From patchwork Sat Oct 7 01:06:03 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 9991021 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id E2C5160244 for ; Sat, 7 Oct 2017 01:08:08 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D56C128B20 for ; Sat, 7 Oct 2017 01:08:08 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id CA75F28DAF; Sat, 7 Oct 2017 01:08:08 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3643E28B20 for ; Sat, 7 Oct 2017 01:08:08 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753136AbdJGBHw (ORCPT ); Fri, 6 Oct 2017 21:07:52 -0400 Received: from mail-sn1nam01on0081.outbound.protection.outlook.com ([104.47.32.81]:49120 "EHLO NAM01-SN1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1753096AbdJGBGZ (ORCPT ); Fri, 6 Oct 2017 21:06:25 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=4fZUrFaoAdeYykeqxnNvyJ9aPstz6S89JASGW+3Y+Ng=; b=n7ATXM3TaDnew9ty2GFU3neLsuR3g81LA0/Yt9NVWro3dmWkzHRI4yh5bxKUp5sNsSYpzO9KRQT9HL/ZBhMptAKe7lE6D+qhP8KwZDlVyD+OSGtqQA1enJocxM87MvAxSaIDOcf98DNE/MoYH5rQak4+vI/rvzuX4fGdTlzHgJw= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from ubuntu-010236106000.amd.com (165.204.78.1) by CY1PR12MB0150.namprd12.prod.outlook.com (10.161.173.20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.77.7; Sat, 7 Oct 2017 01:06:21 +0000 From: Brijesh Singh To: bp@suse.de Cc: Brijesh Singh , Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Herbert Xu , Gary Hook , Tom Lendacky , linux-crypto@vger.kernel.org, kvm@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [Part2 PATCH v5.1 12.5/31] crypto: ccp: Implement SEV_PEK_GEN ioctl command Date: Fri, 6 Oct 2017 20:06:03 -0500 Message-Id: <20171007010607.78088-5-brijesh.singh@amd.com> X-Mailer: git-send-email 2.9.5 In-Reply-To: <20171007010607.78088-1-brijesh.singh@amd.com> References: <20171004131412.13038-13-brijesh.singh@amd.com> <20171007010607.78088-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: DM3PR12CA0085.namprd12.prod.outlook.com (10.161.151.157) To CY1PR12MB0150.namprd12.prod.outlook.com (10.161.173.20) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 520cf72a-e962-4ea6-8c5d-08d50d1f9f98 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254152)(48565401081)(2017052603199)(201703131423075)(201703031133081)(201702281549075); SRVR:CY1PR12MB0150; X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0150; 3:rp6IzvbBsmm9Zd9s82cWc95owag6hYPw5mifWv3Y7YImhAoBqxKbSUm62MMZr75RPKAvRReddyR3+wBaQ6etWgtBFS/d475RGUCKICzSLZ+CFj+UNF/hs3dddmKCzBWa/ePH891pREE9oyPKp1ynNrwElDOWZsHRen1p8aqoYFqahwIheeiCp4DVtFgvmuS9BhU5i4Mo/s/rKz7TuVrFwOmL8ywcO6v96vlEOPLOROHpMoiM9ZB0B732YksqeZ9n; 