SEV_INIT requires users to unlock their SPI bus for the PSP's non
volatile (NV) storage. Users may wish to lock their SPI bus for numerous
reasons, to support this the PSP firmware supports SEV_INIT_EX. INIT_EX
allows the firmware to use a region of memory for its NV storage leaving
the kernel responsible for actually storing the data in a persistent
way. This series adds a new module parameter to ccp allowing users to
specify a path to a file for use as the PSP's NV storage. The ccp driver
then reads the file into memory for the PSP to use and is responsible
for writing the file whenever the PSP modifies the memory region.
V4
* Fix make C=1 W=1 warnings.
V3
* Add another module parameter 'psp_init_on_probe' to allow for skipping
PSP init on module init.
* Fixes review comments from Sean.
* Fixes missing error checking with file reading.
* Removed setting 'error' to a set value in patch 1.
Signed-off-by: Peter Gonda <[email protected]>
Reviewed-by: Marc Orr <[email protected]>
Acked-by: David Rientjes <[email protected]>
Cc: Tom Lendacky <[email protected]>
Cc: Brijesh Singh <[email protected]>
Cc: Marc Orr <[email protected]>
Cc: Joerg Roedel <[email protected]>
Cc: Herbert Xu <[email protected]>
Cc: David Rientjes <[email protected]>
Cc: John Allen <[email protected]>
Cc: "David S. Miller" <[email protected]>
Cc: Paolo Bonzini <[email protected]>
Cc: [email protected]
Cc: [email protected]
David Rientjes (1):
crypto: ccp - Add SEV_INIT_EX support
Peter Gonda (4):
crypto: ccp - Add SEV_INIT rc error logging on init
crypto: ccp - Move SEV_INIT retry for corrupted data
crypto: ccp - Refactor out sev_fw_alloc()
crypto: ccp - Add psp_init_on_probe module parameter
.../virt/kvm/amd-memory-encryption.rst | 6 +
drivers/crypto/ccp/sev-dev.c | 258 +++++++++++++++---
include/linux/psp-sev.h | 21 ++
3 files changed, 245 insertions(+), 40 deletions(-)
--
2.34.0.384.gca35af8252-goog
Currently only the firmware error code is printed. This is incomplete
and also incorrect as error cases exists where the firmware is never
called and therefore does not set an error code.
Signed-off-by: Peter Gonda <[email protected]>
Reviewed-by: Marc Orr <[email protected]>
Acked-by: David Rientjes <[email protected]>
Acked-by: Tom Lendacky <[email protected]>
Cc: Tom Lendacky <[email protected]>
Cc: Brijesh Singh <[email protected]>
Cc: Marc Orr <[email protected]>
Cc: Joerg Roedel <[email protected]>
Cc: Herbert Xu <[email protected]>
Cc: David Rientjes <[email protected]>
Cc: John Allen <[email protected]>
Cc: "David S. Miller" <[email protected]>
Cc: Paolo Bonzini <[email protected]>
Cc: [email protected]
Cc: [email protected]
---
drivers/crypto/ccp/sev-dev.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index e09925d86bf3..f527e5f9ed1f 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -1104,7 +1104,8 @@ void sev_pci_init(void)
}
if (rc) {
- dev_err(sev->dev, "SEV: failed to INIT error %#x\n", error);
+ dev_err(sev->dev, "SEV: failed to INIT error %#x, rc %d\n",
+ error, rc);
return;
}
--
2.34.0.384.gca35af8252-goog
From: David Rientjes <[email protected]>
Add new module parameter to allow users to use SEV_INIT_EX instead of
SEV_INIT. This helps users who lock their SPI bus to use the PSP for SEV
functionality. The 'init_ex_path' parameter defaults to NULL which means
the kernel will use SEV_INIT, if a path is specified SEV_INIT_EX will be
used with the data found at the path. On certain PSP commands this
file is written to as the PSP updates the NV memory region. Depending on
file system initialization this file open may fail during module init
but the CCP driver for SEV already has sufficient retries for platform
initialization. During normal operation of PSP system and SEV commands
if the PSP has not been initialized it is at run time. If the file at
'init_ex_path' does not exist the PSP will not be initialized. The user
must create the file prior to use with 32Kb of 0xFFs per spec.
Signed-off-by: David Rientjes <[email protected]>
Co-developed-by: Peter Gonda <[email protected]>
Signed-off-by: Peter Gonda <[email protected]>
Reviewed-by: Marc Orr <[email protected]>
Cc: Tom Lendacky <[email protected]>
Cc: Brijesh Singh <[email protected]>
Cc: Marc Orr <[email protected]>
Cc: Joerg Roedel <[email protected]>
Cc: Herbert Xu <[email protected]>
Cc: David Rientjes <[email protected]>
Cc: John Allen <[email protected]>
Cc: "David S. Miller" <[email protected]>
Cc: Paolo Bonzini <[email protected]>
Cc: [email protected]
Cc: [email protected]
---
.../virt/kvm/amd-memory-encryption.rst | 6 +
drivers/crypto/ccp/sev-dev.c | 193 ++++++++++++++++--
include/linux/psp-sev.h | 21 ++
3 files changed, 205 insertions(+), 15 deletions(-)
diff --git a/Documentation/virt/kvm/amd-memory-encryption.rst b/Documentation/virt/kvm/amd-memory-encryption.rst
index 5c081c8c7164..1c6847fff304 100644
--- a/Documentation/virt/kvm/amd-memory-encryption.rst
+++ b/Documentation/virt/kvm/amd-memory-encryption.rst
@@ -85,6 +85,12 @@ guests, such as launching, running, snapshotting, migrating and decommissioning.
The KVM_SEV_INIT command is used by the hypervisor to initialize the SEV platform
context. In a typical workflow, this command should be the first command issued.
+The firmware can be initialized either by using its own non-volatile storage or
+the OS can manage the NV storage for the firmware using the module parameter
+``init_ex_path``. The file specified by ``init_ex_path`` must exist. To create
+a new NV storage file allocate the file with 32KB bytes of 0xFF as required by
+the SEV spec.
