From patchwork Thu Feb 1 01:07:40 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: "David E. Box" X-Patchwork-Id: 13540549 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 81793EAEE; Thu, 1 Feb 2024 01:07:49 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.12 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706749671; cv=none; b=Z02AxPe41bWRRDC9tke+VlRlCHClPBqqH69FT4lt/mYFRAUiRV4o6tjC3j8mCWkcYN8xhLl8IIPGzOBP8Qu7tmchD47GhQ8+478VlltIW7qRmjAtUOAZbRVEfwngArziv7d35Lhw/ebT3CG3mhxEMi/LDzDvVncqX7lvwu3aVeQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706749671; c=relaxed/simple; bh=Q49t9tgKLdd3l/qVdsyAv3HTVljrJUbfMRdC2dUnPw0=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=o87pEtxjFGAAwFClb6HLnRMU0VZEhkR89h3J+bmX5Y3NHWhbjv6onuVRZgNwk40zktSPsj+EwqAo0raEcpcZa6Yj67JivfPKw9c/2rR4yV903WoIyuoTugTJwM9AMN649Qb2qYbyHdT+jzo+sVcBZ4qzPWzAQO86LK7mJAz5H30= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=ICJx1FP5; arc=none smtp.client-ip=198.175.65.12 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="ICJx1FP5" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1706749670; x=1738285670; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Q49t9tgKLdd3l/qVdsyAv3HTVljrJUbfMRdC2dUnPw0=; b=ICJx1FP52qRZJpOG61erIYiQWIoCpLG7G0M9tZ1bh5FNnM2h6+oWhCHW C9P11ZPt8umrUlw/SiPkpxZUVyNcAXTi4qJRGf/OhKarZE/+6/pr0irM5 LUojRJlgOJTrXtDJBKjY+HO5SKrpRoqEIeYxPvZJWkaZxspzyOJBflTMI L43nuGZ5ydZ8/qh+zZ79clgQ5N7mC5JEACoNv7GEON8HEMn5uw0vVamn6 jn6WBMM55pquCP7TrSw2owH3XmRNy5FVgdfyGZlakjhZet3js2f/XC9xk WZqOO1h6xRqyrtbUGqYt1qNWjjax6p/gB3eStfD1Q0ddAtWpvVL/aH7Pr A==; X-IronPort-AV: E=McAfee;i="6600,9927,10969"; a="11145819" X-IronPort-AV: E=Sophos;i="6.05,233,1701158400"; d="scan'208";a="11145819" Received: from orviesa001.jf.intel.com ([10.64.159.141]) by orvoesa104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 Jan 2024 17:07:49 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.05,233,1701158400"; d="scan'208";a="37057406" Received: from linux.intel.com ([10.54.29.200]) by orviesa001.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 Jan 2024 17:07:48 -0800 Received: from debox1-desk4.lan (unknown [10.212.205.115]) by linux.intel.com (Postfix) with ESMTP id 5236A580DF0; Wed, 31 Jan 2024 17:07:48 -0800 (PST) From: "David E. Box" To: netdev@vger.kernel.org, ilpo.jarvinen@linux.intel.com, david.e.box@linux.intel.com, sathyanarayanan.kuppuswamy@linux.intel.com Cc: linux-kernel@vger.kernel.org, platform-driver-x86@vger.kernel.org Subject: [PATCH 1/8] platform/x86/intel/sdsi: Set message size during writes Date: Wed, 31 Jan 2024 17:07:40 -0800 Message-Id: <20240201010747.471141-2-david.e.box@linux.intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240201010747.471141-1-david.e.box@linux.intel.com> References: <20240201010747.471141-1-david.e.box@linux.intel.com> Precedence: bulk X-Mailing-List: platform-driver-x86@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 New mailbox commands will support sending multi packet writes and updated firmware now requires that the message size be written for all commands along with the packet size. Since the driver doesn't perform writes larger than the packet size, set the message size to the same value. Signed-off-by: David E. Box Reviewed-by: Ilpo Järvinen Reviewed-by: Kuppuswamy Sathyanarayanan --- drivers/platform/x86/intel/sdsi.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/platform/x86/intel/sdsi.c b/drivers/platform/x86/intel/sdsi.c index 556e7c6dbb05..a70c071de6e2 100644 --- a/drivers/platform/x86/intel/sdsi.c +++ b/drivers/platform/x86/intel/sdsi.c @@ -252,6 +252,7 @@ static int sdsi_mbox_cmd_write(struct sdsi_priv *priv, struct sdsi_mbox_info *in FIELD_PREP(CTRL_SOM, 1) | FIELD_PREP(CTRL_RUN_BUSY, 1) | FIELD_PREP(CTRL_READ_WRITE, 1) | + FIELD_PREP(CTRL_MSG_SIZE, info->size) | FIELD_PREP(CTRL_PACKET_SIZE, info->size); writeq(control, priv->control_addr); From patchwork Thu Feb 1 01:07:41 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "David E. Box" X-Patchwork-Id: 13540552 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7623F568C; Thu, 1 Feb 2024 01:07:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.12 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706749673; cv=none; b=KIPnlmuB2MgHLRxDGZo4NVYFG3YcJB0q3HdKJti9TTK2x0ebckDeAYOxlYWVt+D86Hr8nzdMGlFuDx7eOi2mVszZa/B46XrNgEhZvV8Q1jJ8f7nptUKVlTXqwAMY9d5yrBeNFenM2pbY2Dw+t1wMDQjvmrdzLdqbi5+UbTtoL78= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706749673; c=relaxed/simple; bh=tsmNJuvJTUPKJwIw1JsNvBWJzwsEi0xNRBm9glWNJPE=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=FtWPXTgmL6sPh9LXqCukki7nlbIi4TzHmXwgEa5bZEqzinp7MzW+8jRnUlv+XEGZ0raTrW9AUKNpop9dxld1sqG205BoxpU+7SGofz+1rAOOQAd+30ODY2DuOQVPTypokHSMgIbpgMGKxgerShJdfh1RTjOdi/yv/6fVJ7pQ2i0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=h/N9d2Qn; arc=none smtp.client-ip=198.175.65.12 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="h/N9d2Qn" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1706749672; x=1738285672; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=tsmNJuvJTUPKJwIw1JsNvBWJzwsEi0xNRBm9glWNJPE=; b=h/N9d2QnUzHaQYPgyN5GzsDg9iJwBWjCf8JSqBYsZRRh9xYyHB8wNHei OJdU4Cb8CnDfxoUzyPOIkEbXq9Q4GBc7ta0sKuFPa7LHTbvanb9lzeruc p2KlVC19XMgCn0exUGWQo4SwKMOlacOONQFZeVwoU0OgY947RjxvDG1Qn BbIFhYVCb/AdTPrucoZqqJeUuCaBXP6YwcyGMUP9p9nB5rY+T57RYuEL1 VBUZdSI6sstG9+oLR0VSJVj+PPxNx76QrWJ0vaE/HK8pbGIzoYzhx4N/M wClpWTFpKw8yxd7Yug0BzTvRA10qCJWFyQJ+TTixvxvScUNOc2bFkckq+ A==; X-IronPort-AV: E=McAfee;i="6600,9927,10969"; a="11145820" X-IronPort-AV: E=Sophos;i="6.05,233,1701158400"; d="scan'208";a="11145820" Received: from orviesa001.jf.intel.com ([10.64.159.141]) by orvoesa104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 Jan 2024 17:07:49 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.05,233,1701158400"; d="scan'208";a="37057409" Received: from linux.intel.com ([10.54.29.200]) by orviesa001.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 Jan 2024 17:07:49 -0800 Received: from debox1-desk4.lan (unknown [10.212.205.115]) by linux.intel.com (Postfix) with ESMTP id 8AFAC580E05; Wed, 31 Jan 2024 17:07:48 -0800 (PST) From: "David E. Box" To: netdev@vger.kernel.org, ilpo.jarvinen@linux.intel.com, david.e.box@linux.intel.com, sathyanarayanan.kuppuswamy@linux.intel.com Cc: linux-kernel@vger.kernel.org, platform-driver-x86@vger.kernel.org Subject: [PATCH 2/8] platform/x86/intel/sdsi: Combine read and write mailbox flows Date: Wed, 31 Jan 2024 17:07:41 -0800 Message-Id: <20240201010747.471141-3-david.e.box@linux.intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240201010747.471141-1-david.e.box@linux.intel.com> References: <20240201010747.471141-1-david.e.box@linux.intel.com> Precedence: bulk X-Mailing-List: platform-driver-x86@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 The current mailbox commands are either read-only or write-only and the flow is different for each. New commands will need to send and receive data. In preparation for these commands, create a common polling function to handle sending data and receiving in the same transaction. Signed-off-by: David E. Box --- drivers/platform/x86/intel/sdsi.c | 79 +++++++++++++++++-------------- 1 file changed, 44 insertions(+), 35 deletions(-) diff --git a/drivers/platform/x86/intel/sdsi.c b/drivers/platform/x86/intel/sdsi.c index a70c071de6e2..05a35f2f85b6 100644 --- a/drivers/platform/x86/intel/sdsi.c +++ b/drivers/platform/x86/intel/sdsi.c @@ -15,6 +15,7 @@ #include #include #include +#include #include #include #include @@ -156,8 +157,8 @@ static int sdsi_status_to_errno(u32 status) } } -static int sdsi_mbox_cmd_read(struct sdsi_priv *priv, struct sdsi_mbox_info *info, - size_t *data_size) +static int sdsi_mbox_poll(struct sdsi_priv *priv, struct sdsi_mbox_info *info, + size_t *data_size) { struct device *dev = priv->dev; u32 total, loop, eom, status, message_size; @@ -166,18 +167,10 @@ static int sdsi_mbox_cmd_read(struct sdsi_priv *priv, struct sdsi_mbox_info *inf lockdep_assert_held(&priv->mb_lock); - /* Format and send the read command */ - control = FIELD_PREP(CTRL_EOM, 