From patchwork Fri Oct 20 02:33:53 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Brijesh Singh <brijesh.singh@amd.com>
X-Patchwork-Id: 10018681
X-Patchwork-Delegate: herbert@gondor.apana.org.au
Return-Path: <linux-crypto-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	C91C660234 for <patchwork-linux-crypto@patchwork.kernel.org>;
	Fri, 20 Oct 2017 02:41:02 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B356028E6A
	for <patchwork-linux-crypto@patchwork.kernel.org>;
	Fri, 20 Oct 2017 02:41:02 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id A7BF928E89; Fri, 20 Oct 2017 02:41:02 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3D1C728E6A
	for <patchwork-linux-crypto@patchwork.kernel.org>;
	Fri, 20 Oct 2017 02:41:02 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752144AbdJTCfa (ORCPT
	<rfc822;patchwork-linux-crypto@patchwork.kernel.org>);
	Thu, 19 Oct 2017 22:35:30 -0400
Received: from mail-bl2nam02on0081.outbound.protection.outlook.com
	([104.47.38.81]:36505
	"EHLO NAM02-BL2-obe.outbound.protection.outlook.com"
	rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
	id S1752108AbdJTCfW (ORCPT <rfc822;linux-crypto@vger.kernel.org>);
	Thu, 19 Oct 2017 22:35:22 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=amdcloud.onmicrosoft.com; s=selector1-amd-com;
	h=From:Date:Subject:Message-ID:Content-Type:MIME-Version;
	bh=nPUovB9zxMTq1AR+zZI3ZU/ChSjortGadgIcY0bII+0=;
	b=D1NXzpeWbiyMkLKT6ZInn6My+8sSFpukPu120owPEFvxoZwsEpjqrCo1Rh3SiR9PvkLEm1diFjcP7vZ/JbKHQ2RHIFx1yTvc5Rhbs9NrMrZ8l6eYP/exjlpuBJga5nfEFC9+ujpDk06Ig4vB2v3kBd73tzkUpV2JWg22eszgWUs=
Authentication-Results: spf=none (sender IP is )
	smtp.mailfrom=brijesh.singh@amd.com;
Received: from ubuntu-010236106000.amd.com (165.204.78.1) by
	SN1PR12MB0157.namprd12.prod.outlook.com (10.162.3.144) with Microsoft
	SMTP Server (version=TLS1_2,
	cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id
	15.20.156.4; Fri, 20 Oct 2017 02:35:07 +0000
From: Brijesh Singh <brijesh.singh@amd.com>
To: kvm@vger.kernel.org
Cc: bp@alien8.de, Brijesh Singh <brijesh.singh@amd.com>,
	Paolo Bonzini <pbonzini@redhat.com>,
	=?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= <rkrcmar@redhat.com>,
	Borislav Petkov <bp@suse.de>, Herbert Xu <herbert@gondor.apana.org.au>,
	Gary Hook <gary.hook@amd.com>, Tom Lendacky <thomas.lendacky@amd.com>,
	linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: [Part2 PATCH v6 18/38] crypto: ccp: Implement SEV_PEK_CSR ioctl
	command
Date: Thu, 19 Oct 2017 21:33:53 -0500
Message-Id: <20171020023413.122280-19-brijesh.singh@amd.com>