+
Returns: 0 on success, -negative on error
2. KVM_SEV_LAUNCH_START
diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index ab3752799011..d0d5962fa6aa 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -22,6 +22,7 @@
#include <linux/firmware.h>
#include <linux/gfp.h>
#include <linux/cpufeature.h>
+#include <linux/fs.h>
#include <asm/smp.h>
@@ -43,6 +44,10 @@ static int psp_probe_timeout = 5;
module_param(psp_probe_timeout, int, 0644);
MODULE_PARM_DESC(psp_probe_timeout, " default timeout value, in seconds, during PSP device probe");
+static char *init_ex_path;
+module_param(init_ex_path, charp, 0444);
+MODULE_PARM_DESC(init_ex_path, " Path for INIT_EX data; if set try INIT_EX");
+
static bool psp_init_on_probe = true;
module_param(psp_init_on_probe, bool, 0444);
MODULE_PARM_DESC(psp_init_on_probe, " if true, the PSP will be initialized on module init. Else the PSP will be initialized on the first command requiring it");
@@ -62,6 +67,14 @@ static int psp_timeout;
#define SEV_ES_TMR_SIZE (1024 * 1024)
static void *sev_es_tmr;
+/* INIT_EX NV Storage:
+ * The NV Storage is a 32Kb area and must be 4Kb page aligned. Use the page
+ * allocator to allocate the memory, which will return aligned memory for the
+ * specified allocation order.
+ */
+#define NV_LENGTH (32 * 1024)
+static void *sev_init_ex_buffer;
+
static inline bool sev_version_greater_or_equal(u8 maj, u8 min)
{
struct sev_device *sev = psp_master->sev_data;
@@ -111,6 +124,7 @@ static int sev_cmd_buffer_len(int cmd)
{
switch (cmd) {
case SEV_CMD_INIT: return sizeof(struct sev_data_init);
+ case SEV_CMD_INIT_EX: return sizeof(struct sev_data_init_ex);
case SEV_CMD_PLATFORM_STATUS: return sizeof(struct sev_user_data_status);
case SEV_CMD_PEK_CSR: return sizeof(struct sev_data_pek_csr);
case SEV_CMD_PEK_CERT_IMPORT: return sizeof(struct sev_data_pek_cert_import);
@@ -156,6 +170,101 @@ static void *sev_fw_alloc(unsigned long len)
return page_address(page);
}
+static int sev_read_init_ex_file(void)
+{
+ struct sev_device *sev = psp_master->sev_data;
+ struct file *fp;
+ ssize_t nread;
+
+ lockdep_assert_held(sev_cmd_mutex);
+
+ if (!sev_init_ex_buffer)
+ return -EOPNOTSUPP;
+
+ fp = filp_open(init_ex_path, O_RDONLY, 0);
+ if (IS_ERR(fp)) {
+ int ret = PTR_ERR(fp);
+
+ dev_err(sev->dev,
+ "SEV: could not open %s for read, error %d\n",
+ init_ex_path, ret);
+ return ret;
+ }
+
+ nread = kernel_read(fp, sev_init_ex_buffer, NV_LENGTH, NULL);
+ if (nread != NV_LENGTH) {
+ dev_err(sev->dev,
+ "SEV: failed to read %u bytes to non volatile memory area, ret %ld\n",
+ NV_LENGTH, nread);
+ return -EIO;
+ }
+
+ dev_dbg(sev->dev, "SEV: read %ld bytes from NV file\n", nread);
+ filp_close(fp, NULL);
+
+ return 0;
+}
+
+static void sev_write_init_ex_file(void)
+{
+ struct sev_device *sev = psp_master->sev_data;
+ struct file *fp;
+ loff_t offset = 0;
+ ssize_t nwrite;
+
+ lockdep_assert_held(sev_cmd_mutex);
+
+ if (!sev_init_ex_buffer)
+ return;
+
+ fp = filp_open(init_ex_path, O_CREAT | O_WRONLY, 0600);
+ if (IS_ERR(fp)) {
+ dev_err(sev->dev,
+ "SEV: could not open file for write, error %d\n",
+ PTR_ERR(fp));
+ return;
+ }
+
+ nwrite = kernel_write(fp, sev_init_ex_buffer, NV_LENGTH, &offset);
+ vfs_fsync(fp, 0);
+ filp_close(fp, NULL);
+
+ if (nwrite != NV_LENGTH) {
+ dev_err(sev->dev,
+ "SEV: failed to write %u bytes to non volatile memory area, ret %ld\n",
+ NV_LENGTH, nwrite);
+ return;
+ }
+
+ dev_dbg(sev->dev, "SEV: write successful to NV file\n");
+}
+
+static void sev_write_init_ex_file_if_required(int cmd_id)
+{
+ lockdep_assert_held(sev_cmd_mutex);
+
+ if (!sev_init_ex_buffer)
+ return;
+
+ /*
+ * Only a few platform commands modify the SPI/NV area, but none of the
+ * non-platform commands do. Only INIT(_EX), PLATFORM_RESET, PEK_GEN,
+ * PEK_CERT_IMPORT, and PDH_GEN do.
+ */
+ switch (cmd_id) {
+ case SEV_CMD_FACTORY_RESET:
+ case SEV_CMD_INIT_EX:
+ case SEV_CMD_PDH_GEN:
+ case SEV_CMD_PEK_CERT_IMPORT:
+ case SEV_CMD_PEK_GEN:
+ break;
+ default:
+ return;
+ };
+
+ sev_write_init_ex_file();
+}
+
static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret)
{
struct psp_device *psp = psp_master;
@@ -225,6 +334,8 @@ static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret)
dev_dbg(sev->dev, "sev command %#x failed (%#010x)\n",
cmd, reg & PSP_CMDRESP_ERR_MASK);
ret = -EIO;
+ } else {
+ sev_write_init_ex_file_if_required(cmd);
}
print_hex_dump_debug("(out): ", DUMP_PREFIX_OFFSET, 16, 2, data,
@@ -251,37 +362,71 @@ static int sev_do_cmd(int cmd, void *data, int *psp_ret)
return rc;
}
-static int __sev_platform_init_locked(int *error)
+static int __sev_init_locked(int *error)
{
- struct psp_device *psp = psp_master;
struct sev_data_init data;
- struct sev_device *sev;
- int psp_ret, rc = 0;
- if (!psp || !psp->sev_data)
- return -ENODEV;
+ memset(&data, 0, sizeof(data));
+ if (sev_es_tmr) {
+ /*
+ * Do not include the encryption mask on the physical
+ * address of the TMR (firmware should clear it anyway).
+ */
+ data.tmr_address = __pa(sev_es_tmr);
- sev = psp->sev_data;
+ data.flags |= SEV_INIT_FLAGS_SEV_ES;
+ data.tmr_len = SEV_ES_TMR_SIZE;
+ }
- if (sev->state == SEV_STATE_INIT)
- return 0;
+ return __sev_do_cmd_locked(SEV_CMD_INIT, &data, error);
+}
+
+static int __sev_init_ex_locked(int *error)
+{
+ struct sev_data_init_ex data;
+ int ret;
memset(&data, 0, sizeof(data));
- if (sev_es_tmr) {
- u64 tmr_pa;
+ data.length = sizeof(data);
+ data.nv_address = __psp_pa(sev_init_ex_buffer);
+ data.nv_len = NV_LENGTH;
+
+ ret = sev_read_init_ex_file();
+ if (ret)
+ return ret;
+ if (sev_es_tmr) {
/*
* Do not include the encryption mask on the physical
* address of the TMR (firmware should clear it anyway).
