From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id D293FCD11C2 for ; Wed, 10 Apr 2024 22:21:07 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 42B5B6B0089; Wed, 10 Apr 2024 18:21:07 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 3DB796B008A; Wed, 10 Apr 2024 18:21:07 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 27BDE6B008C; Wed, 10 Apr 2024 18:21:07 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 0C5CD6B0089 for ; Wed, 10 Apr 2024 18:21:07 -0400 (EDT) Received: from smtpin23.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id AE78640484 for ; Wed, 10 Apr 2024 22:21:06 +0000 (UTC) X-FDA: 81995043732.23.82F5FA9 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2097.outbound.protection.outlook.com [40.107.93.97]) by imf08.hostedemail.com (Postfix) with ESMTP id EBBB3160011 for ; Wed, 10 Apr 2024 22:21:03 +0000 (UTC) Authentication-Results: imf08.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=BxpdQXbk; spf=pass (imf08.hostedemail.com: domain of Thomas.Lendacky@amd.com designates 40.107.93.97 as permitted sender) smtp.mailfrom=Thomas.Lendacky@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1712787664; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=Bo4p8uIULOAidvNWZBr6RWtqf5QaJ9yfTg3Z8PV7aeY=; b=EVs5S2P7IORFxeUX9qvI9P42QW3NamHzGxD9D613UXSBbvo2Aji9I0QYmENfXTSUFckb1y OupcR6Woj424oDHEd/I+YdRkQoJQbE0fKsac0wxK1jSjl8ydI8cSPyZ24mC5VYtxwCxYm2 HAsvRdKHjUcTOJ4P+xWLKb8XrW+Mdwo= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1712787664; a=rsa-sha256; cv=pass; b=Wtq8FI3LIHjjNbTAINpUmrvkP1HW9seRl7LxTBqhNWK4bBUY0IuecZpxY7IUGTJQYqet02 URwI1eAv8Zb/+nIle9rCb7RMGOjNspIQBoyWzygPyuyU/180fHZHvLxaRq86hdQDy2mIXf k8hx4X/is/UJVLev6HXQ8jOv8bRspzs= ARC-Authentication-Results: i=2; imf08.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=BxpdQXbk; spf=pass (imf08.hostedemail.com: domain of Thomas.Lendacky@amd.com designates 40.107.93.97 as permitted sender) smtp.mailfrom=Thomas.Lendacky@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=DNzlyUbfRgyK08akfOu5SCXPZp6oTZJawzaIuDowA7JRORyMSU4jNbVqnBrOd+HnZ+2VyaKRo25f1ZeBtGdb8R0E+1TfRAj3SAvoFaop+eRejRqhoyMx0vBZwOz7M9Aw8c+69PiRTHr9Z9jByJ0+WRMx4uCueDi8fnPbSpWSkKevRYsMx+hoGriNKHLgqFk58KZ4ON6Ltn6rgCME5LDnNZ3HBKU9Vf5PH+Qk+tcsI9YVXDPhukYZL5y