From patchwork Mon Oct 23 21:55:19 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 10023257 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id F269660381 for ; Mon, 23 Oct 2017 21:55:38 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E45F7285EE for ; Mon, 23 Oct 2017 21:55:38 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id D8A2B28620; Mon, 23 Oct 2017 21:55:38 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E879E285EE for ; Mon, 23 Oct 2017 21:55:37 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932213AbdJWVzg (ORCPT ); Mon, 23 Oct 2017 17:55:36 -0400 Received: from mail-by2nam01on0078.outbound.protection.outlook.com ([104.47.34.78]:62941 "EHLO NAM01-BY2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S932206AbdJWVze (ORCPT ); Mon, 23 Oct 2017 17:55:34 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=GlkF6zSV0O5gfrEWtOtcNO4AC0AiejM33Jj0VXtkCrY=; b=irv5mXEJbraEObtVYj+93ZvFto5xacZ0YbDsE9WOfTX00eELXmRJZrKYjtZcs5xhyV3Leq5Bl2513GM1CgEzfHMhUvKPKGRHG+qa0T16SU1CeMLm9JfFvgUQ2lv+AZVBOIRraCVkg4okKgUG83LLyS6lh+6UB5SRkHmm/DR/YYc= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from ubuntu-010236106000.amd.com (165.204.78.1) by SN1PR12MB0159.namprd12.prod.outlook.com (10.162.3.146) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.156.4; Mon, 23 Oct 2017 21:55:31 +0000 From: Brijesh Singh To: Borislav Petkov Cc: Brijesh Singh , Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Borislav Petkov , Herbert Xu , Gary Hook , Tom Lendacky , linux-crypto@vger.kernel.org, kvm@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [Part2 PATCH v6.1 16/38] crypto: ccp: Implement SEV_PEK_GEN ioctl command Date: Mon, 23 Oct 2017 16:55:19 -0500 Message-Id: <20171023215519.32512-1-brijesh.singh@amd.com> X-Mailer: git-send-email 2.9.5 In-Reply-To: <20171020023413.122280-17-brijesh.singh@amd.com> References: <20171020023413.122280-17-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: DM5PR10CA0009.namprd10.prod.outlook.com (10.172.33.19) To SN1PR12MB0159.namprd12.prod.outlook.com (10.162.3.146) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 360917c1-1e0c-4b70-1fd7-08d51a60c819 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(48565401081)(4534020)(4602075)(4627075)(201703031133081)(201702281549075)(2017052603199); SRVR:SN1PR12MB0159; X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0159; 3:NQqUn5rch1UuGrA4N0+MR4SnUD+RbACMoqbbLlT2WhzVwWPXX8TC8WLIiSn+zApCxI9vlldgup3zQSFABxYBicUfSBAQ0txDGFDToqqV7RWdCRktXXnPMlJSmmE6W2UZ6dfOCv/Pw495B7YqeJnw/euQkmFm0URVFzfJ4dEPq6W3c+KBwkXKjMhqTuRKNrIYNMcKgoVnPc04mttjT3AzUje7wYpHMVpraUcqV2E4n+rLNfPzcYKKgMktkldYk8d+; 