*/
- tmr_pa = __pa(sev_es_tmr);
+ data.tmr_address = __pa(sev_es_tmr);
data.flags |= SEV_INIT_FLAGS_SEV_ES;
- data.tmr_address = tmr_pa;
data.tmr_len = SEV_ES_TMR_SIZE;
}
- rc = __sev_do_cmd_locked(SEV_CMD_INIT, &data, &psp_ret);
+ return __sev_do_cmd_locked(SEV_CMD_INIT_EX, &data, error);
+}
+
+static int __sev_platform_init_locked(int *error)
+{
+ struct psp_device *psp = psp_master;
+ struct sev_device *sev;
+ int rc, psp_ret;
+ int (*init_function)(int *error);
+
+ if (!psp || !psp->sev_data)
+ return -ENODEV;
+
+ sev = psp->sev_data;
+
+ if (sev->state == SEV_STATE_INIT)
+ return 0;
+
+ init_function = sev_init_ex_buffer ? __sev_init_ex_locked :
+ __sev_init_locked;
+ rc = init_function(&psp_ret);
if (rc && psp_ret == SEV_RET_SECURE_DATA_INVALID) {
/*
* Initialization command returned an integrity check failure
@@ -291,7 +436,7 @@ static int __sev_platform_init_locked(int *error)
* with a reset state.
*/
dev_dbg(sev->dev, "SEV: retrying INIT command");
- rc = __sev_do_cmd_locked(SEV_CMD_INIT, &data, &psp_ret);
+ rc = init_function(&psp_ret);
}
if (error)
*error = psp_ret;
@@ -1066,6 +1211,12 @@ static void sev_firmware_shutdown(struct sev_device *sev)
get_order(SEV_ES_TMR_SIZE));
sev_es_tmr = NULL;
}
+
+ if (sev_init_ex_buffer) {
+ free_pages((unsigned long)sev_init_ex_buffer,
+ get_order(NV_LENGTH));
+ sev_init_ex_buffer = NULL;
+ }
}
void sev_dev_destroy(struct psp_device *psp)
@@ -1111,6 +1262,18 @@ void sev_pci_init(void)
sev_update_firmware(sev->dev) == 0)
sev_get_api_version();
+ /* If an init_ex_path is provided rely on INIT_EX for PSP initialization
+ * instead of INIT.
+ */
+ if (init_ex_path) {
+ sev_init_ex_buffer = sev_fw_alloc(NV_LENGTH);
+ if (!sev_init_ex_buffer) {
+ dev_err(sev->dev,
+ "SEV: INIT_EX NV memory allocation failed\n");
+ goto err;
+ }
+ }
+
/* Obtain the TMR memory area for SEV-ES use */
sev_es_tmr = sev_fw_alloc(SEV_ES_TMR_SIZE);
if (!sev_es_tmr)
diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h
index d48a7192e881..1595088c428b 100644
--- a/include/linux/psp-sev.h
+++ b/include/linux/psp-sev.h
@@ -52,6 +52,7 @@ enum sev_cmd {
SEV_CMD_DF_FLUSH = 0x00A,
SEV_CMD_DOWNLOAD_FIRMWARE = 0x00B,
SEV_CMD_GET_ID = 0x00C,
+ SEV_CMD_INIT_EX = 0x00D,
/* Guest commands */
SEV_CMD_DECOMMISSION = 0x020,
@@ -102,6 +103,26 @@ struct sev_data_init {
u32 tmr_len; /* In */
} __packed;
+/**
+ * struct sev_data_init_ex - INIT_EX command parameters
+ *
+ * @length: len of the command buffer read by the PSP
+ * @flags: processing flags
+ * @tmr_address: system physical address used for SEV-ES
+ * @tmr_len: len of tmr_address
+ * @nv_address: system physical address used for PSP NV storage
+ * @nv_len: len of nv_address
+ */
+struct sev_data_init_ex {
+ u32 length; /* In */
+ u32 flags; /* In */
+ u64 tmr_address; /* In */
+ u32 tmr_len; /* In */
+ u32 reserved; /* In */
+ u64 nv_address; /* In/Out */
+ u32 nv_len; /* In */
+} __packed;
+
#define SEV_INIT_FLAGS_SEV_ES 0x01
/**
--
2.34.0.384.gca35af8252-goog
Add psp_init_on_probe module parameter that allows for skipping the
PSP's SEV platform initialization during module init. User may decouple
module init from PSP init due to use of the INIT_EX support in upcoming
patch which allows for users to save PSP's internal state to file. The
file may be unavailable at module init.
Also moves the PSP ABI version log message to after successful PSP init
instead of module init in case this new parameter is used.
Signed-off-by: Peter Gonda <[email protected]>
Cc: Tom Lendacky <[email protected]>
Cc: Brijesh Singh <[email protected]>
Cc: Marc Orr <[email protected]>
Cc: Joerg Roedel <[email protected]>
Cc: Herbert Xu <[email protected]>
Cc: David Rientjes <[email protected]>
Cc: John Allen <[email protected]>
Cc: "David S. Miller" <[email protected]>
Cc: Paolo Bonzini <[email protected]>
Cc: [email protected]
Cc: [email protected]
---
drivers/crypto/ccp/sev-dev.c | 19 ++++++++++++-------
1 file changed, 12 insertions(+), 7 deletions(-)
diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index 7f467921b1dc..ab3752799011 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -43,6 +43,10 @@ static int psp_probe_timeout = 5;
module_param(psp_probe_timeout, int, 0644);
MODULE_PARM_DESC(psp_probe_timeout, " default timeout value, in seconds, during PSP device probe");
+static bool psp_init_on_probe = true;
+module_param(psp_init_on_probe, bool, 0444);
+MODULE_PARM_DESC(psp_init_on_probe, " if true, the PSP will be initialized on module init. Else the PSP will be initialized on the first command requiring it");
+
MODULE_FIRMWARE("amd/amd_sev_fam17h_model0xh.sbin"); /* 1st gen EPYC */
MODULE_FIRMWARE("amd/amd_sev_fam17h_model3xh.sbin"); /* 2nd gen EPYC */
MODULE_FIRMWARE("amd/amd_sev_fam19h_model0xh.sbin"); /* 3rd gen EPYC */
@@ -305,7 +309,10 @@ static int __sev_platform_init_locked(int *error)
dev_dbg(sev->dev, "SEV firmware initialized\n");
- return rc;
+ dev_info(sev->dev, "SEV API:%d.%d build:%d\n", sev->api_major,
+ sev->api_minor, sev->build);
+
+ return 0;
}
int sev_platform_init(int *error)
@@ -1110,16 +1117,14 @@ void sev_pci_init(void)
dev_warn(sev->dev,
"SEV: TMR allocation failed, SEV-ES support unavailable\n");
+ if (!psp_init_on_probe)
+ return;
+
/* Initialize the platform */
rc = sev_platform_init(&error);
- if (rc) {
+ if (rc)
dev_err(sev->dev, "SEV: failed to INIT error %#x, rc %d\n",
error, rc);
- return;
- }
-
- dev_info(sev->dev, "SEV API:%d.%d build:%d\n", sev->api_major,
- sev->api_minor, sev->build);
return;
--
2.34.0.384.gca35af8252-goog
Create a helper function sev_fw_alloc() which can be used to allocate
aligned memory regions for use by the PSP firmware. Currently only used
for the SEV-ES TMR region but will be used for the SEV_INIT_EX NV memory
region.
