[PATCH] crypto: ccp: Prevent a spurious SEV_CMD_SNP_INIT triggered by sev_guest_init()

From: Jarkko Sakkinen
Date: Sun Dec 04 2022 - 01:17:07 EST


Move the firmware version check from sev_pci_init() to sev_snp_init().

Signed-off-by: Jarkko Sakkinen <jarkko@xxxxxxxxxxx>
---
drivers/crypto/ccp/sev-dev.c | 28 ++++++++++++++--------------
1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index 6c4fdcaed72b..462c9aaa2e7e 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -1381,6 +1381,12 @@ static int __sev_snp_init_locked(int *error)
if (sev->snp_initialized)
return 0;

+ if (!sev_version_greater_or_equal(SNP_MIN_API_MAJOR, SNP_MIN_API_MINOR)) {
+ dev_dbg(sev->dev, "SEV-SNP support requires firmware version >= %d:%d\n",
+ SNP_MIN_API_MAJOR, SNP_MIN_API_MINOR);
+ return -ENODEV;
+ }
+
/*
* The SNP_INIT requires the MSR_VM_HSAVE_PA must be set to 0h
* across all cores.
@@ -2313,25 +2319,19 @@ void sev_pci_init(void)
}
}

+ rc = sev_snp_init(&error, true);
+ if (rc != -ENODEV)
+ /*
+ * Don't abort the probe if SNP INIT failed,
+ * continue to initialize the legacy SEV firmware.
+ */
+ dev_err(sev->dev, "SEV-SNP: failed to INIT error %#x\n", error);
+
/*
* If boot CPU supports SNP, then first attempt to initialize
* the SNP firmware.
*/
if (cpu_feature_enabled(X86_FEATURE_SEV_SNP)) {
- if (!sev_version_greater_or_equal(SNP_MIN_API_MAJOR, SNP_MIN_API_MINOR)) {
- dev_err(sev->dev, "SEV-SNP support requires firmware version >= %d:%d\n",
- SNP_MIN_API_MAJOR, SNP_MIN_API_MINOR);
- } else {
- rc = sev_snp_init(&error, true);
- if (rc) {
- /*
- * Don't abort the probe if SNP INIT failed,
- * continue to initialize the legacy SEV firmware.
- */
- dev_err(sev->dev, "SEV-SNP: failed to INIT error %#x\n", error);
- }
- }
-
/*
* Allocate the intermediate buffers used for the legacy command handling.
*/
--
2.38.1


--IsE/bX3OQifH/VY6--