[PATCH 0/7] Move initializing SEV/SNP functionality to KVM
From: Ashish Kalra
Date: Mon Dec 09 2024 - 18:24:49 EST
From: Ashish Kalra <ashish.kalra@xxxxxxx>
Remove initializing SEV/SNP functionality from PSP driver and instead add
support to KVM to explicitly initialize the PSP if KVM wants to use
SEV/SNP functionality.
This removes SEV/SNP initialization at PSP module probe time and does
on-demand SEV/SNP initialization when KVM really wants to use
SEV/SNP functionality. This will allow running legacy non-confidential
VMs without initializating SEV functionality.
This will assist in adding SNP CipherTextHiding support and SEV firmware
hotloading support in KVM without sharing SEV ASID management and SNP
guest context support between PSP driver and KVM and keeping all that
support only in KVM.
Ashish Kalra (7):
crypto: ccp: Move dev_info/err messages for SEV/SNP initialization
crypto: ccp: Fix implicit SEV/SNP init and shutdown in ioctls
crypto: ccp: Reset TMR size at SNP Shutdown
crypto: ccp: Register SNP panic notifier only if SNP is enabled
crypto: ccp: Add new SEV/SNP platform shutdown API
KVM: SVM: Add support to initialize SEV/SNP functionality in KVM
crypto: ccp: Move SEV/SNP Platform initialization to KVM
arch/x86/kvm/svm/sev.c | 11 ++
drivers/crypto/ccp/sev-dev.c | 227 ++++++++++++++++++++++++++---------
include/linux/psp-sev.h | 3 +
3 files changed, 187 insertions(+), 54 deletions(-)
--
2.34.1