25:C9jSjtKey3j5PEAH1cufk6AkSNtyKa1bdGQJBZnEkN6gexdNGWmPhlBLIy+wfzZugmIIl7hqMetsVh1kIiupHoyffJutoJG0o5lbwVLuekqPf1Osf2ZxJCFl3q2lP09a94BcVq/d8KtBcllOUhCqQV+gDxLGWBewASnLJtffvoJvVid8i/myrIl9Jpx/ggIqSlbDxLxgh39qsnfP5YO33Axl5pFxkxsYNWzg8Xa+hOhcBJr0pF1c24T4HNke1Fu9VuiNSSKetE9ieKiBNez8iPfQ2g/GzPq22TP+b8cxYdhyfLZDLf8n03gUEglrzziO1eAYB5v7rVox5TpYYjNf6A==; 31:a6aGleVvBB88O9VexZ5/s9h+VWCr5guvSkrpABuLfCC9ve/mXT1wU1g8CUVxzVajY4lO+9f6ZCb0jCioLrBxvoB64am4+o0OuQ+gRlVmSghQZ5nxTfFMorC+ZMSdqipSGOM3BEysXI3qQw1DKEdu+v3Va8aF45e1kNmMl6c+2MzgIFfYCWceY/4MG5p+U0hmD4rYLqZd5TcZerDOGzegs2v6qdcjUnuFLZZ3nLgk0p8= X-MS-TrafficTypeDiagnostic: SN1PR12MB0159: X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0159; 20:vF27g2XHPRfFesT0UiiRFkexP6gH8Tf4i7ZkL8XF2+LAqLAC7H9Pj10v+IHf4NVrXuqZd+VPHpOrLQfXxs1OG7ld88kkssKHxSg2AmwOS9HG30GcWfLAzmdWzrBtqwazAwLuxPrAD7dJsMeIFv7jOdExMdq6CIYURugd2iFPOhWTKePR0Lv1qGBJAYWpwhRbJTIVgTqm0gg+oDVAtNbb4o0ejt2hGW4prVqMZ9OUBFPnND4TkUNxXiYCGUY4UJODvhLMjrf5gY8Bpizl0jdzBAbKMORpEfH1Am3UTkixECyo8qfXXGSt8jjyq0Bye6HzAHD2NAqX+tlDCuXQplx8ga0mlVDxj3uwaDBYcJ1Q6B7YqAYG59K+GKkxbCZuDeys0ugLWpk/Q+sGtM1wzg2JkzZjQBqP9FuZcdSSnDzGhPZmy/iF22al7tKB3RYPtAHFFY63HpewMkPe1y91a3NsB40P3y4mwiohNOL82730fUy8GEZinWDsw7LO9dwbF4iq; 4:1g2P1ir9kAof82x5voNh1D+VdmCfoKy4kC48mhXCP7IYPaZEUKszML8HXQzhXy4QLPTqo3JCik2mfFJs426JS8K/NxB8TZvU4a26N7RNY/a0o/JqEQyhoOARF5lfpyHZErtzOj/A0PngQgS73K/sjJ52BWpoD2nQJF10PVwrqbKU6NEpvLKO0nu+Qj8RxmAd7hbZewkvMM6RUuaUAPGOTVfRZJ71BUcP+RSrDWLoZMG7cshJBBoqtum8ne87l4kq9f8XVeB2rSpGnkNj8gPa3AfJ2A0Zq7hRCybYPRISCwiFnJc1WeYfpJl17TjidklQ X-Exchange-Antispam-Report-Test: UriScan:(9452136761055)(767451399110); X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(93006095)(93001095)(100000703101)(100105400095)(10201501046)(3231020)(3002001)(6055026)(6041248)(20161123558100)(20161123560025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123562025)(20161123555025)(20161123564025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:SN1PR12MB0159; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:SN1PR12MB0159; X-Forefront-PRVS: 046985391D X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(6009001)(376002)(346002)(39860400002)(199003)(189002)(305945005)(7736002)(4326008)(68736007)(101416001)(53936002)(50226002)(81166006)(50986999)(8676002)(8936002)(81156014)(76176999)(106356001)(97736004)(23676002)(105586002)(54906003)(33646002)(316002)(16526018)(66066001)(47776003)(53416004)(2906002)(2870700001)(478600001)(6486002)(3846002)(25786009)(189998001)(6116002)(2950100002)(6916009)(50466002)(5660300001)(6666003)(1076002)(36756003)(86362001); DIR:OUT; SFP:1101; SCL:1; SRVR:SN1PR12MB0159; H:ubuntu-010236106000.