From patchwork Tue Mar 29 16:41:14 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mario Limonciello X-Patchwork-Id: 555032 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2275AC433FE for ; Tue, 29 Mar 2022 16:41:44 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239766AbiC2QnZ (ORCPT ); Tue, 29 Mar 2022 12:43:25 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33970 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239764AbiC2QnU (ORCPT ); Tue, 29 Mar 2022 12:43:20 -0400 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2081.outbound.protection.outlook.com [40.107.243.81]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9BFD424B5F1; Tue, 29 Mar 2022 09:41:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=P7teMFSlL43QeXLl/RuzDyWMs/8jeSkxO6LpzyNhJFxm4oa7+VTbRI4ZAFjnc9d5TSPxlwVyCWJ7VfkQMUxNeUn+Crd69Y7iqOAFlt78mX3+dlyiKlNRk+R87MYFvX+ID415NhX6ng+fIHOEZVzWg5U7ZGPbJbTd4PQ2CpPeJQ5U3CKPFVOMkaZaJg9YHQUAWtYUjW79Y5dcsgZgsTzu9Qb8XAGnptYVom6I7AeDF5fqoSrISD8oh7OEmSZ8cygmvVMm3RgqgvXasuijiURWtt1PCmK9eqqHlzRpbi/OMARKEHET/eZe5jLUORbrwvR2Jq62UBjHLCf+SVrvTDHnlQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=mtNFohs/U1tWZRNn1oyc2ADDVyu8/D4lDo6Iid53kE4=; b=eSCfOAAtVM+pMBRaTcwHVViekDCL3+X7A/Zmzu3LM8/sY9tGBgDqbKqvXMIKamSBLfmRKA+v6V6SY2CA+lM4LC2BBa/+s3oAje9jOg41vX3alc5vVpS8IiP+B3+driQWbNd//nmzCsf7bm2WMr6gvRL00vpVB8+gtfrgB3qFqtR/lRjtp2ZpeY0NgGEJ4kZVeGo5aHat2T5NBMJ/yQfEhrISIhVrphRiSs39ppmx74BbkRgPBdPLQvKXx9X6GlBAXrpS5WKzJrEu9XWvw0wbCHY6Q+slpqiHci30deMqu5XfV+zm22L/HILLOh4Fn6x1zgBw8+h/MgKS1QLxUnODeg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=gondor.apana.org.au smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=mtNFohs/U1tWZRNn1oyc2ADDVyu8/D4lDo6Iid53kE4=; b=XXAwv3aIOdHLqT96s3xcprVIKEo21g6H4ekcp+K1i1uORoQl77Semz+0SMVzVcy44L6S6x5wbtXDd+zkrv3G6/h65Es3Q71CUpnuEZ/GcpDesgEs5FyRO7/IO/coqo8pewKiXQXhvhAJQJRw5VAKZpys0rfHO6t2nALbFacPTWs= Received: from MW4PR03CA0022.namprd03.prod.outlook.com (2603:10b6:303:8f::27) by MW4PR12MB5665.namprd12.prod.outlook.com (2603:10b6:303:187::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5102.19; Tue, 29 Mar 2022 16:41:26 +0000 Received: from CO1NAM11FT042.eop-nam11.prod.protection.outlook.com (2603:10b6:303:8f:cafe::e9) by MW4PR03CA0022.outlook.office365.com (2603:10b6:303:8f::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5102.18 via Frontend Transport; Tue, 29 Mar 2022 16:41:25 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1NAM11FT042.mail.protection.outlook.com (10.13.174.250) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.5102.17 via Frontend Transport; Tue, 29 Mar 2022 16:41:24 +0000 Received: from SATLEXMB06.amd.com (10.181.40.147) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Tue, 29 Mar 2022 11:41:19 -0500 Received: from AUS-LX-MLIMONCI.amd.com (10.180.168.240) by SATLEXMB06.amd.com (10.181.40.147) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Tue, 29 Mar 2022 11:41:18 -0500 From: Mario Limonciello To: Tom Lendacky , John Allen , Herbert Xu , "David S . Miller" CC: open list , "open list:AMD CRYPTOGRAPHIC COPROCESSOR (CCP) DRIVER" , Kerneis Gabriel , Richard Hughes , "Mario Limonciello" Subject: [PATCH v2 1/4] crypto: ccp: cache capability into psp device Date: Tue, 29 Mar 2022 11:41:14 -0500 Message-ID: <20220329164117.1449-2-mario.limonciello@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220329164117.1449-1-mario.limonciello@amd.com> References: <20220329164117.1449-1-mario.limonciello@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB06.amd.com (10.181.40.147) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 62a78c54-65cb-4f98-e2a5-08da11a2f6a5 X-MS-TrafficTypeDiagnostic: MW4PR12MB5665:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: hqJ0Q3QGjdgwg4aRj1HTHp56Ed9vUXqiwnnJ+lHECUzppqAcg2snOYHouv+BM/BAuOqFroyjddoWbGmJkQsIDor5gBvE5OyzEo5PeNxfymFVdQiTfVHQO9Iz/pyyFU/diN/gNrz3YOkY8MQaqxZIGdVhT05VTWiBQaiEkxVPIQXuYILuIUQbd1/f2VJzGK72GlbuSY5YuvGqUcI+xbaP3znYt61hYecjD0K44DhfDXx6kdlrvJzy6hVTOiQrwAv1t6EoUmNR1GvovkzvygD3xRsTfHubl/sN4xFgaz6i1Tq3KTHAaE8bBWL+8KDI+4AjE6/Xv605UYHxCcEadKDokl9wNdemY8U4ZceLDaLx/C9j35OP8mCS6QAhC8Sn0gesYlOivSPRBuxFQ8T4VQb6N+L9f0gIaz40L4kFDNUZvyde3bScgOX5CYnL3qHNRlUNQHZF7KltPRR23N0bDMUbuasix4aMmmTTP2/5GrIkjJ7iyZ+y4TdIIWbqpCKQp1L9JBCCWX896B2sxZ4QFO7yXzz+hKSdOC9M6265pNb8cqFVAC6NPm0fuIydPG1L9ml6nu6cVPbpNd3iXGIgjPFP8hOS1RaUb2+DDEtxXHsmYd2h/ysHUDxzbD6SKmZbYna0sRQ8WrltbmplzRizZdfWs2cV3XLoGq8w9ZWhsnlSsLpfMNpTMebJX/AivsluBz3dGBb2xoD19QiQUFFhoIEEkA== X-Forefront-Antispam-Report: CIP:165.204.84.17; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:SATLEXMB04.amd.