diff mbox series

[v3,4/4] crypto: ccp: When TSME and SME both detected notify user

Message ID 20220331211213.2844-5-mario.limonciello@amd.com (mailing list archive)
State Accepted
Delegated to: Herbert Xu
Headers show
Series Export PSP security attributes | expand

Commit Message

Mario Limonciello March 31, 2022, 9:12 p.m. UTC
CC_ATTR_HOST_MEM_ENCRYPT is used to relay that memory encryption has been
activated by the kernel.

As it's technically possible to enable both SME and TSME at the same time,
detect this scenario and notify the user that enabling TSME and SME at the
same time is unnecessary.

Signed-off-by: Mario Limonciello <mario.limonciello@amd.com>
---
v2->v3:
 * Remove extra whitespace
 * Reword comment
v1->v2:
 * Reword notice about TSME/SME
 * Use cc_platform_has instead
---
 drivers/crypto/ccp/psp-dev.c | 6 ++++++
 1 file changed, 6 insertions(+)

Comments

Tom Lendacky April 5, 2022, 9:06 p.m. UTC | #1
On 3/31/22 16:12, Mario Limonciello wrote:
> CC_ATTR_HOST_MEM_ENCRYPT is used to relay that memory encryption has been
> activated by the kernel.
> 
> As it's technically possible to enable both SME and TSME at the same time,
> detect this scenario and notify the user that enabling TSME and SME at the
> same time is unnecessary.
> 
> Signed-off-by: Mario Limonciello <mario.limonciello@amd.com>

Acked-by: Tom Lendacky <thomas.lendacky@amd.com>

> ---
diff mbox series

Patch

diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c
index a3b7b5130be4..c9c741ac8442 100644
--- a/drivers/crypto/ccp/psp-dev.c
+++ b/drivers/crypto/ccp/psp-dev.c
@@ -74,6 +74,12 @@  static unsigned int psp_get_capability(struct psp_device *psp)
 	}
 	psp->capability = val;
 
+	/* Detect if TSME and SME are both enabled */
+	if (psp->capability & PSP_CAPABILITY_PSP_SECURITY_REPORTING &&
+	    psp->capability & (PSP_SECURITY_TSME_STATUS << PSP_CAPABILITY_PSP_SECURITY_OFFSET) &&
+	    cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT))
+		dev_notice(psp->dev, "psp: Both TSME and SME are active, SME is unnecessary when TSME is active.\n");
+
 	return 0;
 }