From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 02542C4167B for ; Tue, 12 Dec 2023 16:46:55 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 7A0E36B030C; Tue, 12 Dec 2023 11:46:55 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 750076B030D; Tue, 12 Dec 2023 11:46:55 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 5F1056B030E; Tue, 12 Dec 2023 11:46:55 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 4B9946B030C for ; Tue, 12 Dec 2023 11:46:55 -0500 (EST) Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 08228120901 for ; Tue, 12 Dec 2023 16:46:54 +0000 (UTC) X-FDA: 81558745590.24.6500707 Received: from mail.alien8.de (mail.alien8.de [65.109.113.108]) by imf21.hostedemail.com (Postfix) with ESMTP id A61B31C0020 for ; Tue, 12 Dec 2023 16:46:51 +0000 (UTC) Authentication-Results: imf21.hostedemail.com; dkim=pass header.d=alien8.de header.s=alien8 header.b=NdJgmgVe; dmarc=pass (policy=none) header.from=alien8.de; spf=pass (imf21.hostedemail.com: domain of bp@alien8.de designates 65.109.113.108 as permitted sender) smtp.mailfrom=bp@alien8.de ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1702399612; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=JgaP6s6ZQuPIIwAkFk4kUIsSkyeDb3qfZ2ZyjHtolEA=; b=W/cxIOHX+HqWKSfAy1SPVrKzmu7fqDwK1IRNfKNNPbkmG5tx5HDnRcnIs0TOrRoqCgVn0Q yr1pro0tPOqIxufibOAA2uxXxosdKYreUM5KdpgtcKH5P3971J3by7t4Z9aaqtxC5S5loN 7L48/QU5r0GdvknghOhQuO3dgqd2VvA= ARC-Authentication-Results: i=1; imf21.hostedemail.com; dkim=pass header.d=alien8.de header.s=alien8 header.b=NdJgmgVe; dmarc=pass (policy=none) header.from=alien8.de; spf=pass (imf21.hostedemail.com: domain of bp@alien8.de designates 65.109.113.108 as permitted sender) smtp.mailfrom=bp@alien8.de ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1702399612; a=rsa-sha256; cv=none; b=JYofusAWw/YFp1Gukr4XgXXJnqx6da9ifmJ/hmpbBJBRIrHEaeKHyIpnNtEZH3vLOh7tf+ 2vyXu3QISdvIcu7+gyUmvJy37SHxswhVcWSnEQYyjYTlSwS5mZTlJo7nbKbJGDjO5vOq/U JSuT0tMzRVbfqHd/H2l+EBvhSvEZr30= Received: from localhost (localhost.localdomain [127.0.0.1]) by mail.alien8.de (SuperMail on ZX Spectrum 128k) with ESMTP id A109740E00C9; Tue, 12 Dec 2023 16:46:47 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at mail.alien8.de Received: from mail.alien8.de ([127.0.0.1]) by localhost (mail.alien8.de [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id qnttpbrXiaDF; Tue, 12 Dec 2023 16:46:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=alien8; t=1702399604; bh=JgaP6s6ZQuPIIwAkFk4kUIsSkyeDb3qfZ2ZyjHtolEA=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=NdJgmgVeKvU8liYp3/47c6y/Ybc/cJYAHEezxdSbKUy6ElqCAo0iAf+oTOaEkIWft MORuUbw0LS6WxLJAP+oW178zvH39uVgrKeitaYSimp4ZniVoTFpm4tplzCCZWa+dCF nEK2W1q3AoHQk1XKuCwkU5XPtGmfItfQWKgJfwV/4mvbaY3yJbFF9BUGLyMI0CcHUc cBK3rk8wxsuFTR9FfXLr1jImBJhajECjn9BSjh0F/Z6DDxFNKOMil3DGEnt0kbP4wA Z7x5Hm31FpBcvuPU7I6ux5hmD8T1HOaDY5ZCc4T47RFgdcn99YAasSeHzjW4xrzMXo AtmJG6LEHjWmQVNT5Xf0dmtkdYdmNhMhjl4rJtYX6BcTREH+PiN/ikFmDN1Ggl7TPz ebN+Ni/9+86QlgNuLLfDJR6SF3ipr/QyNW+GOYvuhELllDxQrLvk0ofkoviLv5qs1f umIQ6gwYHIr4jTQkbitmZ9oDHSxatGyqh6fh++IljKplFsClYZ3bYiB9j9rKiL7+9z FrBmchtvqeczG949ntc5+H7NqfhaZz0vvt0Zu4abrbLmVrq81OmiSXtAI/vaaV2I5R sFyHV7PrUD+sDS+qKZS+F72iKoizGDLyCvxq0YKw0dCRZVMGGs+mRiQUv44yGVUcYA F6EulFumsy6QWxmrT/0qgJ4U= Received: from zn.tnic (pd95304da.dip0.t-ipconnect.de [217.83.4.218]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail.alien8.