From patchwork Sat Dec 30 17:23:50 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13507024 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8013EC46CD2 for ; Sat, 30 Dec 2023 17:34:12 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 1526B8D0023; Sat, 30 Dec 2023 12:34:12 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 103648D0012; Sat, 30 Dec 2023 12:34:12 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id E96D98D0023; Sat, 30 Dec 2023 12:34:11 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id D667F8D0012 for ; Sat, 30 Dec 2023 12:34:11 -0500 (EST) Received: from smtpin27.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id B59A7A198B for ; Sat, 30 Dec 2023 17:34:11 +0000 (UTC) X-FDA: 81624183102.27.2E8DCE6 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2041.outbound.protection.outlook.com [40.107.236.41]) by imf12.hostedemail.com (Postfix) with ESMTP id B977540002 for ; Sat, 30 Dec 2023 17:34:08 +0000 (UTC) Authentication-Results: imf12.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=NxN+tESr; spf=pass (imf12.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.236.41 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957648; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=OBZ+nSrwGeIdfIdDGpvKWJpGg1lN5AAkK8SmiPKEG/8=; b=hj3EViM/2BlioY18ZG5W+76wKVbb0P2hb37mllTwrP6phFSvLG2/dI9dZRZ31LFA/UEG6Q qBLL1Cy5IMEb6kQp8XVmgh1MdFBupKxqXYsUZ/ulEjr40oZvmTK8WTk3mzVMm0/LcDWOcE DCZisb9ihBiE6pGLzRfFb9DeUPOMNQs= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957648; a=rsa-sha256; cv=pass; b=vBB+brSbiPej0J9hwVh5MCMmNnuvbYtbmqBk3ItvfAsetHTuP7wQ1dJUsQJlTiC7kbLul6 /fXk4klEtagAFl1beK2c9XEDq04t3/QBmEzSKq43yL3qrDhAXeZTJMsPHZJnMTHfujkfFp v0ZZJybOQYH/ECk3Viy38kOvLHnNVt0= ARC-Authentication-Results: i=2; imf12.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=NxN+tESr; spf=pass (imf12.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.236.41 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=d6OzabGEefmxWECjGW0+leNgqcr1s8KBLhwHTuoam4jPI7ybaOXVJkaXeB8ve4f1e1A4b6d1MTfaLR/rG9Z4KseXDUfLQ04c7Svn+7unv7o4HHjQSYbA4tyyzPXhYRJeF4+dxrg4oGnXdZcBmKOrRNlnVHuajwKcf4OhOFvjwqs8Xm9LEbLaJcItjWi3yBVHf84MC9tTpJwY9CGh18lMAqEoo7WVzJ2+zpW+wmkKcFDk3Lc7CsRt06a1h10XWzg4bQeU6lYJa08SvAIlbbHL4Lw2zcsVFP28v6qKs9scJqe6N0eTfi9rtBkpphHSmlqsCNaRTtsEobCcZree0ugDHQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=OBZ+nSrwGeIdfIdDGpvKWJpGg1lN5AAkK8SmiPKEG/8=; b=l3ZmjQwvIv15TKHCRK3hc8DxGhCdVAXrWkoVOZfQYQyGdZf3AkLycOO/gXMzLUxgAte+gxKXGLLRDs+E1IOv4AIyQEYfyMeA4eT7SSKLe04W1jnPdD+PDfjUZpdlpTncf3D7X+noSmvalM+Vfs2iuQoBxXNXZhGeHG02lj6wL7s+UeO7qT8JdwPtA4kgGRBfGvpjlQQYPjo85ycWP5zBhHeluLyhIV3NjQfAvo1ADlZ29Ob3p7BraPPZdjIvjqhnF97UUNaMEJkzacoxB/jkFoopAilZzfZjCPfc2ggVLrzAYIYVWjcyBCVZ1HxeTxPgmowFJ3zXobq9wC7npip7QA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=OBZ+nSrwGeIdfIdDGpvKWJpGg1lN5AAkK8SmiPKEG/8=; b=NxN+tESrp4uTgQ6OeMhwqHOVHasTuTl25y0DThYySnnqr5veDLCpCqNNScGcljEBDqmHVuEsPdoo/j/kYmVFEZdU5BVoixZ2QMDypTiiRrUWaDfi3CFvROSHyiO5IFoXZOBi6iOXkP1tQAvKi13op9gX7Th1R7pIznzHjaxUZ1I= Received: from MW4PR03CA0237.namprd03.prod.outlook.com (2603:10b6:303:b9::32) by MN0PR12MB6103.namprd12.prod.outlook.com (2603:10b6:208:3c9::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.23; Sat, 30 Dec 2023 17:34:05 +0000 Received: from CO1PEPF000044F0.namprd05.prod.outlook.com (2603:10b6:303:b9:cafe::54) by MW4PR03CA0237.outlook.office365.com (2603:10b6:303:b9::32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.21 via Frontend Transport; Sat, 30 Dec 2023 17:34:05 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1PEPF000044F0.mail.protection.outlook.com (10.167.241.