1) | - FIELD_PREP(CTRL_SOM, 1) | - FIELD_PREP(CTRL_RUN_BUSY, 1) | - FIELD_PREP(CTRL_PACKET_SIZE, info->size); - writeq(control, priv->control_addr); - /* For reads, data sizes that are larger than the mailbox size are read in packets. */ total = 0; loop = 0; do { - void *buf = info->buffer + (SDSI_SIZE_MAILBOX * loop); u32 packet_size; /* Poll on ready bit */ @@ -195,6 +188,11 @@ static int sdsi_mbox_cmd_read(struct sdsi_priv *priv, struct sdsi_mbox_info *inf if (ret) break; + if (!packet_size) { + sdsi_complete_transaction(priv); + break; + } + /* Only the last packet can be less than the mailbox size. */ if (!eom && packet_size != SDSI_SIZE_MAILBOX) { dev_err(dev, "Invalid packet size\n"); @@ -208,9 +206,13 @@ static int sdsi_mbox_cmd_read(struct sdsi_priv *priv, struct sdsi_mbox_info *inf break; } - sdsi_memcpy64_fromio(buf, priv->mbox_addr, round_up(packet_size, SDSI_SIZE_CMD)); + if (packet_size && info->buffer) { + void *buf = info->buffer + array_size(SDSI_SIZE_MAILBOX, loop); - total += packet_size; + sdsi_memcpy64_fromio(buf, priv->mbox_addr, + round_up(packet_size, SDSI_SIZE_CMD)); + total += packet_size; + } sdsi_complete_transaction(priv); } while (!eom && ++loop < MBOX_MAX_PACKETS); @@ -230,16 +232,33 @@ static int sdsi_mbox_cmd_read(struct sdsi_priv *priv, struct sdsi_mbox_info *inf dev_warn(dev, "Read count %u differs from expected count %u\n", total, message_size); - *data_size = total; + if (data_size) + *data_size = total; return 0; } -static int sdsi_mbox_cmd_write(struct sdsi_priv *priv, struct sdsi_mbox_info *info) +static int sdsi_mbox_cmd_read(struct sdsi_priv *priv, struct sdsi_mbox_info *info, + size_t *data_size) +{ + u64 control; + + lockdep_assert_held(&priv->mb_lock); + + /* Format and send the read command */ + control = FIELD_PREP(CTRL_EOM, 1) | + FIELD_PREP(CTRL_SOM, 1) | + FIELD_PREP(CTRL_RUN_BUSY, 1) | + FIELD_PREP(CTRL_PACKET_SIZE, info->size); + writeq(control, priv->control_addr); + + return sdsi_mbox_poll(priv, info, data_size); +} + +static int sdsi_mbox_cmd_write(struct sdsi_priv *priv, struct sdsi_mbox_info *info, + size_t *data_size) { u64 control; - u32 status; - int ret; lockdep_assert_held(&priv->mb_lock); @@ -256,20 +275,7 @@ static int sdsi_mbox_cmd_write(struct sdsi_priv *priv, struct sdsi_mbox_info *in FIELD_PREP(CTRL_PACKET_SIZE, info->size); writeq(control, priv->control_addr); - /* Poll on ready bit */ - ret = readq_poll_timeout(priv->control_addr, control, control & CTRL_READY, - MBOX_POLLING_PERIOD_US, MBOX_TIMEOUT_US); - - if (ret) - goto release_mbox; - - status = FIELD_GET(CTRL_STATUS, control); - ret = sdsi_status_to_errno(status); - -release_mbox: - sdsi_complete_transaction(priv); - - return ret; + return sdsi_mbox_poll(priv, info, data_size); } static int sdsi_mbox_acquire(struct sdsi_priv *priv, struct sdsi_mbox_info *info) @@ -313,7 +319,8 @@ static int sdsi_mbox_acquire(struct sdsi_priv *priv, struct sdsi_mbox_info *info return ret; } -static int sdsi_mbox_write(struct sdsi_priv *priv, struct sdsi_mbox_info *info) +static int sdsi_mbox_write(struct sdsi_priv *priv, struct sdsi_mbox_info *info, + size_t *data_size) { int ret; @@ -323,7 +330,7 @@ static int sdsi_mbox_write(struct sdsi_priv *priv, struct sdsi_mbox_info *info) if (ret) return ret; - return sdsi_mbox_cmd_write(priv, info); + return sdsi_mbox_cmd_write(priv, info, data_size); } static int sdsi_mbox_read(struct sdsi_priv *priv, struct sdsi_mbox_info *info, size_t *data_size) @@ -342,7 +349,7 @@ static int sdsi_mbox_read(struct sdsi_priv *priv, struct sdsi_mbox_info *info, s static ssize_t sdsi_provision(struct sdsi_priv *priv, char *buf, size_t count, enum sdsi_command command) { - struct sdsi_mbox_info info; + struct sdsi_mbox_info info = {}; int ret; if (count > (SDSI_SIZE_WRITE_MSG - SDSI_SIZE_CMD)) @@ -364,7 +371,9 @@ static ssize_t sdsi_provision(struct sdsi_priv *priv, char *buf, size_t count, ret = mutex_lock_interruptible(&priv->mb_lock); if (ret) goto free_payload; - ret = sdsi_mbox_write(priv, &info); + + ret = sdsi_mbox_write(priv, &info, NULL); + mutex_unlock(&priv->mb_lock); free_payload: @@ -408,7 +417,7 @@ static ssize_t certificate_read(u64 command, struct sdsi_priv *priv, char *buf, loff_t off, size_t count) { - struct sdsi_mbox_info info; + struct sdsi_mbox_info info = {}; size_t size; int ret; From patchwork Thu Feb 1 01:07:42 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: "David E. Box" X-Patchwork-Id: 13540551 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 321544C75; Thu, 1 Feb 2024 01:07:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.9 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706749672; cv=none; b=k8SRgiBOiBq5uo8ID7VKJMUKo4ZklfR3ocHJiZxF3nIKeD38UZcA+S6tWLiuqSBOUZR6tcOmPpitOdNB5duJ9keM1jKqzcwYNTfIhSkBU6iV4+UNcgLxMj/wXDHEJyD0nZtETDq0urHbt4zsf21iWgdpKfv1s28ouvOu2nbtZ/Y= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706749672; c=relaxed/simple; bh=HQqVP5qs3cQCmLjUe703sRStc+w/AM27AwAqsgg0OhI=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=GoSjVji1ofXf+Ux/zj+hcitONnVt1LH+Utmz++FFtfRQlqO9nJUlBgQFF8ZHo6wtvo96SITSkn50Qb9L3SGFMQMK/VOQkYI3iz5MOlCBwCP9KRyjuKybDgfIP/tYTgXGh6RC4tyJyiqcZ4IbYSXiBMsSRXmeAV5CvrZmAg6ItSg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=IujJueKh; arc=none smtp.client-ip=192.198.163.9 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="IujJueKh" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1706749671; x=1738285671; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=HQqVP5qs3cQCmLjUe703sRStc+w/AM27AwAqsgg0OhI=; b=IujJueKhqoOZVhZ+E/FmdMLxLaCbv+VEXRsmhDvORAjD+YABchzMK7Md 8X9gr7nvaCwPHxwyEwrKXKmunTDHknHp5DGvKxhYBwvLKbJ6kk40270IH t3aY64f8RfhoCAeyrsZvp3HMBT2d3Cf1FuB30A0DdCLyZruFUUAguZem1 O7TCSblFy5t41ZnnBHXWVCLJw7Ia04T0p6wOxsdsFIU7K2a/txV2Bkq+G ubnHLrxFRWP1K0j0zMCwhwRoiHnDDjXUS56o5JJfVY9NLlLDaYP7rFZzM aWW2PZpHVlpg4pyGXrYh1nnV7UtMsDaXZEo9KvGLSD/K2RD1L+0LrOt8z A==; X-IronPort-AV: E=McAfee;i="6600,9927,10969"; a="10533014" X-IronPort-AV: E=Sophos;i="6.05,233,1701158400"; d="scan'208";a="10533014" Received: from fmviesa004.fm.intel.com ([10.60.135.144]) by fmvoesa103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 Jan 2024 17:07:49 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.05,233,1701158400"; d="scan'208";a="4265160" Received: from linux.intel.com ([10.54.29.200]) by fmviesa004.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 Jan 2024 17:07:49 -0800 Received: from debox1-desk4.lan (unknown [10.212.205.115]) by linux.intel.com (Postfix) with ESMTP id B8435580201; Wed, 31 Jan 2024 17:07:48 -0800 (PST) From: "David E. Box" To: netdev@vger.kernel.org, ilpo.jarvinen@linux.intel.com, david.e.box@linux.intel.com, sathyanarayanan.kuppuswamy@linux.intel.com Cc: linux-kernel@vger.kernel.org, platform-driver-x86@vger.kernel.org Subject: [PATCH 3/8] platform/x86/intel/sdsi: Add header file Date: Wed, 31 Jan 2024 17:07:42 -0800 Message-Id: <20240201010747.471141-4-david.e.box@linux.intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240201010747.471141-1-david.e.box@linux.intel.com> References: <20240201010747.471141-1-david.e.box@linux.intel.com> Precedence: bulk X-Mailing-List: platform-driver-x86@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 In preparation for new source files, move common structures to a new header flie. Signed-off-by: David E. Box Reviewed-by: Ilpo Järvinen Reviewed-by: Kuppuswamy Sathyanarayanan --- MAINTAINERS | 1 + drivers/platform/x86/intel/sdsi.c | 23 +---------------------- drivers/platform/x86/intel/sdsi.h | 31 +++++++++++++++++++++++++++++++ 3 files changed, 33 insertions(+), 22 deletions(-) create mode 100644 drivers/platform/x86/intel/sdsi.h diff --git a/MAINTAINERS b/MAINTAINERS index 8d1052fa6a69..09ef8497e48a 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -11042,6 +11042,7 @@ INTEL SDSI DRIVER M: David E. Box S: Supported F: drivers/platform/x86/intel/sdsi.c +F: drivers/platform/x86/intel/sdsi.h F: tools/arch/x86/intel_sdsi/ F: tools/testing/selftests/drivers/sdsi/ diff --git a/drivers/platform/x86/intel/sdsi.c b/drivers/platform/x86/intel/sdsi.c index 