From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752894AbdLEBOQ (ORCPT ); Mon, 4 Dec 2017 20:14:16 -0500 Received: from mail-by2nam03on0057.outbound.protection.outlook.com ([104.47.42.57]:42880 "EHLO NAM03-BY2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1752338AbdLEBFe (ORCPT ); Mon, 4 Dec 2017 20:05:34 -0500 Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; From: Brijesh Singh To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org Cc: bp@alien8.de, Brijesh Singh , Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Borislav Petkov , Herbert Xu , Gary Hook , Tom Lendacky , linux-crypto@vger.kernel.org Subject: [Part2 PATCH v9 14/38] crypto: ccp: Implement SEV_FACTORY_RESET ioctl command Date: Mon, 4 Dec 2017 19:04:14 -0600 Message-Id: <20171205010438.5773-15-brijesh.singh@amd.com> X-Mailer: git-send-email 2.9.5 In-Reply-To: <20171205010438.5773-1-brijesh.singh@amd.com> References: <20171205010438.5773-1-brijesh.singh@amd.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: CY4PR0601CA0087.namprd06.prod.outlook.com (52.132.96.156) To CY1PR12MB0149.namprd12.prod.outlook.com (10.161.173.19) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 338e3616-d4ba-4837-4b2e-08d53b7c39c8 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(5600026)(4604075)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(48565401081)(2017052603286);SRVR:CY1PR12MB0149; X-Microsoft-Exchange-Diagnostics: 1;CY1PR12MB0149;3:dAuZCmwA9t/9jgr6D5z9+yk85QHq/8pzIRgtg7eFRO3ChbkejuhfF5RDA6JykQ/XyvmcMXQiULoht4VJvAx/0fbuX+PN5HoB2f+RxlH1+YAlPZ7olVdzbGQRIYGD1Oj2ioW+Uz6bC/uCgDR+bV4j4Wuc/OjJLxCu+k9agWdX0O67upHchwweqBKAzTJ37a73Pcn4K41JpTdDl7CahF01wOiGwnH7ww/c6WC3c9dHnhmHh6y4/xZHI/QQmFjLasXM;25:3BIK8m7Yr8PNYtSnN1NmB63biOSFfgUgCaQlUxuMmfMhZOGexMjNeyAMZvA3jjeQspjI1JpTT2mgzFWCrn0oOYLyR3WzIHdMHhK/hRd3E4gSnaDOY+5pjmKxSa/azINcY5BK/5fX9h/xAt0m2U6zQkfgXmUh514u5ypHJIGpiCb8yE0auaBwGB9ttveoRUJU+Ktd7B93clELpiuQfJpJW/ndsB8LzdQOxq+oAOab5MotYJgxvsXWXnFrgUT3voVU/pnMzBQGraQyR/erEpD5HOm99ZnCJGlWOccLb+4PP9qKTLCD4v68ZPsBd9N906+ChomlDXa8+16i+rCjthahJQ==;31:5X1tIJ/RKdtNaB0Et2RngchuTu5hxgKKQEJdMQp5UmImKC02XS2H4A5tgKidkyqDJ2tV2t1aB1JTc+jBx+b7fJZIIT/rRXg1wn9RlgoxVCQBCqR5egUp84zatEnuSxbrqqA7CPMNi1Yl/f6Klmp1jzjbtWDIIiRfBIke+qJLdfYXs4xzVmcZp6+dbWIfZkldys4hyh064EMTOQAQhJ0g7CgUqhmkNxMSaU8xtI4CG9U= X-MS-TrafficTypeDiagnostic: CY1PR12MB0149: X-Microsoft-Exchange-Diagnostics: 1;CY1PR12MB0149;20:pt6m8vEO3mv09TKTU6ufntSmykc0wQ2pEX+nGl7gJyPqS0rrR2jCdUU39ZC/vQNqzIlbU2ZuIbd9JihbScWmf0KjCsfJ9Y4zqVuDNWq5K+fJ9nTeuqr0K10HGUgQK9eRBfSNoqixQOytE3OeGOSsr64Obgr+RTQWK8DLNcdJdjZk4OzDMUrDw9ajwmVU79jvYl46RrJpNDlkFhYM9pfia++yCZHtIYuXRBFtyEsjcVBwyMR8JiAoPFXL8YJRxaO+O8dA5K6jTVOh9CglRToi537f6Qg/ecbQqfUoHaiXsgUgvLbRQ99/HlI2tPXYmbNsrLUUZRVrvxi7VkmWE7RMDydeC0vnHFZfE82xKR40xgFs+CYVeech8QPsaGtkTiB86Gl3GDWcl1chwFcx4DygGmqXLyKDssoh8CnU/Gk+awE44n+SNZOApEmX4nXJ9nvCpV5+xjit2CT7CmJEcym6gd9iMSDk8yxEM8nBab4e6srJ5X5YFTZ/GGi9EDGrZ0ah;4:l4bouG6sr8i8Cdho7YrqKab80z+vW1EuGyM5vBBlu472XotRMr8N+PBNDVjaaEosinlXvnZvCKAYObTaaefmzM46mFdvD9ePnqvrVCabJy8wZPYfAG77BdSwhjnkSEg4AQJ1sKwVKcUqo50m57rtlt+jwu4bw/C2gjG2SYO1qnrhHk4cgCTl8Vxk1H+oOke2c/ZxeKQ5k7poKP3QryA8E1qvwhkyTyxGC7ORNfDK9h/+hIwxDxWXHVloEjlSd3ri0vdExif0d7kTThFLrNZYxOBZ0K/Y3ENeH/hSCgsHClE5OG9kVIgscMzCxE/MyN5pkOyn6HCnyS5NivUyTOO/wQ== X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(9452136761055)(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040450)(2401047)(5005006)(8121501046)(93006095)(93001095)(10201501046)(3002001)(3231022)(6055026)(6041248)(20161123558100)(20161123555025)(20161123562025)(20161123564025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(6072148)(201708071742011);SRVR:CY1PR12MB0149;BCL:0;PCL:0;RULEID:(100000803101)(100110400095);SRVR:CY1PR12MB0149; X-Forefront-PRVS: 0512CC5201 X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(6009001)(366004)(39860400002)(346002)(376002)(189002)(199003)(16526018)(189998001)(106356001)(478600001)(2870700001)(101416001)(23676004)(52116002)(97736004)(86362001)(7696005)(33646002)(54906003)(25786009)(105586002)(76176011)(316002)(2950100002)(6666003)(7736002)(2906002)(6486002)(50226002)(81166006)(81156014)(8936002)(53936002)(8676002)(4326008)(1076002)(305945005)(66066001)(6116002)(53416004)(5660300001)(47776003)(68736007)(3846002)(50466002)(36756003);DIR:OUT;SFP:1101;SCL:1;SRVR:CY1PR12MB0149;H:wsp141597wss.amd.com;FPR:;SPF:None;PTR:InfoNoRecords;MX:1;A:1;LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtDWTFQUjEyTUIwMTQ5OzIzOmdDbTNRS0ZlVVk4cG5rVEFyZ29vR3EvQUVo?= =?utf-8?B?bnhURWpZYTF3all0K2lkajJMSWI0ZGdBNHZZaUt2UDYwdmx2Sm1TeithRUF3?= =?utf-8?B?L1ZNRENvVnI2dmdyRFllM2hGY3I1dHZuOTdrZlNDdzJ1bzVXc3JjYUhZWm9o?= =?utf-8?B?dGxuZmhkVUN6WG9PMFg4S1VIWmFNLytKc1AwMkxOcThBajJvWDVOM0pVdmJ4?= =?utf-8?B?STBjOFlGWTNqMCtFSDYzYXNRRnJMZ0x5WG5mY2pOaVFodm85ZzU5SW5UL2w0?= =?utf-8?B?dXhsMXVZVlN1TzNDY01iS3FuT1poM1NiaXVZWEgxai93WDJPTVpEbXU5QTdm?= =?utf-8?B?VStKTHhFRWhrcHdSQkxVQ3V2MDIrSzZwVkNGaWlXT0Ftd0ZLVkN3RUJyUkFC?= =?utf-8?B?dmFoWWtvbTRBUERTNm5mMmdLejN2S1pEREIrSkdPelpoSzFjQ2tjZXNhTTlS?= =?utf-8?B?WjkzWHE5bkxtUXVkbHB4ejN6aGd6Qk9tM0RDMERDWWhpSUFGZVord016MnZG?= =?utf-8?B?Vy9rdFhqcTZSTnRXUXRPcE5YQXZETkpqUEFWdjlzMGJ2RTFWYUc0QjJmL05T?= =?utf-8?B?MTNJNXZNWVlpak91c3d0VkNZYm5YK3ErSmh0Z0ErRGxhS2tTRjR4UzM0bFIz?= =?utf-8?B?K0VIYXhUbXlXbElsSGhLcWFzUUZNYVJvVEErRDNWRVJaL28wSU5KTnpIOW80?= =?utf-8?B?dFAyNGtrNW9STE0wUFRPRDE5cG1oOHZEUTkvRm5RTkNTYW5uTnRqZlphRVky?= =?utf-8?B?QTdRbmd1ZkZOczIvVlJtR2tIZkFHMlhkWksrcmZ3cUhUOHBaS245WTRKRmdv?= =?utf-8?B?WGZVNDVTcjh2WnpjTHRyb25FNzJNbXc0djBVZkdVZG1XQ1RHcDlwblJBV0lB?