Re: [PATCH 0/5] x86/sev: Fix SNP host late disable

From: Aithal, Srikanth
Date: Wed Apr 03 2024 - 00:16:26 EST


On 3/27/2024 9:13 PM, Borislav Petkov wrote:
From: "Borislav Petkov (AMD)" <bp@xxxxxxxxx>

Hi,

the intention to track SNP host status with the CPU feature bit
X86_FEATURE_SEV_SNP was all fine and dandy but that can't work if stuff
needs to be disabled late, after alternatives patching - see patch 5.

Therefore, convert the SNP status tracking to a cc_platform*() bit.

The first two are long overdue cleanups.

If no objections, 3-5 should go in now so that 6.9 releases fixed.

Thx.

Borislav Petkov (AMD) (5):
x86/alternatives: Remove a superfluous newline in _static_cpu_has()
x86/alternatives: Catch late X86_FEATURE modifiers
x86/kvm/Kconfig: Have KVM_AMD_SEV select ARCH_HAS_CC_PLATFORM
x86/cc: Add cc_platform_set/_clear() helpers
x86/CPU/AMD: Track SNP host status with cc_platform_*()

arch/x86/coco/core.c | 52 ++++++++++++++++++++++++++++++
arch/x86/include/asm/cpufeature.h | 11 ++++---
arch/x86/include/asm/sev.h | 4 +--
arch/x86/kernel/cpu/amd.c | 38 +++++++++++++---------
arch/x86/kernel/cpu/cpuid-deps.c | 3 ++
arch/x86/kernel/cpu/mtrr/generic.c | 2 +-
arch/x86/kernel/sev.c | 10 ------
arch/x86/kvm/Kconfig | 1 +
arch/x86/kvm/svm/sev.c | 2 +-
arch/x86/virt/svm/sev.c | 26 ++++++++++-----
drivers/crypto/ccp/sev-dev.c | 2 +-
drivers/iommu/amd/init.c | 4 ++-
include/linux/cc_platform.h | 12 +++++++
13 files changed, 124 insertions(+), 43 deletions(-)

Tested this patch. I could boot with snp enabled and iommu=pt mode,kexec as well works fine. Thank you.

Tested-by: Srikanth Aithal <sraithal@xxxxxxx>