X-Mailer: git-send-email 2.9.5
In-Reply-To: <20171020023413.122280-1-brijesh.singh@amd.com>
References: <20171020023413.122280-1-brijesh.singh@amd.com>
MIME-Version: 1.0
X-Originating-IP: [165.204.78.1]
X-ClientProxiedBy: MWHPR1701CA0020.namprd17.prod.outlook.com (10.172.58.30)
	To SN1PR12MB0157.namprd12.prod.outlook.com (10.162.3.144)
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 31c8ea34-3ddd-47dc-2192-08d517632e1d
X-MS-Office365-Filtering-HT: Tenant
X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0;
	RULEID:(22001)(48565401081)(4534020)(4602075)(4627075)(201703031133081)(201702281549075)(2017052603199);
	SRVR:SN1PR12MB0157;
X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0157;
	3:kCq50RjbspVN7DncT0luajQYL0d2I4qOQ5FSAeaxNBBcg1YUvCg3xAtuTPhVBwyuZARm5Q7Qnus10F8m6GzjI4wAAXysvo1+0ru8uqfZrO6WvbUwkoWmsjLF0MjkRKLL0GqBxN1dmmVvwNi9m5HaeB0TYVOMBwzSeNvBxLmHsGLh+vzoaq4GjsVmBTRZ5y0uHWC/0MgKocv1QW2xD2jYUNdYHI1a9cU62NopatR/LnpEXBYHcog0zHti1Sek1Ie6;
	25:2ol6E2WxwNe/i1eN7YI3QzPJvfEQJUVN5tdwdV+HkcJ5VNdyelxhVse8J1SfU7ZpvmEehoMr+lneAkUyd5ZY3Bdj+8mXS/WboHWoPUaHtYMDZm/llxwNJHoP70bIbZcslS/Y7ndy6XhvtikhX9pU9UmPbLv3q2BG3bnfsNdIskyf17lWUO3eG5QvJRJhrYskOvAQAzIMEQdA/yCMfrxNE2L1sOB2JEj1xdAOXGv1FbFYuzEeWnUQuncq05mEhUeEDdj2vbeozmp+wSQ87PiDre36E6JeStWMi7fiJsk3wbUlmg/A9aD1K5EP1uu07Xoh/UsPy+bKwjWM9Oy/Ukqhaw==;
	31:DUBbRhkddHw0I6GY4mTr2oywl2RlKe58iMbpPVwZ27jdw5jaOfcM9Rj4DMte5KyOriM4a+g9UK3pN661mqMI404DjbBN5+DSZ8/emyHNgcXLGLIaiZyYGW71lVXURTkon7oJGe+Kch5Ajs2vTYh9DhDCWF7G24BtLKwi8UxRB1SGYYwkfDzgLppjCk0KkY0HGnMXCljPUqKLoHF92ZTcCWcc7BpQ806PO2WdVotM5k4=
X-MS-TrafficTypeDiagnostic: SN1PR12MB0157:
X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0157;
	20:dcjArhRmJp3fsFtaiYkd6Ck++m2rwqrLMPrx5RwHZYDngdDsDtfmbInCgI0iOiINmgf5+bc3sM3MhqLmZRuj8r0pnfw2iDoPkrBbMRoXjYyL0Y8Hg7N61Vmd5XgOgHEtGOArNbjjqAbc6fXPl9bY6dznurNn67zXlXkBNMpbmj8ez00AlLPYpztg8zkJzOcAXEhyAq318U8SrbaUgwDFAShLfwmFA+F/NVv1f6p9HDHK2r4FOM2prhW7zLqsWkAtVWxpfQ2trNC3ETeF5aJ9tz38SfGzio1AEndUYOs/OUZMovMhQ/Q/1+aFGUU62BER+gU3r50VnQA8OeG5zG+OqBnqQhW55zQUl9l3w6oNIyV7Q7/P6AirE7nSE0Q/B+jlX8v53dnBO2eQQx7apBLEc0Vksz0DrfR3U8gaQUb2a/N3kST9ZqEBbpfJVK6G/iF6rSvRyK66NNtxrM3aof273SpXPhGPogUuDZZxZ2EW7Q97+t6py2gZtyJFxWIb19HZ;
	4:5gXh8p/zY+bUoYIAja7rXSM1eXbZQCUlYzOmzOo00R+3ZTUlJAEVLxpOrWcBlpbykfINyUJrohwQ1ckCwe+WTUn6/GQdJE0CHe9daXVHJVHFFMk1TKxfiJBl//KrcjYtl07Yf/0j4HaczgsHyrvJ5a6rSvXMRuM058UvV4sMTdL1OJX9pLySgI5Rx4HBHg1+3FErgKXX82/A2Ssm9PARI7/cD3antbIlq8mBS24w9Sv4DilbwkA3IcVj+1bmdHYpLvB9PAE45R9beMlD9ffG4rzJmgAJpfC0lqpbawI38bzwx1q6Tn/1yD8tM19WvNu21pZBnI1sKESysZ84O0pXiw==