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(13230001)(4636009)(36840700001)(40470700004)(46966006)(47076005)(356005)(6666004)(86362001)(83380400001)(81166007)(36860700001)(16526019)(110136005)(54906003)(36756003)(40460700003)(316002)(70206006)(508600001)(8676002)(82310400004)(5660300002)(8936002)(44832011)(70586007)(7696005)(1076003)(26005)(4326008)(2616005)(2906002)(426003)(186003)(336012)(36900700001); DIR:OUT; SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Mar 2022 16:41:24.4912 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 62a78c54-65cb-4f98-e2a5-08da11a2f6a5 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17]; Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT042.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW4PR12MB5665 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The results of the capability register will be used by future code at runtime rather than just initialization. Signed-off-by: Mario Limonciello Acked-by: Tom Lendacky --- drivers/crypto/ccp/psp-dev.c | 37 +++++++++++++++++------------------- drivers/crypto/ccp/psp-dev.h | 5 +++++ 2 files changed, 22 insertions(+), 20 deletions(-) diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c index ae7b44599914..8cd404121cd5 100644 --- a/drivers/crypto/ccp/psp-dev.c +++ b/drivers/crypto/ccp/psp-dev.c @@ -70,17 +70,17 @@ static unsigned int psp_get_capability(struct psp_device *psp) */ if (val == 0xffffffff) { dev_notice(psp->dev, "psp: unable to access the device: you might be running a broken BIOS.\n"); - return 0; + return -ENODEV; } + psp->capability = val; - return val; + return 0; } -static int psp_check_sev_support(struct psp_device *psp, - unsigned int capability) +static int psp_check_sev_support(struct psp_device *psp) { /* Check if device supports SEV feature */ - if (!(capability & 1)) { + if (!(psp->capability & PSP_CAPABILITY_SEV)) { dev_dbg(psp->dev, "psp does not support SEV\n"); return -ENODEV; } @@ -88,11 +88,10 @@ static int psp_check_sev_support(struct psp_device *psp, return 0; } -static int psp_check_tee_support(struct psp_device *psp, - unsigned int capability) +static int psp_check_tee_support(struct psp_device *psp) { /* Check if device supports TEE feature */ - if (!(capability & 2)) { + if (!(psp->capability & PSP_CAPABILITY_TEE)) { dev_dbg(psp->dev, "psp does not support TEE\n"); return -ENODEV; } @@ -100,11 +99,10 @@ static int psp_check_tee_support(struct psp_device *psp, return 0; } -static int psp_check_support(struct psp_device *psp, - unsigned int capability) +static int psp_check_support(struct psp_device *psp) { - int sev_support = psp_check_sev_support(psp, capability); - int tee_support = psp_check_tee_support(psp, capability); + int sev_support = psp_check_sev_support(psp); + int tee_support = psp_check_tee_support(psp); /* Return error if device neither supports SEV nor TEE */ if (sev_support && tee_support) @@ -113,17 +111,17 @@ static int psp_check_support(struct psp_device *psp, return 0; } -static int psp_init(struct psp_device *psp, unsigned int capability) +static int psp_init(struct psp_device *psp) { int ret; - if (!psp_check_sev_support(psp, capability)) { + if (!psp_check_sev_support(psp)) { ret = sev_dev_init(psp); if (ret) return ret; } - if (!psp_check_tee_support(psp, capability)) { + if (!psp_check_tee_support(psp)) { ret = tee_dev_init(psp); if (ret) return ret; @@ -136,7 +134,6 @@ int psp_dev_init(struct sp_device *sp) { struct device *dev = sp->dev; struct psp_device *psp; - unsigned int capability; int ret; ret = -ENOMEM; @@ -155,11 +152,11 @@ int psp_dev_init(struct sp_device *sp) psp->io_regs = sp->io_map; - capability = psp_get_capability(psp); - if (!capability) + ret = psp_get_capability(psp); + if (ret) goto e_disable; - ret = psp_check_support(psp, capability); + ret = psp_check_support(psp); if (ret) goto e_disable; @@ -174,7 +171,7 @@ int psp_dev_init(struct sp_device *sp) goto e_err; } - ret = psp_init(psp, capability); + ret = psp_init(psp); if (ret) goto e_irq; diff --git a/drivers/crypto/ccp/psp-dev.h b/drivers/crypto/ccp/psp-dev.h index ef38e4135d81..d811da28cce6 100644 --- a/drivers/crypto/ccp/psp-dev.h +++ b/drivers/crypto/ccp/psp-dev.h @@ -45,6 +45,8 @@ struct psp_device { void *sev_data; void *tee_data; + + unsigned int capability; }; void psp_set_sev_irq_handler(struct psp_device *psp, psp_irq_handler_t handler, @@ -57,4 +59,7 @@ void psp_clear_tee_irq_handler(struct psp_device *psp); struct psp_device *psp_get_master_device(void); +#define PSP_CAPABILITY_SEV BIT(0) +#define PSP_CAPABILITY_TEE BIT(1) + #endif /* __PSP_DEV_H */ From patchwork Tue Mar 29 16:41:15 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mario Limonciello X-Patchwork-Id: 555031 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B9E36C4332F for ; Tue, 29 Mar 2022 16:41:45 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239786AbiC2Qn0 (ORCPT ); Tue, 29 Mar 2022 12:43:26 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34080 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239768AbiC2QnW (ORCPT ); Tue, 29 Mar 2022 12:43:22 -0400 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2076.outbound.protection.outlook.com [40.107.93.76]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AD2B924CEF0; Tue, 29 Mar 2022 09:41:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=br9+bJyB/Nlxu2b8koMZd+f8Vwb8vntlWV/yjX9dG5suUZqV/b3MUfk0yQ38vSAdMkEtbKwkzAuiG3L1cKSN9UH8NAVP2EQkm+3Q5r/q/LhLE/ZGB4zMjJPF6UOWSuxS8/A4dEtmfbfJpCkdUTtvn5wkyKaKPfLDHqFqd+GxYnF+WSN+GgEQC52IqGXN294XQLyvr1Zdib4XWSalDqlLXHOgxaPmqOTs4CHO2gK6+rNoOjDDCYsbU54ZOG2F/zm2n76NuKcHAvSzSSTnGh5qZLP8GCYTQB0C19oCQTmU365V2og6VTNfEwRpY5tPT67u/N0lh4/Bf1dY317CZzrNHg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=urjPh8O1vLyhsUrZZgDM30gA29H/WB4kYiLNohpO1aY=; b=AEmLKnxh8fYqxi4+Q2H3O1/N3oTEMJ0uKAMPLfo4UCwxq/ju21IBEaQSFokn0ZVpaGf7EtvedYp31+g4QPdvaO+GNNSfve+9FiJ0D122vQgBUk/rdxj4AXgMpowQVmLJuf6kHKJfe9GigazEi79nXBqPjl40DuTg5LNxUaddKQyQQb1pz/VAYNrQKQoRjsJmG/kiMfUrA6mDZH5D3NqiI+6rX6yWxPUjRnv8MtIPXfuTVP5hXLpwt2m1SwDh4GilhFIyOtpN/GMGsX/DjIse4KQw/BUTIy/2HxA0j59hVPs3B6cEezO5Ja5Xnp706PrqUaASTwpcrwsH5xKqwyHikQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=gondor.apana.org.au smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=urjPh8O1vLyhsUrZZgDM30gA29H/WB4kYiLNohpO1aY=; b=QYzBT3p1jjswsLwzcftmanOvD1DaFFtv5Z6JRlp0svspFtFTWkV6omzKenTYPF3vK44X3yvkQTBDUXBK6fLpM0o5xpHcO2dl32xpY1u5E2K4+RIsGfspypkw9Qfe5sNW/0fJBusuwFgm7gLSgwbdv1tjDjy0I4DWZglD0E0ybWQ= Received: from MW4PR03CA0010.namprd03.prod.outlook.com (2603:10b6:303:8f::15) by CH2PR12MB3704.namprd12.prod.outlook.com (2603:10b6:610:21::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5102.16; Tue, 29 Mar 2022 16:41:27 +0000 Received: from CO1NAM11FT042.eop-nam11.prod.protection.outlook.com (2603:10b6:303:8f:cafe::4c) by MW4PR03CA0010.outlook.office365.com (2603:10b6:303:8f::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5123.13 via Frontend Transport; Tue, 29 Mar 2022 16:41:26 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1NAM11FT042.mail.protection.outlook.com (10.13.174.250) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.5102.17 via Frontend Transport; Tue, 29 Mar 2022 16:41:26 +0000 Received: from SATLEXMB06.amd.com (10.181.40.147) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Tue, 29 Mar 2022 11:41:19 -0500 Received: from AUS-LX-MLIMONCI.amd.com (10.180.168.240) by SATLEXMB06.amd.com (10.181.40.147) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Tue, 29 Mar 2022 11:41:19 -0500 From: Mario Limonciello To: Tom Lendacky , John Allen , Herbert Xu , "David S . Miller" CC: open list , "open list:AMD CRYPTOGRAPHIC COPROCESSOR (CCP) DRIVER" , Kerneis Gabriel , Richard Hughes , "Mario Limonciello" Subject: [PATCH v2 2/4] crypto: ccp: Export PSP security bits to userspace Date: Tue, 29 Mar 2022 11:41:15 -0500 Message-ID: <20220329164117.1449-3-mario.limonciello@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220329164117.1449-1-mario.limonciello@amd.com> References: <20220329164117.1449-1-mario.limonciello@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB06.amd.com (10.181.40.147) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 282bf0d4-4d29-4177-462a-08da11a2f7d2 X-MS-TrafficTypeDiagnostic: CH2PR12MB3704:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 1a5BBOflMpFL9LYVitjjVJqRtm3TLpCkxGTFul1Che4iAWxFg+xsFORxwoDHUYFgb5VNrC1rsFQ5g3TfvrZnSYp7sFC5WwaU26EeOIo/2iXIVcEpM+ZzEhEKaT9xI9ChBsBNqPGHZ1BRm1pili8HBLO2F43m3OHTSxhGY7RSmV3PbQfLDkzZkugCtVh3cqg4+dPEfGmn2UHrFlvGdR45OVj85zapIIaMxnfUXvTwQrxSY0leLvp1i+IYYxIEj7x4Rq8VKjaV84ycT31T2EE29YNthIMiKk99rSbRRsTPkp/Ou+CJRDyWILW4HUd1yRkJEN7j3L+xEkTy9cfQFlZVMEmvm4yoHPi3rN809VpA7e3cuH7EKHBe3Q+h/ZLwA3y54H9u1BBCHIDAPHTA9dBM/c+Qzm9QQxo9GMSf8JtAQq3OXI9zqYrZaLBvk8MgkQfbx8bHyj49QPxZ7ZsuHoXNx2sLmGEW4ZWwRK3CwrIcYUtQ3DbYZ780vqnMrc1xaZq0adYxH4lFeXHR+Dc2X+Gkf+cNEA9jSvXMqsZC5whmbo2mfiTGBjPBPxkGYdHNONI1ERdWl7/ikMm/ChKXGmnHqpJNeqFqzcOEEKQbICUvxgXHsM3drrxXMZk21K/d07JhdTqM1zPqBGhXSaMoeMHaUKouLiwmSv6tLhCAAsfKpNpuTzWXJQPPyE7df1KBjFMSo5BsUwIjBMbx3ELhm0dilw== X-Forefront-Antispam-Report: CIP:165.204.84.17; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:SATLEXMB04.amd.