7QFCFLUMf2e5XChnyFxf44brDtX85BqwGZTlVu0SL84XGUlc9WByBfjs9OL9AVOG7fPQFnnvIR8RjYyFmb3JZd7HooJtb6Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Bo4p8uIULOAidvNWZBr6RWtqf5QaJ9yfTg3Z8PV7aeY=; b=KZ2tzDmt6xB7yz5q0B3LmSk+x0Jvgmzme/OLjghAin9J/zO9j2yv5j9KA3nH6cPwFG3nXxvx4wyLnvGBTeoBfdVPVKrRM9+k0274RQMVRoxGfZIGasvM+3GrGFHWSFulKDSOYTeY9oEVk7pVlBUNbgWHUwNMsnbzwOv++7EA0TdamZ3Be7abempzt32f2DIrFZ28VfuTpUhdUYIImAvGF09MIKzphTZ6tyT0LA1mqN5Y4WUSmwYp0gqZaQughB4Mo/QeFE5qDbrtFKdzno9+VcKh3HAQAB7RIll+PeMcXSQlL7vuMvoXyVHkpGuITrw4WmyPOcZJMev+u5dE2RT+Og== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Bo4p8uIULOAidvNWZBr6RWtqf5QaJ9yfTg3Z8PV7aeY=; b=BxpdQXbkMT00i0L99PdrTwiGiAgMdif67sc3tva1gGlR8+aPaOsW0XISVhzw5lrJpK6+GyYKMscSxKaBwMuiNC7fTY6RghwFrO4vsWpjZZl0PfgGmKp8adx8sNiP0HkXfBtyWslg47aVpWke2EHblAG6TX6dq0izIguEZpUL5gQ= Received: from BL1PR12MB5732.namprd12.prod.outlook.com (2603:10b6:208:387::17) by DS7PR12MB5934.namprd12.prod.outlook.com (2603:10b6:8:7d::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.46; Wed, 10 Apr 2024 22:20:59 +0000 Received: from BL1PR12MB5732.namprd12.prod.outlook.com ([fe80::1032:4da5:7572:508]) by BL1PR12MB5732.namprd12.prod.outlook.com ([fe80::1032:4da5:7572:508%6]) with mapi id 15.20.7409.042; Wed, 10 Apr 2024 22:20:59 +0000 Message-ID: <621e4304-d089-282e-0e67-2a4fe75fa3d9@amd.com> Date: Wed, 10 Apr 2024 17:20:56 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.15.1 Subject: Re: [PATCH v12 27/29] crypto: ccp: Add the SNP_VLEK_LOAD command Content-Language: en-US To: Michael Roth , kvm@vger.kernel.org Cc: linux-coco@lists.linux.dev, linux-mm@kvack.org, linux-crypto@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org, tglx@linutronix.de, mingo@redhat.com, jroedel@suse.de, hpa@zytor.com, ardb@kernel.org, pbonzini@redhat.com, seanjc@google.com, vkuznets@redhat.com, jmattson@google.com, luto@kernel.org, dave.hansen@linux.intel.com, slp@redhat.com, pgonda@google.com, peterz@infradead.org, srinivas.pandruvada@linux.intel.com, rientjes@google.com, dovmurik@linux.ibm.com, tobin@ibm.com, bp@alien8.de, vbabka@suse.cz, kirill@shutemov.name, ak@linux.intel.com, tony.luck@intel.com, sathyanarayanan.kuppuswamy@linux.intel.com, alpergun@google.com, jarkko@kernel.org, ashish.kalra@amd.com, nikunj.dadhania@amd.com, pankaj.gupta@amd.com, liam.merwick@oracle.com References: <20240329225835.400662-1-michael.roth@amd.com> <20240329225835.400662-28-michael.roth@amd.com> From: Tom Lendacky In-Reply-To: <20240329225835.400662-28-michael.roth@amd.