Dynamic boost control is a feature of some SoCs that allows
an authenticated entity to send commands to the security processor
to control certain SOC characteristics with the intention to improve
performance.
This is implemented via a mechanism that a userspace application would
authenticate using a nonce and key exchange over an IOCTL interface.
After authentication is complete an application can exchange signed
messages with the security processor and both ends can validate the
data transmitted.
This series includes a test suite that can be run on real hardware
to ensure that the communication works as expected. This can also be
used for an application to model the communication path.
Two sysfs files are introduced for reading the PSP bootloader version
as well as TEE version which can be useful data points for debugging
communication problems.
---
v3->v4:
* Pick up tags
* Move ioctl calls into a shared library used by python ctypes
Mario Limonciello (11):
crypto: ccp: Rename macro for security attributes
crypto: ccp: Add support for displaying PSP firmware versions
crypto: ccp: Add bootloader and TEE version offsets
crypto: ccp: move setting PSP master to earlier in the init
crypto: ccp: Add support for fetching a nonce for dynamic boost
control
crypto: ccp: Add support for setting user ID for dynamic boost control
crypto: ccp: Add support for getting and setting DBC parameters
crypto: ccp: Add a sample library for ioctl use
crypto: ccp: Add a sample python script for Dynamic Boost Control
crypto: ccp: Add unit tests for dynamic boost control
crypto: ccp: Add Mario to MAINTAINERS
Documentation/ABI/testing/sysfs-driver-ccp | 18 ++
MAINTAINERS | 12 +
drivers/crypto/ccp/Makefile | 3 +-
drivers/crypto/ccp/dbc.c | 250 +++++++++++++++++++
drivers/crypto/ccp/dbc.h | 56 +++++
drivers/crypto/ccp/psp-dev.c | 19 +-
drivers/crypto/ccp/psp-dev.h | 1 +
drivers/crypto/ccp/sp-dev.h | 7 +
drivers/crypto/ccp/sp-pci.c | 96 +++++++-
include/linux/psp-platform-access.h | 4 +
include/uapi/linux/psp-dbc.h | 147 ++++++++++++
tools/crypto/ccp/.gitignore | 1 +
tools/crypto/ccp/Makefile | 13 +
tools/crypto/ccp/dbc.c | 72 ++++++
tools/crypto/ccp/dbc.py | 64 +++++
tools/crypto/ccp/dbc_cli.py | 134 +++++++++++
tools/crypto/ccp/test_dbc.py | 266 +++++++++++++++++++++
17 files changed, 1146 insertions(+), 17 deletions(-)
create mode 100644 drivers/crypto/ccp/dbc.c
create mode 100644 drivers/crypto/ccp/dbc.h
create mode 100644 include/uapi/linux/psp-dbc.h
create mode 100644 tools/crypto/ccp/.gitignore
create mode 100644 tools/crypto/ccp/Makefile
create mode 100644 tools/crypto/ccp/dbc.c
create mode 100644 tools/crypto/ccp/dbc.py
create mode 100755 tools/crypto/ccp/dbc_cli.py
create mode 100755 tools/crypto/ccp/test_dbc.py
base-commit: 134e0dc6b73ab7e99464182356a8b3fa4ea3b499
--
2.34.1
The bootloader and TEE versions are stored in registers that can be
accessed from sysfs. This exports the information for recent client
and datacenter parts.
Acked-by: Tom Lendacky <[email protected]>
Signed-off-by: Mario Limonciello <[email protected]>
---
v2->v3:
* Pick up tag
---
drivers/crypto/ccp/sp-pci.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/drivers/crypto/ccp/sp-pci.c b/drivers/crypto/ccp/sp-pci.c
index 6c93577950c7..205b93d229a9 100644
--- a/drivers/crypto/ccp/sp-pci.c
+++ b/drivers/crypto/ccp/sp-pci.c
@@ -423,6 +423,7 @@ static const struct tee_vdata teev1 = {
.cmdbuff_addr_hi_reg = 0x1054c, /* C2PMSG_19 */
.ring_wptr_reg = 0x10550, /* C2PMSG_20 */
.ring_rptr_reg = 0x10554, /* C2PMSG_21 */
+ .info_reg = 0x109e8, /* C2PMSG_58 */
};
static const struct tee_vdata teev2 = {
@@ -448,6 +449,7 @@ static const struct platform_access_vdata pa_v2 = {
static const struct psp_vdata pspv1 = {
.sev = &sevv1,
+ .bootloader_info_reg = 0x105ec, /* C2PMSG_59 */
.feature_reg = 0x105fc, /* C2PMSG_63 */
.inten_reg = 0x10610, /* P2CMSG_INTEN */
.intsts_reg = 0x10614, /* P2CMSG_INTSTS */
@@ -455,6 +457,7 @@ static const struct psp_vdata pspv1 = {
static const struct psp_vdata pspv2 = {
.sev = &sevv2,
+ .bootloader_info_reg = 0x109ec, /* C2PMSG_59 */
.feature_reg = 0x109fc, /* C2PMSG_63 */
.inten_reg = 0x10690, /* P2CMSG_INTEN */
.intsts_reg = 0x10694, /* P2CMSG_INTSTS */
@@ -463,6 +466,7 @@ static const struct psp_vdata pspv2 = {
static const struct psp_vdata pspv3 = {
.tee = &teev1,
.platform_access = &pa_v1,
+ .bootloader_info_reg = 0x109ec, /* C2PMSG_59 */
.feature_reg = 0x109fc, /* C2PMSG_63 */
.inten_reg = 0x10690, /* P2CMSG_INTEN */
.intsts_reg = 0x10694, /* P2CMSG_INTSTS */
@@ -471,6 +475,7 @@ static const struct psp_vdata pspv3 = {
static const struct psp_vdata pspv4 = {
.sev = &sevv2,
.tee = &teev1,
+ .bootloader_info_reg = 0x109ec, /* C2PMSG_59 */
.feature_reg = 0x109fc, /* C2PMSG_63 */
.inten_reg = 0x10690, /* P2CMSG_INTEN */
.intsts_reg = 0x10694, /* P2CMSG_INTSTS */
--
2.34.1
I will maintain the platform access interface and dynamic boost
control support.
