From: Brijesh Singh <brijesh.singh@amd.com>
To: <x86@kernel.org>, <linux-kernel@vger.kernel.org>,
<kvm@vger.kernel.org>, <linux-efi@vger.kernel.org>,
<platform-driver-x86@vger.kernel.org>,
<linux-coco@lists.linux.dev>, <linux-mm@kvack.org>
Cc: Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Joerg Roedel <jroedel@suse.de>,
Tom Lendacky <thomas.lendacky@amd.com>,
"H. Peter Anvin" <hpa@zytor.com>,
Ard Biesheuvel <ardb@kernel.org>,
Paolo Bonzini <pbonzini@redhat.com>,
Sean Christopherson <seanjc@google.com>,
"Vitaly Kuznetsov" <vkuznets@redhat.com>,
Jim Mattson <jmattson@google.com>,
"Andy Lutomirski" <luto@kernel.org>,
Dave Hansen <dave.hansen@linux.intel.com>,
Sergio Lopez <slp@redhat.com>, Peter Gonda <pgonda@google.com>,
"Peter Zijlstra" <peterz@infradead.org>,
Srinivas Pandruvada <srinivas.pandruvada@linux.intel.com>,
David Rientjes <rientjes@google.com>,
Dov Murik <dovmurik@linux.ibm.com>,
Tobin Feldman-Fitzthum <tobin@ibm.com>,
Borislav Petkov <bp@alien8.de>,
Michael Roth <michael.roth@amd.com>,
Vlastimil Babka <vbabka@suse.cz>,
"Kirill A . Shutemov" <kirill@shutemov.name>,
Andi Kleen <ak@linux.intel.com>,
"Dr . David Alan Gilbert" <dgilbert@redhat.com>,
<tony.luck@intel.com>, <marcorr@google.com>,
<sathyanarayanan.kuppuswamy@linux.intel.com>,
Brijesh Singh <brijesh.singh@amd.com>
Subject: [PATCH v8 39/40] virt: sevguest: Add support to derive key
Date: Fri, 10 Dec 2021 09:43:31 -0600 [thread overview]
Message-ID: <20211210154332.11526-40-brijesh.singh@amd.com> (raw)
In-Reply-To: <20211210154332.11526-1-brijesh.singh@amd.com>
The SNP_GET_DERIVED_KEY ioctl interface can be used by the SNP guest to
ask the firmware to provide a key derived from a root key. The derived
key may be used by the guest for any purposes it choose, such as a
sealing key or communicating with the external entities.
See SEV-SNP firmware spec for more information.
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
Documentation/virt/coco/sevguest.rst | 17 ++++++++++
drivers/virt/coco/sevguest/sevguest.c | 45 +++++++++++++++++++++++++++
include/uapi/linux/sev-guest.h | 17 ++++++++++
3 files changed, 79 insertions(+)
diff --git a/Documentation/virt/coco/sevguest.rst b/Documentation/virt/coco/sevguest.rst
index 47ef3b0821d5..8c22d514d44f 100644
--- a/Documentation/virt/coco/sevguest.rst
+++ b/Documentation/virt/coco/sevguest.rst
@@ -72,6 +72,23 @@ On success, the snp_report_resp.data will contains the report. The report
contain the format described in the SEV-SNP specification. See the SEV-SNP
specification for further details.
+2.2 SNP_GET_DERIVED_KEY
+-----------------------
+:Technology: sev-snp
+:Type: guest ioctl
+:Parameters (in): struct snp_derived_key_req
+:Returns (out): struct snp_derived_key_req on success, -negative on error
+
+The SNP_GET_DERIVED_KEY ioctl can be used to get a key derive from a root key.
+The derived key can be used by the guest for any purpose, such as sealing keys
+or communicating with external entities.
+
+The ioctl uses the SNP_GUEST_REQUEST (MSG_KEY_REQ) command provided by the
+SEV-SNP firmware to derive the key. See SEV-SNP specification for further details
+on the various fields passed in the key derivation request.
+
+On success, the snp_derived_key_resp.data contains the derived key value. See
+the SEV-SNP specification for further details.