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-ClientProxiedBy: SN7PR04CA0047.namprd04.prod.outlook.com (2603:10b6:806:120::22) To BL1PR12MB5732.namprd12.prod.outlook.com (2603:10b6:208:387::17) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL1PR12MB5732:EE_|DS7PR12MB5934:EE_ X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: zGJPYFa7gXsz2vQxNqUe/ssVb+lxHQO455dDpxsx2+v3tJeXuZBLa5DhtkPsE3o8roHUGHJjnm9mIgt4D64U4rLa2LjHcMEWe1pGxcPTpIQ6KsBfoaAaZ6ZokcwwApyPZeWMEB0sVv9wcfXBE9LVsP6EhBRZvxeJ5zNdDD9BJav4f/vQ4atpW4HeBJ3kGxBzxcnm0CH2dt1+XVO4fX74ERDaxgYqGnRDaOe10dXqjCi2GqM4kDb+vKvQkk+exzBULBOkMqfQDJZ43zp/Lhk4PCAkJ+aDV8z+nL31XYPVPxNnGGX99KEJwyEUTSzjG1+NNnqHdx4osJNVyG+71tsWVl3lwnHMtawekBg7v2cnh57Mh1j+CZYjOOya1BuChSirNapWiBHrCazf/uvHmSvqnrnklJmTiLfBQeB/jP4jF/ExqXfG8+a8OGdbrRCWXUtuYVUXxAjoLb7uoMU8ydROKDtUC8CKAqj59BtJ36pfyXjYhzVCOEjK6xDMJRFTvCQh8k1DPgVRhRoLhUoDwhmWHtNd5+oKgk8YbXnSgZZdYIpZPOuE/70MLzQGiOrVNMd04u1b/GXWpfFUA2ioPx++PwybB3sApd/Aj/ejG+BM58D6Y/oa6n3RUJ1Q/rNMDtNk/8LEI32cHr6nZvFgV4vtwCZINtOXepjFBGjlM1xWGwQ= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BL1PR12MB5732.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(366007)(1800799015)(7416005)(376005);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?QmpRNnM1YjdURUJIVExQcTN1cGEzRzE4ZFB0dk0xaHlSRUgzM2FNdE5MWjA2?= =?utf-8?B?Tlp6UVpFRHpxRnd1K2xOd0NkUnpPT0FMVVp4SnVoak5uMEpYK3dqU0lQNTNq?= =?utf-8?B?aEVkWjZBRTBzM1Nobyttb2tGQ2wvVmllRU5HdlJhbC8rWmJVSUNuNjJxVGpV?= =?utf-8?B?ajl0Wm0rSXF5OTFFNDBwUWZncjZaVGNhMUVBd0F4N3prOUtpc3lBdHIrMnRx?= =?utf-8?B?WlpWYWlqVXRadzJKb2ZDUHlZYUJMNVc1VEdFWWNUQ0NqNjNldlZKcEYzb282?= =?utf-8?B?eHc2RTBQcGZiZ25wWitTTUJhTzViY3F0ZU1qWXNKVVcyREFZZ1JLS2k4QkdV?= =?utf-8?B?MXNYYlFoamY5WEhwRWFzRzU2U0FsOGNON2k0K2tHcThyQzFvT3FjOWJ6VUhU?= =?utf-8?B?REoyV3pVdFdHVGp2MDlmR1dlZUlqMFhXME5TV0dEMXVZUk4zWEpsdHQ0RFd1?= =?utf-8?B?RnFHMUpEbkZpVnErWnZXSEluMnFLRTRMaFFzRk1SK29INVBoR280WEtPbTBl?= =?utf-8?B?TjNtNW9naFE2MS9XRUwvUHFuSWM5UEdGSW9HL0Nid0U1aTlwL2tRQVRVcDFI?= =?utf-8?B?U3ArY01YUVFPQUVSSGFHeDJSb2xCTmwrQWloQWhOclFFQjNYd09oeFlPdk5l?