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:34:04 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:34:04 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v11 34/35] crypto: ccp: Add the SNP_SET_CONFIG_{START,END} commands Date: Sat, 30 Dec 2023 11:23:50 -0600 Message-ID: <20231230172351.574091-35-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF000044F0:EE_|MN0PR12MB6103:EE_ X-MS-Office365-Filtering-Correlation-Id: b41db981-faa0-4363-fad7-08dc095d852d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: fy5BnvsnP9lk20RkToVZ17q5jBZxN0yvitSwr1RGxpPyg8eaNdMitCTNOeEWiMKnl5+Qo0/gvLGTed5porcv8IVrnIsBEvYIUpkleo6fNdTxVN79lupbM1kdpi08fdCo8lY5RPsSyKs7i4Oi0/Dc1JZ3C8wSxXA4Tx2Pkwo2PJ+/wabMQZsOwpkxKt0csmpoo32UFOpacqDP4pabW8u/HpCY01wXLSyshWXF0VKJKcJK4T00fFGxdNSvqm3MUVwF8taGsyUNK59vG2Ba38JjQ/+8hIT7YGJBNfpreAeVCPI0t3GR1zSGzIRZxBvpsFHmHF8RLI45NIMq+64W3DSMopF+CbtXgmv6PheLxrSNNlze0anrcnU3pKNHJf0s5TZ0SJTkS1senBlV2OHrDELM5lvJ0m3H13d/rYFONEkz6Or/pkYRcfIsiEIXY2mp5tFGb87VNvqKasPGxBShth0kn4ngqEEeolpcsV8NykYBO8UsTULyf2SfwXB56jDmn0YfHdrRvksbAu3smN1VZyjHF2ovNSJkFrEtb5sUsWhmLNf++7kPiFTPxDrTmdbhSRhQnLMZRROVkTRHm588w8X8NjK7cbnIFig9IE810yO0yGxRSN2y/Xzy8GEHRRTmFHrliKOmnG4alm6Y3CxkC0rAYeyEFnmWgclBGz+jeIy2sxKmcaAPdnRgZ9uUuBtfh3chW39Xq8NhkC+GqVZlxIpwLp2wB49gOyRTCvX8FTlwWGP63NAW84OTcoRxuQkhR1v1A5a0JuYSJVpYBdOHJgWtBw== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(376002)(346002)(396003)(39860400002)(136003)(230922051799003)(1800799012)(451199024)(186009)(82310400011)(64100799003)(36840700001)(46966006)(40470700004)(7416002)(7406005)(2906002)(44832011)(5660300002)(41300700001)(356005)(81166007)(478600001)(86362001)(82740400003)(6666004)(36756003)(83380400001)(26005)(1076003)(2616005)(336012)(426003)(16526019)(36860700001)(47076005)(8936002)(8676002)(316002)(4326008)(6916009)(54906003)(70586007)(70206006)(40480700001)(40460700003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:34:04.9353 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: b41db981-faa0-4363-fad7-08dc095d852d X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000044F0.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN0PR12MB6103 X-Rspamd-Queue-Id: B977540002 X-Rspam-User: X-Rspamd-Server: rspam11 X-Stat-Signature: h58r1pm8zczjpnm3j6boh4g76sgu6wym X-HE-Tag: 1703957648-787780 X-HE-Meta: U2FsdGVkX1/adQHyxoADHVIfGnGqRQcEqm4rdjcIAr+TEw9KqXxdZf6tbKwUDUOVWbbOkjd7VsLW/4zNHJpvsLqcxH6S5RZ8GxAP9Duik82U7JGZFvRsNWMivWWsbrLL3aUEKlt245Y87JIMk7F38XyW4msHQ1dcQ3bFKstFqlusCMz5XnAf5Wg2MgW1hzdoNpaAkjNl6Q/yiNpU2i2iXACeoaV67UX3DfS7rLcnUQALdShp3WzwIh301tlpGBWfbEZWUZPBqFkklUSVQrE6j28O/wN99VvYhkAkljXqJzSwvbdE0dlsnz/NnxIQx2CJ0qVxaa17Idx5X+6rPI5AxfH9SiXrnopL1WkSXgfCQG8lwNZb0fFo57PYBiikKIWbPaJXUypKvZTbVg1gbeEukxPyO1xadC0A7mnO1uWyOoMBo7kdZMs7+vWtpNmIqEHuhToFKWF/WkHWS3xIOtcL0r2PErcvzl+v26Tb2J+