Reference
---------
diff --git a/drivers/virt/coco/sevguest/sevguest.c b/drivers/virt/coco/sevguest/sevguest.c
index b3b080c9b2d6..d8dcafc32e11 100644
--- a/drivers/virt/coco/sevguest/sevguest.c
+++ b/drivers/virt/coco/sevguest/sevguest.c
@@ -391,6 +391,48 @@ static int get_report(struct snp_guest_dev *snp_dev, struct snp_guest_request_io
return rc;
}
+static int get_derived_key(struct snp_guest_dev *snp_dev, struct snp_guest_request_ioctl *arg)
+{
+ struct snp_guest_crypto *crypto = snp_dev->crypto;
+ struct snp_derived_key_resp resp = {0};
+ struct snp_derived_key_req req;
+ int rc, resp_len;
+ u8 buf[64+16]; /* Response data is 64 bytes and max authsize for GCM is 16 bytes */
+
+ if (!arg->req_data || !arg->resp_data)
+ return -EINVAL;
+
+ /* Copy the request payload from userspace */
+ if (copy_from_user(&req, (void __user *)arg->req_data, sizeof(req)))
+ return -EFAULT;
+
+ /*
+ * The intermediate response buffer is used while decrypting the
+ * response payload. Make sure that it has enough space to cover the
+ * authtag.
+ */
+ resp_len = sizeof(resp.data) + crypto->a_len;
+ if (sizeof(buf) < resp_len)
+ return -ENOMEM;
+
+ /* Issue the command to get the attestation report */
+ rc = handle_guest_request(snp_dev, SVM_VMGEXIT_GUEST_REQUEST, arg->msg_version,
+ SNP_MSG_KEY_REQ, &req, sizeof(req), buf, resp_len,
+ &arg->fw_err);
+ if (rc)
+ goto e_free;
+
+ /* Copy the response payload to userspace */
+ memcpy(resp.data, buf, sizeof(resp.data));
+ if (copy_to_user((void __user *)arg->resp_data, &resp, sizeof(resp)))
+ rc = -EFAULT;
+
+e_free:
+ memzero_explicit(buf, sizeof(buf));
+ memzero_explicit(&resp, sizeof(resp));
+ return rc;
+}
+
static long snp_guest_ioctl(struct file *file, unsigned int ioctl, unsigned long arg)
{
struct snp_guest_dev *snp_dev = to_snp_dev(file);
@@ -420,6 +462,9 @@ static long snp_guest_ioctl(struct file *file, unsigned int ioctl, unsigned long
case SNP_GET_REPORT:
ret = get_report(snp_dev, &input);
break;
+ case SNP_GET_DERIVED_KEY:
+ ret = get_derived_key(snp_dev, &input);
+ break;
default:
break;
}
diff --git a/include/uapi/linux/sev-guest.h b/include/uapi/linux/sev-guest.h
index 0bfc162da465..ce595539e00c 100644
--- a/include/uapi/linux/sev-guest.h
+++ b/include/uapi/linux/sev-guest.h
@@ -27,6 +27,20 @@ struct snp_report_resp {
__u8 data[4000];
};
+struct snp_derived_key_req {
+ __u32 root_key_select;
+ __u32 rsvd;
+ __u64 guest_field_select;
+ __u32 vmpl;
+ __u32 guest_svn;
+ __u64 tcb_version;
+};
+
+struct snp_derived_key_resp {
+ /* response data, see SEV-SNP spec for the format */
+ __u8 data[64];
+};
+
struct snp_guest_request_ioctl {
/* message version number (must be non-zero) */
__u8 msg_version;
@@ -44,4 +58,7 @@ struct snp_guest_request_ioctl {
/* Get SNP attestation report */
#define SNP_GET_REPORT _IOWR(SNP_GUEST_REQ_IOC_TYPE, 0x0, struct snp_guest_request_ioctl)
+/* Get a derived key from the root */
+#define SNP_GET_DERIVED_KEY _IOWR(SNP_GUEST_REQ_IOC_TYPE, 0x1, struct snp_guest_request_ioctl)
+
#endif /* __UAPI_LINUX_SEV_GUEST_H_ */
--
2.25.1
next prev parent reply other threads:[~2021-12-10 15:44 UTC|newest]
Thread overview: 183+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-10 15:42 [PATCH v8 00/40] Add AMD Secure Nested Paging (SEV-SNP) Guest Support Brijesh Singh
