Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp2500420ybl; Thu, 19 Dec 2019 14:58:16 -0800 (PST) X-Google-Smtp-Source: APXvYqxN6LpC3+NK6RtZ56vSkgY8qGHM/C6VpKTfvbWt51DU80qh6g6NpzBG5cEqyrif4yzT0Idb X-Received: by 2002:a05:6830:10c6:: with SMTP id z6mr11797290oto.203.1576796296206; Thu, 19 Dec 2019 14:58:16 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1576796296; cv=pass; d=google.com; s=arc-20160816; b=LoMCVVLsabaBfcIYEav8LizOh5wBelCNCQ3Bjf7FfXTEqyvT5pnkcACKtvQHiU5F1c t21yvwLEKn5OrVql3i2PuPb+hHN5TLuW48dUDQ0n7k8xBwT/nL3jtMiMzDkdyn8uodDq sAdat3Qoqx8mI9yUPMYlXdGeygdAO3FWwn9Zmsy51qgdoDF2+0MCkwOyJPAHU2FVFACv bCiQk45cKgluMu8i/TOJIEmUw/c1inFFYvj6NCzTPySJsf9A5LUbCBDPfh4VHoOnI40z WpvZpqvvKMdypDqJqBGsFWNyp3nnoEfn2fd30Mr/AncYWX6NrDg9L1Hat8fIXfWPQ//F ebMA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:content-transfer-encoding :content-language:in-reply-to:user-agent:date:message-id:from :references:cc:to:subject:dkim-signature; bh=TccnvQJRSH0FVZkh49TVgW14bfHVG7FF8g1HiNImSLA=; b=HlWo9HXlLgzQLDTBiYe0w47Hfje+YYHdhvJ8DXMDwhEmoRUJAIRPoGeVj7UwnjgPEe /+wKR814ZQwLhKl1BMBlqCgZMobjk3aOSVT0dO7wvLtIo01RA+VM5mXdLwjJjBDiKMqY F/NAkGJGUxXEde6Fu8Z8yHxaYdRGeOuRvhhxdEgUj1qbZE9znhCo5C1S6I8U6l5DrCDP 03eYNVjm8UHUWloq2WErosmCSKYz/OYVKtUvv/yE/MuvcjiESs4Ga3LkhOgAN/TdBg4B qJN6tbz1Ca+u7eBb33XCiJciAq34d3ErrRWvUiTE0qb/twy36RaKb/zQuOdV5DaL+EEM XKPg== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amdcloud.onmicrosoft.com header.s=selector2-amdcloud-onmicrosoft-com header.b=xsdEKuqD; arc=pass (i=1 spf=pass spfdomain=amd.com dkim=pass dkdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id u130si3879643oif.94.2019.12.19.14.58.04; Thu, 19 Dec 2019 14:58:16 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@amdcloud.onmicrosoft.com header.s=selector2-amdcloud-onmicrosoft-com header.b=xsdEKuqD; arc=pass (i=1 spf=pass spfdomain=amd.com dkim=pass dkdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726945AbfLSW54 (ORCPT + 99 others); Thu, 19 Dec 2019 17:57:56 -0500 Received: from mail-co1nam11on2063.outbound.protection.outlook.com ([40.107.220.63]:20304 "EHLO NAM11-CO1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726982AbfLSW54 (ORCPT ); Thu, 19 Dec 2019 17:57:56 -0500 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=lZ4kG1w3anYAdunDEQIdUTX6ech3Li0xexRz0J9qUlwk4YZizIq8NHzu9GP5231q9X6chC+ax2clz7B3OHKa1FU+MtShhaYv8ZaSMxASdPpseaxrd0RGTIXzdO7kyLdOgpZwvpWKvDpQRAKXK/pZelGAxD+dbYuWkCuCKTdZvbcnkptI6ARZUloZ79x3mEE33q9/PVX84dGGzDdqy2s7stqmfjOVm1VD9r76E0YZ4V2D7ekLD1tyn8va+Xqm2+yCFrW33uqVbzNKUHFs0CabFCsqu+qETGShjyHuiDfOPX/7X8FZx30f5JSXT+aM8I4PPFOVLvhcYEjqSggFLkj2zA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TccnvQJRSH0FVZkh49TVgW14bfHVG7FF8g1HiNImSLA=; b=ZpBNcRdwvCqwahFgdLj7rcwEsor0Nac3ugUCZkPBlGqKb/CP9DdXI1vDT5LKiAbUfsGfOYPdgN1q9e5KO9R7fMGCAb2v3OlMx+QfPch3w5CacLFQqF4rjAmwCoU3pIPcKyTllByD6dvxyYAyTEOoDMSPAKTogTZJO45J1T2lGhPFyw9uMjD9g2jv10J1h45GzfVM7/N++DAt58hEYDmdxreJYuwP76SRZfOBScg0ehhT8vmQk5nRkTn3HS4hSKeH1X1vUHUtx7QRpxe9tven2OwesQhn4sdhG+tAxO6V6cCtPvIemMKlWLk6W2UwNxoVYVDnrTkl+FtHC/fX3mXo2A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector2-amdcloud-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TccnvQJRSH0FVZkh49TVgW14bfHVG7FF8g1HiNImSLA=; b=xsdEKuqDaEcNrSXv4eYRZAj8lEALEIECJcOob2NngpJ1nJTXDYMGokZBlTm0eLXcjgTx5+0Z0R3pjjq/Sdundw/6M9yqhByuXxJtYWakpYNe2jabVEPmKhkV9ijfjo8IFZDuzLlZXIi5nWlDiBLbf5mYMaf3p2KuALYYt59Lz0k= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Gary.Hook@amd.com; Received: from DM5PR12MB1449.namprd12.prod.outlook.com (10.172.40.14) by DM5PR12MB2421.namprd12.prod.outlook.com (52.132.141.26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2538.20; Thu, 19 Dec 2019 22:56:54 +0000 Received: from DM5PR12MB1449.namprd12.prod.outlook.com ([fe80::6d85:d029:53c0:ba61]) by DM5PR12MB1449.namprd12.prod.outlook.com ([fe80::6d85:d029:53c0:ba61%5]) with mapi id 15.20.2538.019; Thu, 19 Dec 2019 22:56:54 +0000 Subject: Re: [RFC PATCH v3 4/6] crypto: ccp - check whether PSP supports SEV or TEE before initialization To: Rijo Thomas , Tom Lendacky , Herbert Xu , "David S . Miller" , linux-kernel@vger.kernel.org, linux-crypto@vger.kernel.org Cc: Nimesh Easow , Devaraj Rangasamy , Jens Wiklander , Ard Biesheuvel References: <6a7be399d095373d2677440ff1fef406f97bf0d0.1575438845.git.Rijo-john.Thomas@amd.com> From: Gary R Hook Message-ID: <1e1aecde-7c1a-3d5b-be38-c4cfecfd16aa@amd.com> Date: Thu, 19 Dec 2019 16:56:52 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.2.2 In-Reply-To: <6a7be399d095373d2677440ff1fef406f97bf0d0.1575438845.git.Rijo-john.Thomas@amd.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-ClientProxiedBy: SN2PR01CA0069.prod.exchangelabs.com (2603:10b6:800::37) To DM5PR12MB1449.namprd12.prod.outlook.com (2603:10b6:4:10::14) MIME-Version: 1.0 X-Originating-IP: [165.204.77.1] X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 5e502df2-112f-4f0f-3a58-08d784d6be2d X-MS-TrafficTypeDiagnostic: DM5PR12MB2421:|DM5PR12MB2421: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:1850; X-Forefront-PRVS: 0256C18696 X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(4636009)(366004)(39860400002)(396003)(346002)(376002)(136003)(189003)(199004)(31686004)(8936002)(81166006)(5660300002)(66946007)(86362001)(110136005)(54906003)(53546011)(186003)(478600001)(52116002)(26005)(81156014)(6506007)(8676002)(36756003)(316002)(4326008)(2616005)(66476007)(31696002)(2906002)(66556008)(6512007)(6486002);DIR:OUT;SFP:1101;SCL:1;SRVR:DM5PR12MB2421;H:DM5PR12MB1449.namprd12.prod.outlook.com;FPR:;SPF:None;LANG:en;PTR:InfoNoRecords;MX:1;A:1; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 1Q/FNzNbNM2YrZ4qnBR/6DwtqVT4NciOwVDfv8LJYTKsC27O16ye0OhEEomvH/XbpIAml76EVXXBmHYrPmjG/0vczPRWTs27BR9IQzEvLEEeDNgaj34u0Mc5bJergt0N75CJeWVpfFhKZHVnMRATxhrKBSFIguro8miWBMR+L0OrJzI+URMIJcXD7fO8GPXknUtliZNYZOdsbA4hSOiRxmmhSGer9M8/m/aglOj/Tb/oYLUVzcQEl9oflrZP6d1zmwMk2RbqJvgZLXaDJ1AJ2UUSVoSZWGG8ON99qhkeqMUmi7g45/2LVHyIrTJ2xBNLXOBmVMQV7vEAmCu2vTUE8mku0UvhOFyn76VpokCBN77vOKN/YMwonYEpswBEh+AWADfhKr31nFp/vjVRpmjOC88J/EFph5ruzURTHrOhyog+svkl+0KiRsntqOXKvJxl X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 5e502df2-112f-4f0f-3a58-08d784d6be2d