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 3500E40E00CB; Tue, 12 Dec 2023 16:46:04 +0000 (UTC) Date: Tue, 12 Dec 2023 17:45:57 +0100 From: Borislav Petkov To: Michael Roth Cc: kvm@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org, tglx@linutronix.de, mingo@redhat.com, jroedel@suse.de, thomas.lendacky@amd.com, hpa@zytor.com, ardb@kernel.org, pbonzini@redhat.com, seanjc@google.com, vkuznets@redhat.com, jmattson@google.com, luto@kernel.org, dave.hansen@linux.intel.com, slp@redhat.com, pgonda@google.com, peterz@infradead.org, srinivas.pandruvada@linux.intel.com, rientjes@google.com, dovmurik@linux.ibm.com, tobin@ibm.com, vbabka@suse.cz, kirill@shutemov.name, ak@linux.intel.com, tony.luck@intel.com, marcorr@google.com, sathyanarayanan.kuppuswamy@linux.intel.com, alpergun@google.com, jarkko@kernel.org, ashish.kalra@amd.com, nikunj.dadhania@amd.com, pankaj.gupta@amd.com, liam.merwick@oracle.com, zhi.a.wang@intel.com, Brijesh Singh Subject: Re: [PATCH v10 19/50] crypto: ccp: Add the SNP_PLATFORM_STATUS command Message-ID: <20231212164557.GKZXiORUQjE8pCQBFk@fat_crate.local> References: <20231016132819.1002933-1-michael.roth@amd.com> <20231016132819.1002933-20-michael.roth@amd.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20231016132819.1002933-20-michael.roth@amd.com> X-Rspamd-Server: rspam09 X-Rspamd-Queue-Id: A61B31C0020 X-Stat-Signature: iiwbccyrwx1pbwrnmg451dc69g17sauk X-Rspam-User: X-HE-Tag: 1702399611-469011 X-HE-Meta: U2FsdGVkX18WCOhFbP7Aoid1EWcw1FSG1JIbN/nlNVBe45Gwafmdwf/E53U3FMQQRdBlJxADRZlgrgP6ozOPBd/Kq8EwtNNy5joVO8WlYVX0uONB2pY5A7nzXanPnASPQ80Fn6BLSLsmQefjy63RXXvr3SrFG9rGKUSOq9UEAP4btK+4oIAnb/P0r6+VqimTZEkwmVZroj9BObo5wa3aBH4SFzq3QYb76H/6OploVNKfaWzIh90coUuXpp4TF0G7R4Tyuikf/mfJCCwllb4yRRhRIZ/oipkCslCE14K0hTFxjZg6FkIX7oG7oOyE3Aha8XAiVNV9PLLnArHAR1DYsfZPwtpGxo7TBFaeSxRuDEE7Ed9XWw9R+efmYz+UswjQkH6ZQUnYudPxuH9RAOL9WCNSWuEB7IH1vjawTqCQwo6BbjLpBAfRX21/Cy9YJdZpaEZ99UqpwwcvxiyQxzghEHQsdEn0O1DIrX3U7Bb22Td5WqaZXu95cgKjBmAo31yL5B3P43IjVBcmMCwu2l7uilfRTRgiD1zdTtMQDfMI5WjlMe0rDikWoUUzvuHHO+pELvauR5VLAbvtLyebyYsUzYfWOCYAXNUz/gcYpB409QlJWd+UBTVsHIBUGj4CLaqHdXYKFq+6mn05EdE3VTj4lZmEbOYXPSTLgxDPtkWCUSW/gu74eeAM8MdtJz7gBfy7K0o+1ZmfXIMZZsNy6IRBVdQjrVe6kc8XZrB8aVxRTCk/PBQKyxetB5ccxzAM8MsEek/lswHzjBcgAGXs94qhLNdK8pspL+13lq08zsDruBx/FCrxAy8E/NqTrrrGawo0xlIZkY3PhPPIr6PbALXdr102XRFizMWRiVuzjZ/XhxzZyTcQKUS34QPZ0p2l12JGA9NxNTS2gAa3lyC2/4X1rG0xvVmTg1QjAYRwcwyn+3eJ5r6qCsT3NPu1Pf1YJTc31hTbzJop4XLkvr0qAu+ Pby2z25e EBnLY3GM48O7bk/EN/QlOmlZ/0fY4lfziaZneLPbrk4hVDwGcRb/M06lVwYccMJtL5No88ctMWmzbYfD7DessTYHs1idAcNouz/cbGm9JrhEz+ZA//MtLALhx+IToArDbKffOF7QjvaYZU1GgeOiwWVJQQOoYcoiEw6Vc7vFLkP/uNKx7y1SyZK+6aAzGuqYcet6et4gLDCUJZjs/u/xS8+durhyX/fL4pJMkLeK9oqOdzf+/di3CfyK6wg+glUO5CBLQz+B3SEdsSnM= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Mon, Oct 