2021-12-10 15:42 ` [PATCH v8 01/40] x86/compressed/64: detect/setup SEV/SME features earlier in boot Brijesh Singh
2021-12-10 18:47 ` Dave Hansen
2021-12-10 19:12 ` Borislav Petkov
2021-12-10 19:23 ` Dave Hansen
2021-12-10 19:33 ` Borislav Petkov
2021-12-13 19:09 ` Venu Busireddy
2021-12-13 19:17 ` Borislav Petkov
2021-12-14 17:46 ` Venu Busireddy
2021-12-14 19:10 ` Borislav Petkov
2021-12-15 0:14 ` Venu Busireddy
2021-12-15 11:57 ` Borislav Petkov
2021-12-15 14:43 ` Tom Lendacky
2021-12-15 17:49 ` Michael Roth
2021-12-15 18:17 ` Venu Busireddy
2021-12-15 18:33 ` Borislav Petkov
2021-12-15 20:17 ` Michael Roth
2021-12-15 20:38 ` Borislav Petkov
2021-12-15 21:22 ` Michael Roth
2022-01-03 19:10 ` Venu Busireddy
2022-01-05 19:34 ` Brijesh Singh
2022-01-10 20:46 ` Brijesh Singh
2022-01-10 21:17 ` Venu Busireddy
2022-01-10 21:38 ` Borislav Petkov
2021-12-15 20:43 ` Michael Roth
2021-12-15 19:54 ` Venu Busireddy
2021-12-15 18:58 ` Venu Busireddy
2021-12-15 17:51 ` Michael Roth
2021-12-10 15:42 ` [PATCH v8 02/40] x86/sev: " Brijesh Singh
2021-12-13 22:36 ` Venu Busireddy
2021-12-10 15:42 ` [PATCH v8 03/40] x86/mm: Extend cc_attr to include AMD SEV-SNP Brijesh Singh
2021-12-13 22:47 ` Venu Busireddy
2021-12-14 15:53 ` Borislav Petkov
2021-12-10 15:42 ` [PATCH v8 04/40] x86/sev: Define the Linux specific guest termination reasons Brijesh Singh
2021-12-14 0:13 ` Venu Busireddy
2021-12-14 22:22 ` Borislav Petkov
2021-12-10 15:42 ` [PATCH v8 05/40] x86/sev: Save the negotiated GHCB version Brijesh Singh
2021-12-14 0:32 ` Venu Busireddy
2021-12-10 15:42 ` [PATCH v8 06/40] x86/sev: Check SEV-SNP features support Brijesh Singh
2021-12-16 15:47 ` Borislav Petkov
2021-12-16 16:28 ` Brijesh Singh
2021-12-16 16:58 ` Borislav Petkov
2021-12-16 19:01 ` Venu Busireddy
2021-12-10 15:42 ` [PATCH v8 07/40] x86/sev: Add a helper for the PVALIDATE instruction Brijesh Singh
2021-12-16 20:20 ` Venu Busireddy
2021-12-10 15:43 ` [PATCH v8 08/40] x86/sev: Check the vmpl level Brijesh Singh
2021-12-16 20:24 ` Venu Busireddy
2021-12-16 23:39 ` Mikolaj Lisik
2021-12-17 22:19 ` Brijesh Singh
2021-12-17 22:33 ` Tom Lendacky
2021-12-20 18:10 ` Borislav Petkov
2022-01-04 15:23 ` Brijesh Singh
2021-12-10 15:43 ` [PATCH v8 09/40] x86/compressed: Add helper for validating pages in the decompression stage Brijesh Singh
2021-12-17 20:47 ` Venu Busireddy
2021-12-17 23:24 ` Brijesh Singh
2022-01-03 18:43 ` Venu Busireddy
2021-12-21 13:01 ` Borislav Petkov
2021-12-10 15:43 ` [PATCH v8 10/40] x86/compressed: Register GHCB memory when SEV-SNP is active Brijesh Singh
2022-01-03 19:54 ` Venu Busireddy
2021-12-10 15:43 ` [PATCH v8 11/40] x86/sev: " Brijesh Singh
2021-12-22 13:16 ` Borislav Petkov
2021-12-22 15:16 ` Brijesh Singh
2022-01-03 22:47 ` Venu Busireddy
2021-12-10 15:43 ` [PATCH v8 12/40] x86/sev: Add helper for validating pages in early enc attribute changes Brijesh Singh
2021-12-23 11:50 ` Borislav Petkov
2022-01-04 15:33 ` Brijesh Singh
2022-01-03 23:28 ` Venu Busireddy
2022-01-11 21:22 ` Brijesh Singh
2022-01-11 21:51 ` Venu Busireddy
2022-01-11 21:57 ` Brijesh Singh
2022-01-11 22:42 ` Venu Busireddy
2021-12-10 15:43 ` [PATCH v8 13/40] x86/kernel: Make the bss.decrypted section shared in RMP table Brijesh Singh
2021-12-28 11:53 ` Borislav Petkov
2022-01-04 17:56 ` Venu Busireddy
2022-01-05 19:52 ` Brijesh Singh