25:OWMxnKZAlfO9ndOqQx2zUwp8TAVsnBhGtn+FZaSt/80weaVumXxXeAKukMjjPlZNgR+NS5R2g1EWHvIWdbBQL4y4Lscw3ysBU4WvhQhLtW2CYsO9pww+RYjTus73A59vltkY00TduJXPyz9IbeCv9a2N1ecUlcjHfEtiyN5Db+EF3geurpkMnoLVeZNwS7et5eN2u4CNVftOyBaxvElVQSt2BayK41GwdeViLydaDphju9lgyU8bDQG/Cv2U0R/HUj2jaAXuhDTxOB9s921ewPaTDW5mK5/zK7GVvSnVGkKUzyQ+o0akHEkaBB+PrVAOYAcdTyf0zsZyNHhukRhJiQ==; 31:bZ19QAz5K7p7xyqkI3Os8qJVuXvCQykQVjaDkPiYMiFvnJwcZMq5kDo2mDvzDOGd4qu0FkJm59M/42qBTCyfuq5Mx0BCOO+/Kk50Z3GhObUdsh2B1eNCAmK+Kyrsrm/LoqY6CmxOjRGxuEB1ehgDqsOjvb3suFtvNUt/Q5nJMPU6xsoQtwkHazLliWOcjJ7+yQ5qNuKrgvoMlCfN72f9WV7wEJcnctXuFY16YE2mEaA= X-MS-TrafficTypeDiagnostic: CY1PR12MB0150: X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0150; 20:lcxw4Uq6dZWp2P51HiL6KG7yic+eGeqmVAKzkqCyAuweVXYHZqMFhwYlLxxdhIb//m9ecbN3asUKlp2bhTsHGclML6TSz6NP+f3Q881xGtsa2QDi8C9BUpR5eGZ4ib0Q9uJapDF89ZfFJ6LMNPPJsannlx3h64biUz+iIwQtPQySFshUf6qWzX30msxbbyzu9AJmjgKZ4/ugN4y98T4ZlTAP/DqwarKhxRszWmdLDGbyzoSIJj6AYn3Vft9SCZgvra5F/wBWUGbs8muJk788NnbRFKecIe8MbkfKLFxQf0e8KxnkU+txjXQ4jIW8G71Nn9X4d6qc53JT+NTnspdnZeYLw9/EV3iu/1WgMr5wI38nYVBxDoKMbRlWvE3xnhlppd6fCBMdgAWVWJuEGUOfF7jZIpR2epdPTvBoKCyx1xzzixicBQMsvgBvGRdI0CNldZdwmY5A8ewWeaNL+g+iojtBYenjvQc8VajMoKSflIhgBIEUHlZsgWQFGDOLN0Gu; 4:EyXEwAmagRIJFS/fJFxgu8VhD7VoOJmQjVD7r5+IS+x+T5WivYpOOFWoQr2/UQbZKdoOnnjRbRTjpYs2a+iUgwf4SlHj8s65uXfvLX7jzV/AOsPIYHxuuJFmumYdVZ1c7z9X3bdRidpQuZ1rNOasDovHoa0BeAKEq/zYmU5pZMMuzjZ8oItfS/fdKKAHu6+3AXCWQpVVW4l3t6ZrM4oNBP4edpacrhbz7Ls0f7lKBcoDfWURxZ4BPhqn/Ty5cbFLpfydahCpAzAMiGdbTdoVhiy6yr1FRoNMKgKoXP4VMO9165bRYFPBHZ43ksS0nuG0xLqd5p7SOQyENsYdhfFNlA== X-Exchange-Antispam-Report-Test: UriScan:(9452136761055)(767451399110); X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(5005006)(8121501046)(93006095)(93001095)(10201501046)(3002001)(100000703101)(100105400095)(6055026)(6041248)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(20161123555025)(20161123558100)(20161123562025)(20161123564025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:CY1PR12MB0150; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:CY1PR12MB0150; X-Forefront-PRVS: 045315E1EE X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(6009001)(376002)(346002)(5423002)(199003)(189002)(6916009)(53936002)(316002)(50466002)(36756003)(6486002)(25786009)(4326008)(2351001)(16526018)(478600001)(5660300001)(2870700001)(2361001)(2906002)(47776003)(54906003)(53416004)(6666003)(86362001)(76176999)(6116002)(106356001)(3846002)(105586002)(66066001)(81156014)(50226002)(68736007)(101416001)(8676002)(97736004)(305945005)(1076002)(33646002)(23676002)(50986999)(8936002)(189998001)(2950100002)(7736002)(81166006); DIR:OUT; SFP:1101; SCL:1; SRVR:CY1PR12MB0150; H:ubuntu-010236106000.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtDWTFQUjEyTUIwMTUwOzIzOmdSMlBDMitMT3ErREd5bTErUHdWdndJcG9y?= =?utf-8?B?dGJMOW5TY3dsaEdoVzc1UGRYYUwvekNxT2pmN3ZBaVd5T1BkaFZNTCtTUm5V?