Commit ef788e7b authored by hanliyang's avatar hanliyang
Browse files

crypto: ccp: Provide csv_get_extension_info() to present extensions of newer CSV firmware 

hygon inclusion
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/IBGDLQ


CVE: NA

---------------------------

As more and more confidential computing features are provided, the
hypervisor and userspace VMM should recognize the extended features.

Provide csv_get_extension_info() to present the extended confidential
computing features of the newer CSV firmware so that the hypervisor can
utilize the extended features when launch and running a confidential
guest.

Signed-off-by: default avatarhanliyang <hanliyang@hygon.cn>
parent 957b46de

drivers/crypto/ccp/hygon/csv-dev.c

+32 −0
Original line number Diff line number Diff line
@@ -664,6 +664,38 @@ int csv_check_stat_queue_status(int *psp_ret) 
}

EXPORT_SYMBOL_GPL(csv_check_stat_queue_status);



int csv_get_extension_info(void *buf, size_t *size)

{

	/* If @hygon_csv_build is 0, this means CSV firmware doesn't exist or

	 * the psp device doesn't exist.

	 */

	if (hygon_csv_build == 0)

		return -ENODEV;



	/* The caller must provide valid @buf and the @buf must >= 4 bytes in

	 * size.

	 */

	if (!buf || !size || *size < sizeof(uint32_t)) {

		if (size)

			*size = sizeof(uint32_t);



		return -EINVAL;

	}



	/* Since firmware with build id 2200, support:

	 *   a. issue LAUNCH_ENCRYPT_DATA command more than once for a

	 *      CSV3 guest.

	 *   b. inject secret to a CSV3 guest.

	 */

	if (csv_version_greater_or_equal(2200)) {

		*(uint32_t *)buf |= CSV_EXT_CSV3_MULT_LUP_DATA;

		*(uint32_t *)buf |= CSV_EXT_CSV3_INJ_SECRET;

	}



	return 0;

}

EXPORT_SYMBOL_GPL(csv_get_extension_info);



#ifdef CONFIG_HYGON_CSV



int csv_platform_cmd_set_secure_memory_region(struct sev_device *sev, int *error)

include/linux/psp-hygon.h

+21 −0
Original line number Diff line number Diff line
@@ -20,6 +20,11 @@ 


#define CSV_FW_MAX_SIZE		0x80000	/* 512KB */



#define CSV_EXT_CSV3_MULT_LUP_DATA_BIT	0

#define CSV_EXT_CSV3_MULT_LUP_DATA	(1 << CSV_EXT_CSV3_MULT_LUP_DATA_BIT)

#define CSV_EXT_CSV3_INJ_SECRET_BIT	1

#define CSV_EXT_CSV3_INJ_SECRET		(1 << CSV_EXT_CSV3_INJ_SECRET_BIT)



/**

 * Guest/platform management commands for CSV

 */
@@ -508,6 +513,20 @@ int kvm_pv_psp_copy_forward_op(struct kvm_vpsp *vpsp, int cmd, gpa_t data_gpa, g 


int kvm_pv_psp_forward_op(struct kvm_vpsp *vpsp, uint32_t cmd,

				gpa_t data_gpa, uint32_t psp_ret);



/**

 * csv_get_extension_info - collect extension set of the firmware

 *

 * @buf: The buffer to save extension set

 * @size: The size of the @buf

 *

 * Returns:

 * 0 if @buf is filled with extension bitflags

 * -%ENODEV if the CSV device is not available

 * -%EINVAL if @buf is NULL or @size is too smaller

 */

int csv_get_extension_info(void *buf, size_t *size);



#else	/* !CONFIG_CRYPTO_DEV_SP_PSP */



static inline int psp_do_cmd(int cmd, void *data, int *psp_ret) { return -ENODEV; }
@@ -542,6 +561,8 @@ static inline int 
kvm_pv_psp_forward_op(struct kvm_vpsp *vpsp, uint32_t cmd,

			gpa_t data_gpa, uint32_t psp_ret) { return -ENODEV; }



static inline int csv_get_extension_info(void *buf, size_t *size) { return -ENODEV; }



#endif	/* CONFIG_CRYPTO_DEV_SP_PSP */



typedef int (*p2c_notifier_t)(uint32_t id, uint64_t data);