2022-01-05 20:27 ` Dave Hansen
2022-01-05 21:39 ` Brijesh Singh
2022-01-06 17:40 ` Venu Busireddy
2022-01-06 19:06 ` Tom Lendacky
2022-01-06 20:16 ` Venu Busireddy
2022-01-06 20:50 ` Tom Lendacky
2021-12-10 15:43 ` [PATCH v8 14/40] x86/kernel: Validate rom memory before accessing when SEV-SNP is active Brijesh Singh
2021-12-28 15:40 ` Borislav Petkov
2021-12-10 15:43 ` [PATCH v8 15/40] x86/mm: Add support to validate memory when changing C-bit Brijesh Singh
2021-12-29 11:09 ` Borislav Petkov
2022-01-04 22:31 ` Venu Busireddy
2021-12-10 15:43 ` [PATCH v8 16/40] KVM: SVM: Define sev_features and vmpl field in the VMSA Brijesh Singh
2022-01-04 22:59 ` Venu Busireddy
2021-12-10 15:43 ` [PATCH v8 17/40] KVM: SVM: Create a separate mapping for the SEV-ES save area Brijesh Singh
2021-12-30 12:19 ` Borislav Petkov
2022-01-05 1:38 ` Venu Busireddy
2021-12-10 15:43 ` [PATCH v8 18/40] KVM: SVM: Create a separate mapping for the GHCB " Brijesh Singh
2022-01-05 18:41 ` Venu Busireddy
2021-12-10 15:43 ` [PATCH v8 19/40] KVM: SVM: Update the SEV-ES save area mapping Brijesh Singh
2022-01-05 18:54 ` Venu Busireddy
2021-12-10 15:43 ` [PATCH v8 20/40] x86/sev: Use SEV-SNP AP creation to start secondary CPUs Brijesh Singh
2021-12-10 18:50 ` Dave Hansen
2022-01-12 16:17 ` Brijesh Singh
2021-12-31 15:36 ` Borislav Petkov
2022-01-03 18:10 ` Vlastimil Babka
2022-01-12 16:33 ` Brijesh Singh
2022-01-12 17:10 ` Tom Lendacky
2022-01-13 12:23 ` Borislav Petkov
2022-01-13 12:21 ` Borislav Petkov
2021-12-10 15:43 ` [PATCH v8 21/40] x86/head: re-enable stack protection for 32/64-bit builds Brijesh Singh
2022-01-03 16:49 ` Borislav Petkov
2021-12-10 15:43 ` [PATCH v8 22/40] x86/sev: move MSR-based VMGEXITs for CPUID to helper Brijesh Singh
2021-12-30 18:52 ` Sean Christopherson
2022-01-04 20:57 ` Borislav Petkov
2022-01-04 23:36 ` Michael Roth
2022-01-06 18:38 ` Venu Busireddy
2022-01-06 20:21 ` Michael Roth
2022-01-06 20:36 ` Venu Busireddy
2021-12-10 15:43 ` [PATCH v8 23/40] KVM: x86: move lookup of indexed CPUID leafs " Brijesh Singh
2022-01-06 18:46 ` Venu Busireddy
2021-12-10 15:43 ` [PATCH v8 24/40] x86/compressed/acpi: move EFI system table lookup " Brijesh Singh
2021-12-10 18:54 ` Dave Hansen
2021-12-13 15:47 ` Michael Roth
2021-12-13 16:21 ` Dave Hansen
2021-12-13 18:00 ` Michael Roth
2022-01-11 8:59 ` Chao Fan
2022-01-05 23:50 ` Borislav Petkov
2022-01-06 19:59 ` Venu Busireddy
2021-12-10 15:43 ` [PATCH v8 25/40] x86/compressed/acpi: move EFI config " Brijesh Singh
2022-01-06 20:33 ` Venu Busireddy
2021-12-10 15:43 ` [PATCH v8 26/40] x86/compressed/acpi: move EFI vendor " Brijesh Singh
2022-01-06 20:47 ` Venu Busireddy
2021-12-10 15:43 ` [PATCH v8 27/40] x86/boot: Add Confidential Computing type to setup_data Brijesh Singh
2021-12-10 19:12 ` Dave Hansen
2021-12-10 20:18 ` Brijesh Singh
2021-12-10 20:30 ` Dave Hansen
2021-12-13 14:49 ` Brijesh Singh
2021-12-13 15:08 ` Dave Hansen
2021-12-13 15:55 ` Brijesh Singh
2022-01-07 11:54 ` Borislav Petkov
2022-01-06 22:48 ` Venu Busireddy
2021-12-10 15:43 ` [PATCH v8 28/40] KVM: SEV: Add documentation for SEV-SNP CPUID Enforcement Brijesh Singh
2022-01-07 13:22 ` Borislav Petkov
2021-12-10 15:43 ` [PATCH v8 29/40] x86/compressed/64: add support for SEV-SNP CPUID table in #VC handlers Brijesh Singh
2022-01-13 13:16 ` Borislav Petkov
2022-01-13 16:39 ` Michael Roth
2022-01-14 16:13 ` Borislav Petkov
2022-01-18 4:35 ` Michael Roth
2022-01-18 14:02 ` Borislav Petkov
2022-01-18 14:23 ` Michael Roth
2022-01-18 14:32 ` Michael Roth
2022-01-18 14:37 ` Michael Roth
2022-01-18 16:34 ` Borislav Petkov
2022-01-18 17:20 ` Michael Roth
2022-01-18 17:41 ` Borislav Petkov
2022-01-18 18:49 ` Michael Roth
2022-01-19 1:18 ` Michael Roth
2022-01-19 11:17 ` Borislav Petkov
2022-01-19 16:27 ` Michael Roth
2022-01-27 17:23 ` Michael Roth
2022-01-28 22:58 ` Borislav Petkov
2021-12-10 15:43 ` [PATCH v8 30/40] x86/boot: add a pointer to Confidential Computing blob in bootparams Brijesh Singh
2022-01-17 18:14 ` Borislav Petkov
2021-12-10 15:43 ` [PATCH v8 31/40] x86/compressed: add SEV-SNP feature detection/setup Brijesh Singh
2022-01-19 12:55 ` Borislav Petkov
2021-12-10 15:43 ` [PATCH v8 32/40] x86/compressed: use firmware-validated CPUID for SEV-SNP guests Brijesh Singh
2022-01-20 12:18 ` Borislav Petkov
2021-12-10 15:43 ` [PATCH v8 33/40] x86/compressed/64: add identity mapping for Confidential Computing blob Brijesh Singh
2021-12-10 19:52 ` Dave Hansen
2021-12-13 17:54 ` Michael Roth
2022-01-25 13:48 ` Borislav Petkov
2021-12-10 15:43 ` [PATCH v8 34/40] x86/sev: add SEV-SNP feature detection/setup Brijesh Singh
2022-01-25 18:43 ` Borislav Petkov
2021-12-10 15:43 ` [PATCH v8 35/40] x86/sev: use firmware-validated CPUID for SEV-SNP guests Brijesh Singh
2022-01-26 18:35 ` Borislav Petkov
2021-12-10 15:43 ` [PATCH v8 36/40] x86/sev: Provide support for SNP guest request NAEs Brijesh Singh
2022-01-27 16:21 ` Borislav Petkov
2022-01-27 17:02 ` Brijesh Singh
2022-01-29 10:27 ` Borislav Petkov
2022-01-29 11:49 ` Brijesh Singh
2022-01-29 12:02 ` Borislav Petkov
2021-12-10 15:43 ` [PATCH v8 37/40] x86/sev: Register SNP guest request platform device Brijesh Singh
2021-12-10 15:43 ` [PATCH v8 38/40] virt: Add SEV-SNP guest driver Brijesh Singh
2021-12-10 15:43 ` Brijesh Singh [this message]
2021-12-10 22:27 ` [PATCH v8 39/40] virt: sevguest: Add support to derive key Liam Merwick
2021-12-10 15:43 ` [PATCH v8 40/40] virt: sevguest: Add support to get extended report Brijesh Singh
2021-12-10 20:17 ` [PATCH v8 00/40] Add AMD Secure Nested Paging (SEV-SNP) Guest Support Dave Hansen
2021-12-10 20:20 ` Brijesh Singh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211210154332.11526-40-brijesh.singh@amd.com \
--to=brijesh.singh@amd.com \
--cc=ak@linux.intel.com \
--cc=ardb@kernel.org \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=dgilbert@redhat.com \
--cc=dovmurik@linux.ibm.com \
--cc=hpa@zytor.com \
--cc=jmattson@google.com \
--cc=jroedel@suse.de \
--cc=kirill@shutemov.name \
--cc=kvm@vger.kernel.org \
--cc=linux-coco@lists.linux.dev \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luto@kernel.org \
--cc=marcorr@google.com \
--cc=michael.roth@amd.com \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=pgonda@google.com \
--cc=platform-driver-x86@vger.kernel.org \
--cc=rientjes@google.com \
--cc=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=seanjc@google.com \
--cc=slp@redhat.com \
--cc=srinivas.pandruvada@linux.intel.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=tobin@ibm.com \
--cc=tony.luck@intel.com \
--cc=vbabka@suse.cz \
--cc=vkuznets@redhat.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.