= =?utf-8?B?SGRkcWswK3RtMC9BR2lqalkzZVdxQzhMOWk4MGE0OEhmSFNTay84dkpJWFkx?= =?utf-8?B?V3NDalN5YUlxb2xPempVbWkwREVpd1NSak9FczlDWE1zblRmUUxNelluUUZa?= =?utf-8?B?bm9WbVVWK0FjMFl1ZE9NREV0T1BDYXFvSVFIazhEM1pzVllVcldnMU5DdlVo?= =?utf-8?B?am1CV0ZxTW1EYzJjZWQrS1FkTDlROFJYWjZ5M3BvMTVyRDR5Zm5nNHBld2cy?= =?utf-8?B?ZDVlekJvRVFVbVVRR3EwNjJQditvMDE3QTJIUTF3STdRTEZCN1FQSWpxd0x5?= =?utf-8?B?dmlkSXRUWndqcnNkN2VDOTVZbXd3WlQzZGhLdnhnQ2p6RkdrcVR6b2hubXNY?= =?utf-8?B?TmRrYlk2VmFqaEN0dHFXUDNuTE9rRGllaUhSUUpDc0RoR09aY004dm9RQ05v?= =?utf-8?B?Qml1ZmZlZFFIbC83MVdDWHBxdCtzMlhSeFJKSFM2K3pYY3R1MHUwTWdYakxr?= =?utf-8?B?bFoyVnhodUtURFVRQTgzRFJXYjdGc01LWGg0N0tOOWNLbGNzUnZVUXVQdmpv?= =?utf-8?B?NnpIQVo1SmhMZW5rWWNTOFBzV0ZsUVpXSmFuYUtBZ0RFTE9aNVN0dEw1UHBi?= =?utf-8?B?WmZoamhkemZSQWhxVS90OEY4RmNURDVrTndKVThydlZZeGwwbzkySHYzZGNw?= =?utf-8?B?amVxRWVjNEdLcW5vRW9SdWRjRkxnTHpaYXZBS2c5eGZyM0xWcjA5TlJ2LzJo?= =?utf-8?B?bDhTRWR3bkRWZXpCRG5zOEdCOUtrYVB4OS9qNEZvWUZFdHZyQ1ZFV3Z1VFg2?= =?utf-8?B?NlFaUTNoczJZQVBFbW51R0huOWVNZUpIckFOSy9ubUNweXJPZzZ5RkszR1pM?= =?utf-8?B?OWFqc2RMd2NEUG5lTDltZFhyMlo2TTdqMnNYMGhwekw5YTAwaWJxZVFpc3Jo?= =?utf-8?B?RHg1VklHOVR1cmJZdUlIazZPdDJoc1BDQWRHSEhUZ2Mwc3NMR3h0bk1iRm9F?= =?utf-8?B?TUdmeXFuaW1pV2J3UUt4VW1WNDNYcWkwKzd3UWRCZFJ4UWN1d3l5V1NheUpx?= =?utf-8?B?K0ZlWFhweGVxQ3o5SjhFMzdQaFZ1N2c0T0I4dWlDOXFuV25XV3MzQXljdWM3?= =?utf-8?B?eDJ6clJrTEFsU0NOR2ZETXQ4dUVNbzJUbGxxaGp0SU5SM2ZFeFA2UXIwcVEz?= =?utf-8?B?YmxmZ1I4bVlybGhKVDZmZzR5NXd3OVBYTE9VNDZoa2hMUTE1RVVGRlU1OG5Z?= =?utf-8?B?WmxYQTQxOWVYMGRXQldEVDVpbG1GOEEzZTV5UVVENHczbS9vZ25VU0JtTjhl?= =?utf-8?B?KzlTNXk0K2VyRHdNQVdHeXdseDlYK1RyMno3SzNHOW9iaUNmVGQ1ZDhtV1E1?= =?utf-8?B?T0FRTDZCSHdnR2dteXFLMkY4ZURXMlBtT2M5WC9mZDBSM2UxSHR0SklEQTNH?= =?utf-8?Q?PbMd00tmTG/TcwYNNrVd21mCA=3D?= X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0150; 6:fmRfBUwHJ5uMRRwWlLBYZzfqg6ITuKf+0GZulQ9bpwixEDZpjE3hmQHxvP5WuGgUrhv9cHtCRwu1dS/bVeAvDsAT8xEm2gP89sHcV0S31PIgmMrzeES14pWp/WRz/rE85GlCWGr2ckQ+DjipSQWh9h3nFvGedOafMhOdTCbT8IEFBj7YaF37E8ZVXtWATVebwxEf25WtpCd9vPtRnXHnmyiLXRmmzKWydNkWIzcnnqb7Lg8henFc5unX8mv8momyakq6eA8XdE/LE2ikCRR3UI1INoVbVYiLeqxMftaHWqaAcQpWH7/hEqRCBYmoRq4y+eFtOAplitMVahm5ktTl4g==; 5:qDf+6FJlGtnrEfxYglgrzA4/2iRgt5+umjdX47/+yLuKPEla13htNIvV4Onnb0iASSgBhWeezR6RQtCg9YdwbOiWhamtKR76sY6xjKJ4huFNpMLU/bFHgopcpQQ6KIchA3XHC+BR0pRbXHmLXWf2EQ==; 24:K7MVderht7ohbQlIKOmeNI5lKFKj4IyOSOVvXGethrV9Q82vxUD1mwQWsAlQ9MnMnwai9EUB2XRvXUZUPmRT9tgY8ALSpUKi0cPsPENsdJI=; 7:o/Oz+1NpkbbmqqKCA49MvFJtYQB1lJUGwMZRFcAcTDFYE8AiUkepz4Q03AHc4JHqKoP3cIxgZSKnnwR0YNN3ej3yslVw2WhdDc+xVP3W3gA/u8GzLFUoaMNgiTMTBZjPm8YfKpXe1xyKrdsYu/Yc7Hohq0fXAqWd1I9G1rAjj4URhU0caWIJnUcdtLPboseKajWhk9h++QZEvkj7FVVLEOGpaArq303mZfy/lsnh1Cw= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0150; 