Received: by 2002:a05:7412:b795:b0:e2:908c:2ebd with SMTP id iv21csp128171rdb;
        Wed, 1 Nov 2023 20:34:26 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IGFY9na/9Sahirn2A8wV6WuVCLdMPdUzu8yqrSAg3hWViLayGl5iGXdFpHe8E3tAJcZcQrZ
X-Received: by 2002:a17:903:24f:b0:1cc:78a5:50a2 with SMTP id j15-20020a170903024f00b001cc78a550a2mr4909951plh.39.1698896066018;
        Wed, 01 Nov 2023 20:34:26 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1698896066; cv=pass;
        d=google.com; s=arc-20160816;
        b=jn72Y7U3TeTcA8M9Y7F4vJI9kBmsWwGpHfyctW52vpPX+7EswbqRabgBtE3BmFYXJq
         ICQXgNWPdpYCp0RRQjY3uK4hhwkrppT+Bwi5KN7WIVGQ5QkmahNn8Cubp0gasZAYGGgj
         WjNO+WZk+Slmb5wBVAmk7hMqNG++caDqdgkdQmCA7zjIjsZWP89LYVNHomQoHr2/ifO/
         aTrP66b9I6+3bJzXIk/lWc14V6E7b75OzgawbEerieBUoPPJ4xibuusBgq9DXzx4B7u/
         RTuOq/ImeL7QcFU02VDhVoOQ4+E+nAPL+D33CL3L1w1ndqa17U7X6L5mfpwhzgGTPau+
         pwWA==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:mime-version:content-transfer-encoding
         :in-reply-to:from:content-language:references:cc:to:subject:reply-to
         :user-agent:date:message-id:dkim-signature;
        bh=4a61wOUre/3b+R2eThs77h8VDMUTQpCgOCqZwEPMgbY=;
        fh=tr4v0Acx58Njac3F8GRhn6Hnb3+c/LhuFjXD5pReeMw=;
        b=kEuMxgZR8T1uPuZW95PjrQf6lacYlEiWNPMtH0ymbus/Gi/7osmZvD6D9+oGGjpHaw
         0HWs/lDvZUewcOuh+ySgHhi+VWcKwhrtimC2ppG8XKZ7cV9JDcmTN5vzkGc5RAuPC6pt
         JNLZGWLzea4/Ngdwrrhc0HO4JiWJ/zwlyP19dLS29Wm1Cef5wrNuOtHxi3kyJfSHW11t
         7JDgLTVWRJ2mEafcbudPnsVfUFyMMnI8U6lex2agH5rTLzFZu/kFjw2t9QJv/wbQ8+vI
         ODNBVqPBr28JOsscxnS/kGysYc4r+LV9y/0jg9p+tbzdeDgBKWbD+1kVtJMoKAJUoA8s
         r8Cg==
ARC-Authentication-Results: i=2; mx.google.com;
       dkim=pass header.i=@amd.com header.s=selector1 header.b=TJaj8VXN;
       arc=pass (i=1 spf=pass spfdomain=amd.com dkim=pass dkdomain=amd.com dmarc=pass fromdomain=amd.com);
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:2 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from agentk.vger.email (agentk.vger.email. [2620:137:e000::3:2])
        by mx.google.com with ESMTPS id jj1-20020a170903048100b001c432da203asi4135148plb.270.2023.11.01.20.34.25
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 01 Nov 2023 20:34:25 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:2 as permitted sender) client-ip=2620:137:e000::3:2;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@amd.com header.s=selector1 header.b=TJaj8VXN;
       arc=pass (i=1 spf=pass spfdomain=amd.com dkim=pass dkdomain=amd.com dmarc=pass fromdomain=amd.com);
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:2 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by agentk.vger.email (Postfix) with ESMTP id 050218023EC0;
	Wed,  1 Nov 2023 20:34:20 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at agentk.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1346757AbjKBDeE (ORCPT <rfc822;gvb.lkml@gmail.com> + 99 others);