16, 2023 at 08:27:48AM -0500, Michael Roth wrote: > From: Brijesh Singh > > The command can be used by the userspace to query the SNP platform status s/by the userspace // > report. See the SEV-SNP spec for more details. > > Signed-off-by: Brijesh Singh > Signed-off-by: Ashish Kalra Mike, this doesn't have your SOB at the end. The whole set should have it if you're sending it. Please go through the whole thing. > --- > Documentation/virt/coco/sev-guest.rst | 27 ++++++++++++++++ > drivers/crypto/ccp/sev-dev.c | 45 +++++++++++++++++++++++++++ > include/uapi/linux/psp-sev.h | 1 + > 3 files changed, 73 insertions(+) > > diff --git a/Documentation/virt/coco/sev-guest.rst b/Documentation/virt/coco/sev-guest.rst > index 68b0d2363af8..e828c5326936 100644 > --- a/Documentation/virt/coco/sev-guest.rst > +++ b/Documentation/virt/coco/sev-guest.rst > @@ -67,6 +67,22 @@ counter (e.g. counter overflow), then -EIO will be returned. > }; > }; > > +The host ioctl should be called to /dev/sev device. The ioctl accepts commanda "... should be sent to the... " > +id and command input structure. > + > +:: > + struct sev_issue_cmd { > + /* Command ID */ > + __u32 cmd; > + > + /* Command request structure */ > + __u64 data; > + > + /* firmware error code on failure (see psp-sev.h) */ > + __u32 error; > + }; > + > + > 2.1 SNP_GET_REPORT > ------------------ > > @@ -124,6 +140,17 @@ be updated with the expected value. > > See GHCB specification for further detail on how to parse the certificate blob. > > +2.4 SNP_PLATFORM_STATUS > +----------------------- > +:Technology: sev-snp > +:Type: hypervisor ioctl cmd > +:Parameters (in): struct sev_data_snp_platform_status > +:Returns (out): 0 on success, -negative on error > + > +The SNP_PLATFORM_STATUS command is used to query the SNP platform status. The > +status includes API major, minor version and more. See the SEV-SNP > +specification for further details. > + > 3. SEV-SNP CPUID Enforcement > ============================ > > diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c > index b574b0ef2b1f..679b8d6fc09a 100644 > --- a/drivers/crypto/ccp/sev-dev.c > +++ b/drivers/crypto/ccp/sev-dev.c > @@ -1772,6 +1772,48 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) > return ret; > } > > +static int sev_ioctl_snp_platform_status(struct sev_issue_cmd *argp) sev_ioctl_do_snp_platform_status like the others. > +{ > + struct sev_device *sev = psp_master->sev_data; > + struct sev_data_snp_addr buf; > + struct page *status_page; > + void *data; > + int ret; > + > + if (!sev->snp_initialized || !argp->data) > + return -EINVAL; > + > + status_page = alloc_page(GFP_KERNEL_ACCOUNT); > + if (!status_page) > + return -ENOMEM; > + > + data = page_address(status_page); > + if (rmp_mark_pages_firmware(__pa(data), 1, true)) { > + __free_pages(status_page, 0); > + return -EFAULT; ret = -EFAULT; goto cleanup; instead. ... -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette