tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

x86/sev: Create snp_prepare()

In preparation for delayed SNP initialization, create a function snp_prepare()
that does the necessary architecture setup. Export this function for the ccp
module to allow it to do the setup as necessary.

Introduce a cpu_read_lock/unlock() wrapper around the MFDM and SNP enable.
While CPU hotplug is not supported, this makes sure that the bit setting
happens on the same set of CPUs in both cases.

This improvement was suggested by Sashiko:

https://sashiko.dev/#/patchset/20260324161301.1353976-1-tycho%40kernel.org

Also move {mfd,snp}_enable() out of the __init section, since these will be
called later.

Signed-off-by: Tycho Andersen (AMD) <tycho@kernel.org>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
Link: https://patch.msgid.link/20260326161110.1764303-3-tycho@kernel.org

authored by

Tycho Andersen (AMD) and committed by
Borislav Petkov (AMD) ca2ca373 9c016c3f

+32 -19
+2
arch/x86/include/asm/sev.h
··· 661 661 { 662 662 __snp_leak_pages(pfn, pages, true); 663 663 } 664 + void snp_prepare(void); 664 665 #else 665 666 static inline bool snp_probe_rmptable_info(void) { return false; } 666 667 static inline int snp_rmptable_init(void) { return -ENOSYS; } ··· 678 677 static inline void snp_leak_pages(u64 pfn, unsigned int npages) {} 679 678 static inline void kdump_sev_callback(void) { } 680 679 static inline void snp_fixup_e820_tables(void) {} 680 + static inline void snp_prepare(void) {} 681 681 #endif 682 682 683 683 #endif
+30 -19
arch/x86/virt/svm/sev.c
··· 132 132 #undef pr_fmt 133 133 #define pr_fmt(fmt) "SEV-SNP: " fmt 134 134 135 - static __init void mfd_enable(void *arg) 135 + static void mfd_enable(void *arg) 136 136 { 137 137 if (!cc_platform_has(CC_ATTR_HOST_SEV_SNP)) 138 138 return; ··· 140 140 msr_set_bit(MSR_AMD64_SYSCFG, MSR_AMD64_SYSCFG_MFDM_BIT); 141 141 } 142 142 143 - static __init void snp_enable(void *arg) 143 + static void snp_enable(void *arg) 144 144 { 145 145 u64 val; 146 146 ··· 503 503 return true; 504 504 } 505 505 506 + void snp_prepare(void) 507 + { 508 + u64 val; 509 + 510 + /* 511 + * Check if SEV-SNP is already enabled, this can happen in case of 512 + * kexec boot. 513 + */ 514 + rdmsrq(MSR_AMD64_SYSCFG, val); 515 + if (val & MSR_AMD64_SYSCFG_SNP_EN) 516 + return; 517 + 518 + clear_rmp(); 519 + 520 + cpus_read_lock(); 521 + 522 + /* 523 + * MtrrFixDramModEn is not shared between threads on a core, 524 + * therefore it must be set on all CPUs prior to enabling SNP. 525 + */ 526 + on_each_cpu(mfd_enable, NULL, 1); 527 + on_each_cpu(snp_enable, NULL, 1); 528 + 529 + cpus_read_unlock(); 530 + } 531 + EXPORT_SYMBOL_FOR_MODULES(snp_prepare, "ccp"); 532 + 506 533 /* 507 534 * Do the necessary preparations which are verified by the firmware as 508 535 * described in the SNP_INIT_EX firmware command description in the SNP ··· 537 510 */ 538 511 int __init snp_rmptable_init(void) 539 512 { 540 - u64 val; 541 - 542 513 if (WARN_ON_ONCE(!cc_platform_has(CC_ATTR_HOST_SEV_SNP))) 543 514 return -ENOSYS; 544 515 ··· 546 521 if (!setup_rmptable()) 547 522 return -ENOSYS; 548 523 549 - /* 550 - * Check if SEV-SNP is already enabled, this can happen in case of 551 - * kexec boot. 552 - */ 553 - rdmsrq(MSR_AMD64_SYSCFG, val); 554 - if (val & MSR_AMD64_SYSCFG_SNP_EN) 555 - goto skip_enable; 524 + snp_prepare(); 556 525 557 - clear_rmp(); 558 - 559 - /* MtrrFixDramModEn must be enabled on all the CPUs prior to enabling SNP. */ 560 - on_each_cpu(mfd_enable, NULL, 1); 561 - 562 - on_each_cpu(snp_enable, NULL, 1); 563 - 564 - skip_enable: 565 526 /* 566 527 * Setting crash_kexec_post_notifiers to 'true' to ensure that SNP panic 567 528 * notifier is invoked to do SNP IOMMU shutdown before kdump.