The following commit has been merged into the x86/sev branch of tip:

Commit-ID:     299933b118d1bcf8b93d58076aed34582718b0dd
Gitweb:        https://git.kernel.org/tip/299933b118d1bcf8b93d58076aed34582718b0dd
Author:        Tycho Andersen (AMD) <tycho@kernel.org>
AuthorDate:    Tue, 24 Mar 2026 10:12:58 -06:00
Committer:     Borislav Petkov (AMD) <bp@alien8.de>
CommitterDate: Sun, 29 Mar 2026 12:32:09 +02:00

x86/sev, crypto/ccp: Move SNP init to ccp driver

Use the new snp_prepare() to initialize SNP from the ccp driver instead of at
boot time. This means that SNP is not enabled unless it is really going to be
used (i.e. kvm_amd loads the ccp driver automatically).

Signed-off-by: Tycho Andersen (AMD) <tycho@kernel.org>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
Link: https://patch.msgid.link/20260324161301.1353976-5-tycho@kernel.org
---
 arch/x86/virt/svm/sev.c      | 2 --
 drivers/crypto/ccp/sev-dev.c | 2 ++
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/arch/x86/virt/svm/sev.c b/arch/x86/virt/svm/sev.c
index 3b2273d..423fe77 100644
--- a/arch/x86/virt/svm/sev.c
+++ b/arch/x86/virt/svm/sev.c
@@ -562,8 +562,6 @@ int __init snp_rmptable_init(void)
 	if (!setup_rmptable())
 		return -ENOSYS;
 
-	snp_prepare();
-
 	/*
 	 * Setting crash_kexec_post_notifiers to 'true' to ensure that SNP panic
 	 * notifier is invoked to do SNP IOMMU shutdown before kdump.
diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index 8b2dfc1..024eab2 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -1373,6 +1373,8 @@ static int __sev_snp_init_locked(int *error, unsigned int max_snp_asid)
 		return -EOPNOTSUPP;
 	}
 
+	snp_prepare();
+
 	/* SNP_INIT requires MSR_VM_HSAVE_PA to be cleared on all CPUs. */
 	on_each_cpu(snp_set_hsave_pa, NULL, 1);