20:bJXpP3LdIJzp7qd/QJvWSKeMaUsYyQMP1HcTVHeJMAD1JXchfuQjvt5gXhPXKFo3OiOq21BxSFzZk9dcnlRaCftxg5qcVMa8oFrD6SPBUQkHEBqJ6LkLxE8QfFDblbN6jQlxOHka2MyNDtSZtf80RS/38cPhrcbhd2Us94woD1mIc88sGqCWpUdA4ksfowMChIUWf/7udSchBj+szrhFhl0wUqis9SrHcSTufM9tuFNCsu20jICp/L1EifLASPe/ X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Oct 2017 01:06:21.0671 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR12MB0150 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP The SEV_PEK_GEN command is used to generate a new Platform Endorsement Key (PEK). The command is defined in SEV spec section 5.6. Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu Cc: Gary Hook Cc: Tom Lendacky Cc: linux-crypto@vger.kernel.org Cc: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: Brijesh Singh --- drivers/crypto/ccp/psp-dev.c | 68 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 68 insertions(+) diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c index d68303a06464..03d7bd03ad58 100644 --- a/drivers/crypto/ccp/psp-dev.c +++ b/drivers/crypto/ccp/psp-dev.c @@ -207,6 +207,70 @@ static int sev_ioctl_platform_status(struct sev_issue_cmd *argp) return ret; } +static int sev_platform_get_state(int *state, int *error) +{ + struct sev_data_status *data; + int ret; + + data = kzalloc(sizeof(*data), GFP_KERNEL); + if (!data) + return -ENOMEM; + + ret = sev_handle_cmd(SEV_CMD_PLATFORM_STATUS, data, error); + if (!ret) + *state = data->state; + + kfree(data); + return ret; +} + +static int sev_firmware_init(int *error) +{ + struct sev_data_init *data; + int rc; + + data = kzalloc(sizeof(*data), GFP_KERNEL); + if (!data) + return -ENOMEM; + + rc = sev_handle_cmd(SEV_CMD_INIT, data, error); + + kfree(data); + return rc; +} + +static int sev_ioctl_pek_gen(struct sev_issue_cmd *argp) +{ + int do_shutdown = 0; + int ret, state; + + /* + * PEK_GEN command can be issued only when firmware is in INIT state. + * If firmware is in UNINIT state then we transition it in INIT state + * and issue the command. + */ + ret = sev_platform_get_state(&state, &argp->error); + if (ret) + return ret; + + if (state == SEV_STATE_WORKING) { + return -EBUSY; + } else if (state == SEV_STATE_UNINIT) { + ret = sev_firmware_init(&argp->error); + if (ret) + return ret; + + do_shutdown = 1; + } + + ret = sev_handle_cmd(SEV_CMD_PEK_GEN, 0, &argp->error); + + if (do_shutdown) + sev_handle_cmd(SEV_CMD_SHUTDOWN, 0, NULL); + + return ret; +} + static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) { void __user *argp = (void __user *)arg; @@ -232,6 +296,10 @@ static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) ret = sev_ioctl_platform_status(&input); break; } + case SEV_PEK_GEN: { + ret = sev_ioctl_pek_gen(&input); + break; + } default: ret = -EINVAL; break;