1. Patchew
  2. linux
  3. [PATCH 00/11] Move SEV-SNP initialization to ccp driver
  4. View patch

[PATCH 09/11] x86/snp: create snp_x86_shutdown()

Tycho Andersen posted 11 patches 8 hours ago
[PATCH 09/11] x86/snp: create snp_x86_shutdown()
Posted by Tycho Andersen 8 hours ago 
From: "Tycho Andersen (AMD)" <tycho@kernel.org>

After SNP_SHUTDOWN, two architecture-level things should be done:

1. clear the RMP table
2. disable MFDM to prevent the FW_WARN in k8_check_syscfg_dram_mod_en() in
   the event of a kexec

Create and export to the CCP driver a function that does them.

Signed-off-by: Tycho Andersen (AMD) <tycho@kernel.org>
---
 arch/x86/include/asm/sev.h | 2 ++
 arch/x86/virt/svm/sev.c    | 7 +++++++
 2 files changed, 9 insertions(+)

diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h
index 0bcd89d4fe90..36d2b1ea19c0 100644
--- a/arch/x86/include/asm/sev.h
+++ b/arch/x86/include/asm/sev.h
@@ -662,6 +662,7 @@ static inline void snp_leak_pages(u64 pfn, unsigned int pages)
 	__snp_leak_pages(pfn, pages, true);
 }
 void snp_prepare_for_snp_init(void);
+void snp_x86_shutdown(void);
 #else
 static inline bool snp_probe_rmptable_info(void) { return false; }
 static inline int snp_rmptable_init(void) { return -ENOSYS; }
@@ -679,6 +680,7 @@ static inline void snp_leak_pages(u64 pfn, unsigned int npages) {}
 static inline void kdump_sev_callback(void) { }
 static inline void snp_fixup_e820_tables(void) {}
 static inline void snp_prepare_for_snp_init(void) {}
+static inline void snp_x86_shutdown(void) {}
 #endif
 
 #endif
diff --git a/arch/x86/virt/svm/sev.c b/arch/x86/virt/svm/sev.c
index cf984b8f4493..0524fc77b44d 100644
--- a/arch/x86/virt/svm/sev.c
+++ b/arch/x86/virt/svm/sev.c
@@ -544,6 +544,13 @@ void snp_prepare_for_snp_init(void)
 }
 EXPORT_SYMBOL_FOR_MODULES(snp_prepare_for_snp_init, "ccp");
 
+void snp_x86_shutdown(void)
+{
+	snp_clear_rmp();
+	on_each_cpu(mfd_reconfigure, 0, 1);
+}
+EXPORT_SYMBOL_FOR_MODULES(snp_x86_shutdown, "ccp");
+
 /*
  * Do the necessary preparations which are verified by the firmware as
  * described in the SNP_INIT_EX firmware command description in the SNP
-- 
2.53.0
Re: [PATCH 09/11] x86/snp: create snp_x86_shutdown()
Posted by Tom Lendacky 6 hours ago 
On 3/2/26 13:13, Tycho Andersen wrote:
> From: "Tycho Andersen (AMD)" <tycho@kernel.org>
> 
> After SNP_SHUTDOWN, two architecture-level things should be done:
> 
> 1. clear the RMP table
> 2. disable MFDM to prevent the FW_WARN in k8_check_syscfg_dram_mod_en() in
>    the event of a kexec
> 
> Create and export to the CCP driver a function that does them.
> 
> Signed-off-by: Tycho Andersen (AMD) <tycho@kernel.org>
> ---
>  arch/x86/include/asm/sev.h | 2 ++
>  arch/x86/virt/svm/sev.c    | 7 +++++++
>  2 files changed, 9 insertions(+)
> 
> diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h
> index 0bcd89d4fe90..36d2b1ea19c0 100644
> --- a/arch/x86/include/asm/sev.h
> +++ b/arch/x86/include/asm/sev.h
> @@ -662,6 +662,7 @@ static inline void snp_leak_pages(u64 pfn, unsigned int pages)
>  	__snp_leak_pages(pfn, pages, true);
>  }
>  void snp_prepare_for_snp_init(void);
> +void snp_x86_shutdown(void);
>  #else
>  static inline bool snp_probe_rmptable_info(void) { return false; }
>  static inline int snp_rmptable_init(void) { return -ENOSYS; }
> @@ -679,6 +680,7 @@ static inline void snp_leak_pages(u64 pfn, unsigned int npages) {}
>  static inline void kdump_sev_callback(void) { }
>  static inline void snp_fixup_e820_tables(void) {}
>  static inline void snp_prepare_for_snp_init(void) {}
> +static inline void snp_x86_shutdown(void) {}
>  #endif
>  
>  #endif
> diff --git a/arch/x86/virt/svm/sev.c b/arch/x86/virt/svm/sev.c
> index cf984b8f4493..0524fc77b44d 100644
> --- a/arch/x86/virt/svm/sev.c
> +++ b/arch/x86/virt/svm/sev.c
> @@ -544,6 +544,13 @@ void snp_prepare_for_snp_init(void)
>  }
>  EXPORT_SYMBOL_FOR_MODULES(snp_prepare_for_snp_init, "ccp");
>  
> +void snp_x86_shutdown(void)
> +{

Would it make sense to check for SNP being enabled before calling the
functions below? I realize each of the functions in question will do
that, but it could save a bunch of IPI's with the on_each_cpu() if SNP
is still enabled. Not a big deal either way, so:

Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>

Thanks,
Tom

> +	snp_clear_rmp();
> +	on_each_cpu(mfd_reconfigure, 0, 1);
> +}
> +EXPORT_SYMBOL_FOR_MODULES(snp_x86_shutdown, "ccp");
> +
>  /*
>   * Do the necessary preparations which are verified by the firmware as
>   * described in the SNP_INIT_EX firmware command description in the SNP
Re: [PATCH 09/11] x86/snp: create snp_x86_shutdown()
Posted by Tycho Andersen 6 hours ago 
Hi Tom,

On Mon, Mar 02, 2026 at 02:35:38PM -0600, Tom Lendacky wrote:
> > +void snp_x86_shutdown(void)
> > +{
> 
> Would it make sense to check for SNP being enabled before calling the
> functions below? I realize each of the functions in question will do
> that, but it could save a bunch of IPI's with the on_each_cpu() if SNP
> is still enabled. Not a big deal either way, so:

It is guarded at the call site by:

        if (data.x86_snp_shutdown &&
            !WARN_ON_ONCE(syscfg & MSR_AMD64_SYSCFG_SNP_EN)) {
                if (!panic)
                        snp_x86_shutdown();

but we could push that into here to protect any future callers.

If we require a v2 I will make the fix.

> Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>

Thanks for this and the others!

Tycho

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.