crypto: ccp - Abort doing SEV INIT if SNP INIT fails

If SNP host support (SYSCFG.SNPEn) is set, then the RMP table must
be initialized before calling SEV INIT.

In other words, if SNP_INIT(_EX) is not issued or fails then
SEV INIT will fail if SNP host support (SYSCFG.SNPEn) is enabled.

Signed-off-by: Ashish Kalra <ashish.kalra@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index 2e87ca0e292a1c1706a8e878285159b481b68a6f..a0e3de94704e175291524688b2b110ca1eda3e4d 100644 (file)
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -1112,7 +1112,7 @@ static int __sev_snp_init_locked(int *error)
        if (!sev_version_greater_or_equal(SNP_MIN_API_MAJOR, SNP_MIN_API_MINOR)) {
                dev_dbg(sev->dev, "SEV-SNP support requires firmware version >= %d:%d\n",
                        SNP_MIN_API_MAJOR, SNP_MIN_API_MINOR);
-               return 0;
+               return -EOPNOTSUPP;
        }
 
        /* SNP_INIT requires MSR_VM_HSAVE_PA to be cleared on all CPUs. */
@@ -1325,12 +1325,9 @@ static int _sev_platform_init_locked(struct sev_platform_init_args *args)
         */
        rc = __sev_snp_init_locked(&args->error);
        if (rc && rc != -ENODEV) {
-               /*
-                * Don't abort the probe if SNP INIT failed,
-                * continue to initialize the legacy SEV firmware.
-                */
                dev_err(sev->dev, "SEV-SNP: failed to INIT rc %d, error %#x\n",
                        rc, args->error);
+               return rc;
        }
 
        /* Defer legacy SEV/SEV-ES support if allowed by caller/module. */