You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
crypto: ccp - Fix locking on alloc failure handling
JIRA: https://issues.redhat.com/browse/RHEL-106909
JIRA: https://issues.redhat.com/browse/RHEL-107608
Upstream Status: merged into the linux.git
commit b4abecc
Author: Alexey Kardashevskiy <[email protected]>
Date: Tue Jun 17 19:43:54 2025 +1000
crypto: ccp - Fix locking on alloc failure handling
The __snp_alloc_firmware_pages() helper allocates pages in the firmware
state (alloc + rmpupdate). In case of failed rmpupdate, it tries
reclaiming pages with already changed state. This requires calling
the PSP firmware and since there is sev_cmd_mutex to guard such calls,
the helper takes a "locked" parameter so specify if the lock needs to
be held.
Most calls happen from snp_alloc_firmware_page() which executes without
the lock. However
commit 24512af ("crypto: ccp: Handle the legacy TMR allocation when SNP is enabled")
switched sev_fw_alloc() from alloc_pages() (which does not call the PSP) to
__snp_alloc_firmware_pages() (which does) but did not account for the fact
that sev_fw_alloc() is called from __sev_platform_init_locked()
(via __sev_platform_init_handle_tmr()) and executes with the lock held.
Add a "locked" parameter to __snp_alloc_firmware_pages().
Make sev_fw_alloc() use the new parameter to prevent potential deadlock in
rmp_mark_pages_firmware() if rmpupdate() failed.
Fixes: 24512af ("crypto: ccp: Handle the legacy TMR allocation when SNP is enabled")
Signed-off-by: Alexey Kardashevskiy <[email protected]>
Reviewed-by: Tom Lendacky <[email protected]>
Reviewed-by: Pratik R. Sampat <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
Signed-off-by: Vladis Dronov <[email protected]>
0 commit comments