= =?utf-8?B?eTY4TjliL0NpNmxqNTU0Y1k2ekhrK3c1UFFpQ0QrcUw4NHZCQlNFVDFXVDlh?= =?utf-8?B?Y0ZJSGp6aHc2R2lnWTJCUnk0bHh4U20zZXZFNDg3R0NwY1BTemVGeXFPblhH?= =?utf-8?B?OHRCNnNtd2FiSXRnYnJsVHhodXJsVzdkczcvRVVySzZNditrdDE3WnJ4b1pE?= =?utf-8?B?ZFJXN3hQcUZqZE9ub3lqQmtRYTRuVnVQVXd1SG1qTXJUVFBnOFY2cEQ1bXdr?= =?utf-8?B?Y1Yway9sckwzcTVYOU5CR0wvTE9JcXhHa0ZsS1BsVlJCM3RJVDRVQzAxMzFz?= =?utf-8?B?NGNIWVNMWkh2b2k5MFdzODFCS3hESHlNSEZwSkVzR1UvTlhtWGtnYWEzQ3Rz?= =?utf-8?B?TmlzUVltbnljV3JEN01tblVkWGlheVo5ZktITHE0TFU5czd1R2Q3QXNpeHp1?= =?utf-8?B?L25vMk9DRTlNUU56RUxlUFVaUkoyMDFQZm5rL2pQYmd3OUwrSDdTZ1lJL1hD?= =?utf-8?B?UU1SWUdyWlc4VnBkMDVLcmNZeWppWG1GaXY5WVZIMFdzWFZwTWRHMjRHYUFn?= =?utf-8?B?YzcvK2hKNUdNa1dYL0tsbE8rMUh3SkVuMUkrWFJJOWsrRFJJb2FpVFdWWWNp?= =?utf-8?B?TDJWWmdsVVNoWnAwNThJRlQwd3FRczVnMXYrU0Jja1JPSTZ1V0k1S24vUFA4?= =?utf-8?B?dXdOOUlzQnE2RmFQVlEvaFBsMzViWTNNYWhJZDNwa0QrRmVwRWw0Q2JDVGp3?= =?utf-8?B?ajZWSEJKY2tBaU5oMENGNTFwcThTSzdVZEdlN21mZjJzcmRKcVduYk1HcHIw?= =?utf-8?B?SGRtTlFoSXVrU052Zjc3Qm1FaTJUZjRWRmJlQUF5bXNpR0hDK0VZUTBuK1Vi?= =?utf-8?B?V0ZRcGJxblhvaWUvaTBNRnVlYWk5K3FmNlR3RkV3RzJtcVFMOGJoS1VhNlVK?= =?utf-8?B?RVc5cXN0WGw2dHd4K1hrWFg4dlRYTHRPK09QelJLLzhOSmFqTTUyOWtkRmkr?= =?utf-8?B?YktJZHN0NEowbkx2TDZqcm96am5DOE16L0FIb2VYUEUycExYNUZueHVmQVAx?= =?utf-8?B?MGtRcy9XdXRNYjE4MDVEM2tXdXdUTU5wNmJvTm5mbnIwVTBRMmVnL0hnc0Q5?= =?utf-8?B?cnhRRGpnelFoUWJqYWRCNDQ0akVsSWpLeStFVDc2RHZmaUZLOXRqb1p1U0x3?= =?utf-8?B?QXdRTVN4MDcxMDVFY3JRSGZqQmtldlUvUGJRSUZJek05S2p4ek9qVmhKMDVx?= =?utf-8?B?T0ZkbTZGM0wrMkFUN25oRUlHUDlaN3pRSUZiWGoyR3ptMDJ4Qk8zbm9sQVkz?= =?utf-8?B?bC9ieG5ZZENxZXcyVEpsVnI2VzBoQnhEeEI0UThvWm9XWk9nbGVqVzQ5UXk0?= =?utf-8?B?YVozaWJaa2NnYUphTE90N0p3MUlxMTEzYlZRNzhpd1luZzQ2VXNNMWZKc3Z2?= =?utf-8?B?TVVvMjZ1MXkxV3FlcnZiT0RLczJJR0NveHdyZ2RYNFJtWFFKaE1IRElPMnZt?= =?utf-8?Q?u1mxvO/s/OazjZP/bK1c1Yc8z?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: ed5cc8fc-6aaa-4750-e77f-08dc59ac800c X-MS-Exchange-CrossTenant-AuthSource: BL1PR12MB5732.