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(13230001)(4636009)(36840700001)(40470700004)(46966006)(1076003)(336012)(316002)(2616005)(16526019)(47076005)(83380400001)(26005)(36756003)(70206006)(4326008)(8676002)(82310400004)(70586007)(426003)(6666004)(5660300002)(186003)(40460700003)(110136005)(356005)(44832011)(7696005)(8936002)(36860700001)(54906003)(15650500001)(2906002)(86362001)(508600001)(81166007)(36900700001); DIR:OUT; SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Mar 2022 16:41:26.4598 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 282bf0d4-4d29-4177-462a-08da11a2f7d2 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17]; Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT042.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB3704 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The PSP sets several pre-defined bits in the capabilities register to indicate that security attributes of the platform. Export these attributes into userspace for administrators to confirm platform is properly locked down. Signed-off-by: Mario Limonciello Acked-by: Tom Lendacky --- Documentation/ABI/testing/sysfs-driver-ccp | 87 ++++++++++++++++++++++ drivers/crypto/ccp/psp-dev.h | 17 +++++ drivers/crypto/ccp/sp-pci.c | 62 +++++++++++++++ 3 files changed, 166 insertions(+) create mode 100644 Documentation/ABI/testing/sysfs-driver-ccp diff --git a/Documentation/ABI/testing/sysfs-driver-ccp b/Documentation/ABI/testing/sysfs-driver-ccp new file mode 100644 index 000000000000..7aded9b75553 --- /dev/null +++ b/Documentation/ABI/testing/sysfs-driver-ccp @@ -0,0 +1,87 @@ +What: /sys/bus/pci/devices//fused_part +Date: June 2022 +KernelVersion: 5.19 +Contact: mario.limonciello@amd.com +Description: + The /sys/bus/pci/devices//fused_part file reports + whether the CPU or APU has been fused to prevent tampering. + 0: Not fused + 1: Fused + +What: /sys/bus/pci/devices//debug_lock_on +Date: June 2022 +KernelVersion: 5.19 +Contact: mario.limonciello@amd.com +Description: + The /sys/bus/pci/devices//debug_lock_on reports + whether the AMD CPU or APU has been unlocked for debugging. + Possible values: + 0: Not locked + 1: Locked + +What: /sys/bus/pci/devices//tsme_status +Date: June 2022 +KernelVersion: 5.19 +Contact: mario.limonciello@amd.com +Description: + The /sys/bus/pci/devices//tsme_status file reports + the status of transparent secure memory encryption on AMD systems. + Possible values: + 0: Not active + 1: Active + +What: /sys/bus/pci/devices//anti_rollback_status +Date: June 2022 +KernelVersion: 5.19 +Contact: mario.limonciello@amd.com +Description: + The /sys/bus/pci/devices//anti_rollback_status file reports + whether the PSP is enforcing rollback protection. + Possible values: + 0: Not enforcing + 1: Enforcing + +What: /sys/bus/pci/devices//rpmc_production_enabled +Date: June 2022 +KernelVersion: 5.19 +Contact: mario.limonciello@amd.com +Description: + The /sys/bus/pci/devices//rpmc_production_enabled file reports + whether Replay Protected Monotonic Counter support has been enabled. + Possible values: + 0: Not enabled + 1: Enabled + +What: /sys/bus/pci/devices//rpmc_spirom_available +Date: June 2022 +KernelVersion: 5.19 +Contact: mario.limonciello@amd.com +Description: + The /sys/bus/pci/devices//rpmc_spirom_available file reports + whether an Replay Protected Monotonic Counter supported SPI is installed + on the system. + Possible values: + 0: Not present + 1: Present + +What: /sys/bus/pci/devices//hsp_tpm_available +Date: June 2022 +KernelVersion: 5.19 +Contact: mario.limonciello@amd.com +Description: + The /sys/bus/pci/devices//hsp_tpm_available file reports + whether the HSP TPM has been activated. + Possible values: + 0: Not activated or present + 1: Activated + +What: /sys/bus/pci/devices//rom_armor_enforced +Date: June 2022 +KernelVersion: 5.19 +Contact: mario.limonciello@amd.com +Description: + The /sys/bus/pci/devices//rom_armor_enforced file reports + whether RomArmor SPI protection is enforced. + Possible values: + 0: Not enforced + 1: Enforced diff --git a/drivers/crypto/ccp/psp-dev.h b/drivers/crypto/ccp/psp-dev.h index d811da28cce6..d528eb04c3ef 100644 --- a/drivers/crypto/ccp/psp-dev.h +++ b/drivers/crypto/ccp/psp-dev.h @@ -61,5 +61,22 @@ struct psp_device *psp_get_master_device(void); #define PSP_CAPABILITY_SEV BIT(0) #define PSP_CAPABILITY_TEE BIT(1) +#define PSP_CAPABILITY_PSP_SECURITY_REPORTING BIT(7) + +#define PSP_CAPABILITY_PSP_SECURITY_OFFSET 8 +/* + * The PSP doesn't directly store these bits in the capability register + * but instead copies them from the results of query command. + * + * The offsets from the query command are below, and shifted when used. + */ +#define PSP_SECURITY_FUSED_PART BIT(0) +#define PSP_SECURITY_DEBUG_LOCK_ON BIT(2) +#define PSP_SECURITY_TSME_STATUS BIT(5) +#define PSP_SECURITY_ANTI_ROLLBACK_STATUS BIT(7) +#define PSP_SECURITY_RPMC_PRODUCTION_ENABLED BIT(8) +#define PSP_SECURITY_RPMC_SPIROM_AVAILABLE BIT(9) +#define PSP_SECURITY_HSP_TPM_AVAILABLE BIT(10) +#define PSP_SECURITY_ROM_ARMOR_ENFORCED BIT(11) #endif /* __PSP_DEV_H */ diff --git a/drivers/crypto/ccp/sp-pci.c b/drivers/crypto/ccp/sp-pci.c index 88c672ad27e4..b5970ae54d0e 100644 --- a/drivers/crypto/ccp/sp-pci.c +++ b/drivers/crypto/ccp/sp-pci.c @@ -32,6 +32,67 @@ struct sp_pci { }; static struct sp_device *sp_dev_master; +#define attribute_show(name, def) \ +static ssize_t name##_show(struct device *d, struct device_attribute *attr, \ + char *buf) \ +{ \ + struct sp_device *sp = dev_get_drvdata(d); \ + struct psp_device *psp = sp->psp_data; \ + int bit = PSP_SECURITY_##def << PSP_CAPABILITY_PSP_SECURITY_OFFSET; \ + return sysfs_emit(buf, "%d\n", (psp->capability & bit) > 0); \ +} + +attribute_show(fused_part, FUSED_PART) +static DEVICE_ATTR_RO(fused_part); +attribute_show(debug_lock_on, DEBUG_LOCK_ON) +static DEVICE_ATTR_RO(debug_lock_on); +attribute_show(tsme_status, TSME_STATUS) +static DEVICE_ATTR_RO(tsme_status); +attribute_show(anti_rollback_status, ANTI_ROLLBACK_STATUS) +static DEVICE_ATTR_RO(anti_rollback_status); +attribute_show(rpmc_production_enabled, RPMC_PRODUCTION_ENABLED) +static DEVICE_ATTR_RO(rpmc_production_enabled); +attribute_show(rpmc_spirom_available, RPMC_SPIROM_AVAILABLE) +static DEVICE_ATTR_RO(rpmc_spirom_available); +attribute_show(hsp_tpm_available, HSP_TPM_AVAILABLE) +static DEVICE_ATTR_RO(hsp_tpm_available); +attribute_show(rom_armor_enforced, ROM_ARMOR_ENFORCED) +static DEVICE_ATTR_RO(rom_armor_enforced); + +static struct attribute *psp_attrs[] = { + &dev_attr_fused_part.attr, + &dev_attr_debug_lock_on.attr, + &dev_attr_tsme_status.attr, + &dev_attr_anti_rollback_status.attr, + &dev_attr_rpmc_production_enabled.attr, + &dev_attr_rpmc_spirom_available.attr, + &dev_attr_hsp_tpm_available.attr, + &dev_attr_rom_armor_enforced.attr, + NULL +}; + +static umode_t psp_security_is_visible(struct kobject *kobj, struct attribute *attr, int idx) +{ + struct device *dev = kobj_to_dev(kobj); + struct sp_device *sp = dev_get_drvdata(dev); + struct psp_device *psp = sp->psp_data; + + if (psp && (psp->capability & PSP_CAPABILITY_PSP_SECURITY_REPORTING)) + return 0444; + + return 0; +} + +static struct attribute_group psp_attr_group = { + .attrs = psp_attrs, + .is_visible = psp_security_is_visible, +}; + +static const struct attribute_group *psp_groups[] = { + &psp_attr_group, + NULL, +}; + static int sp_get_msix_irqs(struct sp_device *sp) { struct sp_pci *sp_pci = sp->dev_specific; @@ -391,6 +452,7 @@ static struct pci_driver sp_pci_driver = { .remove = sp_pci_remove, .shutdown = sp_pci_shutdown, .driver.pm = &sp_pci_pm_ops, + .dev_groups = psp_groups, }; int sp_pci_init(void) From patchwork Tue Mar 29 16:41:16 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mario Limonciello X-Patchwork-Id: 555167 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3DC39C433EF for ; Tue, 29 Mar 2022 16:41:42 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239769AbiC2QnW (ORCPT ); Tue, 29 Mar 2022 12:43:22 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33130 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239749AbiC2QnI (ORCPT ); Tue, 29 Mar 2022 12:43:08 -0400 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2078.outbound.protection.outlook.com [40.107.223.78]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7724D249C49; Tue, 29 Mar 2022 09:41:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=THO6q+oL+70G3LHAjbilTjbVPf3WOjsGlomHafvoIvaFkOyqU5C6+ps6OrU/YeCrIFpTyHWwhjUQCc+lo2afT9hXOpL8XwDO+yiaXcnw6hlQdfc0aOAgRzmrQ1GgVWJCt52vDbAx69E+Wj82wGzV+N+MpwjR9zV4SrNk0V0EUkRVf7AhbiV57SXarCoG89D6HRl8VsZsPYD6ITWM3CHrzwZdSEETCvSiM6rzJAyfkKgnioYC5DLiNmWwCgfVOftFpQjsn27I0WtGSSc5Fwk1tx6bOufynvHgIDkLjMBIhA/RmHHmCjKcAYvyFXrSAvXVfJ+qnf1iNNcslRXqqijuhg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=8hks3HxQLDFXpDW4m6YZMFUZa7UxVIGxvIJFib/pdZg=; b=K1nSp7L9/HmSHvzR5CAS2HNdMFdEsGSXekzWJNosZAIISHU4ls8ndOS/+fAXSxG4229AmAF0KiW9iBJQ9AJBXWWxn2pdgpLCshhod0xM4FLzS7lETOao2oZl3dJUmAE1lnlSX+cRfMpEAbdzH9nTKH8KhteDJXYtLGCGfo+tiVuISrFKDTc934krWK1KvpTrTEGvUT8wg0VZ+e0thLND5c01x6B6Q62ueWG1Fp+lpD1Q7G7J4AMDbNSFhlrJx13nVTz/flCdcx64Kbib/ZfBZI4BMvbn9luLam33klC8PQjXEsNMejC1xZwMH/VzfjAWI0qoP8DJ4+fkBaP37v/9qg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=gondor.apana.org.au smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8hks3HxQLDFXpDW4m6YZMFUZa7UxVIGxvIJFib/pdZg=; b=VaTSJ1WTi3WZnAQVQJohe8N+67pMEruigOyPVvMl30ZNTe8n4kkcMfgKRhaS7xXO3qdySDf+5XW9tAKybJ1gI1r/v8dPb01rX0jkDnPb9CrnH3MtuBRRz9jBUZK1xN8AK8POLRsyQdoEQBrF9SuimR0j1Tx+g69mGLTVFChU2YE= Received: from MW4PR04CA0084.namprd04.prod.outlook.com (2603:10b6:303:6b::29) by BY5PR12MB4308.namprd12.prod.outlook.com (2603:10b6:a03:20a::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5102.19; Tue, 29 Mar 2022 16:41:23 +0000 Received: from CO1NAM11FT066.eop-nam11.prod.protection.outlook.com (2603:10b6:303:6b:cafe::5f) by MW4PR04CA0084.outlook.office365.com (2603:10b6:303:6b::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5102.18 via Frontend Transport; Tue, 29 Mar 2022 16:41:23 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB03.amd.com; Received: from SATLEXMB03.amd.com (165.204.84.17) by CO1NAM11FT066.mail.protection.outlook.com (10.13.175.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.5102.17 via Frontend Transport; Tue, 29 Mar 2022 16:41:21 +0000 Received: from SATLEXMB06.amd.com (10.181.40.147) by SATLEXMB03.amd.com (10.181.40.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Tue, 29 Mar 2022 11:41:20 -0500 Received: from AUS-LX-MLIMONCI.amd.com (10.180.168.240) by SATLEXMB06.amd.com (10.181.40.147) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Tue, 29 Mar 2022 11:41:20 -0500 From: Mario Limonciello To: Tom Lendacky , John Allen , Herbert Xu , "David S . Miller" CC: open list , "open list:AMD CRYPTOGRAPHIC COPROCESSOR (CCP) DRIVER" , Kerneis Gabriel , Richard Hughes , "Mario Limonciello" Subject: [PATCH v2 3/4] crypto: ccp: Allow PSP driver to load without SEV/TEE support Date: Tue, 29 Mar 2022 11:41:16 -0500 Message-ID: <20220329164117.1449-4-mario.limonciello@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220329164117.1449-1-mario.limonciello@amd.com> References: <20220329164117.1449-1-mario.limonciello@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB06.amd.com (10.181.40.147) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 276bd275-6677-4dfc-c584-08da11a2f511 X-MS-TrafficTypeDiagnostic: BY5PR12MB4308:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: I2Oov3sYGstpuVS/AhKtGWLYQTU23BUSXaoLQ4va4/Exfc07qLoIxA1F7fVYs8WuDtRy8K3o5ADzHzAFXdJCdRrYZop1ORCJMxXaIonRmowUtq6fybI5IhKXKUpMcSwTr0rL/KEiOXdtmDMemMm9vtXLqvwW5ProvYoObxoa8WFCQYTR5vRX1zx8x21udbZfCb3lXuWHATgn10DSf5UkLtdahsQDdXxNRiOieFbXWnLneiu5MZMNFBiKsbq17PaIUZ+g2HVL5j65n8bk3D4q12ezUpotDl/bXUeENDF5DkRtfzUBWRN1qZK6WOfPRJlsWIdqKwuh/ubLvO8Pp2358eDBiFG0u08NJ8P36F0ldiu740X/BTstXJ5eKAdex53w38VWsKZ5WWi2wy6PTK9dz5ZJeTT3wvmHfvgJZqvBbm87pH73yBZxGJFqR4ENfjYHKT6K4i+IdzImfoLmoT0AqPcg/h0deOPkOVoIj5R1JupiKcQRE6Adlm8UcduB85BsiVvWA+OPEbar/3UjUil0EpFLwVJN1/TMRwmBpRGiKz8/x8U+vFyTf07MXolQ9L8cswJYEWIVf4WUj0t7zQntY/7fL9ExW6t8xESQNdWwl8JILQBfb/MoQQA0/Jq6bXiS64RjAa4lQPGaKCtVwAjBv2hPrhVr6+SSDOQpkB6FICTXjh1CQv8JJNijVr10/rlD8P8WSYYUOGozNKMjovGQiw== X-Forefront-Antispam-Report: CIP:165.204.84.17; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:SATLEXMB03.amd.