From patchwork Fri Aug 20 15:58:46 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 12449783 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,MSGID_FROM_MTA_HEADER,SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 23CA9C4338F for ; Fri, 20 Aug 2021 16:00:19 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id C5ABB61186 for ; Fri, 20 Aug 2021 16:00:18 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org C5ABB61186 Authentication-Results: mail.kernel.org; dmarc=fail (p=quarantine dis=none) header.from=amd.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=kvack.org Received: by kanga.kvack.org (Postfix) id EF84F8D000A; Fri, 20 Aug 2021 12:00:14 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id ECF068D0001; Fri, 20 Aug 2021 12:00:14 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id CFA5C8D000A; Fri, 20 Aug 2021 12:00:14 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0254.hostedemail.com [216.40.44.254]) by kanga.kvack.org (Postfix) with ESMTP id B41278D0001 for ; Fri, 20 Aug 2021 12:00:14 -0400 (EDT) Received: from smtpin30.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay01.hostedemail.com (Postfix) with ESMTP id 639E01847969B for ; Fri, 20 Aug 2021 16:00:14 +0000 (UTC) X-FDA: 78495920748.30.9C58B5C Received: from NAM04-BN8-obe.outbound.protection.outlook.com (mail-bn8nam08on2070.outbound.protection.outlook.com [40.107.100.70]) by imf20.hostedemail.com (Postfix) with ESMTP id C9AAFD000642 for ; Fri, 20 Aug 2021 16:00:13 +0000 (UTC) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gMubDJesj0tg7c0QigaYpNrT6Y13jyXcnz4TMcLqW5ROsJ+4JUo2KvTel3kH3VUH38/XTNAe5jsFh2DEsjzuxVanrp+RAXB54BnOCn+J3SkkuHF2raAMad2qBdve0Tb2q8jp3ItFfGUEpocN33gDHPYJwD9z/72LlIB1zi/5KGBt+UMQ4lN38AiwJkJrjt6+8eklr9Y8k1jgHFlLEkfpCvWKuFpCkxRH0fJ+i+C3u6wyg1057HMBL0rmlHVMX4KO/Odbto+Frkm2moV3UDDh0vLtFXhrnyjfSol92t7tgngvzxltyr8pC/WzAdqhNTflF5aCJsFRdHdLmsHXcaQdoQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=78KF/t3jq7p1Lwx88XKLitLKd3zgpV3gMZXCE/Db9D8=; b=RocWkUDe5EPJ28H1Ic5MmpFMfL+PEa7PNkakyfKU2usc3TSPIx7Fj0QJv7djFLT0xnsu8N1qCAblsn8QNFPPuQRNrBsg4tDFeopDEUSn5Pee2uo7p4Alf1Jrrq4dp1DHaHjTxyDfzqZpEVfUvavjiSc1y9W/uP5Fo0dElKcEFlqH/Viq1+/jqBwXwjPZKJby4avfqgXVkNBRnPgcs1z/xriurLbJG/2FpbXdxEfDWRYiEfrsAYOIfG3QMDn7NTMrKnCPXugRily+G0ztII9hKoPwNUiSvyQiGwErp6630AtrEonwQhS28QLrXvMqUfFDrsZUeORhfTYjg+L1NusZgQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=78KF/t3jq7p1Lwx88XKLitLKd3zgpV3gMZXCE/Db9D8=; b=1CLUx507q75/6TuOjWMuoYQXinPalAJ5RO/dj+HlC09nZcwNmGbTFf8rlC5mWyTHIrfSgthQd7U72LSTQMxEItME5k6hgKGt+1tSf4+S8j5dCpJ/NhaLAsICQM1PlLIddpRrf625h0qhfu6xqeslFYrofB0s7nh9V5OHF0ukdo8= Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SN6PR12MB2685.namprd12.prod.outlook.com (2603:10b6:805:67::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4415.21; Fri, 20 Aug 2021 16:00:10 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3%6]) with mapi id 15.20.4436.019; Fri, 20 Aug 2021 16:00:10 +0000 From: Brijesh Singh To: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , "Kirill A . Shutemov" , Andi Kleen , tony.luck@intel.com, marcorr@google.com, sathyanarayanan.kuppuswamy@linux.intel.com, Brijesh Singh Subject: [PATCH Part2 v5 13/45] crypto:ccp: Provide APIs to issue SEV-SNP commands Date: Fri, 20 Aug 2021 10:58:46 -0500 Message-Id: <20210820155918.7518-14-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210820155918.7518-1-brijesh.singh@amd.com> References: <20210820155918.7518-1-brijesh.singh@amd.com> X-ClientProxiedBy: SN7P222CA0013.NAMP222.PROD.OUTLOOK.COM (2603:10b6:806:124::11) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SN7P222CA0013.NAMP222.PROD.OUTLOOK.COM (2603:10b6:806:124::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.18 via Frontend Transport; Fri, 20 Aug 2021 16:00:09 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 05338dcc-03f2-4d8b-ea33-08d963f39680 X-MS-TrafficTypeDiagnostic: SN6PR12MB2685: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:6790; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: dGvk5O5fGQQuvwa7BgqBe613cCbZzaVphVjtA+xAwMrzveQOpAfi34RtajRwTKv0eKYP6bgdPgbgQTmuCIiTzqhuLunDMPc9YiQ467GjPMqtz3vBISFJEHKH9SLZtodselcowZ0dZTPuT4f80pOre0W4nJVybcF0/odlxXaWCogQoWfBVkTAuXLEp9TMEWG2aOc2SVRV6XdG94HSYWSa3NVbvoJUyHCgVYsubZym5pzf6zHKAzsd99xQxjdtMvtXBD4Rf4plETpXqMXwpG+YJbnVrQKklIhpUYm4FV6LFK5/1RqlojdHNQlebjt/fmF+y7FXl7MhTdwJuEccXdpxOvFcJ+uar2ElT80wuD2m4hb0G7IhNrAzBO8yn8TOiKu5j4XiDMGJdr11pgujKSPHztpiczu3z/HrV5MfcmR4/ZtfpvaURtb/2Cp8f0yVJGcqnwMws1y34JRe2X/PSP4rGZ3NZFKp9+SPn3bvzmtPQBpci9XWZ+6gNfv5b6ngVEdD6dXE4TiWOSKjCKP5MTpmIyNlMJ+jA0cN/uz5U5deTyTPGYYyEP7pBkkAKHnBdzhi2EwKJsBsz49Y8oPPD6ze8z3LnuZpIoRRjhL8taQ20aa9hNx9qUp9QauSX82MZUS1G3gZKUanffOMMleGQyMRZ52b80+bAD0OmEu5667jXILicTPQsff1gI2E7UZm9+7+MyxiEhp5qzyYF6JqmVNccT3OGNVv3GP3vPfjG1kStGE= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR12MB2718.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(39860400002)(136003)(396003)(376002)(346002)(366004)(956004)(186003)(44832011)(2616005)(26005)(66946007)(52116002)(66556008)(66476007)(7696005)(7406005)(6666004)(7416002)(1076003)(2906002)(478600001)(36756003)(316002)(54906003)(8676002)(8936002)(5660300002)(6486002)(38350700002)(4326008)(38100700002)(86362001)(134885004);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: mIj0wdvCwGElx/gilnxjwCAdADU+z1L9Fbps+FP8DD18apVFcJLq/viPs7o9SSl7qTxPu5eMGDy8iqWcDt8fUWy3Ngozz3mfkAmLMEXbmkkOXzTp6bSjz2KGZtKo5S3oljN//4Be00mhYZDtS0+rCAgjiVit7+/D0RRtdtNj3InrHwIubaSp9sFaeMjzca1GXxVRSnXcAzH6zD9cKuGHgJtJEHP+YrwmJbQf8pwem4WIFYRVtVsK4DVF3BWXDaujmHQsDIXIZNYKgoGKzLHIZ3xy2J4UWxezQ1+l+Uwon7FoZVdGoP0bWwAcl0OOGsPVEO3+kro1vxQAH5eVmz0q8gQjNA6D50IqBESYOBJJWuHag0gIDbMpPtjmOVR8GSyKrzc947j91QgQSAz0S7TjWef0znNj8a+dQub4RGms55slk8R4GnGpeLP3mE3jBq1KeAYMN7xdUSnlN5RSxuxqlevfrQMkf4IwPYppVbdzUXsE7P+eJcHSwbdWcpQQ7I09nhrR/jQqoZ3xbU7F0PW7kBy8nu/rOCJ/Lpj3eSdFR5MsVXkaxAUrB74C2R6oU1ZV5uLdW726Y4IcnHDHL6EeTyz4Q+1FDFXcc4ja4PWEBnMkRQfPcGoi+oF63kZHFPEU6nVvx2WkrC+jM2AiWKKbhtB+HwWGeQy/A7Ei6tEH+p+43WeNgXXP1Dw2GKC2CM2kiryuXKJgM7RiRFw1PXo+TTQ28GfPfYzWa4WLCnbdzaG2XiUuboK1YL91gTgFhLeIKXIfA5cSPrXofFcT9Vri1K+by8fi46AYEioHJxV8qZDNymNHNjIXKxRuFU4MyHLQ3wlXBZKG6JnUh1/JgQKUfy2v+JSe7ROgO8+BvYGG2ILjvQZ9j72QwtRL7OJLfyUDk5aFuKw+lsc5/dpEHfJH8v73lzH13GkCIByH5egFPmFaouAxtbHocZ1gBmlm3s3W/wAIAaVppJo2wi4uQRxDQert/+b2EwP0cg8jF+6U0Vn4C6j0Sfv7UUFBC8ceoFrNZJJCMqiTQRkImRFSCLp/AAhSXqMWDRrVNgekbJdlAZNIPSF04dXkS8xiigrBL7xD0rvfQQG4q1PGwXkKDxLk2gu8gjJLdn5rre2Q0XV/N0FsFHu7q6QpMRCGUH0BqYI7Qn+uXbubXyjDguzmuUubkEumi2kju1EgwXTyCUlA8G4HGSFApZf/kpDsRXm8T2Klw4B2iv+RZOD99j5UgxRZUiDr2OR2UvT67YJHbWBpYdgNzCI22pOC5Kq3+uNYq71ai90y0jXwFCOQ+FAeO3ylgQUDdb32PimyK0npm1bQ5X+mGWMgjTAb9tGt2m5ghVJD X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 05338dcc-03f2-4d8b-ea33-08d963f39680 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Aug 2021 16:00:10.5128 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: UaheF4JB4EeTuHSm24FLGfIgIIVhA0Rkj8bhZ2RgkYhB4rewC7D9jJvA21cLLOjE529EiYJ5V/y0c6gI4LoCiA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR12MB2685 Authentication-Results: imf20.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=1CLUx507; dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf20.hostedemail.com: domain of brijesh.singh@amd.com designates 40.107.100.70 as permitted sender) smtp.mailfrom=brijesh.singh@amd.com X-Stat-Signature: qc6f3bs8i5gkiisyw337t9bxj4kjf956 X-Rspamd-Queue-Id: C9AAFD000642 X-Rspamd-Server: rspam01 X-HE-Tag: 1629475213-500930 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Provide the APIs for the hypervisor to manage an SEV-SNP guest. The commands for SEV-SNP is defined in the SEV-SNP firmware specification. Signed-off-by: Brijesh Singh --- drivers/crypto/ccp/sev-dev.c | 24 ++++++++++++ include/linux/psp-sev.h | 73 ++++++++++++++++++++++++++++++++++++ 2 files changed, 97 insertions(+) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 1321f6fb07c5..01edad9116f2 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -1025,6 +1025,30 @@ int sev_guest_df_flush(int *error) } EXPORT_SYMBOL_GPL(sev_guest_df_flush); +int snp_guest_decommission(struct sev_data_snp_decommission *data, int *error) +{ + return sev_do_cmd(SEV_CMD_SNP_DECOMMISSION, data, error); +} +EXPORT_SYMBOL_GPL(snp_guest_decommission); + +int snp_guest_df_flush(int *error) +{ + return sev_do_cmd(SEV_CMD_SNP_DF_FLUSH, NULL, error); +} +EXPORT_SYMBOL_GPL(snp_guest_df_flush); + +int snp_guest_page_reclaim(struct sev_data_snp_page_reclaim *data, int *error) +{ + return sev_do_cmd(SEV_CMD_SNP_PAGE_RECLAIM, data, error); +} +EXPORT_SYMBOL_GPL(snp_guest_page_reclaim); + +int snp_guest_dbg_decrypt(struct sev_data_snp_dbg *data, int *error) +{ + return sev_do_cmd(SEV_CMD_SNP_DBG_DECRYPT, data, error); +} +EXPORT_SYMBOL_GPL(snp_guest_dbg_decrypt); + static void sev_exit(struct kref *ref) { misc_deregister(&misc_dev->misc); diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index 