        Wed, 1 Nov 2023 23:34:04 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38764 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1348411AbjKBDd5 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 1 Nov 2023 23:33:57 -0400
Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2040.outbound.protection.outlook.com [40.107.236.40])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 98FE99F;
        Wed,  1 Nov 2023 20:33:50 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=kwvI6cyB/VXBLQgJe15JszZ7DcR8bYyBsodE6Cs1JBDd5bINidtw6Kkzk/Go+3+C6GMcS6bT2A5RCKk3aYD38Nkz/h2Xlsz2W/GPzHySreWnRa8CcEgb8rR01pMZZJGykUTVJXk9sIVxpm3eIe4ti71ob7QSGufUjhJEyxNv7OnLb0MBIJsVqRn6yFWq8JE8hi4v4JyQavBm59UMtws0Jmb+X8iAuitkJxw4BItqD4y3XITRvItT56gv2oX25DAEMWvSvHX/fFSEJ9bOFiPULzwakIYJe1go7n8sRxUnuR1rKnZ5ARF/R2Gk/z1IpsqguWoYqOHP6efG6SOpWC/G5g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=4a61wOUre/3b+R2eThs77h8VDMUTQpCgOCqZwEPMgbY=;
 b=DdgWU/UfYQfFuI+XPEiiBsDY1VVpso2UA5jBHXX32w60/FnVPpB1ec0Gir5d8W9lQe3eJb+z03mp1UNLIHaahchG+qPwhLWZcbiME81S3HE7vYaKvZtnBVMtsTlC9cKu4ZyOxUaZL4TPEPIhHFJ4dUDSbbauuqxsvi8ckjoMkbLo31hGmtj3RCFHjUYHa14GYEb4Na026jnWO1hfXhg+XCdvcXI4p/8B/Yia+p5aucrFawo7320qeTYSATfk7P+j6cX81LKfRjlh6ri58Sf+sDJI0euMaH8iGT1J8SCJlZoCA4MtzkaS1XH2LBLmKVC2mWVHDag56fnfbE+69TFvxw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=4a61wOUre/3b+R2eThs77h8VDMUTQpCgOCqZwEPMgbY=;
 b=TJaj8VXNs6j28A7/mqEIMlLp4j+nCFtkA/tYVdC/FmKGnehywYcl70f151wPGZ70HEDwz0einLOEuR9kHlNplz0yreV4SPwkgBwTlneHh8/kZCPATUhDtirZakUbfdcjhqcJ52mPzzqeGrR7AX5Y582TDyxh7sIwiGPq496UzI4=
Authentication-Results: dkim=none (message not signed)
 header.d=none;dmarc=none action=none header.from=amd.com;
Received: from DS7PR12MB6309.namprd12.prod.outlook.com (2603:10b6:8:96::19) by
 DM6PR12MB4388.namprd12.prod.outlook.com (2603:10b6:5:2a9::10) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.6954.21; Thu, 2 Nov 2023 03:33:48 +0000
Received: from DS7PR12MB6309.namprd12.prod.outlook.com
 ([fe80::93cc:c27:4af6:b78c]) by DS7PR12MB6309.namprd12.prod.outlook.com
 ([fe80::93cc:c27:4af6:b78c%2]) with mapi id 15.20.6954.019; Thu, 2 Nov 2023
 03:33:48 +0000
Message-ID: <1cdb3a7f-a30a-4874-ab3a-8fd0f8b5351a@amd.com>
Date:   Thu, 2 Nov 2023 09:03:38 +0530
User-Agent: Mozilla Thunderbird
Reply-To: nikunj@amd.com
Subject: Re: [PATCH v5 01/14] virt: sev-guest: Use AES GCM crypto library
To:     Tom Lendacky <thomas.lendacky@amd.com>,
        linux-kernel@vger.kernel.org, x86@kernel.org, kvm@vger.kernel.org
Cc:     bp@alien8.de, mingo@redhat.com, tglx@linutronix.de,
        dave.hansen@linux.intel.com, dionnaglaze@google.com,
        pgonda@google.com, seanjc@google.com, pbonzini@redhat.com
References: <20231030063652.68675-1-nikunj@amd.com>
 <20231030063652.68675-2-nikunj@amd.com>