Signed-off-by: Peter Gonda <[email protected]>
Reviewed-by: Marc Orr <[email protected]>
Acked-by: David Rientjes <[email protected]>
Cc: Tom Lendacky <[email protected]>
Cc: Brijesh Singh <[email protected]>
Cc: Marc Orr <[email protected]>
Cc: Joerg Roedel <[email protected]>
Cc: Herbert Xu <[email protected]>
Cc: David Rientjes <[email protected]>
Cc: John Allen <[email protected]>
Cc: "David S. Miller" <[email protected]>
Cc: Paolo Bonzini <[email protected]>
Cc: [email protected]
Cc: [email protected]
---
drivers/crypto/ccp/sev-dev.c | 19 +++++++++++++------
1 file changed, 13 insertions(+), 6 deletions(-)
diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index ef7e8b4c6e02..7f467921b1dc 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -141,6 +141,17 @@ static int sev_cmd_buffer_len(int cmd)
return 0;
}
+static void *sev_fw_alloc(unsigned long len)
+{
+ struct page *page;
+
+ page = alloc_pages(GFP_KERNEL, get_order(len));
+ if (!page)
+ return NULL;
+
+ return page_address(page);
+}
+
static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret)
{
struct psp_device *psp = psp_master;
@@ -1094,14 +1105,10 @@ void sev_pci_init(void)
sev_get_api_version();
/* Obtain the TMR memory area for SEV-ES use */
- tmr_page = alloc_pages(GFP_KERNEL, get_order(SEV_ES_TMR_SIZE));
- if (tmr_page) {
- sev_es_tmr = page_address(tmr_page);
- } else {
- sev_es_tmr = NULL;
+ sev_es_tmr = sev_fw_alloc(SEV_ES_TMR_SIZE);
+ if (!sev_es_tmr)
dev_warn(sev->dev,
"SEV: TMR allocation failed, SEV-ES support unavailable\n");
- }
/* Initialize the platform */
rc = sev_platform_init(&error);
--
2.34.0.384.gca35af8252-goog
Move the data corrupted retry of SEV_INIT into the
__sev_platform_init_locked() function. This is for upcoming INIT_EX
support as well as helping direct callers of
__sev_platform_init_locked() which currently do not support the
retry.
Signed-off-by: Peter Gonda <[email protected]>
Reviewed-by: Marc Orr <[email protected]>
Acked-by: David Rientjes <[email protected]>
Acked-by: Tom Lendacky <[email protected]>
Cc: Tom Lendacky <[email protected]>
Cc: Brijesh Singh <[email protected]>
Cc: Marc Orr <[email protected]>
Cc: Joerg Roedel <[email protected]>
Cc: Herbert Xu <[email protected]>
Cc: David Rientjes <[email protected]>
Cc: John Allen <[email protected]>
Cc: "David S. Miller" <[email protected]>
Cc: Paolo Bonzini <[email protected]>
Cc: [email protected]
Cc: [email protected]
---
drivers/crypto/ccp/sev-dev.c | 30 ++++++++++++++++--------------
1 file changed, 16 insertions(+), 14 deletions(-)
diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index f527e5f9ed1f..ef7e8b4c6e02 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -241,7 +241,7 @@ static int __sev_platform_init_locked(int *error)
struct psp_device *psp = psp_master;
struct sev_data_init data;
struct sev_device *sev;
- int rc = 0;
+ int psp_ret, rc = 0;
if (!psp || !psp->sev_data)
return -ENODEV;
@@ -266,7 +266,21 @@ static int __sev_platform_init_locked(int *error)
data.tmr_len = SEV_ES_TMR_SIZE;
}
- rc = __sev_do_cmd_locked(SEV_CMD_INIT, &data, error);
+ rc = __sev_do_cmd_locked(SEV_CMD_INIT, &data, &psp_ret);
+ if (rc && psp_ret == SEV_RET_SECURE_DATA_INVALID) {
+ /*
+ * Initialization command returned an integrity check failure
+ * status code, meaning that firmware load and validation of SEV
+ * related persistent data has failed. Retrying the
+ * initialization function should succeed by replacing the state
+ * with a reset state.
+ */
+ dev_dbg(sev->dev, "SEV: retrying INIT command");
+ rc = __sev_do_cmd_locked(SEV_CMD_INIT, &data, &psp_ret);
+ }
+ if (error)
+ *error = psp_ret;
+
if (rc)
return rc;
@@ -1091,18 +1105,6 @@ void sev_pci_init(void)
/* Initialize the platform */
rc = sev_platform_init(&error);
- if (rc && (error == SEV_RET_SECURE_DATA_INVALID)) {
- /*
- * INIT command returned an integrity check failure
- * status code, meaning that firmware load and
- * validation of SEV related persistent data has
- * failed and persistent state has been erased.
- * Retrying INIT command here should succeed.