Signed-off-by: Mario Limonciello <[email protected]>
---
v3->v4:
* Add reference to new tools/crypto/ccp/dbc.c
---
MAINTAINERS | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/MAINTAINERS b/MAINTAINERS
index f2e19f576fec..709ebc2ebbe2 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -988,6 +988,18 @@ S: Supported
F: drivers/crypto/ccp/sev*
F: include/uapi/linux/psp-sev.h
+AMD CRYPTOGRAPHIC COPROCESSOR (CCP) DRIVER - DBC SUPPORT
+M: Mario Limonciello <[email protected]>
+L: [email protected]
+S: Supported
+F: drivers/crypto/ccp/dbc.c
+F: drivers/crypto/ccp/dbc.h
+F: drivers/crypto/ccp/platform-access.c
+F: drivers/crypto/ccp/platform-access.h
+F: include/uapi/linux/psp-dbc.h
+F: tools/crypto/ccp/*.c
+F: tools/crypto/ccp/*.py
+
AMD DISPLAY CORE
M: Harry Wentland <[email protected]>
M: Leo Li <[email protected]>
--
2.34.1
On 6/8/23 06:17, Mario Limonciello wrote:
> Dynamic boost control is a feature of some SoCs that allows
> an authenticated entity to send commands to the security processor
> to control certain SOC characteristics with the intention to improve
> performance.
>
> This is implemented via a mechanism that a userspace application would
> authenticate using a nonce and key exchange over an IOCTL interface.
>
> After authentication is complete an application can exchange signed
> messages with the security processor and both ends can validate the
> data transmitted.
>
> This series includes a test suite that can be run on real hardware
> to ensure that the communication works as expected. This can also be
> used for an application to model the communication path.
>
> Two sysfs files are introduced for reading the PSP bootloader version
> as well as TEE version which can be useful data points for debugging
> communication problems.
For the series:
Acked-by: Tom Lendacky <[email protected]>
>
> ---
> v3->v4:
> * Pick up tags
> * Move ioctl calls into a shared library used by python ctypes
>
> Mario Limonciello (11):
> crypto: ccp: Rename macro for security attributes
> crypto: ccp: Add support for displaying PSP firmware versions
> crypto: ccp: Add bootloader and TEE version offsets
> crypto: ccp: move setting PSP master to earlier in the init
> crypto: ccp: Add support for fetching a nonce for dynamic boost
> control
> crypto: ccp: Add support for setting user ID for dynamic boost control
> crypto: ccp: Add support for getting and setting DBC parameters
> crypto: ccp: Add a sample library for ioctl use
> crypto: ccp: Add a sample python script for Dynamic Boost Control
> crypto: ccp: Add unit tests for dynamic boost control
> crypto: ccp: Add Mario to MAINTAINERS
>
> Documentation/ABI/testing/sysfs-driver-ccp | 18 ++
> MAINTAINERS | 12 +
> drivers/crypto/ccp/Makefile | 3 +-
> drivers/crypto/ccp/dbc.c | 250 +++++++++++++++++++
> drivers/crypto/ccp/dbc.h | 56 +++++
> drivers/crypto/ccp/psp-dev.c | 19 +-
> drivers/crypto/ccp/psp-dev.h | 1 +
> drivers/crypto/ccp/sp-dev.h | 7 +
> drivers/crypto/ccp/sp-pci.c | 96 +++++++-
> include/linux/psp-platform-access.h | 4 +
> include/uapi/linux/psp-dbc.h | 147 ++++++++++++
> tools/crypto/ccp/.gitignore | 1 +
> tools/crypto/ccp/Makefile | 13 +
> tools/crypto/ccp/dbc.c | 72 ++++++
> tools/crypto/ccp/dbc.py | 64 +++++
> tools/crypto/ccp/dbc_cli.py | 134 +++++++++++
> tools/crypto/ccp/test_dbc.py | 266 +++++++++++++++++++++
> 17 files changed, 1146 insertions(+), 17 deletions(-)
> create mode 100644 drivers/crypto/ccp/dbc.c
> create mode 100644 drivers/crypto/ccp/dbc.h
> create mode 100644 include/uapi/linux/psp-dbc.h
> create mode 100644 tools/crypto/ccp/.gitignore
> create mode 100644 tools/crypto/ccp/Makefile
> create mode 100644 tools/crypto/ccp/dbc.c
> create mode 100644 tools/crypto/ccp/dbc.py
> create mode 100755 tools/crypto/ccp/dbc_cli.py
> create mode 100755 tools/crypto/ccp/test_dbc.py
>
>
> base-commit: 134e0dc6b73ab7e99464182356a8b3fa4ea3b499