[PATCH 3/4] crypto/ccp: support setting RAPL_DIS in SNP_INIT_EX
From: Tycho Andersen
Date: Mon Feb 23 2026 - 11:35:16 EST
From: "Tycho Andersen (AMD)" <tycho@xxxxxxxxxx>
The kernel allows setting the RAPL_DIS policy bit, but had no way to set
the RAPL_DIS bit during SNP_INIT_EX. Setting the policy bit would always
result in:
[ 898.840286] ccp 0000:a9:00.5: sev command 0xa0 failed (0x00000007)
Allow setting the RAPL_DIS bit during SNP_INIT_EX via a module parameter.
If the hardware does not support RAPL_DIS, log and disable the module
parameter.
Signed-off-by: Tycho Andersen (AMD) <tycho@xxxxxxxxxx>
---
drivers/crypto/ccp/sev-dev.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index 096f993974d1..362126453ef0 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -75,6 +75,10 @@ static bool psp_init_on_probe = true;
module_param(psp_init_on_probe, bool, 0444);
MODULE_PARM_DESC(psp_init_on_probe, " if true, the PSP will be initialized on module init. Else the PSP will be initialized on the first command requiring it");
+static bool rapl_disable;
+module_param(rapl_disable, bool, 0444);
+MODULE_PARM_DESC(rapl_disable, " if true, the RAPL_DIS bit will be set during INIT_EX if supported");
+
#if IS_ENABLED(CONFIG_PCI_TSM)
static bool sev_tio_enabled = true;
module_param_named(tio, sev_tio_enabled, bool, 0444);
@@ -1428,6 +1432,16 @@ static int __sev_snp_init_locked(int *error, unsigned int max_snp_asid)
data.max_snp_asid = max_snp_asid;
}
+ if (rapl_disable) {
+ if (sev->snp_feat_info_0.ecx & SNP_RAPL_DISABLE_SUPPORTED) {
+ data.rapl_dis = 1;
+ } else {
+ dev_info(sev->dev,
+ "SEV: RAPL_DIS requested, but not supported");
+ rapl_disable = false;
+ }
+ }
+
data.init_rmp = 1;
data.list_paddr_en = 1;
data.list_paddr = __psp_pa(snp_range_list);
--
2.53.0