Re: [Part2 PATCH v6 13/38] crypto: ccp: Add Secure Encrypted Virtualization (SEV) command support
From: Brijesh Singh
Date: Thu Oct 26 2017 - 12:57:12 EST
On 10/26/2017 08:56 AM, Borislav Petkov wrote:
On Mon, Oct 23, 2017 at 02:57:04PM -0500, Brijesh Singh wrote:
Calling PLATFORM_GET_STATUS is not required, we can manage the state through
a simple ref count variable. Issuing PSP commands will always be much more
expensive compare to accessing a protected global variable.
What does "protected" mean here?
Access global variable after acquiring the semaphore.
In any case, that variable can be a simple bool as you use it as such.
I am not using the variable (fw_init_count) as boolean. The variable
gets incremented in sev_platform_init() and decremented in
sev_platform_shutdown(). In very first call to sev_platform_init (i.e
when variable is zero) we issue PLATFORM_INIT command, similarly
PLATFORM_SHUTDOWN is issued on the last (i.e when variable value is
reached to zero). The variable is used as ref counter.
I would prefer to avoid invoking PSP command if possible.
Additionally, the global semaphore is still needed to serialize
the sev_platform_init() and sev_platform_shutdown() from multiple
processes. e.g If process "A" calls sev_platform_init() and if it gets
preempted due to whatever reason then we don't want another process
to issue the shutdown command while process "A" is in middle of
sev_platform_init().
How? You're holding fw_init_mutex.
In your previous reply you comments on global semaphore (fw_init_mutex)
and in response I tried to highlight why we need the global semaphore.
Did I misunderstood your comment ?
-Brijesh