 <2a4bbe7b-31e5-7527-8e63-10fb318e0f46@amd.com>
Content-Language: en-US
From:   "Nikunj A. Dadhania" <nikunj@amd.com>
In-Reply-To: <2a4bbe7b-31e5-7527-8e63-10fb318e0f46@amd.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-ClientProxiedBy: PN0PR01CA0019.INDPRD01.PROD.OUTLOOK.COM
 (2603:1096:c01:4e::17) To DS7PR12MB6309.namprd12.prod.outlook.com
 (2603:10b6:8:96::19)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: DS7PR12MB6309:EE_|DM6PR12MB4388:EE_
X-MS-Office365-Filtering-Correlation-Id: 0ba855b2-c2a7-46cb-9e48-08dbdb5485dc
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: u31J9F2plugk694uOUqJbC5mEMGI/XzndRU9XUqnn5Gh8eqrgSN89HJ/L2X18UjVLoN+XC2NjCjFfIL2GKdB9bQ8fSLzBlpjqq8WKWftZqfBUBkosq+XSZx9wbCgLqwoFSREjY70lZCQauCReToyl8qRAtuZryzhh1KpwR7DOHJV1HKSFasDxJnUVUXZ0Gzc56wGORcR4lzGTGvcQo45fHwIQ39NR1jNJbz/BNDX6fYWbr4+XKOmxHd/Zd8XFuxGgSxEsyBfpKr3Kix29RA62arCrGh/ZGYmoIB7fIvMcB4OVjC6rWl0+jd1+Ds/ryzqLw/9hJw844SHAMZ9Rp8AJCCnWRaAdN8JBYZC0bcUY2QKKk67ppAja72ogL630G6ozxgD41XAAa5bUwa//uX1b+OShmKoK44oVXtoo4Db2DvgBF1MF/pPfG1qkkmjYJdf7uy/SyObYwpG8s3FnchnLvoy2vh49W0WIt5+JMj3PIGbsR2ABWLbPZxJ08NXIvmrWP5Opz+kOw4UF9x9FlsvOm11qmE2Y+LD9BPLz3I0u9xVJyN9MmW13icfAydmuBiqi/RdcJ8EGSV8qnVYCCD8SbPFtPLwS8b+JLhlff85K3PvTi1H8Cgl8bI/D5mRNIS0XIhYad0CyXg1AR87rhHNIQ==
X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DS7PR12MB6309.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(396003)(346002)(366004)(136003)(39860400002)(376002)(230922051799003)(64100799003)(1800799009)(186009)(451199024)(66556008)(66476007)(66946007)(316002)(6506007)(2616005)(6512007)(26005)(36756003)(6666004)(38100700002)(31696002)(53546011)(83380400001)(6486002)(478600001)(5660300002)(3450700001)(2906002)(7416002)(41300700001)(31686004)(4326008)(8936002)(8676002)(43740500002)(45980500001);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?bVRQWEZ1by9oK3JsSU5iRFQ1VlhoKzA0T1h5VExGeWNtVUpCUFk4Z0hsZmNR?=
 =?utf-8?B?c3Q3VUYzRE9aYTgyTGloN29MRGpWM1hlQ1VZQWd5QmlXZ1NGSmlCdHdpZGZu?=
 =?utf-8?B?U3p0bXc2M1Z6S09SLysrNEhWZWtYK2gxUXU3RHhkSlFKTlZXZVhNTGdnUHFV?=
 =?utf-8?B?R2MzcjhlRnZoYVlzUG8zelBXS1VrTm9LejEyZHlkVEF5OFo2emlPaUd5eFor?=
 =?utf-8?B?T2lTTWRvQ3N1cERzSGQxQzVleDFnQVhuQTlVTGxTdHZaWlJROGN6R0pGMXg2?=
 =?utf-8?B?TDE3L3NReGNMdUJjSmJva2JDRitoWGZ2TFdRVVpsTDloeUF5YkRzcHUwMDJw?=
 =?utf-8?B?SElOTmdVcGpEZGlHdmdnc3Fsejg1UllFd1ltenEvSXZja25rU09kTTd6QUQx?=
 =?utf-8?B?VXI4V1U5bjhEam4wQUN3NTU3QlhQZ0FhUUhhU0Q2TVFOVlZId3N2cWNCMzgv?=
 =?utf-8?B?aEwzckJweTg0UDkwbUpxRklWeEtZQjJyZmIzbUZYajlReGhkVGRTRk5NWGlx?=
 =?utf-8?B?KzhkbkZWdit6WFFWS2hnVVdMdzl6bHJFbUZ4OUpvTVBUb0crcFQ3Ujc2S2lU?=
 =?utf-8?B?Rnl3QytlUWt6cmx5YVJwS0U0d1dtY0dvd3p4RlB2bXF0bU1va3Fwd1RUM3Uv?=
 =?utf-8?B?b1JZditCMjVHV1hrTXkxQnBERHIvUzgwWjlwdkVDT24rTGZyd0kwMmJaWjhI?=
 =?utf-8?B?cmhkL0FOZms5NFpwUVRqcHBYVmVHbnRUL2JJTTVkRGlra2Y1NXBCODZZTWY4?=
 =?utf-8?B?UEpmWkRudjZVWE10TDR5azlTV2ZpeHgzOUNtcnNhL0VwRUtPSmJlZmZscFpC?=