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Apr 2024 22:20:59.8990 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: FWwvEa+c69ehrxOq1M1e387XSRspBwICziOPGgWSG41dxSGlgL4yvtd9GuKWMZ1SYfE/ov+5pynJGw9Cq3j4Aw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS7PR12MB5934 X-Rspamd-Queue-Id: EBBB3160011 X-Rspam-User: X-Stat-Signature: tk3xp84qmz1fzdkq8wpm4ekh7huzamhs X-Rspamd-Server: rspam03 X-HE-Tag: 1712787663-738286 X-HE-Meta: U2FsdGVkX18zFhaBrKZzoQz3NB5SPDL8ARYFGJyQ9TumeBVSvDTHMz8boS7iEXBXEJTfbdaxnrga0bLAUPg9EEsvZxIqT5R0IgoceKbEjiKEhXcdPuxIw6aRd3w5TG1GS+bVVaA2AclQYzD6xtoT198iGoD+buAyxSUlzWayjMQk0o8bifbFt3VVga55wakUcxHOtdNyjhhc5urlHiKy8U7goyr8TWs6O6W0Vpw1vkGOLWS0b/uJ2Gjl8J73U9V+avLHXUsLyN/FHcDmdAFnISWue7RPRgkfgqS6jJsfXYhonL0a6wmtjmolGSBg0omsol0L7susi3x9cnVOVkSYQblLeJEnXGSLWdv+lLpGVijU2tzMNZW3Fs9NsmrzGh1WA58b+zhDt5DXCT/zUPfOJuMFRnEZNxmpD2JYH99iYZvBPoZQC3KXAT6mTL/RtgroTz13CvMGZtMpkgT665qGQ+PhqZFE9Jkv7dcFx4gQWa6tMyZkgQ01tRKGXv6CIrBQ1x6L7Cce3sKzttalkVkLRTTLy+H/MweA4h3bdWXPh9gWnLIGyV83sHfQchAnGF6BKdiHxlOsJL3xNjZC3kQ8DFrXGlwUIaKztYCjg7u1v2rxGyPhcVl7Af5H3luyjI+KiS9A+o3nXapZ3PkSBzX+MqFl4Rm0yvBrU6inoQ3YL8q4u3J0oed1S3OkfwzF+vug2HIYqHuQyM6NIFMA0JvaHMrBnvmaKlC9wsN9QDRlOdZBq8cJTRjKW6Yps8Iaizw2JXxyN56G4EtWz04v7CtqdlYEc4D59VzMOaM1pUvb7Cy+KjkQxxDmH2EE8TFiA7mPMhGwHbbBy65Mti8RTMLPvkowpaYC7OOLQvJT8QpkWoKudORog8Q1W+5kfX1CMajTRdiZ9AzqtkPk1RHgYh5FEVYj3eW364V98e2nvdN897oNdjQ6k+tav8e06+KdvMVI7F2ZYGi9CZtKlZK9HhD Rzlpol5k Oz4LoPIYv6ef/00KSAgnVQ1KC6DMupqb0WEjapSXw9ckxN+toEMx8Dxeu8C/pW5oKXaZ+WSX+M+9vO2eX2fGGJF7JjxVeVjj7hVmlJvB2fmtfGDfvCbvA2GIfQU7LjIjkRDcqs9LAZYq9rnPnmayhW6PxQaLpoC/xQPXeGHYUZOL9Ol8cOqRHlDxKXxwzD1f3VC3uLlZbxIe1iQIY0XZOkD0cpqWrfs8ZFBFaxgE2hjGptgKtVmKodKrqu08fScmi//KvtX6o9kOy9+jU98gpmphLEg== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On 3/29/24 17:58, Michael Roth wrote: > When requesting an attestation report a guest is able to specify whether > it wants SNP firmware to sign the report using either a Versioned Chip > Endorsement Key (VCEK), which is derived from chip-unique secrets, or a > Versioned Loaded Endorsement Key (VLEK) which is obtained from an AMD > Key Derivation Service (KDS) and derived from seeds allocated to > enrolled cloud service providers (CSPs). > > For VLEK keys, an SNP_VLEK_LOAD SNP firmware command is used to load > them into the system after obtaining them from the KDS. Add a > corresponding userspace interface so to allow the loading of VLEK keys > into the system. > > See SEV-SNP Firmware ABI 1.54, SNP_VLEK_LOAD for more details. > > Signed-off-by: Michael Roth Reviewed-by: Tom Lendacky