Received: by 2002:a05:6a10:eb17:0:0:0:0 with SMTP id hx23csp1093549pxb; Thu, 9 Sep 2021 20:32:15 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwR5zKenMaxBh7eSi40777OSq0Kzy8Yq8Mg0SDJsXPZBEPumUK5UApfRr4ygiS3F10oqjT0 X-Received: by 2002:a5d:9355:: with SMTP id i21mr5568642ioo.12.1631244735124; Thu, 09 Sep 2021 20:32:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1631244735; cv=none; d=google.com; s=arc-20160816; b=ykJCxvQ3cV7Gt4nEIpDjilQgLjvnX7F7Ho0R8em7Zz+7Y2UvFhyEZ/+MsL3QibnYtP GBf8X6N3hrFhI0IkTVoXKMJ08vG3QqfQTlvQv7GjNl++GpxS9Y/KiCjO5PzPx+6iaGVv +2djIBmqh3evu9/00pa248KtXKqb3OEIZwHNqgKuWjlXWEqu/qxjlBzgSzxWn9LpY7xL BcTbXxisXmtOjSjw4Vp8sFIIbsQmTgmBSXPbuO5MMxnx4iGak37DaYjC7y02SKN7yUrd 065+tHDiCfrsxH97mxsj57/rc6VbV/OEmALE1U0ySo/K37wXGcvRq5kyfb63ujESw/k1 LnlA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=NNboQ/FR4h0376TGbPOg84fczWq1c0viqJFh4kJpLOo=; b=jmoc+eYv7kB7LjYnlbc2ofQX2kFtNeE9MiQ0j1UQRLwrlo8kX9sDDF7XH7xLFgUZbi PdqW2c0NpaMFe2Hb/uh1/DL+yZ/rcQvrm4+pMXv4ClS1kqBWg5UbcAzDp0crEm6NQUTM hgZRanIFENXk2Livm5XMTw894vOQu/TAceo9KvPmz8FGe5tOioFa8rCPjlIAGerFa3wB 3hqfyefg25qwE5HeJ+uAPiLBEdcF2elGaxkNqFhnks0/RGtyZGtP6dOD/q1KzU3dez/0 ECF5qxC1vTyImwuH+WfhHKv66s141jKN5eAK0G2BJ+3yZm+UgcHQAbTT4SHP8f5IQt4E 5z+w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=DOWVLWOx; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id h13si3742005ilc.131.2021.09.09.20.32.02; Thu, 09 Sep 2021 20:32:15 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=DOWVLWOx; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230150AbhIJDbs (ORCPT + 99 others); Thu, 9 Sep 2021 23:31:48 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52298 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230144AbhIJDbr (ORCPT ); Thu, 9 Sep 2021 23:31:47 -0400 Received: from mail-oi1-x231.google.com (mail-oi1-x231.google.com [IPv6:2607:f8b0:4864:20::231]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 37FD7C061756 for ; Thu, 9 Sep 2021 20:30:37 -0700 (PDT) Received: by mail-oi1-x231.google.com with SMTP id 6so1076973oiy.8 for ; Thu, 09 Sep 2021 20:30:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=NNboQ/FR4h0376TGbPOg84fczWq1c0viqJFh4kJpLOo=; b=DOWVLWOxYph3rCExJ6yJTlcc1s6U/I3mbRtoHPSRkXdkWwTcFm3mjoOrRLkY4fytA9 0MyW+YeqXjf9HXZv7TJPKSd7UE3UcCWj+cYfQcBX6vbFByevBmZEuafXo9MXazkUmO5+ 6dwbOE/QzI0XGmZsV3K79MBvd6Y15aDLFALfeAF7kLvp7FeK0AOE2nC30749dih4elGu uyZmD0f2M+RK4S7/7YjQaGhoIzOl+g/b1xOBsJ9VA1Fjo2i7MYPJz2Nr3o02fdQOy8SD 7e3bc8KeQMkMqxK4xNykHuuIxmQoYlWgk6Q2sp0Vb5IG+XeVopue08zLomU9bzVjK+J1 S4zw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=NNboQ/FR4h0376TGbPOg84fczWq1c0viqJFh4kJpLOo=; b=rHRAtuj8f410S29Eolx4FykOiYSep0UvAA8bAZ8ZEWM6pKHm6OyrHOURO8OtDEhvz/ +1QU54plbQUGRKCvzVFH9aChtnnBiyfm4+tTy602w/7ZaGPr/+iLzqVU6PcnDGmiYnm0 UncACogYl7Y7MeuhpXYek8OLS8kCGdlQG1gjQrcojcxvZrKqbL5yA3zFZwAhkP5dRcwq S6kgOEQvQTQAT+YPaWtRa2HNsfga1gLaK8HfRc9PJZY++SsKrX4syxsOE7aExPXKT2PW 2eeGbuLepGHI1e/wMtRJ5MpX3Cy0Cpm+rYnKuNUdY2+2PtamXTv/uJIjcDch6JoFIqy6 bhjA== X-Gm-Message-State: AOAM5337AFFFsJo16xYT+nFPAQSCkwY6QSnnKLub/BIxC3iLj29m4T0Z lwf7yD4XgCM+7I2ZL7pLIglhq80NTjUKLhI9Y9PgUw== X-Received: by 2002:a05:6808:909:: with SMTP id w9mr2624314oih.164.1631244636311; Thu, 09 Sep 2021 20:30:36 -0700 (PDT) MIME-Version: 1.0 References: <20210820155918.7518-1-brijesh.singh@amd.com> <20210820155918.7518-19-brijesh.singh@amd.com> In-Reply-To: <20210820155918.7518-19-brijesh.singh@amd.com> From: Marc Orr Date: Thu, 9 Sep 2021 20:30:25 -0700 Message-ID: Subject: Re: [PATCH Part2 v5 18/45] crypto: ccp: Provide APIs to query extended attestation report To: Brijesh Singh Cc: x86 , LKML , kvm list , linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org, Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , "Kirill A . Shutemov" , Andi Kleen , tony.luck@intel.com, sathyanarayanan.kuppuswamy@linux.intel.com Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Fri, Aug 20, 2021 at 9:00 AM Brijesh Singh wrote: > > Version 2 of the GHCB specification