| Message ID | 02f6935e6156df959d0542899c5e1a12d65d2b61.1738618801.git.ashish.kalra@amd.com |
|---|---|
| State | New |
| Headers | show |
| Series | Fix broken SNP support with KVM module built-in | expand |
Hello Tom, On 2/7/2025 3:45 PM, Tom Lendacky wrote: > On 2/3/25 15:56, Ashish Kalra wrote: >> From: Sean Christopherson <seanjc@google.com> >> >> KVM is dependent on the PSP SEV driver and PSP SEV driver needs to be >> loaded before KVM module. In case of module loading any dependent >> modules are automatically loaded but in case of built-in modules there >> is no inherent mechanism available to specify dependencies between >> modules and ensure that any dependent modules are loaded implicitly. >> >> Add a new external API interface for PSP module initialization which >> allows PSP SEV driver to be loaded explicitly if KVM is built-in. >> >> Signed-off-by: Sean Christopherson <seanjc@google.com> >> Co-developed-by: Ashish Kalra <ashish.kalra@amd.com> >> Signed-off-by: Ashish Kalra <ashish.kalra@amd.com> >> --- >> drivers/crypto/ccp/sp-dev.c | 14 ++++++++++++++ >> include/linux/psp-sev.h | 9 +++++++++ >> 2 files changed, 23 insertions(+) >> >> diff --git a/drivers/crypto/ccp/sp-dev.c b/drivers/crypto/ccp/sp-dev.c >> index 7eb3e4668286..3467f6db4f50 100644 >> --- a/drivers/crypto/ccp/sp-dev.c >> +++ b/drivers/crypto/ccp/sp-dev.c >> @@ -19,6 +19,7 @@ >> #include <linux/types.h> >> #include <linux/ccp.h> >> >> +#include "sev-dev.h" >> #include "ccp-dev.h" >> #include "sp-dev.h" >> >> @@ -253,8 +254,12 @@ struct sp_device *sp_get_psp_master_device(void) >> static int __init sp_mod_init(void) >> { >> #ifdef CONFIG_X86 >> + static bool initialized; >> int ret; >> >> + if (initialized) >> + return 0; > > Do we need any kind of mutex protection here? Is the init process > parallelized? We only have one caller today, so probably not a big deal. > Yes the booting will be parallelized, but the main reason we needed to explicitly initialize the PSP driver from KVM module load time was that for the built-in modules case, KVM module was being loaded before the PSP driver, as per the order of compilation of modules. So as kvm_amd module will be loading before CCP driver, therefore, i don't believe kvm module load -> sev_module_init() -> sp_mod_init() can execute concurrently with CCP module probe -> sp_mod_init(). Therefore i believe, the above code in sp_mod_init() should be safe. And sev_module_init() is only called in case kvm_amd module is built-in. Thanks, Ashish > If we don't need that: > > Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com> > > Thanks, > Tom > >> + >> ret = sp_pci_init(); >> if (ret) >> return ret; >> @@ -263,6 +268,8 @@ static int __init sp_mod_init(void) >> psp_pci_init(); >> #endif >> >> + initialized = true; >> + >> return 0; >> #endif >> >> @@ -279,6 +286,13 @@ static int __init sp_mod_init(void) >> return -ENODEV; >> } >> >> +#if IS_BUILTIN(CONFIG_KVM_AMD) && IS_ENABLED(CONFIG_KVM_AMD_SEV) >> +int __init sev_module_init(void) >> +{ >> + return sp_mod_init(); >> +} >> +#endif >> + >> static void __exit sp_mod_exit(void) >> { >> #ifdef CONFIG_X86 >> diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h >> index 903ddfea8585..f3cad182d4ef 100644 >> --- a/include/linux/psp-sev.h >> +++ b/include/linux/psp-sev.h >> @@ -814,6 +814,15 @@ struct sev_data_snp_commit { >> >> #ifdef CONFIG_CRYPTO_DEV_SP_PSP >> >> +/** >> + * sev_module_init - perform PSP SEV module initialization >> + * >> + * Returns: >> + * 0 if the PSP module is successfully initialized >> + * negative value if the PSP module initialization fails >> + */ >> +int sev_module_init(void); >> + >> /** >> * sev_platform_init - perform SEV INIT command >> *
diff --git a/drivers/crypto/ccp/sp-dev.c b/drivers/crypto/ccp/sp-dev.c index 7eb3e4668286..3467f6db4f50 100644 --- a/drivers/crypto/ccp/sp-dev.c +++ b/drivers/crypto/ccp/sp-dev.c @@ -19,6 +19,7 @@ #include <linux/types.h> #include <linux/ccp.h> +#include "sev-dev.h" #include "ccp-dev.h" #include "sp-dev.h" @@ -253,8 +254,12 @@ struct sp_device *sp_get_psp_master_device(void) static int __init sp_mod_init(void) { #ifdef CONFIG_X86 + static bool initialized; int ret; + if (initialized) + return 0; + ret = sp_pci_init(); if (ret) return ret; @@ -263,6 +268,8 @@ static int __init sp_mod_init(void) psp_pci_init(); #endif + initialized = true; + return 0; #endif @@ -279,6 +286,13 @@ static int __init sp_mod_init(void) return -ENODEV; } +#if IS_BUILTIN(CONFIG_KVM_AMD) && IS_ENABLED(CONFIG_KVM_AMD_SEV) +int __init sev_module_init(void) +{ + return sp_mod_init(); +} +#endif + static void __exit sp_mod_exit(void) { #ifdef CONFIG_X86 diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index 903ddfea8585..f3cad182d4ef 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -814,6 +814,15 @@ struct sev_data_snp_commit { #ifdef CONFIG_CRYPTO_DEV_SP_PSP +/** + * sev_module_init - perform PSP SEV module initialization + * + * Returns: + * 0 if the PSP module is successfully initialized + * negative value if the PSP module initialization fails + */ +int sev_module_init(void); + /** * sev_platform_init - perform SEV INIT command *