Re: [RFC v2] crypto/ccp: Introduce SNP_VERIFY_MITIGATION command

Next message: Nicolas Dufresne: "Re: [PATCH v5 06/29] media: rockchip: rga: fix too small buffer size"
Previous message: Nicolas Dufresne: "Re: [PATCH v5 05/29] media: v4l2-common: add v4l2_fill_pixfmt_mp_aligned helper"
Next in thread: Tycho Andersen: "Re: [RFC v2] crypto/ccp: Introduce SNP_VERIFY_MITIGATION command"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Pratik R. Sampat

Date: Fri May 08 2026 - 17:11:13 EST

Hi Tycho,

Missed this one in my mailbox. Thanks for the review!

On 5/4/26 10:32 AM, Tycho Andersen wrote:
> On Fri, May 01, 2026 at 11:20:51AM -0400, Pratik R. Sampat wrote:
>> - failed_status (read-only): firmware-reported failure status from the
>> last operation, as returned alongside the status vectors
>
> "from the last operation" is not quite right here, it looks like it
> re-runs the STATUS command and reports that error?

That is correct. It runs the STATUS command and reports the status of the
verification operation. Probably better to phrase it as the "last verification
operation" instead?

>
>> + failed_status: Read only interface that reports the status of
>> + the verification operation.
>
> This should probably also note that it runs a fresh operation.
>

Ack.

> I was trying to think of a nice way to report the status of the last
> operation short of caching it, but I didn't come up with anything
> good. I don't think it's important enough to cache, the failure codes
> right now are all for things that would persist across runs.
>

Right, I didn't want to leave room for any ambiguity so avoided caching it for
one additional call.
If the failure status is set, we do fail the VERIFY op as well, but I wasn't
too sure how to report that failure without an additional interface like this.

--Pratik