defines VMGEXIT that is used to get > the extended attestation report. The extended attestation report includes > the certificate blobs provided through the SNP_SET_EXT_CONFIG. > > The snp_guest_ext_guest_request() will be used by the hypervisor to get > the extended attestation report. See the GHCB specification for more > details. > > Signed-off-by: Brijesh Singh > --- > drivers/crypto/ccp/sev-dev.c | 43 ++++++++++++++++++++++++++++++++++++ > include/linux/psp-sev.h | 24 ++++++++++++++++++++ > 2 files changed, 67 insertions(+) > > diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c > index 9ba194acbe85..e2650c3d0d0a 100644 > --- a/drivers/crypto/ccp/sev-dev.c > +++ b/drivers/crypto/ccp/sev-dev.c > @@ -22,6 +22,7 @@ > #include > #include > #include > +#include > > #include > > @@ -1677,6 +1678,48 @@ int snp_guest_dbg_decrypt(struct sev_data_snp_dbg *data, int *error) > } > EXPORT_SYMBOL_GPL(snp_guest_dbg_decrypt); > > +int snp_guest_ext_guest_request(struct sev_data_snp_guest_request *data, > + unsigned long vaddr, unsigned long *npages, unsigned long *fw_err) > +{ > + unsigned long expected_npages; > + struct sev_device *sev; > + int rc; > + > + if (!psp_master || !psp_master->sev_data) > + return -ENODEV; > + > + sev = psp_master->sev_data; > + > + if (!sev->snp_inited) > + return -EINVAL; > + > + /* > + * Check if there is enough space to copy the certificate chain. Otherwise > + * return ERROR code defined in the GHCB specification. > + */ > + expected_npages = sev->snp_certs_len >> PAGE_SHIFT; Is this calculation for `expected_npages` correct? Assume that `sev->snp_certs_len` is less than a page (e.g., 2000). Then, this calculation will return `0` for `expected_npages`, rather than round up to 1. > + if (*npages < expected_npages) { > + *npages = expected_npages; > + *fw_err = SNP_GUEST_REQ_INVALID_LEN; > + return -EINVAL; > + } > + > + rc = sev_do_cmd(SEV_CMD_SNP_GUEST_REQUEST, data, (int *)&fw_err); > + if (rc) > + return rc; > + > + /* Copy the certificate blob */ > + if (sev->snp_certs_data) { > + *npages = expected_npages; > + memcpy((void *)vaddr, sev->snp_certs_data, *npages << PAGE_SHIFT); > + } else { > + *npages = 0; > + } > + > + return rc; > +} > +EXPORT_SYMBOL_GPL(snp_guest_ext_guest_request); > + > static void sev_exit(struct kref *ref) > { > misc_deregister(&misc_dev->misc); > diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h > index 00bd684dc094..ea94ce4d834a 100644 > --- a/include/linux/psp-sev.h > +++ b/include/linux/psp-sev.h > @@ -924,6 +924,23 @@ void *psp_copy_user_blob(u64 uaddr, u32 len); > void *snp_alloc_firmware_page(gfp_t mask); > void snp_free_firmware_page(void *addr); > > +/** > + * snp_guest_ext_guest_request - perform the SNP extended guest request command > + * defined in the GHCB specification. > + * > + * @data: the input guest request structure > + * @vaddr: address where the certificate blob need to be copied. > + * @npages: number of pages for the certificate blob. > + * If the specified page count is less than the certificate blob size, then the > + * required page count is returned with error code defined in the GHCB spec. > + * If the specified page count is more than the certificate blob size, then > + * page count is updated to reflect the amount of valid data copied in the > + * vaddr. > + */ > +int snp_guest_ext_guest_request(struct sev_data_snp_guest_request *data, > + unsigned long vaddr, unsigned long *npages, > + unsigned long *error); > + > #else /* !CONFIG_CRYPTO_DEV_SP_PSP */ > > static inline int > @@ -971,6 +988,13 @@ static inline void *snp_alloc_firmware_page(gfp_t mask) > > static inline void snp_free_firmware_page(void *addr) { } > > +static inline int snp_guest_ext_guest_request(struct sev_data_snp_guest_request *data, > + unsigned long vaddr, unsigned long *n, > + unsigned long *error) > +{ > + return -ENODEV; > +} > + > #endif /* CONFIG_CRYPTO_DEV_SP_PSP */ > > #endif /* __PSP_SEV_H__ */ > -- > 2.17.1 >