Commit 6e5772c8 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'x86_cc_for_v5.16_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 

Pull generic confidential computing updates from Borislav Petkov:
 "Add an interface called cc_platform_has() which is supposed to be used
  by confidential computing solutions to query different aspects of the
  system.

  The intent behind it is to unify testing of such aspects instead of
  having each confidential computing solution add its own set of tests
  to code paths in the kernel, leading to an unwieldy mess"

* tag 'x86_cc_for_v5.16_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  treewide: Replace the use of mem_encrypt_active() with cc_platform_has()
  x86/sev: Replace occurrences of sev_es_active() with cc_platform_has()
  x86/sev: Replace occurrences of sev_active() with cc_platform_has()
  x86/sme: Replace occurrences of sme_active() with cc_platform_has()
  powerpc/pseries/svm: Add a powerpc version of cc_platform_has()
  x86/sev: Add an x86 version of cc_platform_has()
  arch/cc: Introduce a function to check for confidential computing features
  x86/ioremap: Selectively build arch override encryption functions
parents 57f45de7 e9d1d2bb

arch/Kconfig

+3 −0
Original line number Diff line number Diff line
@@ -1234,6 +1234,9 @@ config RELR 
config ARCH_HAS_MEM_ENCRYPT

	bool



config ARCH_HAS_CC_PLATFORM

	bool



config HAVE_SPARSE_SYSCALL_NR

       bool

       help

arch/powerpc/include/asm/mem_encrypt.h

+0 −5
Original line number Diff line number Diff line
@@ -10,11 +10,6 @@ 


#include <asm/svm.h>



static inline bool mem_encrypt_active(void)

{

	return is_secure_guest();

}



static inline bool force_dma_unencrypted(struct device *dev)

{

	return is_secure_guest();

arch/powerpc/platforms/pseries/Kconfig

+1 −0
Original line number Diff line number Diff line
@@ -159,6 +159,7 @@ config PPC_SVM 
	select SWIOTLB

	select ARCH_HAS_MEM_ENCRYPT

	select ARCH_HAS_FORCE_DMA_UNENCRYPTED

	select ARCH_HAS_CC_PLATFORM

	help

	 There are certain POWER platforms which support secure guests using

	 the Protected Execution Facility, with the help of an Ultravisor

arch/powerpc/platforms/pseries/Makefile

+2 −0
Original line number Diff line number Diff line
@@ -31,3 +31,5 @@ obj-$(CONFIG_FA_DUMP) += rtas-fadump.o 


obj-$(CONFIG_SUSPEND)		+= suspend.o

obj-$(CONFIG_PPC_VAS)		+= vas.o



obj-$(CONFIG_ARCH_HAS_CC_PLATFORM)	+= cc_platform.o

arch/powerpc/platforms/pseries/cc_platform.c

0 → 100644
+26 −0
Original line number Diff line number Diff line 
// SPDX-License-Identifier: GPL-2.0-only

/*

 * Confidential Computing Platform Capability checks

 *

 * Copyright (C) 2021 Advanced Micro Devices, Inc.

 *

 * Author: Tom Lendacky <thomas.lendacky@amd.com>

 */



#include <linux/export.h>

#include <linux/cc_platform.h>



#include <asm/machdep.h>

#include <asm/svm.h>



bool cc_platform_has(enum cc_attr attr)

{

	switch (attr) {

	case CC_ATTR_MEM_ENCRYPT:

		return is_secure_guest();



	default:

		return false;

	}

}

EXPORT_SYMBOL_GPL(cc_platform_has);