Received: by 2002:a05:6358:1087:b0:cb:c9d3:cd90 with SMTP id j7csp205114rwi;
        Wed, 12 Oct 2022 18:43:02 -0700 (PDT)
X-Google-Smtp-Source: AMsMyM6eeo9RMUd6Gn08N+xg81c5rYwfS6r57/QvUcncvc7jCZ91pvUun8FUF11SqN2XDuo7awlm
X-Received: by 2002:a17:907:9807:b0:78d:7d3:e5e2 with SMTP id ji7-20020a170907980700b0078d07d3e5e2mr24034114ejc.139.1665625381827;
        Wed, 12 Oct 2022 18:43:01 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1665625381; cv=none;
        d=google.com; s=arc-20160816;
        b=VVB+oD2IIDKhO/u8xPdBoLodQxuW/tK+uQjR/1ZOHBmDTWbQxXooOVERVjOLjPSoMS
         BdbtNPaZIIET5Pe0M+dIoCZk+X/me1qvK1M/VBL5hPy1bnC0SjHjL91fD/PRApXt9BtT
         k5QMEU7iu2XKlOEJDSZgLOa8GKc2QAB27FTi7bl5mkCsWtUq1nJnR8djimt5baSD1eoc
         TqMwfUGSW9iSo9rFikhn7bFkb2Q8FZ1oWnD+fvIwsbRSjCC3PL8RmFyw/NA+ofRfm7nF
         JMsvXW0kMMTNXGig44Y4b6mSAshzM3Yhl4VjNm/ciAMDBP/vKLC8IrSQx9Ud8KtSMfEW
         juQA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to
         :references:mime-version:dkim-signature;
        bh=f5ZmeOrNRxVSdEs7wj3cmQBKG+t/B2W0NUATSDD3gSw=;
        b=WGMbhLkYTdjQZ3bWqytzxbTK0ZtxjawiEwDVMaghSPjd0VTUJDGMl0458VA6GnTewa
         yl/Hh/OEVLtASSIjcbxszL2MWpLVlVl04LoygrEvUEt9LBUKPldWU4PZlCfu/KREOkVm
         XPSm2E9VjXxxbW1svy3Tj5q3jBkIO4MXuKb+TXfMuzd3AzlMvKUJVNEz2VAWgo5aTMGj
         SFRkIB03/OFXECmL+sBef0gttKeMAxn7OCTxdzqecbvNOU2cbY8Mm4Fj4L3MdAHdNr2F
         C91wwN9rTm7rm/cyl6auznQH3csQ6fL75CsWM74MQR1u/vT4PRFmg+l56iqKJA7OEE1G
         J7zw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20210112 header.b="J/NycGcr";
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id ga41-20020a1709070c2900b007824b85978asi20138771ejc.81.2022.10.12.18.42.36;
        Wed, 12 Oct 2022 18:43:01 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20210112 header.b="J/NycGcr";
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231368AbiJMBGb (ORCPT <rfc822;apple4onegiven@gmail.com>
        + 99 others); Wed, 12 Oct 2022 21:06:31 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34380 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S230307AbiJMBGF (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 12 Oct 2022 21:06:05 -0400
Received: from mail-ej1-x62b.google.com (mail-ej1-x62b.google.com [IPv6:2a00:1450:4864:20::62b])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B3BC910CFB7
        for <linux-kernel@vger.kernel.org>; Wed, 12 Oct 2022 18:03:49 -0700 (PDT)
Received: by mail-ej1-x62b.google.com with SMTP id fy4so752106ejc.5
        for <linux-kernel@vger.kernel.org>; Wed, 12 Oct 2022 18:03:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:from:to:cc:subject:date:message-id:reply-to;
        bh=f5ZmeOrNRxVSdEs7wj3cmQBKG+t/B2W0NUATSDD3gSw=;
        b=J/NycGcrdiTqo/XljHd+9KZjgUiAYm0uWAEoNrhmlV4LxzHOpIYRETVS+GdoCnqH+b
         N0jY+TdEk8jmVwce3L3Nh8UM7zG7rTIgLhowKgqMveHiyJ0zMmPXKr+Fdvir7bZK5CVW