QpnP7wAZyFEe8HjF0BxtxsDz5So37sm6X0LITUMsMaRh5rLUBc1DdOVEYNHrQypvBTZ+Wh8P4e1cLj2//N36wHrLel9hp4/ZUEy0Em8LW6/ROEfg3VuB4xzCQj8kZ8WWQxoNVSbPGrU82VmbP+FXFKgxGSjj5gmBzU+o8DTEVkykpgdyhgsnCQfo+3q7sQP/9cHcYasqHk+nbO5Zwd1n8v24/v64rD16rwQjHRyzikX9GqK1A/3BJtQR3n/YmWZBSYxO7lo5S8xcIrY6FfOHm0gPeTIt/qYfQIGmP5teswdaftXyHOUJ7hmWW/yCDCQCPiuXwZkFBmjxqjZ1hyGSVgERCUaCwPrCWdfH4KVqwt8MLCkinU2jGMMmbGmJTo0DAYGpDAwekBh7M7s3DkSHnGadai9gn7BKTD2CX8LAJGR+9Lg0WMvBKX0P9u+mW8CTw8mdIxosYEAPwGp2rZH9m2O1M4+Ynk9dh1f3zDwLloYM HQENXRZN GwZOGg5TGGxBOIyQRc9o3GnGCg4HNhFjnIgY1FNdctmE1rzXwOYxtq99MBn88ZtpuUHEB2Q0RiC3m+/IMM5u50jA0kAWNMfj86ilCmPgpZcLPa29NdqYliBO9uzNdGAj/prNGUFvMTgShxKvC35Jbtp4Qu/r43eWM7WrIslMOVjUGqXm8qghwH5maX27y4PJjTn/Lf6qxUQw87U8UAB5f8Npp+75bzLjrWfsv+9Cc89WDbtUDzGS30DXaGsSYs+RofOLmprgYL66Roy9DP+fwLJB3rYny+ChZy1rC73zdiJ20yJCrh+0yR88JXkq3EVDA3rgiBAnC8y0mZOWPp3doGzQ42ZmiJ3jM5b5BPDZNrhwQJPyPMnz1xZGn30WsYumyCG4z X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: These commands can be used to create a transaction such that commands that update the reported TCB, such as SNP_SET_CONFIG/SNP_COMMIT, and updates to userspace-supplied certificates, can be handled atomically relative to any extended guest requests issued by any SNP guests while the updates are taking place. Without this interface, there is a risk that a guest will be given certificate information that does not correspond to the VCEK/VLEK used to sign a particular attestation report unless all the running guests are paused in advance, which would cause disruption to all guests in the system even if no attestation requests are being made. Even then, care is needed to ensure that KVM does not pass along certificate information that was fetched from userspace in advance of the guest being paused. This interface also provides some versatility with how similar firmware maintenance activity can be handled in the future without passing unnecessary management complexity on to userspace. Signed-off-by: Michael Roth --- Documentation/virt/coco/sev-guest.rst | 33 ++++++++++++++++++-- arch/x86/include/asm/sev.h | 4 +++ arch/x86/virt/svm/sev.c | 31 +++++++++++++++++++ drivers/crypto/ccp/sev-dev.c | 44 +++++++++++++++++++++++++++ include/uapi/linux/psp-sev.h | 12 ++++++++ 5 files changed, 122 insertions(+), 2 deletions(-) diff --git a/Documentation/virt/coco/sev-guest.rst b/Documentation/virt/coco/sev-guest.rst index 4f696aacc866..0426ebad7671 100644 --- a/Documentation/virt/coco/sev-guest.rst +++ b/Documentation/virt/coco/sev-guest.rst @@ -127,8 +127,6 @@ the SEV-SNP specification for further details. The SNP_GET_EXT_REPORT ioctl is similar to the SNP_GET_REPORT. The difference is related to the additional certificate data that is returned with the report. -The certificate data returned is being provided by the hypervisor through the -SNP_SET_EXT_CONFIG. The ioctl uses the SNP_GUEST_REQUEST (MSG_REPORT_REQ) command provided by the SEV-SNP firmware to get the attestation report. @@ -175,6 +173,37 @@ SNP_CONFIG command defined in the SEV-SNP spec. The current values of the firmware parameters affected by this command can be queried via SNP_PLATFORM_STATUS. +2.7 SNP_SET_CONFIG_START / SNP_SET_CONFIG_END +--------------------------------------------- +:Technology: sev-snp +:Type: hypervisor ioctl cmd +:Parameters (out): struct sev_user_data_snp_config_transaction +:Returns (out): 0 on success, -negative on error + +When requesting attestation reports, SNP guests have the option of issuing +an extended guest request which allows host userspace to supply additional +certificate data that can be used to validate the signature used to sign +the attestation report. This signature is generated using a key that is +derived from the reported TCB that can be set via the SNP_SET_CONFIG and +SNP_COMMIT ioctls, so the accompanying certificate data needs to be kept in +sync with the changes made to the reported TCB via these ioctls. + +To allow for this, SNP_SET_CONFIG_START can be issued prior to performing +any updates to the reported TCB or certificate data that will be fetched +from userspace. Any attestation report requests via extended guest requests +that are in-progress, or received after SNP_SET_CONFIG_START is issued, will +result in the guest receiving a GHCB-defined error message instructing it to +retry the request. Once the updates are completed on the host, +SNP_SET_CONFIG_END must be issued to resume normal servicing of extended +guest requests. + +In general, hosts should avoid having more than 1 outstanding +SNP_SET_CONFIG_{START,END} transaction in flight at any point in time, but +each ioctl will return a transaction ID in the response so the caller can +monitor whether the start/end ID both match. If they don't, the caller +should assume the transaction has been invalidated and retry the full update +sequence. + 3. SEV-SNP CPUID Enforcement ============================ diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index e84dd1d2d8ab..925578ad34e6 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -268,6 +268,8 @@ int psmash(u64 pfn); int rmp_make_private(u64 pfn, u64 gpa, enum pg_level level, int asid, bool immutable); int rmp_make_shared(u64 pfn, enum pg_level level); void snp_leak_pages(u64 pfn, unsigned int npages); +u64 snp_config_transaction_start(void); +u64 snp_config_transaction_end(void); #else static inline bool snp_probe_rmptable_info(void) { return false; } static inline int snp_lookup_rmpentry(u64 pfn, bool *assigned, int *level) { return -ENODEV; } @@ -280,6 +282,8 @@ static inline int rmp_make_private(u64 pfn, u64 gpa, enum pg_level level, int as } static inline int rmp_make_shared(u64 pfn, enum pg_level level) { return -ENODEV; } static inline void snp_leak_pages(u64 pfn, unsigned int npages) {} +static inline u64 snp_config_transaction_start(void) { return 0; } +static inline u64 snp_config_transaction_end(void) { return 0; } #endif #endif diff --git a/arch/x86/virt/svm/sev.c b/arch/x86/virt/svm/sev.c index 0f2e1ce241b5..fc9e1b7fc187 100644 --- a/arch/x86/virt/svm/sev.c +++ b/arch/x86/virt/svm/sev.c @@ -71,6 +71,11 @@ static DEFINE_SPINLOCK(snp_leaked_pages_list_lock); static unsigned long snp_nr_leaked_pages; +/* For synchronizing TCB updates with extended guest requests */ +static DEFINE_MUTEX(snp_transaction_lock); +static u64 snp_transaction_id; +static bool snp_transaction_pending; + #undef pr_fmt #define pr_fmt(fmt) "SEV-SNP: " fmt @@ -511,3 +516,29 @@ void snp_leak_pages(u64 pfn, unsigned int npages) spin_unlock(&snp_leaked_pages_list_lock); } EXPORT_SYMBOL_GPL(snp_leak_pages); + +u64 snp_config_transaction_start(void) +{ + u64 id; + + mutex_lock(&snp_transaction_lock); + snp_transaction_pending = true; + id = ++snp_transaction_id; + mutex_unlock(&snp_transaction_lock); + + return id; +} +EXPORT_SYMBOL_GPL(snp_config_transaction_start); + +u64 snp_config_transaction_end(void) +{ + u64 id; + + mutex_lock(&snp_transaction_lock); + snp_transaction_pending = false; + id = snp_transaction_id; + mutex_unlock(&snp_transaction_lock); + + return id; +} +EXPORT_SYMBOL_GPL(snp_config_transaction_end); diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index c5b26b3fe7ff..d81f86d2697a 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -2035,6 +2035,44 @@ static int sev_ioctl_do_snp_set_config(struct sev_issue_cmd *argp, bool writable return __sev_do_cmd_locked(SEV_CMD_SNP_CONFIG, &config, &argp->error); } +static int sev_ioctl_do_snp_set_config_start(struct sev_issue_cmd *argp, bool writable) +{ + struct sev_user_data_snp_config_transaction transaction = {0}; + struct sev_device *sev = psp_master->sev_data; + + if (!sev->snp_initialized || !argp->data) + return -EINVAL; + + if (!writable) + return -EPERM; + + transaction.id = snp_config_transaction_start(); + + if (copy_to_user((void __user *)argp->data, &transaction, sizeof(transaction))) + return -EFAULT; + + return 0; +} + +static int sev_ioctl_do_snp_set_config_end(struct sev_issue_cmd *argp, bool writable) +{ + struct sev_user_data_snp_config_transaction transaction = {0}; + struct sev_device *sev = psp_master->sev_data; + + if (!sev->snp_initialized || !argp->data) + return -EINVAL; + + if (!writable) + return -EPERM; + + transaction.id = snp_config_transaction_end(); + + if (copy_to_user((void __user *)argp->data, &transaction, sizeof(transaction))) + return -EFAULT; + + return 0; +} + static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) { void __user *argp = (void __user *)arg; @@ -2095,6 +2133,12 @@ static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) case SNP_SET_CONFIG: ret = sev_ioctl_do_snp_set_config(&input, writable); break; + case SNP_SET_CONFIG_START: + ret = sev_ioctl_do_snp_set_config_start(&input, writable); + break; + case SNP_SET_CONFIG_END: + ret = sev_ioctl_do_snp_set_config_end(&input, writable); + break; default: ret = -EINVAL; goto out; diff --git a/include/uapi/linux/psp-sev.h b/include/uapi/linux/psp-sev.h index f28d4fb5bc21..9deacb894b1e 100644 --- a/include/uapi/linux/psp-sev.h +++ b/include/uapi/linux/psp-sev.h @@ -31,6 +31,8 @@ enum { SNP_PLATFORM_STATUS, SNP_COMMIT, SNP_SET_CONFIG, + SNP_SET_CONFIG_START, + SNP_SET_CONFIG_END, SEV_MAX, }; @@ -214,6 +216,16 @@ struct sev_user_data_snp_config { __u8 rsvd1[52]; } __packed; +/** + * struct sev_user_data_snp_config_transaction - metadata for config transactions + * + * @id: the ID of the transaction started/ended by a call to SNP_SET_CONFIG_START + * or SNP_SET_CONFIG_END, respectively. + */ +struct sev_user_data_snp_config_transaction { + __u64 id; /* Out */ +} __packed; + /** * struct sev_issue_cmd - SEV ioctl parameters *