Received: by 2002:a6b:fb09:0:0:0:0:0 with SMTP id h9csp4248818iog; Tue, 21 Jun 2022 15:34:10 -0700 (PDT) X-Google-Smtp-Source: AGRyM1sTnunJCSJuezKsJwx9mP8aedxY+g1862nFPiGN/yIg2sti2Wr9QZPMHAcDWmUrXphsQZ2/ X-Received: by 2002:a05:6402:516b:b0:435:8f7b:b6f7 with SMTP id d11-20020a056402516b00b004358f7bb6f7mr393244ede.291.1655850850598; Tue, 21 Jun 2022 15:34:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1655850850; cv=none; d=google.com; s=arc-20160816; b=fbAYR/iNTaOsYxgRZTKAHn7NSo5yxfNnZ5Dg21TlryJOwhZnH7hSdWDRHwJmWknSPg zyXZO5ZTtw39yL6oNSU4ikWUQECt/WgsfPTC6ADi4mT9bpDu4PbIT5F0p7ealPILJzkJ KValP25oxYrkhdWmik9ZXAVEcr9yg/RFvhJo+GWNQjQVAVzQbCf8SgFCTL6IMUxY0ZPm qYhpgtHJ8hn94k8NlEJt4UINygiuA2DEy+pKqUdXlT09WUizN1RAazOotDLX3XgJmVT4 BNV3w6s6UxHyJWBFrNyjV4USUI8thgX3chBXyIo7QvAKbTaMcWk553u0kNXDdZTaVlLM vP3g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=be4KTBeZxtpbZf3YZP05Js8VaqFOMrf83r+bDTDFiOM=; b=VrJ9htHkSMO+zasWNIR1OQoJuxS0+Ptkw9lW+5Ah+7GrXwqflcTZ1M2UPSdXqFEkR6 iOsEZcj0oLRsbpjjcQkcIO3HGvuiIVjh64EL5rBLM+lTVfJLXtady8Cwi48rWGQk3/Be 9oqwL3ErJulTQsoGxHy3S7EQrp4jlTZ3lE7DF7vltoWm7R+3mKCHgnkt5rutUMBuFLzS rBlZAFbeyeAKUDfK0plGEfrzV5t20KtsEWl0Rb4PrmqEEML28B2fTFk3sm6kUQ8FchIh zsZyQ/QFNX8hGCvhwLPHJ27WQ5xma5pGsKCWFbUhtYn0tUeuhPwOAKL2BhKo37sxYRPO IF5Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=TbHQbtE0; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id o3-20020aa7c503000000b0043560f82427si14426257edq.617.2022.06.21.15.33.39; Tue, 21 Jun 2022 15:34:10 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=TbHQbtE0; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1353648AbiFUWar (ORCPT + 99 others); Tue, 21 Jun 2022 18:30:47 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:32814 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S243597AbiFUWaq (ORCPT ); Tue, 21 Jun 2022 18:30:46 -0400 Received: from mail-lf1-x136.google.com (mail-lf1-x136.google.com [IPv6:2a00:1450:4864:20::136]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 72CDD31525 for ; Tue, 21 Jun 2022 15:30:45 -0700 (PDT) Received: by mail-lf1-x136.google.com with SMTP id f39so9094515lfv.3 for ; Tue, 21 Jun 2022 15:30:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=be4KTBeZxtpbZf3YZP05Js8VaqFOMrf83r+bDTDFiOM=; b=TbHQbtE0PGZvjMfU0/fdCKW8kn0RfxMLcQkuL7vMebVX3ouG4SBKD8sC2tkjx1p4tL JxLcXHa+y4RxHDPxAebJuKeKGscJoUKjrE8VXTvglAp1x/G4b03ih1fW6yNXCTiMQAPw teAuWEmSVhc73eNHdbcV4Cw5YrPPKwRNTZrJn8Pi8wlXst7by6Z/L8eV9UBD3t3RBMx4 6tPWew7RqfGH09r381WEW8Hp903+By355KdF31SA7pdi4YDiewE/7uhPhZfmYqySyvZp 6jI1juXcpFpqrIIQaJi/mwPudugxTKnpFg9ho/joL50I2hmuYTg9jX/3uWx6noKgzt2W Yh6A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=be4KTBeZxtpbZf3YZP05Js8VaqFOMrf83r+bDTDFiOM=; b=RPOS+YJi42Doyr0trkC/ra7eyt/+yuLHW95Xc3+ffBMqQzFGOGMxVUzjyLHoktQ25c HzP1SL98WV5PluVvdw/wUewGdjuGtKVUZ6O7WnKnKxJAGnPYyxDvPvkQ2Pkr9zT5V4oc VMH4IEpiqbUC7PW3syymdFoWsYGZ0l59F4ar45nrcA2tioh0BjEcIpfV9nuPbKZ5Iehn AY73lVlyqVcLCMiVGm2SFNaoxhTRD4TQSqbym/SWeh2G4O77OetrktsLvIfwBOTAoKd6 DjjTn3qFu+nxeILu7UxiLcG087gWZIqV6Wer9+zQE5sJBfukdPzxJ5n8nk3jtu7pxYo0 7nmw== X-Gm-Message-State: AJIora+vnF46XtbOQf+vyCuSlHqjsydhI4Zowh/00lZ3EuO3GOcVEH1r 9TOxzU1fwgY0vxw3tHu+OXv6HBw7kHNbEURamKpTEw== X-Received: by 2002:a05:6512:3085:b0:479:3986:1d23 with SMTP id z5-20020a056512308500b0047939861d23mr274153lfd.373.1655850642319; Tue, 21 Jun 2022 15:30:42 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Peter Gonda Date: Tue, 21 Jun 2022 16:30:30 -0600 Message-ID: Subject: Re: [PATCH Part2 v6 18/49] crypto: ccp: Provide APIs to query extended attestation report To: Ashish Kalra Cc: "the arch/x86 maintainers" , LKML , kvm list , linux-coco@lists.linux.dev, linux-mm@kvack.org, Linux Crypto Mailing List , Thomas Gleixner , Ingo Molnar , Joerg Roedel , "Lendacky, Thomas" , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Dov Murik , Tobin Feldman-Fitzthum , Borislav Petkov , Michael Roth , Vlastimil Babka , "Kirill A . Shutemov" , Andi Kleen , Tony Luck , Marc Orr , Sathyanarayanan Kuppuswamy , Alper Gun , "Dr. David Alan Gilbert" , jarkko@kernel.org Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Mon, Jun 20, 2022 