git.kernel.dk Git - linux-2.6-block.git/commit

author	Brijesh Singh <brijesh.singh@amd.com>
	Fri, 26 Jan 2024 04:11:18 +0000 (22:11 -0600)
committer	Borislav Petkov (AMD) <bp@alien8.de>
	Mon, 29 Jan 2024 19:34:18 +0000 (20:34 +0100)
commit	a867ad6b340f47b7333b80a54b8507fc2cd80aa4
tree	5bc77f1a194c246da2ffb7741db37a474ade0c69	tree
parent	7364a6fbca45f826952ea932699fb2171d06ee73	commit \| diff

crypto: ccp: Handle legacy SEV commands when SNP is enabled

The behavior of legacy SEV commands is altered when the firmware is
initialized for SNP support. In that case, all command buffer memory
that may get written to by legacy SEV commands must be marked as
firmware-owned in the RMP table prior to issuing the command.

Additionally, when a command buffer contains a system physical address
that points to additional buffers that firmware may write to, special
handling is needed depending on whether:

1) the system physical address points to guest memory
2) the system physical address points to host memory

To handle case #1, the pages of these buffers are changed to
firmware-owned in the RMP table before issuing the command, and restored
to hypervisor-owned after the command completes.

For case #2, a bounce buffer is used instead of the original address.

Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Co-developed-by: Michael Roth <michael.roth@amd.com>
Signed-off-by: Michael Roth <michael.roth@amd.com>
Signed-off-by: Ashish Kalra <ashish.kalra@amd.com>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Link: https://lore.kernel.org/r/20240126041126.1927228-19-michael.roth@amd.com

drivers/crypto/ccp/sev-dev.c		diff \| blob \| blame \| history
drivers/crypto/ccp/sev-dev.h		diff \| blob \| blame \| history