From patchwork Tue Dec 5 01:04:14 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 10091943 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 951CF60327 for ; Tue, 5 Dec 2017 01:14:49 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 88494294DE for ; Tue, 5 Dec 2017 01:14:49 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 7D213294F8; Tue, 5 Dec 2017 01:14:49 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 06D8B294DE for ; Tue, 5 Dec 2017 01:14:49 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752413AbdLEBOA (ORCPT ); Mon, 4 Dec 2017 20:14:00 -0500 Received: from mail-by2nam03on0057.outbound.protection.outlook.com ([104.47.42.57]:42880 "EHLO NAM03-BY2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1752338AbdLEBFe (ORCPT ); Mon, 4 Dec 2017 20:05:34 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=QbWE/V0b/INqzhFSwjdpD3r7p30gncWFOS9ykbwKcJQ=; b=Ox/RGUJmK9QstGoWyDuUkwlEHShZRaoolxW3sYGvaMsHAHA1THwf2imJYOow/Mi+OG6N5rVFUWT0LvK38rXwrhrB8WXKab5KyZ3zkGqK6RXTrmrdKwK58rQeA1fGuwe9Jlc3beJSHr4dmrNWYdd3b+f6kd3k/OO0TBaD7R8brqo= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from wsp141597wss.amd.com (165.204.78.1) by CY1PR12MB0149.namprd12.prod.outlook.com (10.161.173.19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.282.5; Tue, 5 Dec 2017 01:05:06 +0000 From: Brijesh Singh To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org Cc: bp@alien8.de, Brijesh Singh , Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Borislav Petkov , Herbert Xu , Gary Hook , Tom Lendacky , linux-crypto@vger.kernel.org Subject: [Part2 PATCH v9 14/38] crypto: ccp: Implement SEV_FACTORY_RESET ioctl command Date: Mon, 4 Dec 2017 19:04:14 -0600 Message-Id: <20171205010438.5773-15-brijesh.singh@amd.com> X-Mailer: git-send-email 2.9.5 In-Reply-To: <20171205010438.5773-1-brijesh.singh@amd.com> References: <20171205010438.5773-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: CY4PR0601CA0087.namprd06.prod.outlook.com (52.132.96.156) To CY1PR12MB0149.namprd12.prod.outlook.com (10.161.173.19) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 338e3616-d4ba-4837-4b2e-08d53b7c39c8 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(5600026)(4604075)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(48565401081)(2017052603286); SRVR:CY1PR12MB0149; X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0149; 3:dAuZCmwA9t/9jgr6D5z9+yk85QHq/8pzIRgtg7eFRO3ChbkejuhfF5RDA6JykQ/XyvmcMXQiULoht4VJvAx/0fbuX+PN5HoB2f+RxlH1+YAlPZ7olVdzbGQRIYGD1Oj2ioW+Uz6bC/uCgDR+bV4j4Wuc/OjJLxCu+k9agWdX0O67upHchwweqBKAzTJ37a73Pcn4K41JpTdDl7CahF01wOiGwnH7ww/c6WC3c9dHnhmHh6y4/xZHI/QQmFjLasXM; 25:3BIK8m7Yr8PNYtSnN1NmB63biOSFfgUgCaQlUxuMmfMhZOGexMjNeyAMZvA3jjeQspjI1JpTT2mgzFWCrn0oOYLyR3WzIHdMHhK/hRd3E4gSnaDOY+5pjmKxSa/azINcY5BK/5fX9h/xAt0m2U6zQkfgXmUh514u5ypHJIGpiCb8yE0auaBwGB9ttveoRUJU+Ktd7B93clELpiuQfJpJW/ndsB8LzdQOxq+oAOab5MotYJgxvsXWXnFrgUT3voVU/pnMzBQGraQyR/erEpD5HOm99ZnCJGlWOccLb+4PP9qKTLCD4v68ZPsBd9N906+ChomlDXa8+16i+rCjthahJQ==; 