at 5:06 PM Ashish Kalra wrote: > > From: Brijesh Singh > > Version 2 of the GHCB specification defines VMGEXIT that is used to get > the extended attestation report. The extended attestation report includes > the certificate blobs provided through the SNP_SET_EXT_CONFIG. > > The snp_guest_ext_guest_request() will be used by the hypervisor to get > the extended attestation report. See the GHCB specification for more > details. > > Signed-off-by: Brijesh Singh > --- > drivers/crypto/ccp/sev-dev.c | 43 ++++++++++++++++++++++++++++++++++++ > include/linux/psp-sev.h | 24 ++++++++++++++++++++ > 2 files changed, 67 insertions(+) > > diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c > index 97b479d5aa86..f6306b820b86 100644 > --- a/drivers/crypto/ccp/sev-dev.c > +++ b/drivers/crypto/ccp/sev-dev.c > @@ -25,6 +25,7 @@ > #include > > #include > +#include > > #include "psp-dev.h" > #include "sev-dev.h" > @@ -1857,6 +1858,48 @@ int snp_guest_dbg_decrypt(struct sev_data_snp_dbg *data, int *error) > } > EXPORT_SYMBOL_GPL(snp_guest_dbg_decrypt); > > +int snp_guest_ext_guest_request(struct sev_data_snp_guest_request *data, > + unsigned long vaddr, unsigned long *npages, unsigned long *fw_err) > +{ > + unsigned long expected_npages; > + struct sev_device *sev; > + int rc; > + > + if (!psp_master || !psp_master->sev_data) > + return -ENODEV; > + > + sev = psp_master->sev_data; > + > + if (!sev->snp_inited) > + return -EINVAL; > + > + /* > + * Check if there is enough space to copy the certificate chain. Otherwise > + * return ERROR code defined in the GHCB specification. > + */ > + expected_npages = sev->snp_certs_len >> PAGE_SHIFT; > + if (*npages < expected_npages) { > + *npages = expected_npages; > + *fw_err = SNP_GUEST_REQ_INVALID_LEN; > + return -EINVAL; > + } > + > + rc = sev_do_cmd(SEV_CMD_SNP_GUEST_REQUEST, data, (int *)&fw_err); We can just pass |fw_error| here (with the cast) here right? Not need to do &fw_err. rc = sev_do_cmd(SEV_CMD_SNP_GUEST_REQUEST, data, (int *)fw_err); > + if (rc) > + return rc; > + > + /* Copy the certificate blob */ > + if (sev->snp_certs_data) { > + *npages = expected_npages; > + memcpy((void *)vaddr, sev->snp_certs_data, *npages << PAGE_SHIFT); Why don't we just make |vaddr| into a void* instead of an unsigned long? > + } else { > + *npages = 0; > + } > + > + return rc; > +} > +EXPORT_SYMBOL_GPL(snp_guest_ext_guest_request); > + > static void sev_exit(struct kref *ref) > { > misc_deregister(&misc_dev->misc); > diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h > index a3bb792bb842..cd37ccd1fa1f 100644 > --- a/include/linux/psp-sev.h > +++ b/include/linux/psp-sev.h > @@ -945,6 +945,23 @@ void *psp_copy_user_blob(u64 uaddr, u32 len); > void *snp_alloc_firmware_page(gfp_t mask); > void snp_free_firmware_page(void *addr); > > +/** > + * snp_guest_ext_guest_request - perform the SNP extended guest request command > + * defined in the GHCB specification. > + * > + * @data: the input guest request structure > + * @vaddr: address where the certificate blob need to be copied. > + * @npages: number of pages for the certificate blob. > + * If the specified page count is less than the certificate blob size, then the > + * required page count is returned with error code defined in the GHCB spec. > + * If the specified page count is more than the certificate blob size, then > + * page count is updated to reflect the amount of valid data copied in the > + * vaddr. > + */ > +int snp_guest_ext_guest_request(struct sev_data_snp_guest_request *data, > + unsigned long vaddr, unsigned long *npages, > + unsigned long *error); > + > #else /* !CONFIG_CRYPTO_DEV_SP_PSP */ > > static inline int > @@ -992,6 +1009,13 @@ static inline void *snp_alloc_firmware_page(gfp_t mask) > > static inline void snp_free_firmware_page(void *addr) { } > > +static inline int snp_guest_ext_guest_request(struct sev_data_snp_guest_request *data, > + unsigned long vaddr, unsigned long *n, > + unsigned long *error) > +{ > + return -ENODEV; > +} > + > #endif /* CONFIG_CRYPTO_DEV_SP_PSP */ > > #endif /* __PSP_SEV_H__ */ > -- > 2.25.1 >