X-Exchange-Antispam-Report-Test: UriScan:(9452136761055)(767451399110);
X-Microsoft-Antispam-PRVS: 
 <SN1PR12MB01579672350592FDC8D4A884E5430@SN1PR12MB0157.namprd12.prod.outlook.com>
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0;
	RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(3231020)(100000703101)(100105400095)(10201501046)(93006095)(93001095)(3002001)(6055026)(6041248)(20161123555025)(20161123564025)(20161123558100)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123562025)(20161123560025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095);
	SRVR:SN1PR12MB0157; BCL:0; PCL:0;
	RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095);
	SRVR:SN1PR12MB0157;
X-Forefront-PRVS: 0466CA5A45
X-Forefront-Antispam-Report: SFV:NSPM;
	SFS:(10009020)(6009001)(346002)(376002)(39860400002)(199003)(189002)(36756003)(7736002)(68736007)(50466002)(1076002)(478600001)(4326008)(16526018)(316002)(53936002)(6486002)(86362001)(575784001)(305945005)(53416004)(54906003)(50226002)(2351001)(106356001)(101416001)(81166006)(105586002)(8676002)(2361001)(76176999)(2870700001)(2906002)(50986999)(6916009)(23676002)(66066001)(47776003)(6666003)(97736004)(6116002)(2950100002)(189998001)(8936002)(3846002)(33646002)(81156014)(5660300001)(25786009);
	DIR:OUT; SFP:1101; SCL:1; SRVR:SN1PR12MB0157;
	H:ubuntu-010236106000.amd.com; FPR:; SPF:None;
	PTR:InfoNoRecords; A:1; MX:1; LANG:en;
Received-SPF: None (protection.outlook.com: amd.com does not designate
	permitted sender hosts)
X-Microsoft-Exchange-Diagnostics: 
 =?utf-8?B?MTtTTjFQUjEyTUIwMTU3OzIzOmxEUmMxZk5ONkk0YjZnUEVzbzlHdUFUdktB?=
	=?utf-8?B?OWRjdTc0ekNhZ0VsTG5HN3ZodWhvRHpxSTRoMGZGWmYvWGlFbElvNHJaSmhV?=
	=?utf-8?B?TDdleHMrT3o1eXFtaDYrQ2JpRk9mZ1N6Q3gwdkJ5UWdERURabHcyUlF0cllK?=
	=?utf-8?B?OXgzb1VSZlhuVXVsOHVNMGtQMkhyU3QzNEhrOS9DNVJaa2JHRGxwdHBTT29t?=
	=?utf-8?B?YWxlckxmMzBmUVJyMStQdmZwTStTNDhiZHlyTmFKVHJ5TnAvWHpDWGQ4N1Az?=
	=?utf-8?B?R081UWNUZGRvTjMyOW1vWXpSZEhud3VvYmtOMk5KY2FxMHlDTU14OWlzbVdQ?=
	=?utf-8?B?cjlvVjlnbmp6WmdpOE0vT0Z5OUdSODRtbW5FU3lKaFlHMi9mNkJnQ012TVRx?=
	=?utf-8?B?OFlWNDgxc3FPbXJETmJRdEVoa1dmL0U1c3BsMlpPOEp6a3BPMGFTc2NLT21i?=
	=?utf-8?B?OWJwTURnaUF3bUFWY3ZyckhwUTdEWmFGV08rVUNCN3NzOUxNcmV6Vm1xV1Zq?=
	=?utf-8?B?L0RFR1I4dFc5Zlp0cEgyS2puUkxhdVFCVGpQMDVGcTZ0VUQyZHhBQVlYa3k5?=
	=?utf-8?B?TGRETGdjZ3hRMmhRL1lSRjJrVmZqZkxoMzV2eGtDRXV4eHN2YTdDVUxFUXl5?=
	=?utf-8?B?Y1JjTTZEU1hMcDNhbTFXMy9KaTYxT1VHYUxDS2ZqcVp2QmhHN0dYVjRsck5r?=
	=?utf-8?B?ckpCdHA0bkdFT1lOM0FBdTJPc3o2QjlSQVVFK21jQVIwTUJiYldmTVFyNVRw?=
	=?utf-8?B?dzVLWURWejhMZ1lQOEhXQWhnVzAxeENocFNwV1F5RkE1MUJzaitaZGVMN2tx?=
