x86/sev, crypto/ccp: Move SNP init to ccp driver

Use the new snp_prepare() to initialize SNP from the ccp driver instead of at
boot time. This means that SNP is not enabled unless it is really going to be
used (i.e. kvm_amd loads the ccp driver automatically).

Signed-off-by: Tycho Andersen (AMD) <tycho@kernel.org>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
Link: https://patch.msgid.link/20260324161301.1353976-5-tycho@kernel.org

diff --git a/arch/x86/virt/svm/sev.c b/arch/x86/virt/svm/sev.c
index 3b2273dca1964dadc244297f3d2a2cd64bc6a149..423fe77cc70f9c2721660d2afc54d00757a16066 100644 (file)
--- a/arch/x86/virt/svm/sev.c
+++ b/arch/x86/virt/svm/sev.c
@@ -562,8 +562,6 @@ int __init snp_rmptable_init(void)
        if (!setup_rmptable())
                return -ENOSYS;
 
-       snp_prepare();
-
        /*
         * Setting crash_kexec_post_notifiers to 'true' to ensure that SNP panic
         * notifier is invoked to do SNP IOMMU shutdown before kdump.

diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index 8b2dfc11289bdcc6e0cca84896b484e4b4c52907..024eab24314502433909450605e7d0744b7082a2 100644 (file)
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -1373,6 +1373,8 @@ static int __sev_snp_init_locked(int *error, unsigned int max_snp_asid)
                return -EOPNOTSUPP;
        }
 
+       snp_prepare();
+
        /* SNP_INIT requires MSR_VM_HSAVE_PA to be cleared on all CPUs. */
        on_each_cpu(snp_set_hsave_pa, NULL, 1);