1b53e8782250..f2105a8755f9 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -860,6 +860,64 @@ int sev_guest_df_flush(int *error); */ int sev_guest_decommission(struct sev_data_decommission *data, int *error); +/** + * snp_guest_df_flush - perform SNP DF_FLUSH command + * + * @sev_ret: sev command return code + * + * Returns: + * 0 if the sev successfully processed the command + * -%ENODEV if the sev device is not available + * -%ENOTSUPP if the sev does not support SEV + * -%ETIMEDOUT if the sev command timed out + * -%EIO if the sev returned a non-zero return code + */ +int snp_guest_df_flush(int *error); + +/** + * snp_guest_decommission - perform SNP_DECOMMISSION command + * + * @decommission: sev_data_decommission structure to be processed + * @sev_ret: sev command return code + * + * Returns: + * 0 if the sev successfully processed the command + * -%ENODEV if the sev device is not available + * -%ENOTSUPP if the sev does not support SEV + * -%ETIMEDOUT if the sev command timed out + * -%EIO if the sev returned a non-zero return code + */ +int snp_guest_decommission(struct sev_data_snp_decommission *data, int *error); + +/** + * snp_guest_page_reclaim - perform SNP_PAGE_RECLAIM command + * + * @decommission: sev_snp_page_reclaim structure to be processed + * @sev_ret: sev command return code + * + * Returns: + * 0 if the sev successfully processed the command + * -%ENODEV if the sev device is not available + * -%ENOTSUPP if the sev does not support SEV + * -%ETIMEDOUT if the sev command timed out + * -%EIO if the sev returned a non-zero return code + */ +int snp_guest_page_reclaim(struct sev_data_snp_page_reclaim *data, int *error); + +/** + * snp_guest_dbg_decrypt - perform SEV SNP_DBG_DECRYPT command + * + * @sev_ret: sev command return code + * + * Returns: + * 0 if the sev successfully processed the command + * -%ENODEV if the sev device is not available + * -%ENOTSUPP if the sev does not support SEV + * -%ETIMEDOUT if the sev command timed out + * -%EIO if the sev returned a non-zero return code + */ +int snp_guest_dbg_decrypt(struct sev_data_snp_dbg *data, int *error); + void *psp_copy_user_blob(u64 uaddr, u32 len); #else /* !CONFIG_CRYPTO_DEV_SP_PSP */ @@ -887,6 +945,21 @@ sev_issue_cmd_external_user(struct file *filep, unsigned int id, void *data, int static inline void *psp_copy_user_blob(u64 __user uaddr, u32 len) { return ERR_PTR(-EINVAL); } +static inline int +snp_guest_decommission(struct sev_data_snp_decommission *data, int *error) { return -ENODEV; } + +static inline int snp_guest_df_flush(int *error) { return -ENODEV; } + +static inline int snp_guest_page_reclaim(struct sev_data_snp_page_reclaim *data, int *error) +{ + return -ENODEV; +} + +static inline int snp_guest_dbg_decrypt(struct sev_data_snp_dbg *data, int *error) +{ + return -ENODEV; +} + #endif /* CONFIG_CRYPTO_DEV_SP_PSP */ #endif /* __PSP_SEV_H__ */