	=?utf-8?B?M24vazdpSDNzd1NQV1RsMldzbjQ5WGhQNGxwRUtjUDFRSEpldEFqd2xRTzdQ?=
	=?utf-8?B?S0xwYlZLQkw1cWZzUFkydkZXUVhyYWVVUWI3MjBOdXBPMWRZRmYxWkpwaVFV?=
	=?utf-8?B?bzBaMGo1MmpPRHYwOSswUndOU1dZaVIyWHk3QnROanZxV1J2Q21OakRZTER0?=
	=?utf-8?B?ZGdrUGRtY0lNVG1zNDY2M1NRL09nNzJWWVU4SS9OYTEwd0NzZUgxSlJCc1Zx?=
	=?utf-8?B?SHhINkIvWmI3RTRBT0VFVGlJbkVlbis1NjEvYmVSdkxybEpYbzVzeGcxbmZt?=
	=?utf-8?B?VHVrcVNmYU5HWDR4aGhRQ2VrK044d3labjZlbGNuUXdIVWJxSWxRR2kyZUcx?=
	=?utf-8?B?dHNzeWdMeUFPRTRjaEJ6ZG9HSm13T3NaY2RKQzNpc04vZGVnM09TZGZwdmJD?=
	=?utf-8?B?V1NUM0hvZHdVKzZXbHBoR0dzUUVldTgzS1FjTExGRS9KbmZ1SnJaekZScjdV?=
	=?utf-8?B?ZWJTek1pek5vUlVQaVgwYTdtNExFMkNWMkY4dlZoQzg3d08zMEErWVh0cjlG?=
	=?utf-8?B?SkdqRXpwWE04R2E5bGtGeitMc2pNS1pVVldPSGdJczQzSkdtdnpuaWQ3Wkdu?=
	=?utf-8?B?YXV0VExvUG53dzRlUDJIWjJiS2tJaHNKMUdJMElnS2lUKyt2VjVOdFFaRkNm?=
	=?utf-8?Q?AWv4j4jVWanic8jI5pI3XO2ZrJ2riKdcEWEBkU3/YnR3PF?=
X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0157;
	6:s1j24eeE6vFFqjBo1QdGHRWMKXi8pTDlyqph2S/bGKXEceyLXdkWNuUYOzrr9x3tW1p9uzvnwKoLbV78+nCZkCID5qGuuofDljj0BwNO9yAQ6d3CR4t0aQJdHPQppJSGB0s4+indnWDnt8gD4cpDTeN1OJJZ5l/JeGZb0sDkMpTuZtSypQJ8+BE2oXom1oKaDo9ifZ2TbWP6ydPw6wY5FPo6/qDO7HGN/gaY5mHIt6CMa2aLsDGDFrNymYeiIoz3DGTdz44gmh7wu4iMhO5XTx7J7gQwYI4Aeot10rA7QFjqkKCCTIIRx4NGUuR00Ptir1RseaN6Qq2/aScMojWylw==;
	5:ghFBSnbF3xGJMcKRrIJGN5mO9Dn4tjD0bO2XC3ucpqLIOcIFEBa8Qwdow4hKXCNabmSZkTAQNYm3YE74jxpAzzzlxDXzi9nPAXbNqi2ACqN3Ofym6pkvSNNqy15tbvKaJakX3TeB5+z0KoXTGqSYWA==;
	24:3WV+rNqedv7RLpUpWeoWdJpUj1cTOfDUG+MpE5AxhQk2RaxuOCqCWZmMpvGSRDrIZVEkIq97/ZaopOANu5HS/lDmmo/13kRL571a39OscDM=;
	7:n/holvYLH1J0FGhkRvEbFbkHgcaq+iKWDR+c0qDARkFWLld+q8IGKBXsEpz28RWjpHz+V9C7gRAXENqC1hLXTLveR5VabEuKIPJvYDmkjYGEby6TXALGGMp/9oE594AAPTtwE+WIb+VMGuTWXL23V5+bix79UzbAFF3GjSvS7ToHIzmLI02vJxRk7w4KRfH45nOF1IzZ+jXw5UWT7g/46UbSa9NKLeVAApBKXdTB2Zw=
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0157;
	20:4USn9gZ8lzcSexQrNSZ287ydwaM4HhnwuGm7Pnhyth+rX7lx3P9ylg4zwHR7CJvwd2pBIvpgrPOvyH6Lu3w80RdF+/a6CShwVhlNyf5TjSPrm5Ogg8DNr9oY0c2HoYpH3M3gXeR7LrEJhbg1BVCC/4sJFR7DKlXvArIxxJ8dW+u0DkcT4+DiHV0Bh4AISgvZQ9hsGIyD4UDiBoOkXGihVOgfwniHoWWWz6v9dcWqnX00RKpyzbpVGNZXeXoZjjZb
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Oct 2017 02:35:07.0967
	(UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 31c8ea34-3ddd-47dc-2192-08d517632e1d
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB0157
Sender: linux-crypto-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

The SEV_PEK_CSR command can be used to generate a PEK certificate