         tGE5BITfHUr+YJyXV0UtLE1V88a99e0Md28UNo83N6WtQJ+PmjFEMjdgh9yciNxrQPKe
         NiTSTwMFxc1lQU9Mf+86o+4ozh6AQtMEPAc0bAcRKeZi/hT5V0o83/Vq8ksiAg6xHNyn
         OYvJsSVmZisV6IetombbYqi+c/kJSCzAOJ8LmBed8oXxUUUBg7+7uUOK0w9y6GvnWHya
         UPGg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=f5ZmeOrNRxVSdEs7wj3cmQBKG+t/B2W0NUATSDD3gSw=;
        b=bm+Cq1sn/5XE1TOUtLFfYy40Ou63Ly8Y4irH8GrLzOXtWKFs7AHewe6HHnd8D0h5IR
         9E76XPlAAoV+UNk3xF86WrHPfqAChtiBs3az1gjBwy8knVWuEO+BTkIsSRWDCVbymLOq
         8li7flW7JyrfPHds146NN6kLQA7xGG/oG701/XjFn3MlKDlbcGE6ag8DnpMMY8BgSkfX
         Hrw30RTJ/UHhzBH54W2vgQzpyj7lsjvRJGxNGCURVhIcRzB2UI1XC+r0DvU0nirpNju6
         rNdCvBhCQNaeEKoebMiwXn8FioLwMHh7OGo4N275dMTQC3P87ZrcWva43C2km44gfKxG
         KjOA==
X-Gm-Message-State: ACrzQf2xX09KOFkCAElksaCLzhHDCU3GUFJQvQjBZqy3jLW+48fso+Zo
        m2zQKKGoKoSvwy93FW7EQ+aL64Y8G0jN3rAmZK1KBLC6/qQ=
X-Received: by 2002:a17:907:2c44:b0:78d:4e67:ca5d with SMTP id
 hf4-20020a1709072c4400b0078d4e67ca5dmr24564212ejc.397.1665622932198; Wed, 12
 Oct 2022 18:02:12 -0700 (PDT)
MIME-Version: 1.0
References: <20220902000439.875476-1-dionnaglaze@google.com>
 <669cedbc-e127-92ba-2e98-e0460b45bd4d@amd.com> <554407c3-197b-0e52-fc92-9c383a37175b@amd.com>
In-Reply-To: <554407c3-197b-0e52-fc92-9c383a37175b@amd.com>
From:   Dionna Amalie Glaze <dionnaglaze@google.com>
Date:   Wed, 12 Oct 2022 18:02:01 -0700
Message-ID: <CAAH4kHacW+hd8vB8QgkTjdw6+z-0ngjCqgr=zuGTwqqRnqUPQw@mail.gmail.com>
Subject: Re: [PATCH 1/2] x86/sev: Add KVM commands for instance certs
To:     "Kalra, Ashish" <ashish.kalra@amd.com>
Cc:     LKML <linux-kernel@vger.kernel.org>,
        "the arch/x86 maintainers" <x86@kernel.org>,
        Tom Lendacky <Thomas.Lendacky@amd.com>,
        Paolo Bonzini <pbonzini@redhat.com>
Content-Type: text/plain; charset="UTF-8"
X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,
        ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,
        USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=ham
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

> >> +    /* Page-align the length */
> >> +    length = (params.certs_len + PAGE_SIZE - 1) & PAGE_MASK;
> >
> > Probably can use PAGE_ALIGN() here.
> >

Ah, thanks. Will add in v2.

>
> Though, one thing i don't understand is that why do we need to issue
> the SNP_GUEST_REQUEST to FW if we are going to return the VMM
> overriden certs back to the guest ?
>
> Thanks,
> Ashish

If I'm reading the spec right, certs are supposed to come along with
the guest request when the user issues an extended guest request. If
the length is correct, we issue the command to get the report and we
simply override what the psp returns for the certs.

Is that your understanding too? If so, are you saying there's a bug in
this implementation?


-- 
-Dionna Glaze, PhD (she/her)