Received: by 2002:a05:7208:9594:b0:7e:5202:c8b4 with SMTP id gs20csp2439084rbb;
        Wed, 28 Feb 2024 01:35:57 -0800 (PST)
X-Forwarded-Encrypted: i=3; AJvYcCUJoxJOa146hDgNv2R/5163tFf3kpAwpRvDqDP5+WZ90DNR7nm3UK6YvaCQH9djFUfmcNcga7oOVUGJY7km9bvcYNrpGMInEXb6m3I0Uw==
X-Google-Smtp-Source: AGHT+IEjANnfPWaX7Bu5uCNwSbgfIwToA7MT7kQP1HJKZ+SodeLxZihCx2WaMSIzGgoJnljVoL97
X-Received: by 2002:a05:622a:1cf:b0:42e:811d:cf63 with SMTP id t15-20020a05622a01cf00b0042e811dcf63mr11169207qtw.50.1709112957551;
        Wed, 28 Feb 2024 01:35:57 -0800 (PST)
ARC-Seal: i=2; a=rsa-sha256; t=1709112957; cv=pass;
        d=google.com; s=arc-20160816;
        b=pmarflWYSZZA6VP11eaDC0kKVXCJ91B1lEQHyCF8F1HxzYcpsTDZkHGpx9LQbuyeBI
         wVJiuAT463SDA2BQqvOuoBaKrOWCMAIncxuM2l7iW8wTsP8ZzL6rgt01tDoAK8fQffGM
         FOCTptXS3t9/VXazs8XWuUc9jqat+D2UvdwpZEUq+iC0wiYi5rWUKCbUbKpnF20FFDpA
         8Xlyt2neWekXNnGelb4MOiOxIkGE2JxH13ZibUCa6TuVL63JgO9GoiKs7oDxvVo/QL3D
         Cn8ms0uPqPZsAeVaiEybgrViUxfb00m1l+wpt8gsUNGdcIdUAx5nbeWQClKLGyY974eN
         qLag==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=in-reply-to:content-disposition:mime-version:list-unsubscribe
         :list-subscribe:list-id:precedence:references:message-id:subject:cc
         :to:from:date:dkim-signature;
        bh=BnTxzgDB4D6z5X/XWZgAEvdqEsYIyodUJ23UluDAgo8=;
        fh=Z7YpvZW78QvTWWjlOdZavvSWmiFbnzTVIKK9FEqLxVQ=;
        b=hBroxQwUFk6v/D4Zqb6UpxPlsQ2TbjRHtgniO7Wu+KIlLkth71NVQWr/kI1On2Izcs
         D21ay3FbuI0AELyL5biNZE+3NykrGB1TBkZailNWeUplPF017LaLzWzCbzX5hq/vHc5i
         nWAAD7XEPQIpEZ359wPb1dAAyc29tMJE7ACA2mf5HSLGQYJbAxFJPRYLRQo0u+ZjhvEu
         rd2UWzuSSdYQtlF3bfhFJOlnEjC8CBk3gzmze0ic49wWnHLliDdMANDCoY6wYpEU3RmI
         mzG8kVK02eOrjEDWLcIP61m7Tg6x5dfCM9uV6+Vq/y9MCwJCpq9qnghVWboSaTW/7anP
         RRfg==;
        dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20230601 header.b=hrGJahEJ;
       arc=pass (i=1 spf=pass spfdomain=gmail.com dkim=pass dkdomain=gmail.com dmarc=pass fromdomain=gmail.com);
       spf=pass (google.com: domain of linux-kernel+bounces-84775-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-84775-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel+bounces-84775-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1])
        by mx.google.com with ESMTPS id 22-20020ac85756000000b0042de974538asi9756967qtx.236.2024.02.28.01.35.57
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 28 Feb 2024 01:35:57 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel+bounces-84775-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20230601 header.b=hrGJahEJ;
       arc=pass (i=1 spf=pass spfdomain=gmail.com dkim=pass dkdomain=gmail.com dmarc=pass fromdomain=gmail.com);
       spf=pass (google.com: domain of linux-kernel+bounces-84775-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-84775-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by ny.mirrors.kernel.org (Postfix) with ESMTPS id 568C21C26879
	for <linux.lists.archive@gmail.com>; Wed, 28 Feb 2024 09:35:50 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id 82827364C0;
	Wed, 28 Feb 2024 09:34:41 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="hrGJahEJ"
Received: from mail-pg1-f169.google.com (mail-pg1-f169.google.com [209.85.215.169])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3A5B736133;
	Wed, 28 Feb 2024 09:34:38 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.169
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1709112880; cv=none; b=ovzRqh7SuH2rPisC8kjXe2pyXmMFXPSiEEBilau9A/C040ANdyO/8H2TbriN2c0J2NtFL6Ho+vru42Pf2hp0bCV93pfHyfOGhQeFq7uJNjDs8yUSe1e5tvu9mQLUTfRF57i8g3yInT7mLU1BZ4tQ+wZHLXtdrj8f0/CKDZ2gUaQ=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1709112880; c=relaxed/simple;
	bh=Cf7Ab1S5Azi7ftJlAgSjDp6AD00chiKeVOaFhJkgUqo=;
	h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version:
	 Content-Type:Content-Disposition:In-Reply-To; b=fIsqipA/KKwzQMx9SPmmmZ4p5HFR5/o3fvajeqD4fDFh8yX6udCt/SncWHsxAUOO7dMULSBPaKzeI3aRWhrouq5j1wdvGtMWm7WrWq4W3arOfQaCfGXjs3Dq/JX5btc95Q45UXRJN/RCXhFyvz8T7+IM3HqIjEjeOm2QXz+Nisc=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=hrGJahEJ; arc=none smtp.client-ip=209.85.215.169
Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com
Received: by mail-pg1-f169.google.com with SMTP id 41be03b00d2f7-5cddc5455aeso4905606a12.1;
        Wed, 28 Feb 2024 01:34:38 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1709112878; x=1709717678; darn=vger.kernel.org;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to;
        bh=BnTxzgDB4D6z5X/XWZgAEvdqEsYIyodUJ23UluDAgo8=;
        b=hrGJahEJja+59nTNLV8vTZpK5nHU2IWAh/hfK58Fwewtfy0la4gn6b5vC43Df9ybx9
         oTa/ea6wsUI7shS0sUl/F2TQYAIlYdUHqMmqwaaQUPDmL0z5eBuSNDkGkNtrdmFapUEv
         iaRGYDc8zlmkztVHWuAOLJQEPAR4+FlVALMMKjrslPaREuScwnS1WtD6+FLQQV4lB0l+
         u3CU1HpUlu1WqfBgu/GinA90JyTbs8oX5vzjPJBvSm1ereLbyvfjORLumwyIdez4G8U2
         ynTJEk6JJ6SxAYdX5TVe35DgWQ/V+vMxtWYUiKFd91tKjp+6ysIJNinwU2mN0f5x9o4y
         cdew==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1709112878; x=1709717678;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date
         :message-id:reply-to;
        bh=BnTxzgDB4D6z5X/XWZgAEvdqEsYIyodUJ23UluDAgo8=;
        b=YRG8rpYwLpVB3pwSRXANdox2pfISfFBfY5R+rHnWG1BRPdTvHQA4Swc/AftlebsSPX
         9/z2hgprGPF4mY7miXjCv4YAuS6jyHix6kK8AobYEtUi7ISO9eElHJnJdWE0OyElBP0Y
         c1x/U81rieL5zItFagqI0ZFvXukXroqkx/WxwsX+wj+DNhBbrsSBucCKrpUp+cqYDPk1
         SgzfNrZN3RnRPA67JhbpPDP84YVcKWe3T0VcObY/WhxtnXopWa4AEURkkkbiP49x94+Q
         75rjJBbP5k85k8swhgtk9hz5ES82UUDMAd6MGxeGId2OjZXElWFEuaIKXP+2/1k1aF1i
         8d0g==
X-Forwarded-Encrypted: i=1; AJvYcCXSVrcGem6ulktbKxBBvXrqTHuAQtwqdS7CROayk01qI5dFuuXM6bZzbocI0s9aFYsHfcvcQyHri2Azn1uwkaWwC6toQsWEnvG5JxspdnviZAR3Tn7nvokIW6GYFHPX5APb
X-Gm-Message-State: AOJu0Yx23xKd6rt74p+AIzztaDqtwS6EPToUPREP707lPPbQAV+NJQip
	qs66AbvZ4RE/Gz7QNHp/EsAQxqCEFWbtDoCh6tJ1wWfGShzz91M1
X-Received: by 2002:a05:6a20:c116:b0:1a0:fc33:17b8 with SMTP id bh22-20020a056a20c11600b001a0fc3317b8mr3634526pzb.24.1709112878380;
        Wed, 28 Feb 2024 01:34:38 -0800 (PST)
Received: from archie.me ([103.124.138.155])
        by smtp.gmail.com with ESMTPSA id f19-20020a17090aa79300b0029ab73a80a2sm1104370pjq.22.2024.02.28.01.34.37
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 28 Feb 2024 01:34:37 -0800 (PST)
Received: by archie.me (Postfix, from userid 1000)
	id 6442518515716; Wed, 28 Feb 2024 16:34:34 +0700 (WIB)
Date: Wed, 28 Feb 2024 16:34:33 +0700
From: Bagas Sanjaya <bagasdotme@gmail.com>
To: Paolo Bonzini <pbonzini@redhat.com>, linux-kernel@vger.kernel.org,
	kvm@vger.kernel.org
Cc: seanjc@google.com, michael.roth@amd.com, aik@amd.com
Subject: Re: [PATCH v3 05/15] Documentation: kvm/sev: separate description of
 firmware
Message-ID: <Zd7-KWFGOXGs_iOu@archie.me>
References: <20240226190344.787149-1-pbonzini@redhat.com>
 <20240226190344.787149-6-pbonzini@redhat.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature"; boundary="eUPRBjCtZiK17fws"
Content-Disposition: inline
In-Reply-To: <20240226190344.787149-6-pbonzini@redhat.com>


