| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 18 Jan 2024 15:03:43 +0100
From: Borislav Petkov <bp@...en8.de>
To: Michael Roth <michael.roth@....com>
Cc: x86@...nel.org, kvm@...r.kernel.org, linux-coco@...ts.linux.dev,
linux-mm@...ck.org, linux-crypto@...r.kernel.org,
linux-kernel@...r.kernel.org, tglx@...utronix.de, mingo@...hat.com,
jroedel@...e.de, thomas.lendacky@....com, hpa@...or.com,
ardb@...nel.org, pbonzini@...hat.com, seanjc@...gle.com,
vkuznets@...hat.com, jmattson@...gle.com, luto@...nel.org,
dave.hansen@...ux.intel.com, slp@...hat.com, pgonda@...gle.com,
peterz@...radead.org, srinivas.pandruvada@...ux.intel.com,
rientjes@...gle.com, tobin@....com, vbabka@...e.cz,
kirill@...temov.name, ak@...ux.intel.com, tony.luck@...el.com,
sathyanarayanan.kuppuswamy@...ux.intel.com, alpergun@...gle.com,
jarkko@...nel.org, ashish.kalra@....com, nikunj.dadhania@....com,
pankaj.gupta@....com, liam.merwick@...cle.com
Subject: Re: [PATCH v1 17/26] crypto: ccp: Handle non-volatile INIT_EX data
when SNP is enabled
On Sat, Dec 30, 2023 at 10:19:45AM -0600, Michael Roth wrote:
> drivers/crypto/ccp/sev-dev.c | 104 ++++++++++++++++++++++++++---------
> 1 file changed, 79 insertions(+), 25 deletions(-)
Some minor cleanups ontop:
diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index dfe7f7afc411..a72ed4466d7b 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -266,16 +266,15 @@ static int sev_read_init_ex_file(void)
}
/*
- * When SNP is enabled, the pages comprising the buffer used to populate
- * the file specified by the init_ex_path module parameter needs to be set
- * to firmware-owned, which removes the mapping from the kernel direct
- * mapping since generally the hypervisor does not access firmware-owned
- * pages. However, in this case the hypervisor does need to read the
- * buffer to transfer the contents to the file at init_ex_path, so this
- * function is used to create a temporary virtual mapping to be used for
- * this purpose.
+ * When SNP is enabled, the pages comprising the buffer used to populate the
+ * file specified by the init_ex_path module parameter needs to be set to
+ * firmware-owned. This removes the mapping from the kernel direct mapping since
+ * generally the hypervisor does not access firmware-owned pages. However, in
+ * this case the hypervisor does need to read the buffer to transfer the
+ * contents to the file at init_ex_path, so create a temporary virtual mapping
+ * to be used for this purpose.
*/
-static void *vmap_sev_init_ex_buffer(void)
+static void *vmap_init_ex_buf(void)
{
struct page *pages[NV_PAGES];
unsigned long base_pfn;
@@ -292,6 +291,11 @@ static void *vmap_sev_init_ex_buffer(void)
return vmap(pages, NV_PAGES, VM_MAP, PAGE_KERNEL_RO);
}
+static void destroy_init_ex_buf(void *buf)
+{
+ vunmap(buf);
+}
+
static int sev_write_init_ex_file(void)
{
struct sev_device *sev = psp_master->sev_data;
@@ -315,7 +319,7 @@ static int sev_write_init_ex_file(void)
return ret;
}
- sev_init_ex_buffer = vmap_sev_init_ex_buffer();
+ sev_init_ex_buffer = vmap_init_ex_buf();
if (!sev_init_ex_buffer) {
dev_err(sev->dev, "SEV: failed to map non-volative memory area\n");
return -EIO;
@@ -329,12 +333,12 @@ static int sev_write_init_ex_file(void)
dev_err(sev->dev,
"SEV: failed to write %u bytes to non volatile memory area, ret %ld\n",
NV_LENGTH, nwrite);
- vunmap(sev_init_ex_buffer);
+ destroy_init_ex_buf(sev_init_ex_buffer);
return -EIO;
}
dev_dbg(sev->dev, "SEV: write successful to NV file\n");
- vunmap(sev_init_ex_buffer);
+ destroy_init_ex_buf(sev_init_ex_buffer);
return 0;
}
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
Powered by blists - more mailing lists