31:5X1tIJ/RKdtNaB0Et2RngchuTu5hxgKKQEJdMQp5UmImKC02XS2H4A5tgKidkyqDJ2tV2t1aB1JTc+jBx+b7fJZIIT/rRXg1wn9RlgoxVCQBCqR5egUp84zatEnuSxbrqqA7CPMNi1Yl/f6Klmp1jzjbtWDIIiRfBIke+qJLdfYXs4xzVmcZp6+dbWIfZkldys4hyh064EMTOQAQhJ0g7CgUqhmkNxMSaU8xtI4CG9U= X-MS-TrafficTypeDiagnostic: CY1PR12MB0149: X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0149; 20:pt6m8vEO3mv09TKTU6ufntSmykc0wQ2pEX+nGl7gJyPqS0rrR2jCdUU39ZC/vQNqzIlbU2ZuIbd9JihbScWmf0KjCsfJ9Y4zqVuDNWq5K+fJ9nTeuqr0K10HGUgQK9eRBfSNoqixQOytE3OeGOSsr64Obgr+RTQWK8DLNcdJdjZk4OzDMUrDw9ajwmVU79jvYl46RrJpNDlkFhYM9pfia++yCZHtIYuXRBFtyEsjcVBwyMR8JiAoPFXL8YJRxaO+O8dA5K6jTVOh9CglRToi537f6Qg/ecbQqfUoHaiXsgUgvLbRQ99/HlI2tPXYmbNsrLUUZRVrvxi7VkmWE7RMDydeC0vnHFZfE82xKR40xgFs+CYVeech8QPsaGtkTiB86Gl3GDWcl1chwFcx4DygGmqXLyKDssoh8CnU/Gk+awE44n+SNZOApEmX4nXJ9nvCpV5+xjit2CT7CmJEcym6gd9iMSDk8yxEM8nBab4e6srJ5X5YFTZ/GGi9EDGrZ0ah; 4:l4bouG6sr8i8Cdho7YrqKab80z+vW1EuGyM5vBBlu472XotRMr8N+PBNDVjaaEosinlXvnZvCKAYObTaaefmzM46mFdvD9ePnqvrVCabJy8wZPYfAG77BdSwhjnkSEg4AQJ1sKwVKcUqo50m57rtlt+jwu4bw/C2gjG2SYO1qnrhHk4cgCTl8Vxk1H+oOke2c/ZxeKQ5k7poKP3QryA8E1qvwhkyTyxGC7ORNfDK9h/+hIwxDxWXHVloEjlSd3ri0vdExif0d7kTThFLrNZYxOBZ0K/Y3ENeH/hSCgsHClE5OG9kVIgscMzCxE/MyN5pkOyn6HCnyS5NivUyTOO/wQ== X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(9452136761055)(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040450)(2401047)(5005006)(8121501046)(93006095)(93001095)(10201501046)(3002001)(3231022)(6055026)(6041248)(20161123558100)(20161123555025)(20161123562025)(20161123564025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(6072148)(201708071742011); SRVR:CY1PR12MB0149; BCL:0; PCL:0; RULEID:(100000803101)(100110400095); SRVR:CY1PR12MB0149; X-Forefront-PRVS: 0512CC5201 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(6009001)(366004)(39860400002)(346002)(376002)(189002)(199003)(16526018)(189998001)(106356001)(478600001)(2870700001)(101416001)(23676004)(52116002)(97736004)(86362001)(7696005)(33646002)(54906003)(25786009)(105586002)(76176011)(316002)(2950100002)(6666003)(7736002)(2906002)(6486002)(50226002)(81166006)(81156014)(8936002)(53936002)(8676002)(4326008)(1076002)(305945005)(66066001)(6116002)(53416004)(5660300001)(47776003)(68736007)(3846002)(50466002)(36756003); DIR:OUT; SFP:1101; SCL:1; SRVR:CY1PR12MB0149; H:wsp141597wss.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtDWTFQUjEyTUIwMTQ5OzIzOmdDbTNRS0ZlVVk4cG5rVEFyZ29vR3EvQUVo?= =?utf-8?B?bnhURWpZYTF3all0K2lkajJMSWI0ZGdBNHZZaUt2UDYwdmx2Sm1TeithRUF3?= =?utf-8?B?L1ZNRENvVnI2dmdyRFllM2hGY3I1dHZuOTdrZlNDdzJ1bzVXc3JjYUhZWm9o?= =?utf-8?B?dGxuZmhkVUN6WG9PMFg4S1VIWmFNLytKc1AwMkxOcThBajJvWDVOM0pVdmJ4?= =?utf-8?B?STBjOFlGWTNqMCtFSDYzYXNRRnJMZ0x5WG5mY2pOaVFodm85ZzU5SW5UL2w0?= =?utf-8?B?dXhsMXVZVlN1TzNDY01iS3FuT1poM1NiaXVZWEgxai93WDJPTVpEbXU5QTdm?= =?utf-8?B?VStKTHhFRWhrcHdSQkxVQ3V2MDIrSzZwVkNGaWlXT0Ftd0ZLVkN3RUJyUkFC?= =?utf-8?B?dmFoWWtvbTRBUERTNm5mMmdLejN2S1pEREIrSkdPelpoSzFjQ2tjZXNhTTlS?= =?utf-8?B?WjkzWHE5bkxtUXVkbHB4ejN6aGd6Qk9tM0RDMERDWWhpSUFGZVord016MnZG?= =?utf-8?B?Vy9rdFhqcTZSTnRXUXRPcE5YQXZETkpqUEFWdjlzMGJ2RTFWYUc0QjJmL05T?= =?utf-8?B?MTNJNXZNWVlpak91c3d0VkNZYm5YK3ErSmh0Z0ErRGxhS2tTRjR4UzM0bFIz?= =?utf-8?B?K0VIYXhUbXlXbElsSGhLcWFzUUZNYVJvVEErRDNWRVJaL28wSU5KTnpIOW80?= =?utf-8?B?dFAyNGtrNW9STE0wUFRPRDE5cG1oOHZEUTkvRm5RTkNTYW5uTnRqZlphRVky?= =?utf-8?B?QTdRbmd1ZkZOczIvVlJtR2tIZkFHMlhkWksrcmZ3cUhUOHBaS245WTRKRmdv?= =?utf-8?B?WGZVNDVTcjh2WnpjTHRyb25FNzJNbXc0djBVZkdVZG1XQ1RHcDlwblJBV0lB?= =?utf-8?B?UVNxZHYweFdGVi9XMEZCS2xRdGRESnZyYnk5Sk56T2VjYm5JTXhLSkxEMmEw?= =?utf-8?B?WEZtMVBPTWN3TnQzNFZZTDhRbHppMHYxZnVlYi8zQWY2VWtwVmlZdHpQZXNB?= =?utf-8?B?NGlYSWJLbkJ4MndRSDJucHBULzA2U05qMUtIRXp2VGF4bENzanBReTd0L3d3?= =?utf-8?B?R0Vyc1UyQkxZMmx2NUYwSnlocWFqMjhuWFFHaktPY0g3aXdJeHoxY3FwQkpC?= =?utf-8?B?akhsaEtub01GL3ZlRjBGbEEzWlJsMjExQUlObUhBaUt0TllxajI3cVdWbUVz?= =?utf-8?B?M2JBaTJmaWp3REx1QUdNOHdPaEx6MEhtdXMzRmhBWi82ZDJmYW4zZDNrODVV?= =?utf-8?B?eDhqUklDdnNURWp3SElyamhrMERGLzRJelZRa0VieXI2enNYaWJmbHhvNGJv?= =?utf-8?B?RTA0QzRSSUUxemMyZXh3ZERINnNKQWlWdUFHY2dkS3luQUlUNUFjV3hjZ1dz?= =?utf-8?B?alVGYlI5SWhmcENJQklMODFiN24xSXl4SXpHSGY2cE5sclhVcWNyS3ZsQmkr?= =?utf-8?B?QW82VEg4QkV3UFhtK0RqcXF1STl4WGNaWCtpOFBaT09mMzRlYUpVQXRRNXB6?= =?utf-8?B?YkJLdz09?= X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0149; 6:pvTsA+1G7TdFdv/sD0AVaugkaTNNIIxc6zlgzC5tDHMAESadrFiXPiMN6UP0liZBgiJ/HCz5KwiTNrL1cBy+/cJYyVhXfMEFmBvukOzWNfcp9tpdlVZ6CkNhCj377GyyT8jdylNoWogiBX+uEtcpNSCkOx1naip/05QcmEX9qAGkuTxiTv+TkJTfH2aaWxMhQX8HHD9ZH7Q9sXfcdltF3qiCF1/1qxHzEBfOlcyIJdmAo3QsbE4fbJ62nm8DWshsdx7F48+FJ3YB8WhPx71Kp708K3NWL26JDQIjSTkCiM+rTkGXFBWn46atvbVlh0nW8rCh+gmF8FrZy2mBgehAANXJ1/qyKc/ExCvRRExvAxg=; 5:WTWQcM2lGK+ljBAnhXpPb1I5Z84fOIoDx3P4tdwC1r4C0ZJgu8iRt4n/i4RTCLxsgHxcYOWSQADovIuhL3ClzAXCOpQRtfcKmHeN1p8HMu0oATrE30LJRrmmPiIJXLqJ/y449DH8VvEhYH/qH7zOPyCSd0WY6h5ommOVWYt1qQY=; 24:dFotItvZcdP8mAY1uZ/Ft2KYNysqrKnEE2vo9SML/8zK3pc9bTfWpOXPBa+Or1wPx1NOsH2sme3M4t8w87+Aglcj5P5pm/vC56y3YKM7C9w=; 7:K58INZoxt5ab0LluKeOsKvbLIoHCvDmjNswac4HE1JnbaVgou+ZW3N05JqtqcRq/M4bw5PY7zpXGlYcVJ8HflZoW9vEtsNi43QnWs+vh67IImh73Z1uzr2sBOe23goWGOv1PV7jljqovmPIwPPVFPXhajP4V5K2Co8kIY1OycEj6ajcX44XSb2UPoV+pnqGxaiZwv8+KXwkO+3cryBPGLSWkGtsYR7GEc9C/b43NVZmRGxmSfb3U80ZH3n+RX+/3 SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0149; 20:Nk5mbj6NpqoJYEBwxV55llQqnt3+FOFnefSVKVlHB3qw9RdmGCWFSgSrHwF5mCc3qylENzoSkZOZA4fsBPuwx/hAN3v+wjoOq9hQFmvBxbwxC/Zx0z0KT7aAq4n0ORq8ejGjYi4851aSGbmhfwb5VXXcfj6vUD+YHaYkHNYXzGMZAdRJYRGXV7DswlpvB9T5r6jn/qJkegkV77x+EYxXlqncth/U5Bbqqr2OE58tCWS/tnjU5z0KuPlH6mnoF3Gg X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Dec 2017 01:05:06.8579 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 338e3616-d4ba-4837-4b2e-08d53b7c39c8 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR12MB0149 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP The SEV_FACTORY_RESET command can be used by the platform owner to reset the non-volatile SEV related data. The command is defined in SEV spec section 5.4 Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu Cc: Gary Hook Cc: Tom Lendacky Cc: linux-crypto@vger.kernel.org Cc: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org Improvements-by: Borislav Petkov Signed-off-by: Brijesh Singh --- drivers/crypto/ccp/psp-dev.c | 77 +++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 76 insertions(+), 1 deletion(-) diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c index 9915a6c604a3..b49583a45a55 100644 --- a/drivers/crypto/ccp/psp-dev.c +++ b/drivers/crypto/ccp/psp-dev.c @@ -232,9 +232,84 @@ static int sev_platform_shutdown(int *error) return rc; } +static int sev_get_platform_state(int *state, int *error) +{ + int rc; + + rc = __sev_do_cmd_locked(SEV_CMD_PLATFORM_STATUS, + &psp_master->status_cmd_buf, error); + if (rc) + return rc; + + *state = psp_master->status_cmd_buf.state; + return rc; +} + +static int sev_ioctl_do_reset(struct sev_issue_cmd *argp) +{ + int state, rc; + + /* + * The SEV spec requires that FACTORY_RESET must be issued in + * UNINIT state. Before we go further lets check if any guest is + * active. + * + * If FW is in WORKING state then deny the request otherwise issue + * SHUTDOWN command do INIT -> UNINIT before issuing the FACTORY_RESET. + * + */ + rc = sev_get_platform_state(&state, &argp->error); + if (rc) + return rc; + + if (state == SEV_STATE_WORKING) + return -EBUSY; + + if (state == SEV_STATE_INIT) { + rc = __sev_platform_shutdown_locked(&argp->error); + if (rc) + return rc; + } + + return __sev_do_cmd_locked(SEV_CMD_FACTORY_RESET, 0, &argp->error); +} + static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) { - return -ENOTTY; + void __user *argp = (void __user *)arg; + struct sev_issue_cmd input; + int ret = -EFAULT; + + if (!psp_master) + return -ENODEV; + + if (ioctl != SEV_ISSUE_CMD) + return -EINVAL; + + if (copy_from_user(&input, argp, sizeof(struct sev_issue_cmd))) + return -EFAULT; + + if (input.cmd > SEV_MAX) + return -EINVAL; + + mutex_lock(&sev_cmd_mutex); + + switch (input.cmd) { + + case SEV_FACTORY_RESET: + ret = sev_ioctl_do_reset(&input); + break; + default: + ret = -EINVAL; + goto out; + } + + if (copy_to_user(argp, &input, sizeof(struct sev_issue_cmd))) + ret = -EFAULT; +out: + mutex_unlock(&sev_cmd_mutex); + + return ret; } static const struct file_operations sev_fops = {