- */
- dev_dbg(sev->dev, "SEV: retrying INIT command");
- rc = sev_platform_init(&error);
- }
-
if (rc) {
dev_err(sev->dev, "SEV: failed to INIT error %#x, rc %d\n",
error, rc);
--
2.34.0.384.gca35af8252-goog
Hi Peter,
I love your patch! Yet something to improve:
[auto build test ERROR on herbert-cryptodev-2.6/master]
[also build test ERROR on herbert-crypto-2.6/master kvm/queue linus/master v5.16-rc3 next-20211203]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/0day-ci/linux/commits/Peter-Gonda/Add-SEV_INIT_EX-support/20211203-224846
base: https://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git master
config: x86_64-randconfig-a002-20211203 (https://download.01.org/0day-ci/archive/20211204/[email protected]/config)
compiler: gcc-9 (Debian 9.3.0-22) 9.3.0
reproduce (this is a W=1 build):
# https://github.com/0day-ci/linux/commit/32a279c228e30c47be88442fe20f890203854d9c
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review Peter-Gonda/Add-SEV_INIT_EX-support/20211203-224846
git checkout 32a279c228e30c47be88442fe20f890203854d9c
# save the config file to linux build tree
mkdir build_dir
make W=1 O=build_dir ARCH=x86_64 SHELL=/bin/bash drivers/crypto/ccp/
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <[email protected]>
All errors (new ones prefixed by >>):
In file included from arch/x86/include/asm/bug.h:84,
from include/linux/bug.h:5,
from include/linux/jump_label.h:262,
from include/linux/static_key.h:1,
from arch/x86/include/asm/nospec-branch.h:6,
from arch/x86/include/asm/paravirt_types.h:40,
from arch/x86/include/asm/ptrace.h:97,
from arch/x86/include/asm/math_emu.h:5,
from arch/x86/include/asm/processor.h:13,
from arch/x86/include/asm/timex.h:5,
from include/linux/timex.h:65,
from include/linux/time32.h:13,
from include/linux/time.h:60,
from include/linux/stat.h:19,
from include/linux/module.h:13,
from drivers/crypto/ccp/sev-dev.c:10:
drivers/crypto/ccp/sev-dev.c: In function 'sev_read_init_ex_file':
>> include/linux/lockdep.h:286:52: error: invalid type argument of '->' (have 'struct mutex')
286 | #define lockdep_is_held(lock) lock_is_held(&(lock)->dep_map)
| ^~
include/asm-generic/bug.h:121:25: note: in definition of macro 'WARN_ON'
121 | int __ret_warn_on = !!(condition); \
| ^~~~~~~~~
include/linux/lockdep.h:316:2: note: in expansion of macro 'lockdep_assert'
316 | lockdep_assert(lockdep_is_held(l) != LOCK_STATE_NOT_HELD)
| ^~~~~~~~~~~~~~
include/linux/lockdep.h:316:17: note: in expansion of macro 'lockdep_is_held'
316 | lockdep_assert(lockdep_is_held(l) != LOCK_STATE_NOT_HELD)
| ^~~~~~~~~~~~~~~
drivers/crypto/ccp/sev-dev.c:179:2: note: in expansion of macro 'lockdep_assert_held'
179 | lockdep_assert_held(sev_cmd_mutex);
| ^~~~~~~~~~~~~~~~~~~
drivers/crypto/ccp/sev-dev.c: In function 'sev_write_init_ex_file':
>> include/linux/lockdep.h:286:52: error: invalid type argument of '->' (have 'struct mutex')
286 | #define lockdep_is_held(lock) lock_is_held(&(lock)->dep_map)
| ^~
include/asm-generic/bug.h:121:25: note: in definition of macro 'WARN_ON'
121 | int __ret_warn_on = !!(condition); \
| ^~~~~~~~~
include/linux/lockdep.h:316:2: note: in expansion of macro 'lockdep_assert'
316 | lockdep_assert(lockdep_is_held(l) != LOCK_STATE_NOT_HELD)
| ^~~~~~~~~~~~~~
include/linux/lockdep.h:316:17: note: in expansion of macro 'lockdep_is_held'
316 | lockdep_assert(lockdep_is_held(l) != LOCK_STATE_NOT_HELD)
| ^~~~~~~~~~~~~~~
drivers/crypto/ccp/sev-dev.c:215:2: note: in expansion of macro 'lockdep_assert_held'
215 | lockdep_assert_held(sev_cmd_mutex);
| ^~~~~~~~~~~~~~~~~~~
In file included from include/linux/device.h:15,
from drivers/crypto/ccp/psp-dev.h:13,
from drivers/crypto/ccp/sev-dev.c:29:
drivers/crypto/ccp/sev-dev.c:223:4: warning: format '%d' expects argument of type 'int', but argument 3 has type 'long int' [-Wformat=]
223 | "SEV: could not open file for write, error %d\n",
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/dev_printk.h:110:16: note: in definition of macro 'dev_printk_index_wrap'
110 | _p_func(dev, fmt, ##__VA_ARGS__); \
| ^~~
include/linux/dev_printk.h:144:49: note: in expansion of macro 'dev_fmt'
144 | dev_printk_index_wrap(_dev_err, KERN_ERR, dev, dev_fmt(fmt), ##__VA_ARGS__)
| ^~~~~~~
drivers/crypto/ccp/sev-dev.c:222:3: note: in expansion of macro 'dev_err'
222 | dev_err(sev->dev,
| ^~~~~~~
drivers/crypto/ccp/sev-dev.c:223:48: note: format string is defined here
223 | "SEV: could not open file for write, error %d\n",
| ~^
| |
| int
| %ld
In file included from arch/x86/include/asm/bug.h:84,
from include/linux/bug.h:5,
from include/linux/jump_label.h:262,
from include/linux/static_key.h:1,
from arch/x86/include/asm/nospec-branch.h:6,
from arch/x86/include/asm/paravirt_types.h:40,
from arch/x86/include/asm/ptrace.h:97,
from arch/x86/include/asm/math_emu.h:5,
from arch/x86/include/asm/processor.h:13,
from arch/x86/include/asm/timex.h:5,
from include/linux/timex.h:65,
from include/linux/time32.h:13,
from include/linux/time.h:60,
from include/linux/stat.h:19,
from include/linux/module.h:13,
from drivers/crypto/ccp/sev-dev.c:10:
drivers/crypto/ccp/sev-dev.c: In function 'sev_write_init_ex_file_if_required':
>> include/linux/lockdep.h:286:52: error: invalid type argument of '->' (have 'struct mutex')
286 | #define lockdep_is_held(lock) lock_is_held(&(lock)->dep_map)
| ^~
include/asm-generic/bug.h:121:25: note: in definition of macro 'WARN_ON'
121 | int __ret_warn_on = !!(condition); \
| ^~~~~~~~~
include/linux/lockdep.h:316:2: note: in expansion of macro 'lockdep_assert'
316 | lockdep_assert(lockdep_is_held(l) != LOCK_STATE_NOT_HELD)
| ^~~~~~~~~~~~~~
include/linux/lockdep.h:316:17: note: in expansion of macro 'lockdep_is_held'
316 | lockdep_assert(lockdep_is_held(l) != LOCK_STATE_NOT_HELD)
| ^~~~~~~~~~~~~~~