05a35f2f85b6..d48bb648f0b2 100644 --- a/drivers/platform/x86/intel/sdsi.c +++ b/drivers/platform/x86/intel/sdsi.c @@ -22,24 +22,16 @@ #include #include +#include "sdsi.h" #include "vsec.h" #define ACCESS_TYPE_BARID 2 #define ACCESS_TYPE_LOCAL 3 #define SDSI_MIN_SIZE_DWORDS 276 -#define SDSI_SIZE_MAILBOX 1024 #define SDSI_SIZE_REGS 80 #define SDSI_SIZE_CMD sizeof(u64) -/* - * Write messages are currently up to the size of the mailbox - * while read messages are up to 4 times the size of the - * mailbox, sent in packets - */ -#define SDSI_SIZE_WRITE_MSG SDSI_SIZE_MAILBOX -#define SDSI_SIZE_READ_MSG (SDSI_SIZE_MAILBOX * 4) - #define SDSI_ENABLED_FEATURES_OFFSET 16 #define SDSI_FEATURE_SDSI BIT(3) #define SDSI_FEATURE_METERING BIT(26) @@ -103,19 +95,6 @@ struct disc_table { u32 offset; }; -struct sdsi_priv { - struct mutex mb_lock; /* Mailbox access lock */ - struct device *dev; - void __iomem *control_addr; - void __iomem *mbox_addr; - void __iomem *regs_addr; - int control_size; - int maibox_size; - int registers_size; - u32 guid; - u32 features; -}; - /* SDSi mailbox operations must be performed using 64bit mov instructions */ static __always_inline void sdsi_memcpy64_toio(u64 __iomem *to, const u64 *from, size_t count_bytes) diff --git a/drivers/platform/x86/intel/sdsi.h b/drivers/platform/x86/intel/sdsi.h new file mode 100644 index 000000000000..d0d7450c7b2b --- /dev/null +++ b/drivers/platform/x86/intel/sdsi.h @@ -0,0 +1,31 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#ifndef __PDx86_SDSI_H_ +#define __PDx86_SDSI_H_ +#include +#include + +#define SDSI_SIZE_MAILBOX 1024 + +/* + * Write messages are currently up to the size of the mailbox + * while read messages are up to 4 times the size of the + * mailbox, sent in packets + */ +#define SDSI_SIZE_WRITE_MSG SDSI_SIZE_MAILBOX +#define SDSI_SIZE_READ_MSG (SDSI_SIZE_MAILBOX * 4) + +struct device; + +struct sdsi_priv { + struct mutex mb_lock; /* Mailbox access lock */ + struct device *dev; + void __iomem *control_addr; + void __iomem *mbox_addr; + void __iomem *regs_addr; + int control_size; + int maibox_size; + int registers_size; + u32 guid; + u32 features; +}; +#endif From patchwork Thu Feb 1 01:07:43 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "David E. Box" X-Patchwork-Id: 13540554 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C8E52EACC; Thu, 1 Feb 2024 01:07:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.12 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706749674; cv=none; b=KIsMdZyBAVe8utwY6MEV0NBkbZf4zrxB9HLsT52KKUPlCvza4Qm7d1roljGtdTZQgSGT3utay54myiw8s5E9jYO6MYMSTUep8XI65XpUrTrUViEgYWULF/nSMX0tM35nBy4cLuSlXiqrjXe7zN+hO4VRDn6f5sOsJsTc8OgccwY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706749674; c=relaxed/simple; bh=biQMLZUnkVyV4tyTKSCox8eL77UiNWCAiGVihWRmr6Y=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=nRjn7kUl+8fVkeYOsGCUMXPq9uYgAejK7RibL7MFOBVQEza/jx3ZGkgxUCVWuZVyAavCcssb9ni4PJ+Kf02Ml5e96BbNhhmFerUsJYqYCE++2vsr539SrR8eZfACz3VN7EvqCRQXN7VxQ457LK+02yiPVfhej0/Vm1K+NWRuK5A= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=DVvtUTcJ; arc=none smtp.client-ip=198.175.65.12 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="DVvtUTcJ" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1706749672; x=1738285672; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=biQMLZUnkVyV4tyTKSCox8eL77UiNWCAiGVihWRmr6Y=; b=DVvtUTcJZl48MJjJ1hnTLIuX3kZVZMgBCAxzneE1zuMX3r23OYDA9ocM i/HJ+9sLVhzvV0r6RIydMaoHpF7jko1x7Jsv3mfFihkYQQcxDZNfex5x4 9NhUnV2eEHGmKdomJ9/ne2Dy69Ch/QXkVst2hv9gNevu+Kn5Y5+J3ehue pfaR9GEPGuH/W/NYEm+uydsISHxY17OrvvEHQMbsLIyfbHV7MAIkiKH37 vibfLHLlwye+koWoXO5J67A6N/cjnlP6CEBOZrqTId6UCdz+EyjZgz783 Cywm6Kf5eJxnNwl+Vw5ap9uhM23LJrwx0YDuzUR/bK4RPg2YfHvapOUam A==; X-IronPort-AV: E=McAfee;i="6600,9927,10969"; a="11145822" X-IronPort-AV: E=Sophos;i="6.05,233,1701158400"; d="scan'208";a="11145822" Received: from orviesa001.jf.intel.com ([10.64.159.141]) by orvoesa104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 Jan 2024 17:07:49 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.05,233,1701158400"; d="scan'208";a="37057413" Received: from linux.intel.com ([10.54.29.200]) by orviesa001.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 Jan 2024 17:07:49 -0800 Received: from debox1-desk4.lan (unknown [10.212.205.115]) by linux.intel.com (Postfix) with ESMTP id E7401580E05; Wed, 31 Jan 2024 17:07:48 -0800 (PST) From: "David E. Box" To: netdev@vger.kernel.org, ilpo.jarvinen@linux.intel.com, david.e.box@linux.intel.com, sathyanarayanan.kuppuswamy@linux.intel.com Cc: linux-kernel@vger.kernel.org, platform-driver-x86@vger.kernel.org Subject: [PATCH 4/8] platform/x86/intel/sdsi: Add netlink SPDM transport Date: Wed, 31 Jan 2024 17:07:43 -0800 Message-Id: <20240201010747.471141-5-david.e.box@linux.intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240201010747.471141-1-david.e.box@linux.intel.com> References: <20240201010747.471141-1-david.e.box@linux.intel.com> Precedence: bulk X-Mailing-List: platform-driver-x86@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Intel On Demand adds attestation and firmware measurement retrieval services through use of the protocols defined the Security Protocols and Data Measurement (SPDM) specification. SPDM messages exchanges are used to authenticate On Demand hardware and to retrieve signed measurements of the NVRAM state used to track feature provisioning and the NVRAM state used for metering services. These allow software to verify the authenticity of the On Demand hardware as well as the integrity of the reported silicon configuration. Add a netlink SPDM transport for sending SPDM messages through the On Demand mailbox. Provides commands to get a list of SPDM enabled devices, get the message size limits for SPDM Requesters and Responders, and perform an SPDM message exchange. Signed-off-by: David E. Box Tested-by: Wendy Wang Link: https://www.dmtf.org/sites/default/files/standards/documents/DSP0274_1.0.1.pdf [1] --- Documentation/netlink/specs/intel_sdsi.yaml | 97 ++++++++ MAINTAINERS | 2 + drivers/platform/x86/intel/Makefile | 2 +- drivers/platform/x86/intel/sdsi.c | 164 ++++++++++++- drivers/platform/x86/intel/sdsi.h | 14 ++ drivers/platform/x86/intel/sdsi_genl.c | 249 ++++++++++++++++++++ include/uapi/linux/intel-sdsi.h | 40 ++++ 7 files changed, 565 insertions(+), 3 deletions(-) create mode 100644 Documentation/netlink/specs/intel_sdsi.yaml create mode 100644 drivers/platform/x86/intel/sdsi_genl.c create mode 100644 include/uapi/linux/intel-sdsi.h diff --git a/Documentation/netlink/specs/intel_sdsi.yaml b/Documentation/netlink/specs/intel_sdsi.yaml new file mode 100644 index 000000000000..eeeaaffe3e81 --- /dev/null +++ b/Documentation/netlink/specs/intel_sdsi.yaml @@ -0,0 +1,97 @@ +# SPDX-License-Identifier: ((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause) + +name: intel-sdsi + +protocol: genetlink + +doc: + Intel On Demand generic netlink ABI for Attestation servives. + +attribute-sets: + - + name: sdsi + name-prefix: sdsi-genl-attr- + attributes: + - + name: unspec + type: unused + value: 0 + - + name: devs + doc: List of On Demand entries + type: nest + multi-attr: true + nested-attributes: dev-info + - + name: dev-id + type: u32 + - + name: dev-name + type: string + - + name: spdm-req + type: binary + - + name: spdm-rsp + type: binary + - + name: spdm-rsp-size + type: u32 + - + name: spdm-req-size + type: u32 + - + name: dev-info + subset-of: sdsi + attributes: + - + name: dev-id + type: u32 + - + name: dev-name + type: string + +operations: + name-prefix: sdsi-genl-cmd- + list: + - + name: unspec + doc: unused + value: 0 + - + name: get-devs + doc: Returns a list of available On Demand entries + attribute-set: sdsi + do: &get-devs-op + request: + attributes: + - dev-id + reply: + attributes: + - devs + dump: *get-devs-op + - + name: get-info + doc: Returns information about On Demand devices + attribute-set: sdsi + do: + request: + attributes: + - dev-id + reply: + attributes: + - spdm-req-size + - spdm-rsp-size + - + name: get-spdm + doc: Send and receive SPDM messages + attribute-set: sdsi + do: + request: + attributes: + - dev-id + - spdm-req + reply: + attributes: + - dev-id + - spdm-rsp diff --git a/MAINTAINERS b/MAINTAINERS index 09ef8497e48a..523943140bf5 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -11041,8 +11041,10 @@ F: drivers/platform/x86/intel_scu_* INTEL SDSI DRIVER M: David E. Box S: Supported +F: drivers/platform/x86/intel/sdsi_genl.c F: drivers/platform/x86/intel/sdsi.c F: drivers/platform/x86/intel/sdsi.h +F: include/uapi/linux/sdsi_nl.h F: tools/arch/x86/intel_sdsi/ F: tools/testing/selftests/drivers/sdsi/ diff --git a/drivers/platform/x86/intel/Makefile b/drivers/platform/x86/intel/Makefile index c1d5fe05e3f3..e1408d60d6ea 100644 --- a/drivers/platform/x86/intel/Makefile +++ b/drivers/platform/x86/intel/Makefile @@ -28,7 +28,7 @@ intel_int0002_vgpio-y := int0002_vgpio.o obj-$(CONFIG_INTEL_INT0002_VGPIO) += intel_int0002_vgpio.o intel_oaktrail-y := oaktrail.o obj-$(CONFIG_INTEL_OAKTRAIL) += intel_oaktrail.o -intel_sdsi-y := sdsi.o +intel_sdsi-y := sdsi.o sdsi_genl.o obj-$(CONFIG_INTEL_SDSI) += intel_sdsi.o intel_vsec-y := vsec.o obj-$(CONFIG_INTEL_VSEC) += intel_vsec.o diff --git a/drivers/platform/x86/intel/sdsi.c b/drivers/platform/x86/intel/sdsi.c index d48bb648f0b2..14821fee249c 100644 --- a/drivers/platform/x86/intel/sdsi.c +++ b/drivers/platform/x86/intel/sdsi.c @@ -11,6 +11,7 @@ #include #include #include +#include #include #include #include @@ -34,6 +35,7 @@ #define SDSI_ENABLED_FEATURES_OFFSET 16 #define SDSI_FEATURE_SDSI BIT(3) +#define SDSI_FEATURE_ATTESTATION BIT(12) #define SDSI_FEATURE_METERING BIT(26) #define SDSI_SOCKET_ID_OFFSET 64 @@ -76,11 +78,15 @@ #define GUID_V2_CNTRL_SIZE 16 #define GUID_V2_REGS_SIZE 80 +LIST_HEAD(sdsi_list); +DEFINE_MUTEX(sdsi_list_lock); + enum sdsi_command { SDSI_CMD_PROVISION_AKC = 0x0004, SDSI_CMD_PROVISION_CAP = 0x0008, SDSI_CMD_READ_STATE = 0x0010, SDSI_CMD_READ_METER = 0x0014, + SDSI_CMD_ATTESTATION = 0x1012, }; struct sdsi_mbox_info { @@ -533,6 +539,99 @@ static const struct attribute_group sdsi_group = { }; __ATTRIBUTE_GROUPS(sdsi); +bool sdsi_supports_attestation(struct sdsi_priv *priv) +{ + return priv->features & SDSI_FEATURE_ATTESTATION; +} + +/* SPDM transport */ +int sdsi_spdm_exchange(void *private, const void *request, size_t request_sz, + void *response, size_t response_sz) +{ + struct sdsi_priv *priv = private; + struct sdsi_mbox_info info = {}; + size_t spdm_msg_size, size; + int ret; + u64 *payload __free(kfree) = NULL; + + /* + * For the attestation command, the mailbox write size is the sum of: + * Size of the SPDM request payload, padded for qword alignment + * 8 bytes for the mailbox command + * 8 bytes for the actual (non-padded) size of the SPDM request + */ + if (request_sz > (SDSI_SIZE_WRITE_MSG - (2 * sizeof(u64)))) + return -EOVERFLOW; + + info.size = round_up(request_sz, sizeof(u64)) + 2 * sizeof(u64); + + payload = kzalloc(info.size, GFP_KERNEL); + if (!payload) + return -ENOMEM; + + memcpy(payload, request, request_sz); + + /* The non-padded SPDM payload size is the 2nd-to-last qword */ + payload[(info.size / sizeof(u64)) - 2] = request_sz; + + /* Attestation mailbox command is the last qword of payload buffer */ + payload[(info.size / sizeof(u64)) - 1] = SDSI_CMD_ATTESTATION; + + info.payload = payload; + info.buffer = response; + + ret = mutex_lock_interruptible(&priv->mb_lock); + if (ret) + return ret; + ret = sdsi_mbox_write(priv, &info, &size); + mutex_unlock(&priv->mb_lock); + + if (ret < 0) + return ret; + + /* + * The read size is the sum of: + * Size of the SPDM response payload, padded for qword alignment + * 8 bytes for the actual (non-padded) size of the SPDM payload + */ + + if (size < sizeof(u64)) { + dev_err(priv->dev, + "Attestation error: Mailbox reply size, %ld, too small\n", + size); + return -EPROTO; + } + + if (!IS_ALIGNED(size, sizeof(u64))) { + dev_err(priv->dev, + "Attestation error: Mailbox reply size, %ld, is not aligned\n", + size); + return -EPROTO; + } + + /* + * Get the SPDM response size from the last QWORD and check it fits + * with no more than 7 bytes of padding + */ + spdm_msg_size = ((u64 *)info.buffer)[(size - sizeof(u64)) / sizeof(u64)]; + if (!in_range(size - spdm_msg_size - sizeof(u64), 0, 8)) { + dev_err(priv->dev, + "Attestation error: Invalid SPDM response size, %ld\n", + spdm_msg_size); + return -EPROTO; + } + + if (spdm_msg_size > response_sz) { + dev_err(priv->dev, "Attestation error: Expected response size %ld, got %ld\n", + response_sz, spdm_msg_size); + return -EOVERFLOW; + } + + memcpy(response, info.buffer, spdm_msg_size); + + return spdm_msg_size; +} + static int sdsi_get_layout(struct sdsi_priv *priv, struct disc_table *table) { switch (table->guid) { @@ -614,6 +713,7 @@ static int sdsi_probe(struct auxiliary_device *auxdev, const struct auxiliary_de return -ENOMEM; priv->dev = &auxdev->dev; + priv->id = auxdev->id; mutex_init(&priv->mb_lock); auxiliary_set_drvdata(auxdev, priv); @@ -637,9 +737,36 @@ static int sdsi_probe(struct auxiliary_device *auxdev, const struct auxiliary_de if (ret) return ret; + mutex_lock(&sdsi_list_lock); + list_add(&priv->node, &sdsi_list); + mutex_unlock(&sdsi_list_lock); + return 0; } +static void sdsi_remove(struct auxiliary_device *auxdev) +{ + struct sdsi_priv *priv = auxiliary_get_drvdata(auxdev); + + list_del(&priv->node); +} + +struct sdsi_priv *sdsi_dev_get_by_id(int id) +{ + struct sdsi_priv *priv, *match = NULL; + + mutex_lock(&sdsi_list_lock); + list_for_each_entry(priv, &sdsi_list, node) { + if (priv->id == id) { + match = priv; + break; + } + } + mutex_unlock(&sdsi_list_lock); + + return match; +} + static const struct auxiliary_device_id sdsi_aux_id_table[] = { { .name = "intel_vsec.sdsi" }, {} @@ -652,9 +779,42 @@ static struct auxiliary_driver sdsi_aux_driver = { }, .id_table = sdsi_aux_id_table, .probe = sdsi_probe, - /* No remove. All resources are handled under devm */ + .remove = sdsi_remove, }; -module_auxiliary_driver(sdsi_aux_driver); + +static bool netlink_initialized; + +static int __init sdsi_init(void) +{ + int ret; + + ret = auxiliary_driver_register(&sdsi_aux_driver); + if (ret) + goto error; + + if (sdsi_netlink_init()) + pr_warn("Intel SDSi failed to init netlink\n"); + else + netlink_initialized = true; + + return 0; + +error: + mutex_destroy(&sdsi_list_lock); + return ret; +} +module_init(sdsi_init); + +static void __exit sdsi_exit(void) +{ + if (netlink_initialized) + sdsi_netlink_exit(); + + auxiliary_driver_unregister(&sdsi_aux_driver); + + mutex_destroy(&sdsi_list_lock); +} +module_exit(sdsi_exit); MODULE_AUTHOR("David E. Box "); MODULE_DESCRIPTION("Intel On Demand (SDSi) driver"); diff --git a/drivers/platform/x86/intel/sdsi.h b/drivers/platform/x86/intel/sdsi.h index d0d7450c7b2b..256618eb3136 100644 --- a/drivers/platform/x86/intel/sdsi.h +++ b/drivers/platform/x86/intel/sdsi.h @@ -19,13 +19,27 @@ struct device; struct sdsi_priv { struct mutex mb_lock; /* Mailbox access lock */ struct device *dev; + struct intel_vsec_device *ivdev; + struct list_head node; void __iomem *control_addr; void __iomem *mbox_addr; void __iomem *regs_addr; int control_size; int maibox_size; int registers_size; + int id; u32 guid; u32 features; }; + +extern struct list_head sdsi_list; +extern struct mutex sdsi_list_lock; + +extern bool sdsi_supports_attestation(struct sdsi_priv *priv); +extern int +sdsi_spdm_exchange(void *private, const void *request, size_t request_sz, + void *response, size_t response_sz); +extern struct sdsi_priv *sdsi_dev_get_by_id(int id); +extern int sdsi_netlink_init(void); +extern int sdsi_netlink_exit(void); #endif diff --git a/drivers/platform/x86/intel/sdsi_genl.c b/drivers/platform/x86/intel/sdsi_genl.c new file mode 100644 index 000000000000..bca1671eba0d --- /dev/null +++ b/drivers/platform/x86/intel/sdsi_genl.c @@ -0,0 +1,249 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Copyright (c) 2023, Intel Corporation. + * All Rights Reserved. + * + * Author: David E. Box + * + * Netlink ABI for Intel On Demand SPDM transport + */ +#include +#include +#include +#include +#include +#include +#include + +#include "sdsi.h" + +static struct genl_family sdsi_nl_family; + +static const struct nla_policy sdsi_genl_policy[SDSI_GENL_ATTR_MAX + 1] = { + [SDSI_GENL_ATTR_DEVS] = { .type = NLA_NESTED }, + [SDSI_GENL_ATTR_DEV_ID] = { .type = NLA_U32 }, + [SDSI_GENL_ATTR_DEV_NAME] = { .type = NLA_STRING }, + [SDSI_GENL_ATTR_SPDM_REQ] = { .type = NLA_BINARY }, + [SDSI_GENL_ATTR_SPDM_RSP] = { .type = NLA_BINARY }, + [SDSI_GENL_ATTR_SPDM_REQ_SIZE] = { .type = NLA_U32 }, + [SDSI_GENL_ATTR_SPDM_RSP_SIZE] = { .type = NLA_U32 }, +}; + +struct param { + struct nlattr **attrs; + struct sk_buff *msg; + struct sdsi_priv *priv; +}; + +typedef int (*sdsi_genl_cb_t)(struct param *); + +static int sdsi_genl_cmd_spdm(struct param *p) +{ + struct sk_buff *msg = p->msg; + struct sdsi_priv *priv = p->priv; + void *response __free(kfree) = NULL; + void *request; + int rsp_size, req_size; + int ret; + + if (!sdsi_supports_attestation(priv)) + return -EOPNOTSUPP; + + if (!p->attrs[SDSI_GENL_ATTR_SPDM_REQ]) + return -EINVAL; + + request = nla_data(p->attrs[SDSI_GENL_ATTR_SPDM_REQ]); + req_size = nla_len(p->attrs[SDSI_GENL_ATTR_SPDM_REQ]); + + response = kmalloc(SDSI_SIZE_READ_MSG, GFP_KERNEL); + if (!response) + return -ENOMEM; + + rsp_size = sdsi_spdm_exchange(priv, request, req_size, response, + SDSI_SIZE_READ_MSG); + if (rsp_size < 0) + return rsp_size; + + ret = nla_put_u32(msg, SDSI_GENL_ATTR_DEV_ID, priv->id); + if (ret) + return ret; + + return nla_put(msg, SDSI_GENL_ATTR_SPDM_RSP, rsp_size, + response); +} + +static int sdsi_genl_cmd_get_devs(struct param *p) +{ + struct sk_buff *msg = p->msg; + struct nlattr *nest_start; + struct sdsi_priv *priv = p->priv; + + nest_start = nla_nest_start(msg, SDSI_GENL_ATTR_DEVS); + if (!nest_start) + return -EMSGSIZE; + + if (nla_put_u32(msg, SDSI_GENL_ATTR_DEV_ID, priv->id) || + nla_put_string(msg, SDSI_GENL_ATTR_DEV_NAME, dev_name(priv->dev))) + goto out_cancel_nest; + + nla_nest_end(msg, nest_start); + + return 0; + +out_cancel_nest: + nla_nest_cancel(msg, nest_start); + + return -EMSGSIZE; +} + +static int sdsi_genl_cmd_get_info(struct param *p) +{ + struct sk_buff *msg = p->msg; + int ret; + + ret = nla_put_u32(msg, SDSI_GENL_ATTR_SPDM_REQ_SIZE, + SDSI_SIZE_WRITE_MSG - (2 * sizeof(u64))); + if (ret) + return ret; + + return nla_put_u32(msg, SDSI_GENL_ATTR_SPDM_RSP_SIZE, + SDSI_SIZE_READ_MSG - (sizeof(u64))); +} + +static sdsi_genl_cb_t sdsi_genl_cmd_cb[] = { + [SDSI_GENL_CMD_GET_DEVS] = sdsi_genl_cmd_get_devs, + [SDSI_GENL_CMD_GET_INFO] = sdsi_genl_cmd_get_info, + [SDSI_GENL_CMD_GET_SPDM] = sdsi_genl_cmd_spdm, +}; + +static int sdsi_genl_cmd_dumpit(struct sk_buff *skb, + struct netlink_callback *cb) +{ + struct param p = { .msg = skb }; + struct sdsi_priv *entry; + const struct genl_dumpit_info *info = genl_dumpit_info(cb); + int cmd = info->op.cmd; + int ret = 0, idx = 0; + void *hdr; + + hdr = genlmsg_put(skb, NETLINK_CB(cb->skb).portid, cb->nlh->nlmsg_seq, + &sdsi_nl_family, NLM_F_MULTI, cmd); + if (!hdr) + return -EMSGSIZE; + + mutex_lock(&sdsi_list_lock); + list_for_each_entry(entry, &sdsi_list, node) { + p.priv = entry; + ret = sdsi_genl_cmd_cb[cmd](&p); + if (ret) + break; + idx++; + } + mutex_unlock(&sdsi_list_lock); + + if (ret) + goto out_cancel_msg; + + genlmsg_end(skb, hdr); + + return 0; + +out_cancel_msg: + genlmsg_cancel(skb, hdr); + return ret; +} + +static int sdsi_genl_cmd_doit(struct sk_buff *skb, struct genl_info *info) +{ + struct param p = { .attrs = info->attrs }; + struct sdsi_priv *priv, *entry; + struct sk_buff *msg; + void *hdr; + int cmd = info->genlhdr->cmd; + int ret = 0; + int id; + + if (!p.attrs[SDSI_GENL_ATTR_DEV_ID]) + return -EINVAL; + + id = nla_get_u32(p.attrs[SDSI_GENL_ATTR_DEV_ID]); + + priv = sdsi_dev_get_by_id(id); + if (!priv) + return -ENODEV; + + msg = genlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL); + if (!msg) + return -ENOMEM; + + p.msg = msg; + p.priv = priv; + + hdr = genlmsg_put_reply(msg, info, &sdsi_nl_family, 0, cmd); + if (!hdr) + goto out_free_msg; + + mutex_lock(&sdsi_list_lock); + list_for_each_entry(entry, &sdsi_list, node) { + if (entry == priv) { + ret = sdsi_genl_cmd_cb[cmd](&p); + if (ret) + break; + break; + } + } + mutex_unlock(&sdsi_list_lock); + + if (ret) + goto out_cancel_msg; + + genlmsg_end(msg, hdr); + + return genlmsg_reply(msg, info); + +out_cancel_msg: + genlmsg_cancel(msg, hdr); +out_free_msg: + nlmsg_free(msg); + + return ret; +} + +static const struct genl_ops sdsi_genl_ops[] = { + { + .cmd = SDSI_GENL_CMD_GET_DEVS, + .doit = sdsi_genl_cmd_doit, + .dumpit = sdsi_genl_cmd_dumpit, + }, + { + .cmd = SDSI_GENL_CMD_GET_INFO, + .doit = sdsi_genl_cmd_doit, + .flags = GENL_ADMIN_PERM, + }, + { + .cmd = SDSI_GENL_CMD_GET_SPDM, + .doit = sdsi_genl_cmd_doit, + .flags = GENL_ADMIN_PERM, + }, +}; + +static struct genl_family sdsi_nl_family __ro_after_init = { + .hdrsize = 0, + .name = SDSI_FAMILY_NAME, + .version = SDSI_FAMILY_VERSION, + .maxattr = SDSI_GENL_ATTR_MAX, + .policy = sdsi_genl_policy, + .ops = sdsi_genl_ops, + .resv_start_op = SDSI_GENL_CMD_MAX + 1, + .n_ops = ARRAY_SIZE(sdsi_genl_ops), +}; + +int __init sdsi_netlink_init(void) +{ + return genl_register_family(&sdsi_nl_family); +} + +int sdsi_netlink_exit(void) +{ + return genl_unregister_family(&sdsi_nl_family); +} diff --git a/include/uapi/linux/intel-sdsi.h b/include/uapi/linux/intel-sdsi.h new file mode 100644 index 000000000000..db7c49a66fdd --- /dev/null +++ b/include/uapi/linux/intel-sdsi.h @@ -0,0 +1,40 @@ +/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ +/* + * Intel On Demand SPDM Interface + * Copyright (c) 2023, Intel Corporation. + * All rights reserved. + * + * Author: David E. Box + */ + +#ifndef __SDSI_NL_H +#define __SDSI_NL_H + +#define SDSI_FAMILY_NAME "intel_sdsi" +#define SDSI_FAMILY_VERSION 1 + +enum { + SDSI_GENL_ATTR_UNSPEC, + SDSI_GENL_ATTR_DEVS, /* nested */ + SDSI_GENL_ATTR_DEV_ID, /* u32, device id */ + SDSI_GENL_ATTR_DEV_NAME, /* string, device name */ + SDSI_GENL_ATTR_SPDM_REQ, /* binary, SDPM request message */ + SDSI_GENL_ATTR_SPDM_RSP, /* binary, SDPM response message */ + SDSI_GENL_ATTR_SPDM_REQ_SIZE, /* u32, max SDPM request size */ + SDSI_GENL_ATTR_SPDM_RSP_SIZE, /* u32, max SPDM response size */ + + __SDSI_GENL_ATTR_MAX, + SDSI_GENL_ATTR_MAX = (__SDSI_GENL_ATTR_MAX - 1) +}; + +enum { + SDSI_GENL_CMD_UNSPEC, + SDSI_GENL_CMD_GET_DEVS, /* Get On Demand device list */ + SDSI_GENL_CMD_GET_INFO, /* Get On Demand device info */ + SDSI_GENL_CMD_GET_SPDM, /* Get SPDM response to SPDM request */ + + __SDSI_GENL_CMD_MAX, + SDSI_GENL_CMD_MAX = (__SDSI_GENL_CMD_MAX - 1) +}; + +#endif /* __SDSI_NL_H */ From patchwork Thu Feb 1 01:07:44 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "David E. Box" X-Patchwork-Id: 13540556 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8D4B71EF15; Thu, 1 Feb 2024 01:07:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.12 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706749675; cv=none; b=YiX9QLUrMOHKI0F65qVTEl+5n4iovawM92tD1ioKQdnZOa+TFhSJX1Il8/rXZ1dQHeZ0cpGkRIsW4nPZ8CwOHp6XCrTUlo1cO2Y770W4t1uhPUVOn6RyF3BS1mqVmpBRR9j6s/kmtV9D336h55MxvKW1+Yca4H25Od6V0yKNLX4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706749675; c=relaxed/simple; bh=yHNdMgW9yFyo2zPLd2fT4A8rb7bD8WunIVFdY+rWAMY=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=WrnF1VULZGV3UwDkvTH7iL9ZbLW2Ymcpsh8MUDGKqPSPFdB+WW1c3DKxIb60lQ8RN/LXE7h3Yj7kYEejvcTpCcUb1go+rUAJfL763ydT2T1yTwgDTArYfPlHA1dwfGogu7HMRf0lNevCrv4SCJ7K/TKpesp0/wa8fGWu2wkRMMM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=KPYbQd+J; arc=none smtp.client-ip=198.175.65.12 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="KPYbQd+J" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1706749674; x=1738285674; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=yHNdMgW9yFyo2zPLd2fT4A8rb7bD8WunIVFdY+rWAMY=; b=KPYbQd+J66Hu5+wQD/qzz0Nyhe69dwqqfdbKoroU4j746tDo8p5F2Tv7 Qf817LcZugU7Il9c/tCDKN4PBaaCUxrzADNLY5VXwyaGvhk62B79/DQ1L LbRjEc/OGdsWFAKreT6xfdA20u7ulsJBMyEbDXYvl2jBizvBcU2CNfZOw 57KGnbFdE4amIJKFw5MaO5bivABe+9pHv+C48RJtWWs6Gvj8hIMw4LgDR ek1ytvRxd1SEO1SW2/9uENHB0ivq0KB1FnY+LkyT7/NKT8stRefgixCMg nNjH0o59rI309r7HHfNePtwMq5u1NCPuzvIUwmopQvh/dNMnc6Dj7PXPi Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10969"; a="11145823" X-IronPort-AV: E=Sophos;i="6.05,233,1701158400"; d="scan'208";a="11145823" Received: from orviesa001.jf.intel.com ([10.64.159.141]) by orvoesa104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 Jan 2024 17:07:50 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.05,233,1701158400"; d="scan'208";a="37057415" Received: from linux.intel.com ([10.54.29.200]) by orviesa001.