Commit 4be42357 authored by Alexey Kardashevskiy's avatar Alexey Kardashevskiy Committed by Dan Williams
Browse files

crypto/ccp: Implement SEV-TIO PCIe IDE (phase1) 



Implement the SEV-TIO (Trusted I/O) firmware interface for PCIe TDISP
(Trust Domain In-Socket Protocol). This enables secure communication
between trusted domains and PCIe devices through the PSP (Platform
Security Processor).

The implementation includes:
- Device Security Manager (DSM) operations for establishing secure links
- SPDM (Security Protocol and Data Model) over DOE (Data Object Exchange)
- IDE (Integrity Data Encryption) stream management for secure PCIe

This module bridges the SEV firmware stack with the generic PCIe TSM
framework.

This is phase1 as described in Documentation/driver-api/pci/tsm.rst.

On AMD SEV, the AMD PSP firmware acts as TSM (manages the security/trust).
The CCP driver provides the interface to it and registers in the TSM
subsystem.

Detect the PSP support (reported via FEATURE_INFO + SNP_PLATFORM_STATUS)
and enable SEV-TIO in the SNP_INIT_EX call if the hardware supports TIO.

Implement SEV TIO PSP command wrappers in sev-dev-tio.c and store
the data in the SEV-TIO-specific structs.

Implement TSM hooks and IDE setup in sev-dev-tsm.c.

Signed-off-by: default avatarAlexey Kardashevskiy <aik@amd.com>
Link: https://patch.msgid.link/692f506bb80c9_261c11004@dwillia2-mobl4.notmuch


Acked-by: default avatarTom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: default avatarDan Williams <dan.j.williams@intel.com>
parent eeb93413

drivers/crypto/ccp/Kconfig

+1 −0
Original line number Diff line number Diff line
@@ -39,6 +39,7 @@ config CRYPTO_DEV_SP_PSP 
	bool "Platform Security Processor (PSP) device"

	default y

	depends on CRYPTO_DEV_CCP_DD && X86_64 && AMD_IOMMU

	select PCI_TSM

	help

	 Provide support for the AMD Platform Security Processor (PSP).

	 The PSP is a dedicated processor that provides support for key

drivers/crypto/ccp/Makefile

+4 −0
Original line number Diff line number Diff line
@@ -16,6 +16,10 @@ ccp-$(CONFIG_CRYPTO_DEV_SP_PSP) += psp-dev.o \ 
                                   hsti.o \

                                   sfs.o



ifeq ($(CONFIG_PCI_TSM),y)

ccp-$(CONFIG_CRYPTO_DEV_SP_PSP) += sev-dev-tsm.o sev-dev-tio.o

endif



obj-$(CONFIG_CRYPTO_DEV_CCP_CRYPTO) += ccp-crypto.o

ccp-crypto-objs := ccp-crypto-main.o \

		   ccp-crypto-aes.o \

drivers/crypto/ccp/sev-dev-tio.c

0 → 100644
+864 −0

File added.

Preview size limit exceeded, changes collapsed.

drivers/crypto/ccp/sev-dev-tio.h

0 → 100644
+123 −0

File added.

Preview size limit exceeded, changes collapsed.

drivers/crypto/ccp/sev-dev-tsm.c

0 → 100644
+405 −0

File added.

Preview size limit exceeded, changes collapsed.