Re: [RFC v2] crypto/ccp: Introduce SNP_VERIFY_MITIGATION command

Next message: Yu Zhang: "[PATCH v1 0/4] Hyper-V: Add para-virtualized IOMMU support for Linux guests"
Previous message: Alexander Sverdlin: "Re: [PATCH v2 2/3] dt-bindings: arm: sunxi: Add Baijie HelperBoard A133 compatible"
In reply to: Pratik R. Sampat: "Re: [RFC v2] crypto/ccp: Introduce SNP_VERIFY_MITIGATION command"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Tycho Andersen

Date: Mon May 11 2026 - 12:57:41 EST

On Mon, May 11, 2026 at 12:21:35PM -0400, Pratik R. Sampat wrote:
> I am not keen on caching the result either though. For simplicity, we could just
> drop the failed_status interface, log failure_status with pr_[err|warn](), and
> return -EIO?

Yeah, that sounds reasonable to me.

> > The spec is a bit messy here, though. Table 131 mentions a
> > MIT_REQ_CHECK operation, which I assume should really be _STATUS. It
> > describes what the output VECTOR should be for VERIFY in table 131,
> > but not what it is for STATUS. Table 132 suggests the output VECTOR is
> > the list of supported mitigations, which matches what I was seeing
> > when I played with this.
> >
>
> That is a good catch! We should get that changed in spec.

Yep, I pinged our spec maintainer, hopefully it'll be resolved Real Soon.

Thanks,

Tycho