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 Jan 2024 17:07:49 -0800 Received: from debox1-desk4.lan (unknown [10.212.205.115]) by linux.intel.com (Postfix) with ESMTP id 26C98580DF0; Wed, 31 Jan 2024 17:07:49 -0800 (PST) From: "David E. Box" To: netdev@vger.kernel.org, ilpo.jarvinen@linux.intel.com, david.e.box@linux.intel.com, sathyanarayanan.kuppuswamy@linux.intel.com Cc: linux-kernel@vger.kernel.org, platform-driver-x86@vger.kernel.org Subject: [PATCH 5/8] platform/x86/intel/sdsi: Add in-band BIOS lock support Date: Wed, 31 Jan 2024 17:07:44 -0800 Message-Id: <20240201010747.471141-6-david.e.box@linux.intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240201010747.471141-1-david.e.box@linux.intel.com> References: <20240201010747.471141-1-david.e.box@linux.intel.com> Precedence: bulk X-Mailing-List: platform-driver-x86@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Kuppuswamy Sathyanarayanan As per SDSi in-band interface specification, sec titled "BIOS lock for in-band provisioning", when IB_LOCK bit is set in control qword, the SDSI agent is only allowed to perform the read flow, but not allowed to provision license blob or license key. So add check for it in sdsi_provision(). Signed-off-by: Kuppuswamy Sathyanarayanan Signed-off-by: David E. Box --- drivers/platform/x86/intel/sdsi.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/drivers/platform/x86/intel/sdsi.c b/drivers/platform/x86/intel/sdsi.c index 14821fee249c..287780fe65bb 100644 --- a/drivers/platform/x86/intel/sdsi.c +++ b/drivers/platform/x86/intel/sdsi.c @@ -61,6 +61,7 @@ #define CTRL_OWNER GENMASK(5, 4) #define CTRL_COMPLETE BIT(6) #define CTRL_READY BIT(7) +#define CTRL_INBAND_LOCK BIT(32) #define CTRL_STATUS GENMASK(15, 8) #define CTRL_PACKET_SIZE GENMASK(31, 16) #define CTRL_MSG_SIZE GENMASK(63, 48) @@ -331,12 +332,21 @@ static int sdsi_mbox_read(struct sdsi_priv *priv, struct sdsi_mbox_info *info, s return sdsi_mbox_cmd_read(priv, info, data_size); } +static bool sdsi_ib_locked(struct sdsi_priv *priv) +{ + return !!FIELD_GET(CTRL_INBAND_LOCK, readq(priv->control_addr)); +} + static ssize_t sdsi_provision(struct sdsi_priv *priv, char *buf, size_t count, enum sdsi_command command) { struct sdsi_mbox_info info = {}; int ret; + /* Make sure In-band lock is not set */ + if (sdsi_ib_locked(priv)) + return -EPERM; + if (count > (SDSI_SIZE_WRITE_MSG - SDSI_SIZE_CMD)) return -EOVERFLOW; From patchwork Thu Feb 1 01:07:45 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "David E. Box" X-Patchwork-Id: 13540553 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CC598EAE3; Thu, 1 Feb 2024 01:07:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.9 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706749673; cv=none; b=uf5vNHWuLL1uWWHLvRBtVBMwTvxVf//bSXRM9y7a5MbuFA05Xn0EcaRHxjeIWy8IjJgU6ompMCyE/vOMGjCYIqerQ72n7CxttVN0NfKDm9/WvdLyzBwpfJFgvkaEYNtjnn3rX7vrb4MEt+omSMzuVUZtGAy8at8jVz0/q43l6Z8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706749673; c=relaxed/simple; bh=/sbcQrFxPD3yMhBX/Ocbb8dAANHobtfGIw+UodSoVjg=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=IC1bmQiX9jayQejDcRXdhoeqyIYdwD72/w8yyV6SnoZ1qYlf6chgaDGiJKzyoATUFL68QMUnFBzNJUJsRMN3pNpd32UlEieeyxSJrrFFKsVKo/P0gXNqygdwVMQQCHvk+JyK61tZ3ZAkyfK1uGgsM9EfUUz34+aG6q4z0wTcAFE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=GU3F8raB; arc=none smtp.client-ip=192.198.163.9 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="GU3F8raB" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1706749672; x=1738285672; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=/sbcQrFxPD3yMhBX/Ocbb8dAANHobtfGIw+UodSoVjg=; b=GU3F8raBSkwRn2Yyg8MIEIgO628ztiNWWco2tJklkb6kkm1kkpbNO657 uc20lDiR/7ZZpLTBfE4cNgLekjBRikq/NzKjPdCCHgJtyiJbsLnBbPpaV fvhLaPwQFLODvBC1smlv//eEwaaYqMSYRXiF7U1hGl0JEcZJCMDcBQGiM 5rbNnEnGPkdHeBCiFAzkGJ3SkSWWf8F/Gnvw6MuU/GS5ce/mMwEjhVy/m 4v2vQYvWCenQ0pEmE3cAkyAAVR4JRdzQaA/0LxsXrS0fdf/gP2JG7Rhbd DmKfnwk2nexFWjQAupaGZOPBvc/hxa8193yUuAovr+Vg3FamxdFciahNx g==; X-IronPort-AV: E=McAfee;i="6600,9927,10969"; a="10533016" X-IronPort-AV: E=Sophos;i="6.05,233,1701158400"; d="scan'208";a="10533016" Received: from fmviesa004.fm.intel.com ([10.60.135.144]) by fmvoesa103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 Jan 2024 17:07:50 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.05,233,1701158400"; d="scan'208";a="4265162" Received: from linux.intel.com ([10.54.29.200]) by fmviesa004.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 Jan 2024 17:07:49 -0800 Received: from debox1-desk4.lan (unknown [10.212.205.115]) by linux.intel.com (Postfix) with ESMTP id 55E10580DF0; Wed, 31 Jan 2024 17:07:49 -0800 (PST) From: "David E. Box" To: netdev@vger.kernel.org, ilpo.jarvinen@linux.intel.com, david.e.box@linux.intel.com, sathyanarayanan.kuppuswamy@linux.intel.com Cc: linux-kernel@vger.kernel.org, platform-driver-x86@vger.kernel.org Subject: [PATCH 6/8] platform/x86/intel/sdsi: Add attribute to read the current meter state Date: Wed, 31 Jan 2024 17:07:45 -0800 Message-Id: <20240201010747.471141-7-david.e.box@linux.intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240201010747.471141-1-david.e.box@linux.intel.com> References: <20240201010747.471141-1-david.e.box@linux.intel.com> Precedence: bulk X-Mailing-List: platform-driver-x86@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 The meter_certificate file provides access to metering information that may be attested but is only updated every 8 hours. Add new attribute, meter_current, to allow reading an untested snapshot of the current values. Signed-off-by: David E. Box --- drivers/platform/x86/intel/sdsi.c | 42 ++++++++++++++++++++++++++++--- drivers/platform/x86/intel/sdsi.h | 2 ++ 2 files changed, 41 insertions(+), 3 deletions(-) diff --git a/drivers/platform/x86/intel/sdsi.c b/drivers/platform/x86/intel/sdsi.c index 287780fe65bb..171899b4a671 100644 --- a/drivers/platform/x86/intel/sdsi.c +++ b/drivers/platform/x86/intel/sdsi.c @@ -62,6 +62,7 @@ #define CTRL_COMPLETE BIT(6) #define CTRL_READY BIT(7) #define CTRL_INBAND_LOCK BIT(32) +#define CTRL_METER_ENABLE_DRAM BIT(33) #define CTRL_STATUS GENMASK(15, 8) #define CTRL_PACKET_SIZE GENMASK(31, 16) #define CTRL_MSG_SIZE GENMASK(63, 48) @@ -235,8 +236,10 @@ static int sdsi_mbox_cmd_read(struct sdsi_priv *priv, struct sdsi_mbox_info *inf control = FIELD_PREP(CTRL_EOM, 1) | FIELD_PREP(CTRL_SOM, 1) | FIELD_PREP(CTRL_RUN_BUSY, 1) | - FIELD_PREP(CTRL_PACKET_SIZE, info->size); + FIELD_PREP(CTRL_PACKET_SIZE, info->size) | + priv->control_flags; writeq(control, priv->control_addr); + priv->control_flags = 0; return sdsi_mbox_poll(priv, info, data_size); } @@ -468,11 +471,42 @@ meter_certificate_read(struct file *filp, struct kobject *kobj, { struct device *dev = kobj_to_dev(kobj); struct sdsi_priv *priv = dev_get_drvdata(dev); + int ret; - return certificate_read(SDSI_CMD_READ_METER, priv, buf, off, count); + ret = mutex_lock_interruptible(&priv->meter_lock); + if (ret) + return ret; + + ret = certificate_read(SDSI_CMD_READ_METER, priv, buf, off, count); + + mutex_unlock(&priv->meter_lock); + + return ret; } static BIN_ATTR_ADMIN_RO(meter_certificate, SDSI_SIZE_READ_MSG); +static ssize_t +meter_current_read(struct file *filp, struct kobject *kobj, + struct bin_attribute *attr, char *buf, loff_t off, + size_t count) +{ + struct device *dev = kobj_to_dev(kobj); + struct sdsi_priv *priv = dev_get_drvdata(dev); + int ret; + + ret = mutex_lock_interruptible(&priv->meter_lock); + if (ret) + return ret; + + priv->control_flags = CTRL_METER_ENABLE_DRAM; + ret = certificate_read(SDSI_CMD_READ_METER, priv, buf, off, count); + + mutex_unlock(&priv->meter_lock); + + return ret; +} +static BIN_ATTR_ADMIN_RO(meter_current, SDSI_SIZE_READ_MSG); + static ssize_t registers_read(struct file *filp, struct kobject *kobj, struct bin_attribute *attr, char *buf, loff_t off, size_t count) @@ -503,6 +537,7 @@ static struct bin_attribute *sdsi_bin_attrs[] = { &bin_attr_registers, &bin_attr_state_certificate, &bin_attr_meter_certificate, + &bin_attr_meter_current, &bin_attr_provision_akc, &bin_attr_provision_cap, NULL @@ -522,7 +557,7 @@ sdsi_battr_is_visible(struct kobject *kobj, struct bin_attribute *attr, int n) if (!