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtTTjFQUjEyTUIwMTU5OzIzOi9UbHhQQlpwSXpraDlGeENYQkdpcFBFWVVX?= =?utf-8?B?T0FCemRxTm1pZ20xT0xRdGEzODA4ejlsdTlpempMOUVVWmJXbkw2Tm1hV0d5?= =?utf-8?B?cE05VENOMFJ5SFF1R1JUTTJZeVNqRXZ2enZLd2ZldzZDMzF2QTlNblB1ZnNE?= =?utf-8?B?bWVXN3FNcmhTNElKYVZFWVVCUXlWekliV2Erb1V2d0tJb3VsNnZRNjA0MEhQ?= =?utf-8?B?cCswSHJ6M1JPRElVdEorTFIwTW91Njd3RnJwaFZiM21FTUhONk50eWhpUmli?= =?utf-8?B?aHQ3R3B6YWMyRmlscVJUMXExMG1KUDZnTDFrQlhnVC9vYXI2YVhhMnRKbEpk?= =?utf-8?B?eGh4M2VVamJrcXVrMDdwamNzckNIaWN0VHUwRVlVTUpnZU1oUDhsT1hJRGhX?= =?utf-8?B?MmFETGJZa2JrbjIwdXhISThqTzNEOExGa2NVc21YTFRLT21GQ2J4QjJFM0p0?= =?utf-8?B?ZVJETXlIdHNEZk5BQWJFZGNWbnQwUENTdGlrbVZqVUxRNFZ3T09VaDZlNGtC?= =?utf-8?B?MzZUek5tS1hQMXB1YVBUNStQaUl3cFVPbXFlSHozUDYrNVVnOEFNcWNnR2tT?= =?utf-8?B?SXFHZzN1SnlGa09FVGo5QzVONEFVMEdpWjkzYldBNkR2SVIxc0cveW94M1Jm?= =?utf-8?B?VUc4ak9MS1dhNE1saTlzNTI5SjFWL2E0Z2ZFdEcydGdwOEVlZG9SNkhNNWd5?= =?utf-8?B?SHp2Rkh6aUJGem9pYXpTRmZ1MHc5QnVLWDNtNFhlYkpKejNmMGJSWkNqUXM5?= =?utf-8?B?YzZEdUhyZGNwSlpURTFGTlNFNmZiZkxSTFEwd2xMUlRkaVAxaHdFanhtWXZB?= =?utf-8?B?RlRWQWtpSHJFeldJZjFubFVRREFnUGdiNkI3MEtSbFl0RWZSUXJyYnJEM0o3?= =?utf-8?B?bU94SUV0dURhYnVqRmViTGNrNjRVZ29uL0FJaWREcEI2V0tuVCswVHkrcms1?= =?utf-8?B?WHhDbWtDZTg0eGlKOFBFR1lXbE1wQXBLeVBBMXFVQUIzOWlCS1I4TUdGTUh2?= =?utf-8?B?RUJvWWlIamhoWWFXY0tYL2FYSWEwZE9oNVdjbG0yNkRFb3k4TmN6R1N3QnNi?= =?utf-8?B?ZEFEclg2b3hBb1J5RmhCTkVYbFR2ZVhEaGJBTXlPeFRIbHFiOGJrQUI5Ymlz?= =?utf-8?B?b2gvNXViL1JqV2hOeDVOUFRnNGExVmlONENNaHRuMTFHNTBCc09hR3VXRHhk?= =?utf-8?B?NEFCMGhPNzJRNXF3TVRrNnl2NUNXZExzVnlLaVpLeHp3S0UzeXBUZUJjdHE5?= =?utf-8?B?bTVwQUd0Ny9wNUtGWDlQV1FISHhlbnFCMElnY0doTk9WdWtnRXJnaHZVbmU5?= =?utf-8?B?eVpKTXNFb3dJdm9JMW01QllEcDFqZHpEcDBFamE5SmlmdWpnQlNxWFlIN2sz?= =?utf-8?B?NkhkYjN5bmU0N1hINXREZVVJWnByb2txdHN4L3cvTnBQMnZndjV2VWZQcFpF?= =?utf-8?Q?Y/IHiXLfvvOvTBg4AaWH1Fw1TqT?= X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0159; 6:ujuXP1G5qWbV49+RCxjFS/jCLiRvyqO5td/Sic05Lrkt5RVrDE3g+diLvuu8wkqEiIRMr178FtHcNPsmdrhoEIqh4pzp+KV4LN0WUNwPnUWvP9tKsF3fdSS8bI3vzdoHk+OVThyu3+G0TG/Z69clDdz6W8vBk1s2lPA/9iGDThjPiVg355VfcMVOxz02beRcvTX02jBZKvIVUVtBZVTgltsfZHaE2V1GZcOinwsCx+4jYPDTCIDFp8+tilyuYOzb+ZbGGvTqrh1UtUPjbFJbjeHhnHEj8Z/pTdMEWGFwpkZU2r/Q7E0QyUgPy5w1nC+FOHEDHFqISf0DR521U44Ryw==; 5:nvNKW2CiPzLc1pdgETEZ/cITm1FIqOpJM5KDlWQS/ZRb9EzQy350FT5koBN9wJC3Kk88yASKTBijxgEDnrlhVgSqbpH0wwpgcDSOkZeb3bekVHy0B9K+RoyDGu4arA7f5dgMConuO0j2Aws9A2Njpw==; 24:U2Pa1BqmXUVrb2BzkzAzeceRy0mzQGcV06jNLhu2zAqolEioFZoPt+9t7XSMOhQUikpjgtSCRFIhJcsGxzO8k42rBvL5tbrpctatF38UT6s=; 