drivers/crypto/ccp/sev-dev.c:244:2: note: in expansion of macro 'lockdep_assert_held'
244 | lockdep_assert_held(sev_cmd_mutex);
| ^~~~~~~~~~~~~~~~~~~
drivers/crypto/ccp/sev-dev.c: In function 'sev_pci_init':
drivers/crypto/ccp/sev-dev.c:1250:15: warning: unused variable 'tmr_page' [-Wunused-variable]
1250 | struct page *tmr_page;
| ^~~~~~~~
vim +286 include/linux/lockdep.h
f607c668577481 Peter Zijlstra 2009-07-20 285
f8319483f57f1c Peter Zijlstra 2016-11-30 @286 #define lockdep_is_held(lock) lock_is_held(&(lock)->dep_map)
f8319483f57f1c Peter Zijlstra 2016-11-30 287 #define lockdep_is_held_type(lock, r) lock_is_held_type(&(lock)->dep_map, (r))
f607c668577481 Peter Zijlstra 2009-07-20 288
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/[email protected]
Hi Peter,
I love your patch! Perhaps something to improve:
[auto build test WARNING on herbert-cryptodev-2.6/master]
[also build test WARNING on herbert-crypto-2.6/master kvm/queue linus/master v5.16-rc3 next-20211203]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/0day-ci/linux/commits/Peter-Gonda/Add-SEV_INIT_EX-support/20211203-224846
base: https://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git master
config: x86_64-randconfig-c007-20211203 (https://download.01.org/0day-ci/archive/20211204/[email protected]/config)
compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project d30fcadf07ee552f20156ea90be2fdb54cb9cb08)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://github.com/0day-ci/linux/commit/32a279c228e30c47be88442fe20f890203854d9c
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review Peter-Gonda/Add-SEV_INIT_EX-support/20211203-224846
git checkout 32a279c228e30c47be88442fe20f890203854d9c
# save the config file to linux build tree
mkdir build_dir
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross W=1 O=build_dir ARCH=x86_64 SHELL=/bin/bash drivers/crypto/ccp/
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <[email protected]>
All warnings (new ones prefixed by >>):
drivers/crypto/ccp/sev-dev.c:179:2: error: member reference type 'struct mutex' is not a pointer; did you mean to use '.'?
lockdep_assert_held(sev_cmd_mutex);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/lockdep.h:316:17: note: expanded from macro 'lockdep_assert_held'
lockdep_assert(lockdep_is_held(l) != LOCK_STATE_NOT_HELD)
~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/lockdep.h:286:52: note: expanded from macro 'lockdep_is_held'
#define lockdep_is_held(lock) lock_is_held(&(lock)->dep_map)
^
include/linux/lockdep.h:310:32: note: expanded from macro 'lockdep_assert'
do { WARN_ON(debug_locks && !(cond)); } while (0)
~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~
include/asm-generic/bug.h:121:25: note: expanded from macro 'WARN_ON'
int __ret_warn_on = !!(condition); \
^~~~~~~~~
drivers/crypto/ccp/sev-dev.c:179:2: error: cannot take the address of an rvalue of type 'struct lockdep_map'
lockdep_assert_held(sev_cmd_mutex);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/lockdep.h:316:17: note: expanded from macro 'lockdep_assert_held'
lockdep_assert(lockdep_is_held(l) != LOCK_STATE_NOT_HELD)
~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/lockdep.h:286:45: note: expanded from macro 'lockdep_is_held'
#define lockdep_is_held(lock) lock_is_held(&(lock)->dep_map)
^
include/linux/lockdep.h:310:32: note: expanded from macro 'lockdep_assert'
do { WARN_ON(debug_locks && !(cond)); } while (0)
~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~
include/asm-generic/bug.h:121:25: note: expanded from macro 'WARN_ON'
int __ret_warn_on = !!(condition); \
^~~~~~~~~
drivers/crypto/ccp/sev-dev.c:215:2: error: member reference type 'struct mutex' is not a pointer; did you mean to use '.'?
lockdep_assert_held(sev_cmd_mutex);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/lockdep.h:316:17: note: expanded from macro 'lockdep_assert_held'
lockdep_assert(lockdep_is_held(l) != LOCK_STATE_NOT_HELD)
~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/lockdep.h:286:52: note: expanded from macro 'lockdep_is_held'
#define lockdep_is_held(lock) lock_is_held(&(lock)->dep_map)
^
include/linux/lockdep.h:310:32: note: expanded from macro 'lockdep_assert'
do { WARN_ON(debug_locks && !(cond)); } while (0)
~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~
include/asm-generic/bug.h:121:25: note: expanded from macro 'WARN_ON'
int __ret_warn_on = !!(condition); \
^~~~~~~~~
drivers/crypto/ccp/sev-dev.c:215:2: error: cannot take the address of an rvalue of type 'struct lockdep_map'
lockdep_assert_held(sev_cmd_mutex);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/lockdep.h:316:17: note: expanded from macro 'lockdep_assert_held'
lockdep_assert(lockdep_is_held(l) != LOCK_STATE_NOT_HELD)
~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/lockdep.h:286:45: note: expanded from macro 'lockdep_is_held'
#define lockdep_is_held(lock) lock_is_held(&(lock)->dep_map)
^
include/linux/lockdep.h:310:32: note: expanded from macro 'lockdep_assert'
do { WARN_ON(debug_locks && !(cond)); } while (0)
~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~
include/asm-generic/bug.h:121:25: note: expanded from macro 'WARN_ON'
int __ret_warn_on = !!(condition); \
^~~~~~~~~
>> drivers/crypto/ccp/sev-dev.c:224:4: warning: format specifies type 'int' but the argument has type 'long' [-Wformat]
PTR_ERR(fp));
^~~~~~~~~~~
include/linux/dev_printk.h:144:65: note: expanded from macro 'dev_err'
dev_printk_index_wrap(_dev_err, KERN_ERR, dev, dev_fmt(fmt), ##__VA_ARGS__)
~~~ ^~~~~~~~~~~
include/linux/dev_printk.h:110:23: note: expanded from macro 'dev_printk_index_wrap'
_p_func(dev, fmt, ##__VA_ARGS__); \
~~~ ^~~~~~~~~~~
drivers/crypto/ccp/sev-dev.c:244:2: error: member reference type 'struct mutex' is not a pointer; did you mean to use '.'?
