Commit f995fc37 authored by Tycho Andersen (AMD)'s avatar Tycho Andersen (AMD) Committed by Borislav Petkov (AMD)
Browse files

crypto/ccp: Implement SNP x86 shutdown 



The SEV firmware has support to disable SNP during an SNP_SHUTDOWN_EX command.
Verify that this support is available and set the flag so that SNP is disabled
when it is not being used.

In cases where SNP is disabled, skip the call to amd_iommu_snp_disable(), as
all of the IOMMU pages have already been made shared. Also skip the panic
case, since snp_shutdown() does IPIs.

Signed-off-by: default avatarTycho Andersen (AMD) <tycho@kernel.org>
Signed-off-by: default avatarBorislav Petkov (AMD) <bp@alien8.de>
Reviewed-by: default avatarTom Lendacky <thomas.lendacky@amd.com>
Acked-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
Link: https://patch.msgid.link/20260324161301.1353976-7-tycho@kernel.org
parent 7b2bc5f0

drivers/crypto/ccp/sev-dev.c

+24 −17
Original line number Diff line number Diff line
@@ -2039,6 +2039,8 @@ static int __sev_snp_shutdown_locked(int *error, bool panic) 
	memset(&data, 0, sizeof(data));

	data.len = sizeof(data);

	data.iommu_snp_shutdown = 1;

	if (sev->snp_feat_info_0.ecx & SNP_X86_SHUTDOWN_SUPPORTED)

		data.x86_snp_shutdown = 1;



	/*

	 * If invoked during panic handling, local interrupts are disabled
@@ -2072,6 +2074,10 @@ static int __sev_snp_shutdown_locked(int *error, bool panic) 
		return ret;

	}



	if (data.x86_snp_shutdown) {

		if (!panic)

			snp_shutdown();

	} else {

		/*

		 * SNP_SHUTDOWN_EX with IOMMU_SNP_SHUTDOWN set to 1 disables SNP

		 * enforcement by the IOMMU and also transitions all pages
@@ -2090,6 +2096,7 @@ static int __sev_snp_shutdown_locked(int *error, bool panic) 
			dev_err(sev->dev, "SNP IOMMU shutdown failed\n");

			return ret;

		}

	}



	snp_leak_hv_fixed_pages();

	sev->snp_initialized = false;

include/linux/psp-sev.h

+4 −1
Original line number Diff line number Diff line
@@ -829,12 +829,14 @@ struct sev_data_range_list { 
 *

 * @len: length of the command buffer read by the PSP

 * @iommu_snp_shutdown: Disable enforcement of SNP in the IOMMU

 * @x86_snp_shutdown: Disable SNP on all cores

 * @rsvd1: reserved

 */

struct sev_data_snp_shutdown_ex {

	u32 len;

	u32 iommu_snp_shutdown:1;

	u32 rsvd1:31;

	u32 x86_snp_shutdown:1;

	u32 rsvd1:30;

} __packed;



/**
@@ -891,6 +893,7 @@ struct snp_feature_info { 
} __packed;



/* Feature bits in ECX */

#define SNP_X86_SHUTDOWN_SUPPORTED		BIT(1)

#define SNP_RAPL_DISABLE_SUPPORTED		BIT(2)

#define SNP_CIPHER_TEXT_HIDING_SUPPORTED	BIT(3)

#define SNP_AES_256_XTS_POLICY_SUPPORTED	BIT(4)