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(13230001)(4636009)(36840700001)(46966006)(40470700004)(83380400001)(8936002)(82310400004)(36860700001)(5660300002)(70206006)(6666004)(508600001)(40460700003)(47076005)(54906003)(8676002)(110136005)(70586007)(4326008)(86362001)(7696005)(36756003)(81166007)(2616005)(356005)(2906002)(316002)(1076003)(16526019)(44832011)(426003)(336012)(26005)(186003)(36900700001); DIR:OUT; SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Mar 2022 16:41:21.8428 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 276bd275-6677-4dfc-c584-08da11a2f511 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17]; Helo=[SATLEXMB03.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT066.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR12MB4308 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Previously the PSP probe routine would fail if both SEV and TEE were missing. This is possibly the case for some client parts. As capabilities can now be accessed from userspace, it may still be useful to have the PSP driver finish loading so that those capabilities can be read. Signed-off-by: Mario Limonciello --- v1->v2: * Whitespace fixes --- drivers/crypto/ccp/psp-dev.c | 2 +- drivers/crypto/ccp/sp-dev.c | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c index 8cd404121cd5..3f47b2d81e3c 100644 --- a/drivers/crypto/ccp/psp-dev.c +++ b/drivers/crypto/ccp/psp-dev.c @@ -158,7 +158,7 @@ int psp_dev_init(struct sp_device *sp) ret = psp_check_support(psp); if (ret) - goto e_disable; + return 0; /* Disable and clear interrupts until ready */ iowrite32(0, psp->io_regs + psp->vdata->inten_reg); diff --git a/drivers/crypto/ccp/sp-dev.c b/drivers/crypto/ccp/sp-dev.c index 7eb3e4668286..3486ab2a8982 100644 --- a/drivers/crypto/ccp/sp-dev.c +++ b/drivers/crypto/ccp/sp-dev.c @@ -132,6 +132,9 @@ int sp_request_psp_irq(struct sp_device *sp, irq_handler_t handler, void sp_free_ccp_irq(struct sp_device *sp, void *data) { + if (!sp->irq_registered) + return; + if ((sp->psp_irq == sp->ccp_irq) && sp->dev_vdata->psp_vdata) { /* Using common routine to manage all interrupts */ if (!sp->psp_irq_handler) { @@ -151,6 +154,9 @@ void sp_free_ccp_irq(struct sp_device *sp, void *data) void sp_free_psp_irq(struct sp_device *sp, void *data) { + if (!sp->irq_registered) + return; + if ((sp->psp_irq == sp->ccp_irq) && sp->dev_vdata->ccp_vdata) { /* Using common routine to manage all interrupts */ if (!sp->ccp_irq_handler) { From patchwork Tue Mar 29 16:41:17 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mario Limonciello X-Patchwork-Id: 555166 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id CAD1FC433EF for ; Tue, 29 Mar 2022 16:41:44 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239777AbiC2Qn0 (ORCPT ); Tue, 29 Mar 2022 12:43:26 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34138 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239772AbiC2QnX (ORCPT ); Tue, 29 Mar 2022 12:43:23 -0400 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2044.outbound.protection.outlook.com [40.107.237.44]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3F7ED24D9B8; Tue, 29 Mar 2022 09:41:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mZ/yFWRlXydC/hnI2+L+eigbH4q6ifiknWyJnmP/m5QsKny+vGmXy/Iso88nL0FgJo2gHRoanxRwzRg8In/p84pklbYAvaRIaBRcIn6ZRGOHNGSUYGcF8ZKjmyBnbgwGEoXAgQJB8A7VF8h0WjiMXbHHq851mixhEU1NGFspm8VvIuFYW8NDj7HBFIE+2dN4aBj+AoPa8iAW02IDdQtr1NCFG9BS8TXhOwA87dCf1Daym7XzNG5SdMRlCa98yHeZdiPKkiEXOhsXm1kjoMmWvpdcufA0akFSnnEDIgjYJnVbnxIKtC6lvQ1HwHszUYHUBo1cLDzZvDGb6fHYepAGuA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=vHcJlC19I7dEx3MbVDFsBVna8xKEBgURKEM+Gm+s2II=; b=lBxxaNopcQqSKmVbz+2qyQjs5vUIfJdqVtbJHeKlAF9+3VyEOAcigVQc7hdC/zIIDobR6RV9uIup1w1opVWEfRtaYTGEGMua6hyVpxIf1E/wIYyOo+sxcYeq4ogeFcPclHIAv/E8AOVuURk7BADu/NdbudtikJOnGXVRb8BPdQTcVv2xxlQSCLSpZ6Rw0nthSB2zke+TNbkQndt6/owm/Io7P4+s6MEa6f3VA0BdgM3VnxJ9u9zvaZsAP3/orMVN3+yyldxusgK7QfhW6oa7gxKMer4ItppMZhzlHE6trV3coGhZWIOfBOIGOU68of/WBJt7TQNTN61izUaEgr0Z+g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=gondor.apana.org.au smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=vHcJlC19I7dEx3MbVDFsBVna8xKEBgURKEM+Gm+s2II=; b=ap9kAVqnjU62k2aioUm3Df2OnQ5QQC+gLTL41jWEeOkR5Q2eFmMv5+tI36BELsIwUXT5fv7jb433bRpj/MTBTw8r4z8Ck04Ed3ze8W1gB7PgJDWDVSg0z8xHRrBrCtH302KNqqZkRxug5AqSotRNoWxGlrcM35v45j9vGlRgRKY= Received: from MW4PR03CA0022.namprd03.prod.outlook.com (2603:10b6:303:8f::27) by BN8PR12MB3444.namprd12.prod.outlook.com (2603:10b6:408:47::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5102.17; Tue, 