 =?utf-8?B?bkMycHNkeS9vQndhRm5QcEhza0VDbTZJT1IrRURWNnR3dG9PZW9BSHpXa2FB?=
 =?utf-8?B?MGR1OHYzUkcrMkRQaW96c2gwOGdEYWFPam14LzFuNXJYRFRZTlo1emRwejBi?=
 =?utf-8?B?SVlaS2xYbmVDS1FYWmJ0SU5mVDA3ZlJIc2hSL09CaFE2Z2tsNVowdXJDcjdp?=
 =?utf-8?B?OTVKeFV2L3lEd2hYT2IrN0xPL1hmYlpkQXhxZkYzSUhqZ0RNYjZrTmZVYVFK?=
 =?utf-8?B?ZVVpMlphUjRKM1M1ZXAwcEhUUlZvVW14NWhDTkxsL1JzMU84VmJNMmNzOC84?=
 =?utf-8?B?eVJRNjBUNjlwQ2xrbTgyM3NnZFNad3FjNTBPT1dLaFhSRFpFOXU5NW1IRE1w?=
 =?utf-8?B?QXl1VXl3b0Q3TFVHUzlTdG1VZzA4empkZUgvamNaU0RwUGNoSytOdm9LajVI?=
 =?utf-8?B?am54L3c5VGRzOWZNc01wRU9Fem1nVENQTk5oZ0FuVDYyeXI5a1B2bkt5OGh2?=
 =?utf-8?B?UFhDa29BNWpEZGR4WngwNk9BUmlHcVd3bzMrdFVGeHZ4UG1tbmVpaWxTOWFI?=
 =?utf-8?B?VVdtMDZHbjdRWHEyS3R1ejdPVHlkcTRycm9mUDJpZjE3VElySGdzRThSQU02?=
 =?utf-8?B?T1RydEJwQ3RpWjJoYWdWZXMyK3lJbGk1L2xBK2hsdWtlaXlpb2NjbWZGRkxL?=
 =?utf-8?B?a2tvVldUMHJSZGtqSG5PRWc2dVcyVFRRWTBkNXNqM1BwUVkwd0lIalNLcDlV?=
 =?utf-8?B?MFE1SEdlOFNOSW13VGZGUkh4RTNESkU4RVd3R0NLVC9McjMvY3BjaDVQVlpI?=
 =?utf-8?B?R2I5VEtlVUxhSnBpbzZ0eFhBZjdaTEZ6WmNUTmJva3NBVjlMZkszcE5nb1Vs?=
 =?utf-8?B?d3I4RFhMWTk1aVFpZVhCVVFsaFhZeVl1Z2tvaHBSODJjd1dya0ZNRjNJa1BW?=
 =?utf-8?B?dmo3aGM3NHRvdlhSRy9XYVNqaENtMy9BL1ExMGtUQkZGTWFkNzI0VU5TR3VC?=
 =?utf-8?B?TVNFN3FPRFF4OXlhMXRqeGovSktRalVISXZEM2NFa0FzRDB5WWNseDlYai9v?=
 =?utf-8?B?aDlOUCttUFo4WlVjRkI2UlpLU0Z5by93bVFpSWZmVHhXM3dISldvVVJaOTZV?=
 =?utf-8?B?ckpxaThOaDd0TXlNekU2cFFXdVljUkNCbUdoNjFiRUJyVy9aL2wvcFhEK0pG?=
 =?utf-8?B?ZlZTSjRkaG5IbVZza0RtU3pFcloyMndYM3RGNzZKM3ZtTXN1ZFEzNW1ISWRk?=
 =?utf-8?B?a3hST0wxcWpZcUhrMVRmZCthQWZjY2w3a2FLS1ExcE1mekZFTVpMT1h2bC83?=
 =?utf-8?Q?fPtLE0jB/mL2jbCFm/oZbVLrD?=
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 0ba855b2-c2a7-46cb-9e48-08dbdb5485dc
X-MS-Exchange-CrossTenant-AuthSource: DS7PR12MB6309.namprd12.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Nov 2023 03:33:47.6432
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: KVCUAaSDlwk1N1C8ykJA1zGulTt95xeaA62OLVv9fPtbK2eB1Shr4+W7DIs3sklP8EPDDaDrhUBfnQcQ5HJFBg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB4388
X-Spam-Status: No, score=-1.3 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,
	URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on agentk.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (agentk.vger.email [0.0.0.0]); Wed, 01 Nov 2023 20:34:21 -0700 (PDT)

On 10/30/2023 11:21 PM, Tom Lendacky wrote:
> On 10/30/23 01:36, Nikunj A Dadhania wrote:
>> The sev-guest driver encryption code uses Crypto API for SNP guest
>> messaging to interact with AMD Security processor. For enabling SecureTSC,
>> SEV-SNP guests need to send a TSC_INFO request guest message before the
>> smpboot phase starts. Details from the TSC_INFO response will be used to
>> program the VMSA before the secondary CPUs are brought up. The Crypto API
>> is not available this early in the boot phase.
>>
>> In preparation of moving the encryption code out of sev-guest driver to
>> support SecureTSC and make reviewing the diff easier, start using AES GCM
>> library implementation instead of Crypto API.
>>
>> CC: Ard Biesheuvel <ardb@kernel.org>
>> Signed-off-by: Nikunj A Dadhania <nikunj@amd.com>
>> Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
> 
> I just a few nit comments that might be nice to cover if you have to do a v6...

Sure, I will address them in v6.

>>   -static int __enc_payload(struct snp_guest_dev *snp_dev, struct snp_guest_msg *msg,
>> +static int __enc_payload(struct aesgcm_ctx *ctx, struct snp_guest_msg *msg,
>>                void *plaintext, size_t len)
>>   {
>> -    struct snp_guest_crypto *crypto = snp_dev->crypto;
>>       struct snp_guest_msg_hdr *hdr = &msg->hdr;
>> +    u8 iv[GCM_AES_IV_SIZE] = {};
>>   -    memset(crypto->iv, 0, crypto->iv_len);
>> -    memcpy(crypto->iv, &hdr->msg_seqno, sizeof(hdr->msg_seqno));
>> +    if (WARN_ON((hdr->msg_sz + ctx->authsize) > sizeof(msg->payload)))
>> +        return -EBADMSG;
>>   -    return enc_dec_message(crypto, msg, plaintext, msg->payload, len, true);
>> +    memcpy(iv, &hdr->msg_seqno, sizeof(hdr->msg_seqno));
>> +    aesgcm_encrypt(ctx, msg->payload, plaintext, len, &hdr->algo, AAD_LEN,
>> +               iv, hdr->authtag);
>> +    return 0;
>>   }
> 
> __enc_payload() is pretty small now and can probably just be part of the only function that calls it, enc_payload().
> 
>>   -static int dec_payload(struct snp_guest_dev *snp_dev, struct snp_guest_msg *msg,
>> +static int dec_payload(struct aesgcm_ctx *ctx, struct snp_guest_msg *msg,
>>                  void *plaintext, size_t len)
>>   {
>> -    struct snp_guest_crypto *crypto = snp_dev->crypto;
>>       struct snp_guest_msg_hdr *hdr = &msg->hdr;
>> +    u8 iv[GCM_AES_IV_SIZE] = {};
>>   -    /* Build IV with response buffer sequence number */
>> -    memset(crypto->iv, 0, crypto->iv_len);
>> -    memcpy(crypto->iv, &hdr->msg_seqno, sizeof(hdr->msg_seqno));
>> -
>> -    return enc_dec_message(crypto, msg, msg->payload, plaintext, len, false);
>> +    memcpy(iv, &hdr->msg_seqno, sizeof(hdr->msg_seqno));
>> +    if (aesgcm_decrypt(ctx, plaintext, msg->payload, len, &hdr->algo,
>> +               AAD_LEN, iv, hdr->authtag))
>> +        return 0;
>> +    else
>> +        return -EBADMSG;
> 
> This would look cleaner / read easier to me to have as:
> 
>     if (!aesgcm_decrypt(...))
>         return -EBADMSG;
> 
>     return 0;
> 
> But just my opinion.
> 
> And ditto here on the size now, can probably just be part of verify_and_dec_payload() now.
> 
> Thanks,
> Tom

Regards
Nikunj