lockdep_assert_held(sev_cmd_mutex);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/lockdep.h:316:17: note: expanded from macro 'lockdep_assert_held'
lockdep_assert(lockdep_is_held(l) != LOCK_STATE_NOT_HELD)
~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/lockdep.h:286:52: note: expanded from macro 'lockdep_is_held'
#define lockdep_is_held(lock) lock_is_held(&(lock)->dep_map)
^
include/linux/lockdep.h:310:32: note: expanded from macro 'lockdep_assert'
do { WARN_ON(debug_locks && !(cond)); } while (0)
~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~
include/asm-generic/bug.h:121:25: note: expanded from macro 'WARN_ON'
int __ret_warn_on = !!(condition); \
^~~~~~~~~
drivers/crypto/ccp/sev-dev.c:244:2: error: cannot take the address of an rvalue of type 'struct lockdep_map'
lockdep_assert_held(sev_cmd_mutex);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/lockdep.h:316:17: note: expanded from macro 'lockdep_assert_held'
lockdep_assert(lockdep_is_held(l) != LOCK_STATE_NOT_HELD)
~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/lockdep.h:286:45: note: expanded from macro 'lockdep_is_held'
#define lockdep_is_held(lock) lock_is_held(&(lock)->dep_map)
^
include/linux/lockdep.h:310:32: note: expanded from macro 'lockdep_assert'
do { WARN_ON(debug_locks && !(cond)); } while (0)
~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~
include/asm-generic/bug.h:121:25: note: expanded from macro 'WARN_ON'
int __ret_warn_on = !!(condition); \
^~~~~~~~~
drivers/crypto/ccp/sev-dev.c:1250:15: warning: unused variable 'tmr_page' [-Wunused-variable]
struct page *tmr_page;
^
2 warnings and 6 errors generated.
vim +224 drivers/crypto/ccp/sev-dev.c
207
208 static void sev_write_init_ex_file(void)
209 {
210 struct sev_device *sev = psp_master->sev_data;
211 struct file *fp;
212 loff_t offset = 0;
213 ssize_t nwrite;
214
215 lockdep_assert_held(sev_cmd_mutex);
216
217 if (!sev_init_ex_buffer)
218 return;
219
220 fp = filp_open(init_ex_path, O_CREAT | O_WRONLY, 0600);
221 if (IS_ERR(fp)) {
222 dev_err(sev->dev,
223 "SEV: could not open file for write, error %d\n",
> 224 PTR_ERR(fp));
225 return;
226 }
227
228 nwrite = kernel_write(fp, sev_init_ex_buffer, NV_LENGTH, &offset);
229 vfs_fsync(fp, 0);
230 filp_close(fp, NULL);
231
232 if (nwrite != NV_LENGTH) {
233 dev_err(sev->dev,
234 "SEV: failed to write %u bytes to non volatile memory area, ret %ld\n",
235 NV_LENGTH, nwrite);
236 return;
237 }
238
239 dev_dbg(sev->dev, "SEV: write successful to NV file\n");
240 }
241
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/[email protected]
Hi Peter,
I love your patch! Yet something to improve:
[auto build test ERROR on herbert-cryptodev-2.6/master]
[also build test ERROR on herbert-crypto-2.6/master kvm/queue linus/master v5.16-rc3 next-20211203]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/0day-ci/linux/commits/Peter-Gonda/Add-SEV_INIT_EX-support/20211203-224846
base: https://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git master
config: x86_64-randconfig-c007-20211203 (https://download.01.org/0day-ci/archive/20211204/[email protected]/config)
compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project d30fcadf07ee552f20156ea90be2fdb54cb9cb08)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://github.com/0day-ci/linux/commit/32a279c228e30c47be88442fe20f890203854d9c
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review Peter-Gonda/Add-SEV_INIT_EX-support/20211203-224846
git checkout 32a279c228e30c47be88442fe20f890203854d9c
# save the config file to linux build tree
mkdir build_dir
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross W=1 O=build_dir ARCH=x86_64 SHELL=/bin/bash
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <[email protected]>
All errors (new ones prefixed by >>):
>> drivers/crypto/ccp/sev-dev.c:179:2: error: member reference type 'struct mutex' is not a pointer; did you mean to use '.'?
lockdep_assert_held(sev_cmd_mutex);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/lockdep.h:316:17: note: expanded from macro 'lockdep_assert_held'
lockdep_assert(lockdep_is_held(l) != LOCK_STATE_NOT_HELD)
~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/lockdep.h:286:52: note: expanded from macro 'lockdep_is_held'
#define lockdep_is_held(lock) lock_is_held(&(lock)->dep_map)
^
include/linux/lockdep.h:310:32: note: expanded from macro 'lockdep_assert'
do { WARN_ON(debug_locks && !(cond)); } while (0)
~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~
include/asm-generic/bug.h:121:25: note: expanded from macro 'WARN_ON'
int __ret_warn_on = !!(condition); \
^~~~~~~~~
>> drivers/crypto/ccp/sev-dev.c:179:2: error: cannot take the address of an rvalue of type 'struct lockdep_map'
lockdep_assert_held(sev_cmd_mutex);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/lockdep.h:316:17: note: expanded from macro 'lockdep_assert_held'
lockdep_assert(lockdep_is_held(l) != LOCK_STATE_NOT_HELD)
~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/lockdep.h:286:45: note: expanded from macro 'lockdep_is_held'
#define lockdep_is_held(lock) lock_is_held(&(lock)->dep_map)
^
include/linux/lockdep.h:310:32: note: expanded from macro 'lockdep_assert'
do { WARN_ON(debug_locks && !(cond)); } while (0)
~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~
include/asm-generic/bug.h:121:25: note: expanded from macro 'WARN_ON'
int __ret_warn_on = !!(condition); \
^~~~~~~~~
drivers/crypto/ccp/sev-dev.c:215:2: error: member reference type 'struct mutex' is not a pointer; did you mean to use '.'?