--eUPRBjCtZiK17fws
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Feb 26, 2024 at 02:03:34PM -0500, Paolo Bonzini wrote:
> +``KVM_MEMORY_ENCRYPT_OP`` API
> +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D

Nit: I think to be consistent, with command names in section headings below,
the API name heading above should not be inlined.

> =20
>  The main ioctl to access SEV is KVM_MEMORY_ENCRYPT_OP.  If the argument
>  to KVM_MEMORY_ENCRYPT_OP is NULL, the ioctl returns 0 if SEV is enabled
> @@ -87,10 +81,6 @@ guests, such as launching, running, snapshotting, migr=
ating and decommissioning.
>  The KVM_SEV_INIT command is used by the hypervisor to initialize the SEV=
 platform
>  context. In a typical workflow, this command should be the first command=
 issued.
> =20
> -The firmware can be initialized either by using its own non-volatile sto=
rage or
> -the OS can manage the NV storage for the firmware using the module param=
eter
> -``init_ex_path``. If the file specified by ``init_ex_path`` does not exi=
st or
> -is invalid, the OS will create or override the file with output from PSP.
> =20
>  Returns: 0 on success, -negative on error
> =20
> @@ -434,6 +424,21 @@ issued by the hypervisor to make the guest ready for=
 execution.
> =20
>  Returns: 0 on success, -negative on error
> =20
> +Firmware Management
> +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> +
> +The SEV guest key management is handled by a separate processor called t=
he AMD
> +Secure Processor (AMD-SP). Firmware running inside the AMD-SP provides a=
 secure
> +key management interface to perform common hypervisor activities such as
> +encrypting bootstrap code, snapshot, migrating and debugging the guest. =
For more
> +information, see the SEV Key Management spec [api-spec]_
> +
> +The AMD-SP firmware can be initialized either by using its own non-volat=
ile
> +storage or the OS can manage the NV storage for the firmware using
> +parameter ``init_ex_path`` of the ``ccp`` module. If the file specified
> +by ``init_ex_path`` does not exist or is invalid, the OS will create or
> +override the file with PSP non-volatile storage.
> +

This one LGTM.

Other than the nit,

Reviewed-by: Bagas Sanjaya <bagasdotme@gmail.com>

--=20
An old man doll... just what I always wanted! - Clara

--eUPRBjCtZiK17fws
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iHUEABYKAB0WIQSSYQ6Cy7oyFNCHrUH2uYlJVVFOowUCZd7+IAAKCRD2uYlJVVFO
o162AQCcn8Ku0qmJzR0aVZhAlymyxJjRteYpeKWfN7U4NfghawEAkNBc12XmmmJP
8LB8u3zNlnOBbkVipGKxB+YnRI5WQQ8=
=Hybi
-----END PGP SIGNATURE-----

--eUPRBjCtZiK17fws--