signing request. The command is defined in SEV spec section 5.7.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: "Radim Krčmář" <rkrcmar@redhat.com>
Cc: Borislav Petkov <bp@suse.de>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Gary Hook <gary.hook@amd.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: linux-crypto@vger.kernel.org
Cc: kvm@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
 drivers/crypto/ccp/psp-dev.c | 69 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 69 insertions(+)

diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c
index d9771d104eea..26a365c9b0e0 100644
--- a/drivers/crypto/ccp/psp-dev.c
+++ b/drivers/crypto/ccp/psp-dev.c
@@ -213,6 +213,72 @@ static int sev_ioctl_do_pek_pdh_gen(int cmd, struct sev_issue_cmd *argp)
 	return ret;
 }
 
+static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp)
+{
+	struct sev_user_data_pek_csr input;
+	struct sev_data_pek_csr *data;
+	void *blob = NULL;
+	int ret, err;
+
+	if (copy_from_user(&input, (void __user *)argp->data, sizeof(input)))
+		return -EFAULT;
+
+	data = kzalloc(sizeof(*data), GFP_KERNEL);
+	if (!data)
+		return -ENOMEM;
+
+	/* userspace wants to query CSR length */
+	if (!input.address || !input.length)
+		goto cmd;
+
+	/* allocate a physically contiguous buffer to store the CSR blob */
+	if (!access_ok(VERIFY_WRITE, input.address, input.length) ||
+	    input.length > SEV_FW_BLOB_MAX_SIZE) {
+		ret = -EFAULT;
+		goto e_free;
+	}
+
+	blob = kmalloc(input.length, GFP_KERNEL);
+	if (!blob) {
+		ret = -ENOMEM;
+		goto e_free;
+	}
+
+	data->address = __psp_pa(blob);
+	data->len = input.length;
+
+cmd:
+	ret = sev_platform_init(NULL, &argp->error);
+	if (ret)
+		goto e_free_blob;
+
+	ret = sev_do_cmd(SEV_CMD_PEK_CSR, data, &argp->error);
+
+	/*
+	 * If we query the CSR length, FW responded with expected data
+	 */
+	input.length = data->len;
+
+	if (blob) {
+		if (copy_to_user((void __user *)input.address, blob, input.length))
+			ret = -EFAULT;
+	}
+
+	if (sev_platform_shutdown(&err)) {
+		ret = -EIO;
+		argp->error = err;
+	}
+
+	if (copy_to_user((void __user *)argp->data, &input, sizeof(input)))
+		ret = -EFAULT;
+
+e_free_blob:
+	kfree(blob);
+e_free:
+	kfree(data);
+	return ret;
+}
+
 static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg)
 {
 	void __user *argp = (void __user *)arg;
@@ -242,6 +308,9 @@ static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg)
 	case SEV_PDH_GEN:
 		ret = sev_ioctl_do_pek_pdh_gen(SEV_CMD_PDH_GEN, &input);
 		break;
+	case SEV_PEK_CSR:
+		ret = sev_ioctl_do_pek_csr(&input);
+		break;
 	default:
 		ret = -EINVAL;
 		goto out;