X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Dec 2019 22:56:54.7766 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: OMQRLg2awUEVLk3fzyeNL28h6vwCoufsr6GO/zoAs3ihWALukwGrQbcp8TLEvNz/ X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR12MB2421 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On 12/4/19 12:19 AM, Rijo Thomas wrote: > Read PSP feature register to check for TEE (Trusted Execution Environment) > support. > > If neither SEV nor TEE is supported by PSP, then skip PSP initialization. > > Cc: Tom Lendacky > Cc: Jens Wiklander > Cc: Ard Biesheuvel > Co-developed-by: Devaraj Rangasamy > Signed-off-by: Devaraj Rangasamy > Signed-off-by: Rijo Thomas Acked-by: Gary R Hook > --- > drivers/crypto/ccp/psp-dev.c | 46 +++++++++++++++++++++++++++++++++++++++----- > 1 file changed, 41 insertions(+), 5 deletions(-) > > diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c > index 2cd7a5e..3bedf72 100644 > --- a/drivers/crypto/ccp/psp-dev.c > +++ b/drivers/crypto/ccp/psp-dev.c > @@ -53,7 +53,7 @@ static irqreturn_t psp_irq_handler(int irq, void *data) > return IRQ_HANDLED; > } > > -static int psp_check_sev_support(struct psp_device *psp) > +static unsigned int psp_get_capability(struct psp_device *psp) > { > unsigned int val = ioread32(psp->io_regs + psp->vdata->feature_reg); > > @@ -66,11 +66,17 @@ static int psp_check_sev_support(struct psp_device *psp) > */ > if (val == 0xffffffff) { > dev_notice(psp->dev, "psp: unable to access the device: you might be running a broken BIOS.\n"); > - return -ENODEV; > + return 0; > } > > - if (!(val & 1)) { > - /* Device does not support the SEV feature */ > + return val; > +} > + > +static int psp_check_sev_support(struct psp_device *psp, > + unsigned int capability) > +{ > + /* Check if device supports SEV feature */ > + if (!(capability & 1)) { > dev_dbg(psp->dev, "psp does not support SEV\n"); > return -ENODEV; > } > @@ -78,10 +84,36 @@ static int psp_check_sev_support(struct psp_device *psp) > return 0; > } > > +static int psp_check_tee_support(struct psp_device *psp, > + unsigned int capability) > +{ > + /* Check if device supports TEE feature */ > + if (!(capability & 2)) { > + dev_dbg(psp->dev, "psp does not support TEE\n"); > + return -ENODEV; > + } > + > + return 0; > +} > + > +static int psp_check_support(struct psp_device *psp, > + unsigned int capability) > +{ > + int sev_support = psp_check_sev_support(psp, capability); > + int tee_support = psp_check_tee_support(psp, capability); > + > + /* Return error if device neither supports SEV nor TEE */ > + if (sev_support && tee_support) > + return -ENODEV; > + > + return 0; > +} > + > int psp_dev_init(struct sp_device *sp) > { > struct device *dev = sp->dev; > struct psp_device *psp; > + unsigned int capability; > int ret; > > ret = -ENOMEM; > @@ -100,7 +132,11 @@ int psp_dev_init(struct sp_device *sp) > > psp->io_regs = sp->io_map; > > - ret = psp_check_sev_support(psp); > + capability = psp_get_capability(psp); > + if (!capability) > + goto e_disable; > + > + ret = psp_check_support(psp, capability); > if (ret) > goto e_disable; > >