 −5
Original line number Diff line number Diff line
@@ -1112,7 +1112,7 @@ static int __sev_snp_init_locked(int *error) 
	if (!sev_version_greater_or_equal(SNP_MIN_API_MAJOR, SNP_MIN_API_MINOR)) {

		dev_dbg(sev->dev, "SEV-SNP support requires firmware version >= %d:%d\n",

			SNP_MIN_API_MAJOR, SNP_MIN_API_MINOR);

		return 0;

		return -EOPNOTSUPP;

	}



	/* SNP_INIT requires MSR_VM_HSAVE_PA to be cleared on all CPUs. */
@@ -1325,12 +1325,9 @@ static int _sev_platform_init_locked(struct sev_platform_init_args *args) 
	 */

	rc = __sev_snp_init_locked(&args->error);

	if (rc && rc != -ENODEV) {

		/*

		 * Don't abort the probe if SNP INIT failed,

		 * continue to initialize the legacy SEV firmware.

		 */

		dev_err(sev->dev, "SEV-SNP: failed to INIT rc %d, error %#x\n",

			rc, args->error);

		return rc;

	}



	/* Defer legacy SEV/SEV-ES support if allowed by caller/module. */