lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <3eae371b-929b-4615-a8f2-cb89281fb175@amd.com>
Date: Fri, 22 Aug 2025 11:48:40 -0500
From: Tom Lendacky <thomas.lendacky@....com>
To: Ashish Kalra <Ashish.Kalra@....com>, joro@...tes.org,
 suravee.suthikulpanit@....com, Sairaj.ArunKodilkar@....com,
 Vasant.Hegde@....com, herbert@...dor.apana.org.au
Cc: seanjc@...gle.com, pbonzini@...hat.com, will@...nel.org,
 robin.murphy@....com, john.allen@....com, davem@...emloft.net,
 michael.roth@....com, iommu@...ts.linux.dev, linux-kernel@...r.kernel.org,
 linux-crypto@...r.kernel.org, kvm@...r.kernel.org
Subject: Re: [PATCH v5 3/4] crypto: ccp: Skip SEV and SNP INIT for kdump boot

On 7/30/25 16:56, Ashish Kalra wrote:
> From: Ashish Kalra <ashish.kalra@....com>
> 
> If SNP is enabled and initialized in the previous kernel then SNP is
> already initialized for kdump boot and attempting SNP INIT again

s/for/during/

s/SNP INIT/to initialize SNP/

> during kdump boot causes SNP INIT failure and eventually leads to

s/during kdump boot/in the kdump kernel/
s/causes SNP INIT failure/results in an SNP initialization failure/
s/ and eventually/. This leads to/

> IOMMU failures.

s/IOMMU failures/IOMMU initialization failure/

> 
> For SEV avoid SEV INIT failure warnings during kdump boot if SEV
> is enabled and initialized in the previous kernel.
> 
> Skip SNP and SEV INIT if doing kdump boot.

These last two paragraphs seem disjointed. Make a single paragraph that
combines the sentences and says why you're doing what you're doing, e.g.:

Since SEV guests will not be run under a kdump kernel, there is no reason
to attempt initialization of SEV or SNP. This can prevent initialization
errors that leads to IOMMU initialization failure if SEV or SNP were
previously initialized.

Massage as needed.

> 
> Tested-by: Sairaj Kodilkar <sarunkod@....com>
> Signed-off-by: Ashish Kalra <ashish.kalra@....com>
> ---
>  drivers/crypto/ccp/sev-dev.c | 8 ++++++++
>  1 file changed, 8 insertions(+)
> 
> diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
> index e058ba027792..c204831ca4a6 100644
> --- a/drivers/crypto/ccp/sev-dev.c
> +++ b/drivers/crypto/ccp/sev-dev.c
> @@ -28,6 +28,7 @@
>  #include <linux/fs_struct.h>
>  #include <linux/psp.h>
>  #include <linux/amd-iommu.h>
> +#include <linux/crash_dump.h>
>  
>  #include <asm/smp.h>
>  #include <asm/cacheflush.h>
> @@ -1345,6 +1346,13 @@ static int _sev_platform_init_locked(struct sev_platform_init_args *args)
>  	if (!psp_master || !psp_master->sev_data)
>  		return -ENODEV;
>  
> +	/*
> +	 * Skip SNP/SEV INIT for kdump boot as SEV/SNP is already initialized

s/INIT for kdump boot/initialization under a kdump kernel/
s/is already/may already be/

> +	 * in previous kernel if SEV/SNP is enabled.

s/in previous/in the previous/
s/ if SEV/SNP is enabled//

Also state here that since no guests will be run under a kdump kernel it
is ok do skip initialization.

Thanks,
Tom

> +	 */
> +	if (is_kdump_kernel())
> +		return 0;
> +
>  	sev = psp_master->sev_data;
>  
>  	if (sev->state == SEV_STATE_INIT)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