7:9orXyJVahB8cmiBFwm0RLrB2LyH48xJ2VI0CS1HuXWGuOea8dPJyVeFe1apmimh1XLpmQx4BH17hSJyNmiescvBTXHL3WnZUFvQ9TMkt6QEv4Bq/Qf9JDpYCdYc6xdxjTbVQnCatP/HpdjFeCDTzRYD4ocKyTNnMT0VPztkws0gjGJlq7rgZLUFPlPDYpJ0lue48OGcbS+RG8Z44LooSkNQhQV1XscqinU/YGyTMT0s= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0159; 20:BisiZdwLVMy4HTSdnLGuw2zQP9J2Nf1QSCRLtZsxTOkHVnsfug7oKd8F7H8j4lVK+vbg/UORcfzoO1v+6HmC0qUV3GeQhd/WZaisRjdhJHH44jaA72hHSVDcM7j7BiJU45RLh+e2hli75f9Fe08C+njIrYUlKuq3uNMcfoEuvw1DTkYH/b3WBgq+jtZ+CrQT6oF3vGGZ764jFDlspH3Sd/p7m/7e0GeZw4pAlhlJ9Bk3cijEO1Bs7wlcXcSCq4kF X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Oct 2017 21:55:31.2971 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 360917c1-1e0c-4b70-1fd7-08d51a60c819 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB0159 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP The SEV_PEK_GEN command is used to generate a new Platform Endorsement Key (PEK). The command is defined in SEV spec section 5.6. Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu Cc: Gary Hook Cc: Tom Lendacky Cc: linux-crypto@vger.kernel.org Cc: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: Brijesh Singh Acked-by: Gary R Hook Reviewed-by: Borislav Petkov --- Changes since v6: * when sev_do_cmd() and sev_platform_shutdown() fails then propogate the error status code from sev_do_cmd() because it can give us much better reason for the failure. drivers/crypto/ccp/psp-dev.c | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c index dd4bab143de9..18e2d8291997 100644 --- a/drivers/crypto/ccp/psp-dev.c +++ b/drivers/crypto/ccp/psp-dev.c @@ -195,6 +195,34 @@ static int sev_ioctl_do_platform_status(struct sev_issue_cmd *argp) return ret; } +static int sev_ioctl_do_pek_pdh_gen(int cmd, struct sev_issue_cmd *argp) +{ + int ret, err; + + ret = sev_platform_init(NULL, &argp->error); + if (ret) + return ret; + + ret = sev_do_cmd(cmd, 0, &argp->error); + + if (sev_platform_shutdown(&err)) { + /* + * If both sev_do_cmd() and sev_platform_shutdown() commands + * failed then propogate the error code from the sev_do_cmd() + * because it contains a useful status code for the command + * failure. + */ + if (ret) + goto done; + + argp->error = err; + ret = -EIO; + } + +done: + return ret; +} + static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) { void __user *argp = (void __user *)arg; @@ -218,6 +246,9 @@ static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) case SEV_PLATFORM_STATUS: ret = sev_ioctl_do_platform_status(&input); break; + case SEV_PEK_GEN: + ret = sev_ioctl_do_pek_pdh_gen(SEV_CMD_PEK_GEN, &input); + break; default: ret = -EINVAL; goto out;