| Message ID | 20240412084213.1733764-14-steven.price@arm.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | arm64: Support for running as a guest in Arm CCA | expand |
On Fri, Apr 12, 2024 at 09:42:12AM +0100, Steven Price wrote: > diff --git a/arch/arm64/include/asm/rsi_cmds.h b/arch/arm64/include/asm/rsi_cmds.h > index b4cbeafa2f41..c1850aefe54e 100644 > --- a/arch/arm64/include/asm/rsi_cmds.h > +++ b/arch/arm64/include/asm/rsi_cmds.h > @@ -10,6 +10,9 @@ > > #include <asm/rsi_smc.h> > > +#define GRANULE_SHIFT 12 > +#define GRANULE_SIZE (_AC(1, UL) << GRANULE_SHIFT) The name is too generic and it goes into a header file. Also maybe move it to rsi.h, and use it for other definitions like rsi_config struct size and alignment.
On 15/05/2024 12:10, Catalin Marinas wrote: > On Fri, Apr 12, 2024 at 09:42:12AM +0100, Steven Price wrote: >> diff --git a/arch/arm64/include/asm/rsi_cmds.h b/arch/arm64/include/asm/rsi_cmds.h >> index b4cbeafa2f41..c1850aefe54e 100644 >> --- a/arch/arm64/include/asm/rsi_cmds.h >> +++ b/arch/arm64/include/asm/rsi_cmds.h >> @@ -10,6 +10,9 @@ >> >> #include <asm/rsi_smc.h> >> >> +#define GRANULE_SHIFT 12 >> +#define GRANULE_SIZE (_AC(1, UL) << GRANULE_SHIFT) > > The name is too generic and it goes into a header file. Also maybe move > it to rsi.h, and use it for other definitions like rsi_config struct > size and alignment. > The realm config structure although it 'happens to be' granule sized isn't really required to be - so I think it would be a bit confusing to specify that. There are only two other interfaces that require this: * RSI_IPA_STATE_GET - completely unused so far * RSI_ATTESTATION_TOKEN_CONTINUE - the buffer has to be contained with a granule, so it affects the maximum length per operation. I'll rename to RSI_GRANULE_{SHIFT,SIZE}, but I'm not sure it really belongs in rsi.h because none of that functionality cares about the granule size (indeed the driver in the following patch doesn't include rsi.h). Thanks, Steve
On 22/05/2024 16:52, Steven Price wrote: > On 15/05/2024 12:10, Catalin Marinas wrote: >> On Fri, Apr 12, 2024 at 09:42:12AM +0100, Steven Price wrote: >>> diff --git a/arch/arm64/include/asm/rsi_cmds.h b/arch/arm64/include/asm/rsi_cmds.h >>> index b4cbeafa2f41..c1850aefe54e 100644 >>> --- a/arch/arm64/include/asm/rsi_cmds.h >>> +++ b/arch/arm64/include/asm/rsi_cmds.h >>> @@ -10,6 +10,9 @@ >>> >>> #include <asm/rsi_smc.h> >>> >>> +#define GRANULE_SHIFT 12 >>> +#define GRANULE_SIZE (_AC(1, UL) << GRANULE_SHIFT) >> >> The name is too generic and it goes into a header file. Also maybe move >> it to rsi.h, and use it for other definitions like rsi_config struct >> size and alignment. >> > > The realm config structure although it 'happens to be' granule sized > isn't really required to be - so I think it would be a bit confusing to > specify that. The struct realm_config must be aligned to GRANULE_SIZE and the argument must be as such aligned. > > There are only two other interfaces that require this: > * RSI_IPA_STATE_GET - completely unused so far > * RSI_ATTESTATION_TOKEN_CONTINUE - the buffer has to be contained with > a granule, so it affects the maximum length per operation. > > I'll rename to RSI_GRANULE_{SHIFT,SIZE}, but I'm not sure it really That looks good to me. Suzuki > belongs in rsi.h because none of that functionality cares about the > granule size (indeed the driver in the following patch doesn't include > rsi.h). > > Thanks, > Steve
diff --git a/arch/arm64/include/asm/rsi_cmds.h b/arch/arm64/include/asm/rsi_cmds.h index b4cbeafa2f41..c1850aefe54e 100644 --- a/arch/arm64/include/asm/rsi_cmds.h +++ b/arch/arm64/include/asm/rsi_cmds.h @@ -10,6 +10,9 @@ #include <asm/rsi_smc.h> +#define GRANULE_SHIFT 12 +#define GRANULE_SIZE (_AC(1, UL) << GRANULE_SHIFT) + enum ripas { RSI_RIPAS_EMPTY, RSI_RIPAS_RAM, @@ -66,4 +69,75 @@ static inline unsigned long rsi_set_addr_range_state(phys_addr_t start, return res.a0; } +/** + * rsi_attestation_token_init - Initialise the operation to retrieve an + * attestation token. + * + * @challenge: The challenge data to be used in the attestation token + * generation. + * @size: Size of the challenge data in bytes. + * + * Initialises the attestation token generation and returns an upper bound + * on the attestation token size that can be used to allocate an adequate + * buffer. The caller is expected to subsequently call + * rsi_attestation_token_continue() to retrieve the attestation token data on + * the same CPU. + * + * Returns: + * On success, returns the upper limit of the attestation report size. + * Otherwise, -EINVAL + */ +static inline unsigned long +rsi_attestation_token_init(const u8 *challenge, unsigned long size) +{ + struct arm_smccc_1_2_regs regs = { 0 }; + + /* The challenge must be at least 32bytes and at most 64bytes */ + if (!challenge || size < 32 || size > 64) + return -EINVAL; + + regs.a0 = SMC_RSI_ATTESTATION_TOKEN_INIT; + memcpy(®s.a1, challenge, size); + arm_smccc_1_2_smc(®s, ®s); + + if (regs.a0 == RSI_SUCCESS) + return regs.a1; + + return -EINVAL; +} + +/** + * rsi_attestation_token_continue - Continue the operation to retrieve an + * attestation token. + * + * @granule: {I}PA of the Granule to which the token will be written. + * @offset: Offset within Granule to start of buffer in bytes. + * @size: The size of the buffer. + * @len: The number of bytes written to the buffer. + * + * Retrieves up to a GRANULE_SIZE worth of token data per call. The caller is + * expected to call rsi_attestation_token_init() before calling this function + * to retrieve the attestation token. + * + * Return: + * * %RSI_SUCCESS - Attestation token retrieved successfully. + * * %RSI_INCOMPLETE - Token generation is not complete. + * * %RSI_ERROR_INPUT - A parameter was not valid. + * * %RSI_ERROR_STATE - Attestation not in progress. + */ +static inline int rsi_attestation_token_continue(phys_addr_t granule, + unsigned long offset, + unsigned long size, + unsigned long *len) +{ + struct arm_smccc_res res; + + arm_smccc_1_1_invoke(SMC_RSI_ATTESTATION_TOKEN_CONTINUE, + granule, offset, size, 0, &res); + + if (len) + *len = res.a1; + return res.a0; +} + #endif