(priv->features & SDSI_FEATURE_SDSI)) return 0; - if (attr == &bin_attr_meter_certificate) + if (attr == &bin_attr_meter_certificate || attr == &bin_attr_meter_current) return (priv->features & SDSI_FEATURE_METERING) ? attr->attr.mode : 0; @@ -725,6 +760,7 @@ static int sdsi_probe(struct auxiliary_device *auxdev, const struct auxiliary_de priv->dev = &auxdev->dev; priv->id = auxdev->id; mutex_init(&priv->mb_lock); + mutex_init(&priv->meter_lock); auxiliary_set_drvdata(auxdev, priv); /* Get the SDSi discovery table */ diff --git a/drivers/platform/x86/intel/sdsi.h b/drivers/platform/x86/intel/sdsi.h index 256618eb3136..e20cf279212e 100644 --- a/drivers/platform/x86/intel/sdsi.h +++ b/drivers/platform/x86/intel/sdsi.h @@ -18,12 +18,14 @@ struct device; struct sdsi_priv { struct mutex mb_lock; /* Mailbox access lock */ + struct mutex meter_lock; struct device *dev; struct intel_vsec_device *ivdev; struct list_head node; void __iomem *control_addr; void __iomem *mbox_addr; void __iomem *regs_addr; + u64 control_flags; int control_size; int maibox_size; int registers_size; From patchwork Thu Feb 1 01:07:46 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "David E. Box" X-Patchwork-Id: 13540557 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DE2043A1A8; Thu, 1 Feb 2024 01:07:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.12 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706749675; cv=none; b=ivC254vP99tbBkZGcddMtM0edPaxjNt0Thq0th9xnzIa4UKqgM/47ExNDdjv1RmEwnClyKvsGJO+qp3u75g0IEmcRbXQ6/EiNTmYQ5K5TSDh3VCkQltRah0Wb0nah7D6gXsyosxNXkdkxyrPhS35It+IffO0vc6ceqTjiOv4Vg8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706749675; c=relaxed/simple; bh=ZmlyHYXBVtbijbrpUOF8yDi/v2bX8+Dqf/m3Q2yqn+U=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=XKTLkHxcUYS//0A4etslOOWwuj0SnmP0+yoqOk0wYw+0jaHtXyvfOKQ/NlmHzFDqFwqNVydBB/VXJP6WEhajug7NKNZzfHMcaXsNseAeaizqxG/6Cwoq4AjN2AurOTk2xXjEftTDqgHv1E4c9EYVqtMrM8uvo9xvMnhUYYE5H98= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=ANK1vD7B; arc=none smtp.client-ip=198.175.65.12 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="ANK1vD7B" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1706749674; x=1738285674; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=ZmlyHYXBVtbijbrpUOF8yDi/v2bX8+Dqf/m3Q2yqn+U=; b=ANK1vD7Bh4th1iRA9MovMWBkK/KAoHfXnYAEH4SraUZAmGbuQ1DvBD/8 WLk0HDNMQYEgD6XbkCMKgTGHTXfxMlb8caZ8aBXUNryYZ13EIaArxjlhk iuUU588xRy9jlZdAysUBW0i0LRTPmQAA5a3MBYoWC8nxhjiQXPXxaw4F7 0AJSvmClIse2S/3NrW9o+9NhaPe3S/V2XuFo7zebkeUgBfdDnQ0uLLZTL xb4NdXk2mSFjD5vWqt7h9Q99MqJC5MOtcAE5EwlDHalnyuWh4sPEVRsmN rNbwxNLon+Gt1Ue8lJNIDoUDq4Z2LctXu7uwDeoYB37FsRoid75VEtxED Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10969"; a="11145825" X-IronPort-AV: E=Sophos;i="6.05,233,1701158400"; d="scan'208";a="11145825" Received: from orviesa001.jf.intel.com ([10.64.159.141]) by orvoesa104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 Jan 2024 17:07:50 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.05,233,1701158400"; d="scan'208";a="37057420" Received: from linux.intel.com ([10.54.29.200]) by orviesa001.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 Jan 2024 17:07:49 -0800 Received: from debox1-desk4.lan (unknown [10.212.205.115]) by linux.intel.com (Postfix) with ESMTP id 8306F580201; Wed, 31 Jan 2024 17:07:49 -0800 (PST) From: "David E. Box" To: netdev@vger.kernel.org, ilpo.jarvinen@linux.intel.com, david.e.box@linux.intel.com, sathyanarayanan.kuppuswamy@linux.intel.com Cc: linux-kernel@vger.kernel.org, platform-driver-x86@vger.kernel.org Subject: [PATCH 7/8] tools: Fix errors in meter_certificate display Date: Wed, 31 Jan 2024 17:07:46 -0800 Message-Id: <20240201010747.471141-8-david.e.box@linux.intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240201010747.471141-1-david.e.box@linux.intel.com> References: <20240201010747.471141-1-david.e.box@linux.intel.com> Precedence: bulk X-Mailing-List: platform-driver-x86@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 The maximum number of bundles in the meter certificate was hardcoded to 8 which caused extra bundles not to display. Instead, since the bundles appear at the end of the file, set it to the remaining size from where the bundles start. Add missing 'version' field to struct meter_certificate. Fix errors in the calculation of the start position of the counters and in the display loop. Fixes: aad129780bae ("platform/x86/intel/sdsi: Add support for reading the current meter state") Signed-off-by: David E. Box --- tools/arch/x86/intel_sdsi/intel_sdsi.c | 51 +++++++++++++++----------- 1 file changed, 30 insertions(+), 21 deletions(-) diff --git a/tools/arch/x86/intel_sdsi/intel_sdsi.c b/tools/arch/x86/intel_sdsi/intel_sdsi.c index 2cd92761f171..a8fb6d17405f 100644 --- a/tools/arch/x86/intel_sdsi/intel_sdsi.c +++ b/tools/arch/x86/intel_sdsi/intel_sdsi.c @@ -43,7 +43,6 @@ #define METER_CERT_MAX_SIZE 4096 #define STATE_MAX_NUM_LICENSES 16 #define STATE_MAX_NUM_IN_BUNDLE (uint32_t)8 -#define METER_MAX_NUM_BUNDLES 8 #define __round_mask(x, y) ((__typeof__(x))((y) - 1)) #define round_up(x, y) ((((x) - 1) | __round_mask(x, y)) + 1) @@ -154,11 +153,12 @@ struct bundle_encoding { }; struct meter_certificate { - uint32_t block_signature; + uint32_t signature; + uint32_t version; + uint64_t ppin; uint32_t counter_unit; - uint64_t ppin; uint32_t bundle_length; - uint32_t reserved; + uint64_t reserved; uint32_t mmrc_encoding; uint32_t mmrc_counter; }; @@ -167,6 +167,9 @@ struct bundle_encoding_counter { uint32_t encoding; uint32_t counter; }; +#define METER_MAX_NUM_BUNDLES \ + (METER_CERT_MAX_SIZE - sizeof(struct meter_certificate) / \ + sizeof(struct bundle_encoding_counter)) struct sdsi_dev { struct sdsi_regs regs; @@ -334,6 +337,7 @@ static int sdsi_meter_cert_show(struct sdsi_dev *s) uint32_t count = 0; FILE *cert_ptr; int ret, size; + char name[4]; ret = sdsi_update_registers(s); if (ret) @@ -375,32 +379,39 @@ static int sdsi_meter_cert_show(struct sdsi_dev *s) printf("\n"); printf("Meter certificate for device %s\n", s->dev_name); printf("\n"); - printf("Block Signature: 0x%x\n", mc->block_signature); - printf("Count Unit: %dms\n", mc->counter_unit); - printf("PPIN: 0x%lx\n", mc->ppin); - printf("Feature Bundle Length: %d\n", mc->bundle_length); - printf("MMRC encoding: %d\n", mc->mmrc_encoding); - printf("MMRC counter: %d\n", mc->mmrc_counter); + + get_feature(mc->signature, name); + printf("Signature: %.4s\n", name); + + printf("Version: %d\n", mc->version); + printf("Count Unit: %dms\n", mc->counter_unit); + printf("PPIN: 0x%lx\n", mc->ppin); + printf("Feature Bundle Length: %d\n", mc->bundle_length); + + get_feature(mc->mmrc_encoding, name); + printf("MMRC encoding: %.4s\n", name); + + printf("MMRC counter: %d\n", mc->mmrc_counter); if (mc->bundle_length % 8) { fprintf(stderr, "Invalid bundle length\n"); return -1; } if (mc->bundle_length > METER_MAX_NUM_BUNDLES * 8) { - fprintf(stderr, "More than %d bundles: %d\n", + fprintf(stderr, "More than %ld bundles: actual %d\n", METER_MAX_NUM_BUNDLES, mc->bundle_length / 8); return -1; } - bec = (void *)(mc) + sizeof(mc); + bec = (void *)(mc) + sizeof(*mc); - printf("Number of Feature Counters: %d\n", mc->bundle_length / 8); - while (count++ < mc->bundle_length / 8) { - char feature[5]; + printf("Number of Feature Counters: %d\n", mc->bundle_length / 8); + while (count < mc->bundle_length / 