lockdep_assert_held(sev_cmd_mutex);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/lockdep.h:316:17: note: expanded from macro 'lockdep_assert_held'
lockdep_assert(lockdep_is_held(l) != LOCK_STATE_NOT_HELD)
~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/lockdep.h:286:52: note: expanded from macro 'lockdep_is_held'
#define lockdep_is_held(lock) lock_is_held(&(lock)->dep_map)
^
include/linux/lockdep.h:310:32: note: expanded from macro 'lockdep_assert'
do { WARN_ON(debug_locks && !(cond)); } while (0)
~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~
include/asm-generic/bug.h:121:25: note: expanded from macro 'WARN_ON'
int __ret_warn_on = !!(condition); \
^~~~~~~~~
drivers/crypto/ccp/sev-dev.c:215:2: error: cannot take the address of an rvalue of type 'struct lockdep_map'
lockdep_assert_held(sev_cmd_mutex);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/lockdep.h:316:17: note: expanded from macro 'lockdep_assert_held'
lockdep_assert(lockdep_is_held(l) != LOCK_STATE_NOT_HELD)
~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/lockdep.h:286:45: note: expanded from macro 'lockdep_is_held'
#define lockdep_is_held(lock) lock_is_held(&(lock)->dep_map)
^
include/linux/lockdep.h:310:32: note: expanded from macro 'lockdep_assert'
do { WARN_ON(debug_locks && !(cond)); } while (0)
~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~
include/asm-generic/bug.h:121:25: note: expanded from macro 'WARN_ON'
int __ret_warn_on = !!(condition); \
^~~~~~~~~
drivers/crypto/ccp/sev-dev.c:224:4: warning: format specifies type 'int' but the argument has type 'long' [-Wformat]
PTR_ERR(fp));
^~~~~~~~~~~
include/linux/dev_printk.h:144:65: note: expanded from macro 'dev_err'
dev_printk_index_wrap(_dev_err, KERN_ERR, dev, dev_fmt(fmt), ##__VA_ARGS__)
~~~ ^~~~~~~~~~~
include/linux/dev_printk.h:110:23: note: expanded from macro 'dev_printk_index_wrap'
_p_func(dev, fmt, ##__VA_ARGS__); \
~~~ ^~~~~~~~~~~
drivers/crypto/ccp/sev-dev.c:244:2: error: member reference type 'struct mutex' is not a pointer; did you mean to use '.'?
lockdep_assert_held(sev_cmd_mutex);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/lockdep.h:316:17: note: expanded from macro 'lockdep_assert_held'
lockdep_assert(lockdep_is_held(l) != LOCK_STATE_NOT_HELD)
~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/lockdep.h:286:52: note: expanded from macro 'lockdep_is_held'
#define lockdep_is_held(lock) lock_is_held(&(lock)->dep_map)
^
include/linux/lockdep.h:310:32: note: expanded from macro 'lockdep_assert'
do { WARN_ON(debug_locks && !(cond)); } while (0)
~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~
include/asm-generic/bug.h:121:25: note: expanded from macro 'WARN_ON'
int __ret_warn_on = !!(condition); \
^~~~~~~~~
drivers/crypto/ccp/sev-dev.c:244:2: error: cannot take the address of an rvalue of type 'struct lockdep_map'
lockdep_assert_held(sev_cmd_mutex);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/lockdep.h:316:17: note: expanded from macro 'lockdep_assert_held'
lockdep_assert(lockdep_is_held(l) != LOCK_STATE_NOT_HELD)
~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/lockdep.h:286:45: note: expanded from macro 'lockdep_is_held'
#define lockdep_is_held(lock) lock_is_held(&(lock)->dep_map)
^
include/linux/lockdep.h:310:32: note: expanded from macro 'lockdep_assert'
do { WARN_ON(debug_locks && !(cond)); } while (0)
~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~
include/asm-generic/bug.h:121:25: note: expanded from macro 'WARN_ON'
int __ret_warn_on = !!(condition); \
^~~~~~~~~
drivers/crypto/ccp/sev-dev.c:1250:15: warning: unused variable 'tmr_page' [-Wunused-variable]
struct page *tmr_page;
^
2 warnings and 6 errors generated.
vim +179 drivers/crypto/ccp/sev-dev.c
172
173 static int sev_read_init_ex_file(void)
174 {
175 struct sev_device *sev = psp_master->sev_data;
176 struct file *fp;
177 ssize_t nread;
178
> 179 lockdep_assert_held(sev_cmd_mutex);
180
181 if (!sev_init_ex_buffer)
182 return -EOPNOTSUPP;
183
184 fp = filp_open(init_ex_path, O_RDONLY, 0);
185 if (IS_ERR(fp)) {
186 int ret = PTR_ERR(fp);
187
188 dev_err(sev->dev,
189 "SEV: could not open %s for read, error %d\n",
190 init_ex_path, ret);
191 return ret;
192 }
193
194 nread = kernel_read(fp, sev_init_ex_buffer, NV_LENGTH, NULL);
195 if (nread != NV_LENGTH) {
196 dev_err(sev->dev,
197 "SEV: failed to read %u bytes to non volatile memory area, ret %ld\n",
198 NV_LENGTH, nread);
199 return -EIO;
200 }
201
202 dev_dbg(sev->dev, "SEV: read %ld bytes from NV file\n", nread);
203 filp_close(fp, NULL);
204
205 return 0;
206 }
207
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/[email protected]
On 12/3/21 8:46 AM, Peter Gonda wrote:
> SEV_INIT requires users to unlock their SPI bus for the PSP's non
> volatile (NV) storage. Users may wish to lock their SPI bus for numerous
> reasons, to support this the PSP firmware supports SEV_INIT_EX. INIT_EX
> allows the firmware to use a region of memory for its NV storage leaving
> the kernel responsible for actually storing the data in a persistent
> way. This series adds a new module parameter to ccp allowing users to
> specify a path to a file for use as the PSP's NV storage. The ccp driver
> then reads the file into memory for the PSP to use and is responsible
> for writing the file whenever the PSP modifies the memory region.
>
> V4
> * Fix make C=1 W=1 warnings.
>
> V3
> * Add another module parameter 'psp_init_on_probe' to allow for skipping
> PSP init on module init.
> * Fixes review comments from Sean.
> * Fixes missing error checking with file reading.
> * Removed setting 'error' to a set value in patch 1.
>
> Signed-off-by: Peter Gonda <[email protected]>
> Reviewed-by: Marc Orr <[email protected]>
> Acked-by: David Rientjes <[email protected]>
> Cc: Tom Lendacky <[email protected]>
> Cc: Brijesh Singh <[email protected]>
> Cc: Marc Orr <[email protected]>
> Cc: Joerg Roedel <[email protected]>
> Cc: Herbert Xu <[email protected]>
> Cc: David Rientjes <[email protected]>
> Cc: John Allen <[email protected]>
> Cc: "David S. Miller" <[email protected]>
> Cc: Paolo Bonzini <[email protected]>
> Cc: [email protected]
> Cc: [email protected]
Series
Acked-by: Brijesh Singh <[email protected]>
thanks Peter.
On Sat, Dec 04, 2021 at 05:25:25AM +0800, kernel test robot wrote:
> Hi Peter,
>
> I love your patch! Yet something to improve:
>
> [auto build test ERROR on herbert-cryptodev-2.6/master]
> [also build test ERROR on herbert-crypto-2.6/master kvm/queue linus/master v5.16-rc3 next-20211203]
> [If your patch is applied to the wrong git tree, kindly drop us a note.
> And when submitting patch, we suggest to use '--base' as documented in
> https://git-scm.com/docs/git-format-patch]
So this still seems to be broken.
Cheers,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt