From patchwork Sun Oct 29 21:16:40 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 10031727 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 704F1603B5 for ; Sun, 29 Oct 2017 21:17:18 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 60623285EC for ; Sun, 29 Oct 2017 21:17:18 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 45C61285C5; Sun, 29 Oct 2017 21:17:18 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 914F6285C5 for ; Sun, 29 Oct 2017 21:17:17 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752001AbdJ2VRE (ORCPT ); Sun, 29 Oct 2017 17:17:04 -0400 Received: from mail-co1nam03on0046.outbound.protection.outlook.com ([104.47.40.46]:27328 "EHLO NAM03-CO1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751666AbdJ2VRC (ORCPT ); Sun, 29 Oct 2017 17:17:02 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=cqcFj1DYfEeHSVWLtFHk6x4kiWCbpmZvdspdRnEpIoQ=; b=NfQW0/i71q1WaQ2p3VOqAOs2BvB2H4Nj/ABmS8b7VZU/TB1uupm0G79qGtHT2YLW9rX9jKbXfh1U+pLqJaq0BCZuBjojDJY4BMiy6TVVU0B7EVUDdOfFEuirPOfqPixQT8iAKy7SCZ+fGcR8aNqWbMeWcHw8LeJtvQj1aMDTMxA= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from ubuntu-010236106000.amd.com (165.204.78.1) by DM2PR12MB0155.namprd12.prod.outlook.com (2a01:111:e400:50ce::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.156.4; Sun, 29 Oct 2017 21:16:56 +0000 From: Brijesh Singh To: bp@alien8.de Cc: Brijesh Singh , Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Borislav Petkov , Herbert Xu , Gary Hook , Tom Lendacky , linux-crypto@vger.kernel.org, kvm@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [Part2 PATCH v6.1 14/38] crypto: ccp: Implement SEV_FACTORY_RESET ioctl command Date: Sun, 29 Oct 2017 16:16:40 -0500 Message-Id: <20171029211640.18507-1-brijesh.singh@amd.com> X-Mailer: git-send-email 2.9.5 In-Reply-To: <20171020023413.122280-15-brijesh.singh@amd.com> References: <20171020023413.122280-15-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: BN6PR17CA0024.namprd17.prod.outlook.com (2603:10b6:404:65::34) To DM2PR12MB0155.namprd12.prod.outlook.com (2a01:111:e400:50ce::18) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 3b2660c6-3aa4-45db-5203-08d51f126309 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(48565401081)(4534020)(4602075)(2017052603199); SRVR:DM2PR12MB0155; X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0155; 3:eEirTCU2G3FfFrFmKugoFPRgxA17DGJajU+22yfRW5sFaaZzEasmpjVILGvM0zCtFiTZM0geklvhLaH0FigLgoWvQdT87Pe9hwvR5B5NmfRKuieJKkSd0ohXfsQFq8GciWnMtzWPK7VBcTYEZSX90HOcEdzsY9tYokBwTnOEoO31TNr+LeD+dxLi9TeFhkXcPIJ0iP9CyliwZfP3pQeXsSbu3Z8MXqOsy/EHRqjERhy6Wai5lnIj8a1KyXjx3Ct9; 25:P91VALYptAts67rhxAaOU9W7woxcih++LmmLIHkS+CAeIJGh0nMaP9iSTQK7AR9/+f0QtpnT4cNDqGwemACSYNUN9Yhv0JlWvVHyVNk9t7PAVD9lPoEaT6hKCGyHTR5aECrjbi1Ee+wvehAj/GDfmXwdL+4ksGuOperms4w5SwLWf3fDjEdHJ9RWGwu2Wr5lXmiOQQ0lyuRhNuQZR9nNMYUabFVvQUC2luslTmTuxoSoIE0JSvdnIHoPA5Nj13PYoC1m1BLQxiY6ORNvpMcaaZXWgMfolSR7oxWDxYsq1QdRrJKTcquqEqbEbZanfdtYi5EtvpNM/wqCGfCLxziGrg==; 31:rmVXUMioBDFcTULQg/meYP5jxQVmtL+Kj8+rGN0VdmR9HSnk8Hn2BZfOJFEX9VZGsivkHeWNpTvLSxxnYPOD/y9XIrXZDEJSy3tqXwpfdNJjRZwDcydGD4F7VXpgsL/8Rx5TpFZs37LDAe+FJ5ABwb7ZkWZbu+O7YfrGYHegYq1tJMoJKYJ+vTca9oo5FhaChapSOyGWJyiTBwiUR9p+r3L4+ogoDjoctXBdP6qcsGc= X-MS-TrafficTypeDiagnostic: DM2PR12MB0155: X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0155; 20:Z7rRRm34qJeqtST2r5b2zJ0dFh/cXaT6kH/6PyPpnikCs3R39NCdqrLhVwxqX6l68MvEGUHcAHTRhsGumZN/vmqbBlVibeq5iqj2rljEN1HZpJcvukqyC4zq65nZQZDluIjT+hcBzIzTfFr7GYFb/wvXzQBdO3Jo24Ap/ALaoArocqcEYMuQfts25t/2aLjYpRuaIdXW3nl4S2EH8G7wXRxvAfvhmrClN/tPByBfpZQ4qXZs1LnzKoEBQ0DEaMz2ru87LxBoMXKYdt7R/6ox56GZGXEnQ7+JxtzYJZv1mjrdF7wR5T5ILC+quMUxn/s7ewjoMj5el7vUNZ6nEeDYFm8gEi9S0gy4ym17OgTBmf2z4tjTymXE1M9ef949a/knfjoHGARCJQ5aCq2eN4f4wDHmTHUhu+Fr+9JwUVQBnE4dDnPBHlZTWHmN44welDjQ/GrU1wPaPTOYOD334JY2/pA8qXdheflgNvbfyWij58RCNiMoXGB+00hDD5CQO64e; 4:DxHZOF/DPRFjseFakGGnG53y0RZFefUDX2gv0RpX1TU8Awnj4puHRmjVr4IA4JfneMUlojLSJyg46hWiYezHAJZ1nIp03t6/cQdB1aKhv8O2AkGwhdex2BL2UGa+a3RVlfTmx3T7MuqBs+6l4HzuozaQMo7IJSBVbbSiDZ5Ng2LYOuHJu5fIQXGYpV+06bl85QF6tUdcNN/DGwKyVgN9YzZmiEKsk8xRw+1uGZ2eH98Q7gzLXjZs5ebtOPF2KDJP0jne1VsNADP1hY+enZSVHKibdCQFOys3Pbykghgz7N4exCJ9GZ/k0pr2apOSd8ZTxjycj9tbnLpEI9LRGz/AgQ== X-Exchange-Antispam-Report-Test: UriScan:(9452136761055)(767451399110); X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(3002001)(93006095)(93001095)(3231020)(100000703101)(100105400095)(10201501046)(6055026)(6041248)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123555025)(20161123558100)(20161123562025)(20161123564025)(20161123560025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:DM2PR12MB0155; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:DM2PR12MB0155; X-Forefront-PRVS: 0475418F50 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(6009001)(376002)(346002)(199003)(189002)(305945005)(16526018)(6916009)(6666003)(50226002)(2950100002)(5660300001)(2906002)(81156014)(66066001)(76176999)(478600001)(86362001)(50986999)(97736004)(81166006)(54906003)(36756003)(47776003)(23676002)(50466002)(189998001)(4326008)(316002)(8676002)(101416001)(1076002)(53936002)(2361001)(33646002)(6116002)(3846002)(7736002)(106356001)(2870700001)(25786009)(105586002)(53416004)(2351001)(8936002)(6486002)(68736007); DIR:OUT; SFP:1101; SCL:1; SRVR:DM2PR12MB0155; H:ubuntu-010236106000.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtETTJQUjEyTUIwMTU1OzIzOmlQMXhzeVJYRHFjVVJkODNhV1dQU01WU0Ex?= =?utf-8?B?Tlh6MGFkQlhBeXJIcDlnOHk3Q0pBYTFPSEZXcXMwSy9KUmZhYnJaRmJGSVBw?= =?utf-8?B?VXIzaFUwaHpzM21YVlR6R3ZqakhMY1lWQ21QaDlIbWJucDJtMDgwdGNrNTlP?= =?utf-8?B?OWp6WWNvbGVWNUpZeTBJenJLamdVVW8zUDJMTllEQ1pjRnpDSWN2RExSdk1F?= =?utf-8?B?Q3Qvd1JlL3RtU3grQUJuSzhqK205Ynp3RzlqK0w3QXRGR01jcWdsMTcxYlJx?= =?utf-8?B?VDR5dm12ak1PTWpDb1VBcXh6Wm5jWVplZmcyMVI4eVM0USszcmtrMk9ORjFJ?= =?utf-8?B?b0ZGREh2cmpZSFIraDlXVnNsUkdsYUZ2TVhGY09CeE5jckd4NFc0S2V2bVF0?= =?utf-8?B?Qk1FU3AyYmErQVRKWktBaXIvbi9UMWZnSEZRMzJ1Nkx0a0REV3dUMytydndk?= =?utf-8?B?eTZST3NQK1J2OFE3Ykc0bmd6L3RnOEhXUTFzYVhRQnFpaDF2UjFMeG1ybVNm?= =?utf-8?B?VUxQZEp2WnA3Z0RMOW5pSUFQTldrOEYvckVkNW5GSU5FaUxJSjkwTTlpK1BW?= =?utf-8?B?UzBuR3pMZm0wWFpkVEVvWjBkVmxIbEJIOStDbFJDK2p5OE9Td3YzVG1xbVdY?= =?utf-8?B?SVpyYTYxbFFxeGFjd29uTjJsTXpOdjk5NGU2Nm01ZXRUSTl4Q2R4MVVQU05C?= =?utf-8?B?aFdtVVZKcFRYelo5NGlzM1pyMFUwTlVPaU0xdkRESDkwVDI0R3VRWjk2R0NR?= =?utf-8?B?UGZQT05DTVNNdkNmRklhaGpaeWYxaHN1dUJXOTRhM3dYbmdlY2l6Sk1uaEEw?= =?utf-8?B?Y2tLTlBIRG1aK0pTYUtROXBFV1NsUi80OUk5cVgvSVJDODJlTVhMWlM3OUdR?= =?utf-8?B?aThCTU5ENmsxRHBsWjlRSHpKL1JhSGwyQlJXdFNlazYyWC9MT2x3MDNUQnZP?= =?utf-8?B?aGdVVlU2UVB6aHNHeWZaRGh1UEc4ZTdRdFdjUDVOVEtkREpYTWphQXU3QU93?= =?utf-8?B?OE9yUklBQUZZSEJkYzRzVUMxUzlNOEs2WUk4bk13K00xQVV4WEZTcHJKSDRI?= =?utf-8?B?dGhubGpCN1FSaWN1KzI2VjM1amtta01OZUx0OC84VS9tM0ZqMjFPdHl4NXhC?= =?utf-8?B?ckw0WDdlUWV4bFF6aGtOK2NJZUMwMzFKMDdFWXlQdW90emV3bHhYM1p2Nmcv?= =?utf-8?B?ancxZVdudEZRN01XVS9USXgwSlV2TCtKc3A0RkdRMk9kdkZIYzBrdGo0ejV5?= =?utf-8?B?d1kxV0t5clFqYkoxcS8wN1lFQTYzb1IybXBkK3RKT0JpSjYxVEpxT1dGVXBO?= =?utf-8?B?OUZybVRpc3d1UjZ4UkpVb0RpajNXbWFkV2dDM09CeSs0MjRmbXFWdjB6SVls?= =?utf-8?B?ZXlDaTBhQmFTWGxPZ2V4ZTVkVWVWLzI2ZHRySzg3SFUzN0F4TE9QUWVkbGVp?= =?utf-8?B?SEZ5Z1JhQTVFeDkzZWdsdXk1KzRCMk1UU1dWdjQ2K21DUFM4V04zcjUzdm9z?= =?utf-8?B?MW1pdz09?= X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0155; 6:eOdtUt90KLxkbXIl1NlZkWtZhSTRaqEDzhEMUHD5KXvAJ0XEMeRIwSUszVNP611yygCsYAlyO1u6U2J2QnC6TZAzDyEY8LFpYk18q/zpEdNLDqYpxO2fBWnQRwvLcg479W/frEJM5vz93g5BtkFCLSNpZ2V2RCaf0DIP8OtjvNM+EKZxmXkp+pLosswJKuDaujN+JLD9HDx2fii4koKEj1+aAi+jHqLoLEuSoQEUML6691aB8tCQhBiJzlFV/ey+SZNPwjOJl/WD+E8a2A1eS4TwEPqTTu1PlotfS3MsHpKsOsbQfV1WXNCLhNZHsyXMDcslLE2cMnNguF/S/qTYaw==; 5:Ec2b9Psl86o7gFNI66d5u5XdfMgN+gzNx9TICruBdRimvn2J4sWSNXL+mWn71OBDpbGihSOVnJN126fvNtNw67Q7N8YPshK0rtbGLooe/ZdMgWAq6Uld4/wZ45ZTDveCZRAl11MNsXD8Sek/2NZKHw==; 24:80ZlPPHukulK2XsuXnIPX6hkUfy0ln6KulMWFbDAYjI3cU0GGR7xdSeNt7ZODN8iymnNiiFm6hSMgOYV38y00j4iG6vHNRyct5yrgKqdcrY=; 7:y/NLzZxy0r1p0scBgj/8X8DAhuVckpO68ynh9Hryh4lG5Mh7oKiT7TGhW6COnmxc21CP5ch6AY7JfDZpxRzYWtdiOe9WKdcCjtqFjP36JV/+r1zoDAqjOivtBbFjFGZq89xrYTeaV4lGZrd3jNbs5GR20v8tQc3KkweVwfRgAnDJG8D4CYO76rTo6CO9DBvs6G77VIzkPENffDllqGNRfOJXZjvlsu91p8kXVQYyDAU= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0155; 20:TYo9ZBXM3Bpx7BijClKq14ElrAswmljS7Wx32JMFnn/8JuIDQQpxSzi8Lhi0zOfscdoQTNrvPEpwMqIbpK/aCnjSqwlus8z1KSSp71yGHDB/bAw4EadGY/jnj+SnrWEkqVkf/8AfJxyo8G9PnTFZ4Q7FQnC0K3bpN+yoalA5Q+3MaZnu5x646Vy7KyFQJ7eajmKiBlvekoM0v0pnH14C0T2gXDE2qo8uVrWSD1oZqSMX4iFGCOCYoGEMWJsr0/wX X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Oct 2017 21:16:56.3752 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 3b2660c6-3aa4-45db-5203-08d51f126309 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR12MB0155 Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP The SEV_FACTORY_RESET command can be used by the platform owner to reset the non-volatile SEV related data. The command is defined in SEV spec section 5.4 Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu Cc: Gary Hook Cc: Tom Lendacky Cc: linux-crypto@vger.kernel.org Cc: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org Improvements-by: Borislav Petkov Signed-off-by: Brijesh Singh Acked-by: Gary R Hook --- Boris, It may look confusing that we call PLATFORM_STATUS command to check the current FW state even when we keep the state in psp->sev_state. Per spec, PLATFORM_INIT transitions FW from UINIT -> INIT and SHUTDOWN from -> UINIT but there are multiple commands which can transition FW from INIT -> WORKING state. Hence my thinking is, if we really need to know whether we are in WORKING state then invoke PLATFORM_STATUS. So far, FACTORY_RESET is where we need to know if we are in WORKING state to avoid shutdown the FW. In real world app this command may not be used that often hence I don't feel like adding more complexity to the code. Changes since v6: * If FW is in WORKING state then reject the command * If FW is in INIT state then shutdown before issuing the command drivers/crypto/ccp/psp-dev.c | 77 +++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 76 insertions(+), 1 deletion(-) diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c index 060f57ac08b3..b02ea56508b4 100644 --- a/drivers/crypto/ccp/psp-dev.c +++ b/drivers/crypto/ccp/psp-dev.c @@ -177,9 +177,84 @@ static int sev_do_cmd(int cmd, void *data, int *psp_ret) return rc; } +static int sev_platform_state(int *state, int *error) +{ + struct sev_user_data_status *data; + int rc; + + data = kzalloc(sizeof (*data), GFP_KERNEL); + if (!data) + return -ENOMEM; + + rc = sev_do_cmd_locked(SEV_CMD_PLATFORM_STATUS, data, error); + if (rc) + goto e_free; + + *state = data->state; + +e_free: + kfree(data); + return rc; +} + +static int sev_ioctl_do_reset(struct sev_issue_cmd *argp) +{ + int state, rc; + + rc = sev_platform_state(&state, &argp->error); + if (rc) + return rc; + + if (state == SEV_STATE_WORKING) { + argp->error = SEV_RET_INVALID_PLATFORM_STATE; + return -EBUSY; + } + + if (state == SEV_STATE_INIT) { + rc = sev_platform_shutdown_locked(&argp->error); + if (rc) + return rc; + } + + return sev_do_cmd_locked(SEV_CMD_FACTORY_RESET, 0, &argp->error); +} + static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) { - return -ENOTTY; + void __user *argp = (void __user *)arg; + struct sev_issue_cmd input; + int ret = -EFAULT; + + if (!psp_master) + return -ENODEV; + + if (ioctl != SEV_ISSUE_CMD) + return -EINVAL; + + if (copy_from_user(&input, argp, sizeof(struct sev_issue_cmd))) + return -EFAULT; + + if (input.cmd > SEV_MAX) + return -EINVAL; + + mutex_lock(&sev_cmd_mutex); + + switch (input.cmd) { + + case SEV_FACTORY_RESET: + ret = sev_ioctl_do_reset(&input); + break; + default: + ret = -EINVAL; + goto out; + } + + if (copy_to_user(argp, &input, sizeof(struct sev_issue_cmd))) + ret = -EFAULT; +out: + mutex_unlock(&sev_cmd_mutex); + + return ret; } static const struct file_operations sev_fops = {