8) { + char feature[4]; - feature[4] = '\0'; get_feature(bec[count].encoding, feature); - printf(" %s: %d\n", feature, bec[count].counter); + printf(" %.4s: %d\n", feature, bec[count].counter); + ++count; } return 0; @@ -480,7 +491,7 @@ static int sdsi_state_cert_show(struct sdsi_dev *s) sizeof(*lki) + // size of the license key info offset; // offset to this blob content struct bundle_encoding *bundle = (void *)(lbc) + sizeof(*lbc); - char feature[5]; + char feature[4]; uint32_t i; printf(" Blob %d:\n", count - 1); @@ -493,11 +504,9 @@ static int sdsi_state_cert_show(struct sdsi_dev *s) printf(" Blob revision ID: %u\n", lbc->rev_id); printf(" Number of Features: %u\n", lbc->num_bundles); - feature[4] = '\0'; - for (i = 0; i < min(lbc->num_bundles, STATE_MAX_NUM_IN_BUNDLE); i++) { get_feature(bundle[i].encoding, feature); - printf(" Feature %d: %s\n", i, feature); + printf(" Feature %d: %.4s\n", i, feature); } if (lbc->num_bundles > STATE_MAX_NUM_IN_BUNDLE) From patchwork Thu Feb 1 01:07:47 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "David E. Box" X-Patchwork-Id: 13540555 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9EC341A27C; Thu, 1 Feb 2024 01:07:52 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.9 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706749674; cv=none; b=Cpi2uoHiHI62yLGAqLIwuUnaoy40fl26DbGzsvCbAPtDSgEgLQSTJ5qIjlwspMLz6kau1v5J8hG2zBwE1AoXvtZ3qN+zlZAfM8d2hpm2K734YMScw8DnXkiLg6gePKb2SE6WhtoudXQ0hIPkPMLjA8FD5ogyajr9hB+JNFST8WQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706749674; c=relaxed/simple; bh=4WsWv00onasp48d72sbpBjqQmJ37YOowYHi4hbk2FQg=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=lw2/+/imtUYNYsK40hv8IZUsm/ruRAKxDyY+gKE+o45ZROcCiCrxtSlEhVCaEpyUBiGjRlwSTh8aLgbjze0AsDiyzeHpKSDhooalLUNecLBJ3tf5gq2k7xdgcrngl1P1oRoawqs6EFiJLpmtlEIaPsp36lNyCzL2gNwWP/YMc3M= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=LTnaoViN; arc=none smtp.client-ip=192.198.163.9 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="LTnaoViN" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1706749673; x=1738285673; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=4WsWv00onasp48d72sbpBjqQmJ37YOowYHi4hbk2FQg=; b=LTnaoViNbPtUE6o6pHTOyj5Oe3N52/I/rvVudQkO0hkyJB1Pe6L+2VUd ktExJfxO9kxxAOoEMn2lrDAQP6OJPXIp14ZSkMlu8zWlfqNJmFZXlvdH6 Iain2QAJqJkzd74TeaSBdNZfBND5yjNTVHhJhtje/3ITDfTVKpPkWWxwc ByfKa7TTCAYhXq1tqgdOV109cX/tPQEKNKbYcSAz2XuKqNveuZOauioNk OHYvcmCMyHRi99eiV9dszi12lr/ugxZFTKMH8Qu9Jw2iVxlMHYvjmZgYE Xh6KJtHHeTn/Hrd2JLN7CRS0Po+W9sp6wlqdqhAlGrBmXHDJnhvzkP+32 g==; X-IronPort-AV: E=McAfee;i="6600,9927,10969"; a="10533017" X-IronPort-AV: E=Sophos;i="6.05,233,1701158400"; d="scan'208";a="10533017" Received: from fmviesa004.fm.intel.com ([10.60.135.144]) by fmvoesa103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 Jan 2024 17:07:50 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.05,233,1701158400"; d="scan'208";a="4265165" Received: from linux.intel.com ([10.54.29.200]) by fmviesa004.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 Jan 2024 17:07:50 -0800 Received: from debox1-desk4.lan (unknown [10.212.205.115]) by linux.intel.com (Postfix) with ESMTP id B3099580201; Wed, 31 Jan 2024 17:07:49 -0800 (PST) From: "David E. Box" To: netdev@vger.kernel.org, ilpo.jarvinen@linux.intel.com, david.e.box@linux.intel.com, sathyanarayanan.kuppuswamy@linux.intel.com Cc: linux-kernel@vger.kernel.org, platform-driver-x86@vger.kernel.org Subject: [PATCH 8/8] tools: intel_sdsi: Add current meter support Date: Wed, 31 Jan 2024 17:07:47 -0800 Message-Id: <20240201010747.471141-9-david.e.box@linux.intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240201010747.471141-1-david.e.box@linux.intel.com> References: <20240201010747.471141-1-david.e.box@linux.intel.com> Precedence: bulk X-Mailing-List: platform-driver-x86@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Add support to read the 'meter_current' file. The display is the same as the 'meter_certificate', but will show the current snapshot of the counters. Signed-off-by: David E. Box --- tools/arch/x86/intel_sdsi/intel_sdsi.c | 48 +++++++++++++++++--------- 1 file changed, 31 insertions(+), 17 deletions(-) diff --git a/tools/arch/x86/intel_sdsi/intel_sdsi.c b/tools/arch/x86/intel_sdsi/intel_sdsi.c index a8fb6d17405f..c9b3e457885d 100644 --- a/tools/arch/x86/intel_sdsi/intel_sdsi.c +++ b/tools/arch/x86/intel_sdsi/intel_sdsi.c @@ -182,6 +182,7 @@ struct sdsi_dev { enum command { CMD_SOCKET_INFO, CMD_METER_CERT, + CMD_METER_CURRENT_CERT, CMD_STATE_CERT, CMD_PROV_AKC, CMD_PROV_CAP, @@ -329,7 +330,7 @@ static void get_feature(uint32_t encoding, char *feature) feature[0] = name[3]; } -static int sdsi_meter_cert_show(struct sdsi_dev *s) +static int sdsi_meter_cert_show(struct sdsi_dev *s, bool show_current) { char buf[METER_CERT_MAX_SIZE] = {0}; struct bundle_encoding_counter *bec; @@ -360,7 +361,11 @@ static int sdsi_meter_cert_show(struct sdsi_dev *s) return ret; } - cert_ptr = fopen("meter_certificate", "r"); + if (!show_current) + cert_ptr = fopen("meter_certificate", "r"); + else + cert_ptr = fopen("meter_current", "r"); + if (!cert_ptr) { perror("Could not open 'meter_certificate' file"); return -1; @@ -368,7 +373,8 @@ static int sdsi_meter_cert_show(struct sdsi_dev *s) size = fread(buf, 1, sizeof(buf), cert_ptr); if (!size) { - fprintf(stderr, "Could not read 'meter_certificate' file\n"); + fprintf(stderr, "Could not read '%s' file\n", + show_current ? "meter_current" : "meter_certificate"); fclose(cert_ptr); return -1; } @@ -734,7 +740,7 @@ static void sdsi_free_dev(struct sdsi_dev *s) static void usage(char *prog) { - printf("Usage: %s [-l] [-d DEVNO [-i] [-s] [-m] [-a FILE] [-c FILE]]\n", prog); + printf("Usage: %s [-l] [-d DEVNO [-i] [-s] [-m | -C] [-a FILE] [-c FILE]\n", prog); } static void show_help(void) @@ -743,8 +749,9 @@ static void show_help(void) printf(" %-18s\t%s\n", "-l, --list", "list available On Demand devices"); printf(" %-18s\t%s\n", "-d, --devno DEVNO", "On Demand device number"); printf(" %-18s\t%s\n", "-i, --info", "show socket information"); - printf(" %-18s\t%s\n", "-s, --state", "show state certificate"); - printf(" %-18s\t%s\n", "-m, --meter", "show meter certificate"); + printf(" %-18s\t%s\n", "-s, --state", "show state certificate data"); + printf(" %-18s\t%s\n", "-m, --meter", "show meter certificate data"); + printf(" %-18s\t%s\n", "-C, --meter_current", "show live unattested meter data"); printf(" %-18s\t%s\n", "-a, --akc FILE", "provision socket with AKC FILE"); printf(" %-18s\t%s\n", "-c, --cap FILE>", "provision socket with CAP FILE"); } @@ -760,21 +767,22 @@ int main(int argc, char *argv[]) int option_index = 0; static struct option long_options[] = { - {"akc", required_argument, 0, 'a'}, - {"cap", required_argument, 0, 'c'}, - {"devno", required_argument, 0, 'd'}, - {"help", no_argument, 0, 'h'}, - {"info", no_argument, 0, 'i'}, - {"list", no_argument, 0, 'l'}, - {"meter", no_argument, 0, 'm'}, - {"state", no_argument, 0, 's'}, - {0, 0, 0, 0 } + {"akc", required_argument, 0, 'a'}, + {"cap", required_argument, 0, 'c'}, + {"devno", required_argument, 0, 'd'}, + {"help", no_argument, 0, 'h'}, + {"info", no_argument, 0, 'i'}, + {"list", no_argument, 0, 'l'}, + {"meter", no_argument, 0, 'm'}, + {"meter_current", no_argument, 0, 'C'}, + {"state", no_argument, 0, 's'}, + {0, 0, 0, 0 } }; progname = argv[0]; - while ((opt = getopt_long_only(argc, argv, "+a:c:d:hilms", long_options, + while ((opt = getopt_long_only(argc, argv, "+a:c:d:hilmCs", long_options, &option_index)) != -1) { switch (opt) { case 'd': @@ -790,6 +798,9 @@ int main(int argc, char *argv[]) case 'm': command = CMD_METER_CERT; break; + case 'C': + command = CMD_METER_CURRENT_CERT; + break; case 's': command = CMD_STATE_CERT; break; @@ -828,7 +839,10 @@ int main(int argc, char *argv[]) ret = sdsi_read_reg(s); break; case CMD_METER_CERT: - ret = sdsi_meter_cert_show(s); + ret = sdsi_meter_cert_show(s, false); + break; + case CMD_METER_CURRENT_CERT: + ret = sdsi_meter_cert_show(s, true); break; case CMD_STATE_CERT: ret = sdsi_state_cert_show(s);