Commit 45d59bd4 authored by Ashish Kalra's avatar Ashish Kalra Committed by Herbert Xu
Browse files

crypto: ccp - Introduce new API interface to indicate SEV-SNP Ciphertext hiding feature 



Implement an API that checks the overall feature support for SEV-SNP
ciphertext hiding.

This API verifies both the support of the SEV firmware for the feature
and its enablement in the platform's BIOS.

Reviewed-by: default avatarTom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: default avatarAshish Kalra <ashish.kalra@amd.com>
Reviewed-by: default avatarKim Phillips <kim.phillips@amd.com>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 33cfb80d

drivers/crypto/ccp/sev-dev.c

+21 −0
Original line number Diff line number Diff line
@@ -1074,6 +1074,27 @@ static void snp_set_hsave_pa(void *arg) 
	wrmsrq(MSR_VM_HSAVE_PA, 0);

}



bool sev_is_snp_ciphertext_hiding_supported(void)

{

	struct psp_device *psp = psp_master;

	struct sev_device *sev;



	if (!psp || !psp->sev_data)

		return false;



	sev = psp->sev_data;



	/*

	 * Feature information indicates if CipherTextHiding feature is

	 * supported by the SEV firmware and additionally platform status

	 * indicates if CipherTextHiding feature is enabled in the

	 * Platform BIOS.

	 */

	return ((sev->snp_feat_info_0.ecx & SNP_CIPHER_TEXT_HIDING_SUPPORTED) &&

		 sev->snp_plat_status.ciphertext_hiding_cap);

}

EXPORT_SYMBOL_GPL(sev_is_snp_ciphertext_hiding_supported);



static int snp_get_platform_data(struct sev_device *sev, int *error)

{

	struct sev_data_snp_feature_info snp_feat_info;

include/linux/psp-sev.h

+5 −0
Original line number Diff line number Diff line
@@ -843,6 +843,8 @@ struct snp_feature_info { 
	u32 edx;

} __packed;



#define SNP_CIPHER_TEXT_HIDING_SUPPORTED	BIT(3)



#ifdef CONFIG_CRYPTO_DEV_SP_PSP



/**
@@ -986,6 +988,7 @@ void *psp_copy_user_blob(u64 uaddr, u32 len); 
void *snp_alloc_firmware_page(gfp_t mask);

void snp_free_firmware_page(void *addr);

void sev_platform_shutdown(void);

bool sev_is_snp_ciphertext_hiding_supported(void);



#else	/* !CONFIG_CRYPTO_DEV_SP_PSP */
@@ -1022,6 +1025,8 @@ static inline void snp_free_firmware_page(void *addr) { } 


static inline void sev_platform_shutdown(void) { }



static inline bool sev_is_snp_ciphertext_hiding_supported(void) { return false; }



#endif	/* CONFIG_CRYPTO_DEV_SP_PSP */



#endif	/* __PSP_SEV_H__ */