29 Mar 2022 16:41:28 +0000 Received: from CO1NAM11FT042.eop-nam11.prod.protection.outlook.com (2603:10b6:303:8f:cafe::e9) by MW4PR03CA0022.outlook.office365.com (2603:10b6:303:8f::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5102.18 via Frontend Transport; Tue, 29 Mar 2022 16:41:28 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1NAM11FT042.mail.protection.outlook.com (10.13.174.250) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.5102.17 via Frontend Transport; Tue, 29 Mar 2022 16:41:28 +0000 Received: from SATLEXMB06.amd.com (10.181.40.147) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Tue, 29 Mar 2022 11:41:21 -0500 Received: from AUS-LX-MLIMONCI.amd.com (10.180.168.240) by SATLEXMB06.amd.com (10.181.40.147) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Tue, 29 Mar 2022 11:41:21 -0500 From: Mario Limonciello To: Tom Lendacky , John Allen , Herbert Xu , "David S . Miller" CC: open list , "open list:AMD CRYPTOGRAPHIC COPROCESSOR (CCP) DRIVER" , Kerneis Gabriel , Richard Hughes , "Mario Limonciello" Subject: [PATCH v2 4/4] crypto: ccp: When TSME and SME both detected notify user Date: Tue, 29 Mar 2022 11:41:17 -0500 Message-ID: <20220329164117.1449-5-mario.limonciello@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220329164117.1449-1-mario.limonciello@amd.com> References: <20220329164117.1449-1-mario.limonciello@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB06.amd.com (10.181.40.147) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: c2333e9d-f6ce-4e63-ad8a-08da11a2f8c0 X-MS-TrafficTypeDiagnostic: BN8PR12MB3444:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: /Kk/YeXoXkp8U17K+GKSdbj27m6omvufyBPByA56C5/8ftJ/9Isitn49uO0jphIyaLUeWBqcYhezQBJLs2Tejf58FncCf3hdyiZfZzY6MxvIVbi6tQTZ6ioo4Q4OT/qU8QTQpcUpiIpPj2TDviSHUDVsVvFkhxmOKq4Kyz3f4fHk1QdUgk0dkHcPQzduWDGizB7PBp8j6uEeKE8cZwA8dquBxzIK+fyG5BehcVX+c8Xok+3j4hwFyv3pTUPsznNP0lbFBDBXuEKrchPwVd9cvvhD5WrYczwkMoPlrSu1i6WIHZTx/p/Pt886K9ZCpDcPIlk2PH0Y2oblt0sFvM8M885j7pbnOkNP+rzBqzB81qvFbSl8+K82kpMfI07y3wrlAkXyE4ETz/yA4nd9ZQAPKfJl3rSvDIY0O4dxluzt7Pwhm8FBqBoVl3vPxYZBGphbARAjseEjUQXqO97f/T7VUQSvt8/fpMXdbLE+ma/Kubwv2+ajV1ehDJRg6yJVQAcgyugiq3VveRtLUBjeJuKADG5McPc8AD+hqkjmdAtukZwInzJwy9UsSoCmftubKuJxA2QkLNSL/msXWT0Hk2siEEQz2E9qqr3GzIk7LPBhyoMq43IPQqAc6nePRcFqD0JzC0wEGc27nGJYe00VWVUmmV/jOl0FOpwi3tW6IvxU1IRxBP92bxpS3qohxUtYnfTWBH1EMY3a1MLNBlTNeeVlKQ== X-Forefront-Antispam-Report: CIP:165.204.84.17; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:SATLEXMB04.amd.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(13230001)(4636009)(40470700004)(36840700001)(46966006)(356005)(36860700001)(8676002)(7696005)(6666004)(4326008)(16526019)(26005)(36756003)(508600001)(81166007)(1076003)(186003)(47076005)(2616005)(426003)(2906002)(110136005)(70586007)(54906003)(70206006)(40460700003)(83380400001)(5660300002)(316002)(44832011)(8936002)(82310400004)(86362001)(336012)(36900700001); DIR:OUT; SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Mar 2022 16:41:28.0378 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: c2333e9d-f6ce-4e63-ad8a-08da11a2f8c0 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17]; Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT042.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN8PR12MB3444 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org CC_ATTR_HOST_MEM_ENCRYPT is used to relay that memory encryption has been activated by the kernel. As it's technically possible to enable both SME and TSME at the same time, detect this scenario and notify the user that enabling TSME and SME at the same time is unnecessary. Signed-off-by: Mario Limonciello --- v1->v2: * Reword notice about TSME/SME * Use cc_platform_has instead --- drivers/crypto/ccp/psp-dev.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c index 3f47b2d81e3c..38cffc1de4ab 100644 --- a/drivers/crypto/ccp/psp-dev.c +++ b/drivers/crypto/ccp/psp-dev.c @@ -74,6 +74,13 @@ static unsigned int psp_get_capability(struct psp_device *psp) } psp->capability = val; + + /* Detect TSME / SME both enabled */ + if (psp->capability & PSP_CAPABILITY_PSP_SECURITY_REPORTING && + psp->capability & (PSP_SECURITY_TSME_STATUS << PSP_CAPABILITY_PSP_SECURITY_OFFSET) && + cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT)) + dev_notice(psp->dev, "psp: Both TSME and SME are active, SME is unnecessary when TSME is active.\n"); + return 0; }