Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp2128862yba; Mon, 15 Apr 2019 05:38:57 -0700 (PDT) X-Google-Smtp-Source: APXvYqw63mfE5fRwyk1JnV9W/Ro7nbrzWVe7eUIc/KArG7w2ozJm0xjnKONKfdLGoRzlBf1MW34h X-Received: by 2002:aa7:9089:: with SMTP id i9mr76505350pfa.115.1555331937172; Mon, 15 Apr 2019 05:38:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1555331937; cv=none; d=google.com; s=arc-20160816; b=OpYbt6Ddz+8uQV9Wex0Zgd+pQFNfkrvyF4z/GsK8y928kpxD4yO6Mj/4F/F/5UyPR+ CpT8isrkUuAV8Xp/5exxWx9elfW1GAby0T0XMZp/vyutAfg9MJlomY8ux1CZEi59wdb6 ps+VF23+y/6HswT8sjBLeV+VQPQ7GZfD+F60BLbYDX6MeELcGLnGG40zirlcY3VJdU88 tCBHk6rdS2GbU9EF+m9fMaoZBQVwGv/l4ssiPkWbgHfU+o6V+wym0TbkziHANU/lbTnZ ChyttBfn28ippd6ErVFr3Ga0mNrzRejYch/1b4LKM7TYyrTcIf5pUlC3dg0IhnlslS1T h75w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from; bh=QuifAme32twzPWBV453jhUt06hZcQwjebnFCHgWWVKU=; b=xwH7/ZC4hm7B1vkg9lUv8cN4sAupkBPNoreA3uPgcokuUHsM+btsr6efiuuBjSVHtS rAZJb42JBKrxEmLBtgmSPer+Dm4EHlcD5usaWjHmc7X7MY6eh3fDj6j5N+s0Vihn2FXr ltBM/Ss39ZKHNyVY3OK5A1FnUtZly9vq/nLYWjoyTiOGIFNBcYyvaIfrTbwyD4w2hBNV lCP1Oin9Yz/NKFEj7P8BCIRRCkt0lVMZIbOYMz8T3/5oGQR3Fcmos3lGmJcg/4I7Laxg AUC2FNE/poT5dPVfgiKZCqIolqCYX8C3Znf4AJgSJ9tZJ3Kyw0QkGmonsg0a0syYk0+2 kSfw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=hygon.cn Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b40si45842221pla.277.2019.04.15.05.38.40; Mon, 15 Apr 2019 05:38:57 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=hygon.cn Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727522AbfDOMhO (ORCPT + 99 others); Mon, 15 Apr 2019 08:37:14 -0400 Received: from [110.188.70.11] ([110.188.70.11]:40560 "EHLO spam1.hygon.cn" rhost-flags-FAIL-FAIL-OK-FAIL) by vger.kernel.org with ESMTP id S1727513AbfDOMhN (ORCPT ); Mon, 15 Apr 2019 08:37:13 -0400 Received: from spam1.hygon.cn (localhost [127.0.0.2] (may be forged)) by spam1.hygon.cn with ESMTP id x3FCAnZR027062; Mon, 15 Apr 2019 20:10:49 +0800 (GMT-8) (envelope-from fenghao@hygon.cn) Received: from MK-DB.hygon.cn ([172.23.18.60]) by spam1.hygon.cn with ESMTP id x3FC81TD026732; Mon, 15 Apr 2019 20:08:01 +0800 (GMT-8) (envelope-from fenghao@hygon.cn) Received: from cncheex02.Hygon.cn ([172.23.18.12]) by MK-DB.hygon.cn with ESMTP id x3FC7sc5053956; Mon, 15 Apr 2019 20:07:54 +0800 (GMT-8) (envelope-from fenghao@hygon.cn) Received: from harry-Inspiron-5675.higon.com (172.23.18.44) by cncheex02.Hygon.cn (172.23.18.12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1466.3; Mon, 15 Apr 2019 20:07:58 +0800 From: Hao Feng To: "'Joerg Roedel '" , "'Paolo Bonzini '" , =?UTF-8?q?=27=20Radim=20Kr=C4=8Dm=C3=A1=C5=99=20=27?= , "'Thomas Gleixner '" , "'Ingo Molnar '" , "'Borislav Petkov '" , "' H. Peter Anvin '" CC: "'Zhaohui Du '" , "'Zhiwei Ying '" , "'Wen Pu '" , Hao Feng , , , Subject: [PATCH 6/6] KVM: SVM: Add support for KVM_SEV_GM_VERIFY_DIGEST command Date: Mon, 15 Apr 2019 20:04:28 +0800 Message-ID: <1555329868-17895-7-git-send-email-fenghao@hygon.cn> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1555329868-17895-1-git-send-email-fenghao@hygon.cn> References: <1555329868-17895-1-git-send-email-fenghao@hygon.cn> MIME-Version: 1.0 Content-Type: text/plain X-Originating-IP: [172.23.18.44] X-ClientProxiedBy: cncheex02.Hygon.cn (172.23.18.12) To cncheex02.Hygon.cn (172.23.18.12) X-MAIL: spam1.hygon.cn x3FC81TD026732 X-DNSRBL: Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The command is used to send guest owner's key digest to SEV firmware, firmware will check the key digest to see if the key negotiation is successful or not. Signed-off-by: Hao Feng Signed-off-by: Pu Wen --- arch/x86/kvm/svm.c | 47 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c index f8e7042..4dbdccf 100644 --- a/arch/x86/kvm/svm.c +++ b/arch/x86/kvm/svm.c @@ -7015,6 +7015,50 @@ static int sev_gm_get_digest(struct kvm *kvm, struct kvm_sev_cmd *argp) return ret; } +static int sev_gm_verify_digest(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + void __user *digest = (void __user *)(uintptr_t)argp->data; + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct sev_data_gm_verify_digest *data = NULL; + struct kvm_sev_gm_verify_digest params; + void *digest_blob = NULL; + int *error = &argp->error; + int ret; + + if (!sev_guest(kvm)) + return -ENOTTY; + + if (copy_from_user(¶ms, digest, sizeof(params))) + return -EFAULT; + + data = kzalloc(sizeof(*data), GFP_KERNEL); + if (!data) + return -ENOMEM; + + if (params.uaddr) { + digest_blob = psp_copy_user_blob(params.uaddr, params.len); + if (IS_ERR(digest_blob)) { + ret = PTR_ERR(digest_blob); + goto e_free; + } + + data->address = __psp_pa(digest_blob); + data->len = params.len; + } + + data->handle = sev->handle; + ret = sev_issue_cmd(kvm, SEV_CMD_GM_VERIFY_DIGEST, data, error); + if (ret) + goto e_free_digest; + +e_free_digest: + kfree(digest_blob); +e_free: + kfree(data); + + return ret; +} + static int svm_mem_enc_op(struct kvm *kvm, void __user *argp) { struct kvm_sev_cmd sev_cmd; @@ -7059,6 +7103,9 @@ static int svm_mem_enc_op(struct kvm *kvm, void __user *argp) case KVM_SEV_GM_GET_DIGEST: r = sev_gm_get_digest(kvm, &sev_cmd); break; + case KVM_SEV_GM_VERIFY_DIGEST: + r = sev_gm_verify_digest(kvm, &sev_cmd); + break; default: r = -EINVAL; goto out; -- 2.7.4