= =?utf-8?B?UVNxZHYweFdGVi9XMEZCS2xRdGRESnZyYnk5Sk56T2VjYm5JTXhLSkxEMmEw?= =?utf-8?B?WEZtMVBPTWN3TnQzNFZZTDhRbHppMHYxZnVlYi8zQWY2VWtwVmlZdHpQZXNB?= =?utf-8?B?NGlYSWJLbkJ4MndRSDJucHBULzA2U05qMUtIRXp2VGF4bENzanBReTd0L3d3?= =?utf-8?B?R0Vyc1UyQkxZMmx2NUYwSnlocWFqMjhuWFFHaktPY0g3aXdJeHoxY3FwQkpC?= =?utf-8?B?akhsaEtub01GL3ZlRjBGbEEzWlJsMjExQUlObUhBaUt0TllxajI3cVdWbUVz?= =?utf-8?B?M2JBaTJmaWp3REx1QUdNOHdPaEx6MEhtdXMzRmhBWi82ZDJmYW4zZDNrODVV?= =?utf-8?B?eDhqUklDdnNURWp3SElyamhrMERGLzRJelZRa0VieXI2enNYaWJmbHhvNGJv?= =?utf-8?B?RTA0QzRSSUUxemMyZXh3ZERINnNKQWlWdUFHY2dkS3luQUlUNUFjV3hjZ1dz?= =?utf-8?B?alVGYlI5SWhmcENJQklMODFiN24xSXl4SXpHSGY2cE5sclhVcWNyS3ZsQmkr?= =?utf-8?B?QW82VEg4QkV3UFhtK0RqcXF1STl4WGNaWCtpOFBaT09mMzRlYUpVQXRRNXB6?= =?utf-8?B?YkJLdz09?= X-Microsoft-Exchange-Diagnostics: 1;CY1PR12MB0149;6:pvTsA+1G7TdFdv/sD0AVaugkaTNNIIxc6zlgzC5tDHMAESadrFiXPiMN6UP0liZBgiJ/HCz5KwiTNrL1cBy+/cJYyVhXfMEFmBvukOzWNfcp9tpdlVZ6CkNhCj377GyyT8jdylNoWogiBX+uEtcpNSCkOx1naip/05QcmEX9qAGkuTxiTv+TkJTfH2aaWxMhQX8HHD9ZH7Q9sXfcdltF3qiCF1/1qxHzEBfOlcyIJdmAo3QsbE4fbJ62nm8DWshsdx7F48+FJ3YB8WhPx71Kp708K3NWL26JDQIjSTkCiM+rTkGXFBWn46atvbVlh0nW8rCh+gmF8FrZy2mBgehAANXJ1/qyKc/ExCvRRExvAxg=;5:WTWQcM2lGK+ljBAnhXpPb1I5Z84fOIoDx3P4tdwC1r4C0ZJgu8iRt4n/i4RTCLxsgHxcYOWSQADovIuhL3ClzAXCOpQRtfcKmHeN1p8HMu0oATrE30LJRrmmPiIJXLqJ/y449DH8VvEhYH/qH7zOPyCSd0WY6h5ommOVWYt1qQY=;24:dFotItvZcdP8mAY1uZ/Ft2KYNysqrKnEE2vo9SML/8zK3pc9bTfWpOXPBa+Or1wPx1NOsH2sme3M4t8w87+Aglcj5P5pm/vC56y3YKM7C9w=;7:K58INZoxt5ab0LluKeOsKvbLIoHCvDmjNswac4HE1JnbaVgou+ZW3N05JqtqcRq/M4bw5PY7zpXGlYcVJ8HflZoW9vEtsNi43QnWs+vh67IImh73Z1uzr2sBOe23goWGOv1PV7jljqovmPIwPPVFPXhajP4V5K2Co8kIY1OycEj6ajcX44XSb2UPoV+pnqGxaiZwv8+KXwkO+3cryBPGLSWkGtsYR7GEc9C/b43NVZmRGxmSfb3U80ZH3n+RX+/3 SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;CY1PR12MB0149;20:Nk5mbj6NpqoJYEBwxV55llQqnt3+FOFnefSVKVlHB3qw9RdmGCWFSgSrHwF5mCc3qylENzoSkZOZA4fsBPuwx/hAN3v+wjoOq9hQFmvBxbwxC/Zx0z0KT7aAq4n0ORq8ejGjYi4851aSGbmhfwb5VXXcfj6vUD+YHaYkHNYXzGMZAdRJYRGXV7DswlpvB9T5r6jn/qJkegkV77x+EYxXlqncth/U5Bbqqr2OE58tCWS/tnjU5z0KuPlH6mnoF3Gg X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Dec 2017 01:05:06.8579 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 338e3616-d4ba-4837-4b2e-08d53b7c39c8 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR12MB0149 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The SEV_FACTORY_RESET command can be used by the platform owner to reset the non-volatile SEV related data. The command is defined in SEV spec section 5.4 Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu Cc: Gary Hook Cc: Tom Lendacky Cc: linux-crypto@vger.kernel.org Cc: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org Improvements-by: Borislav Petkov Signed-off-by: Brijesh Singh --- drivers/crypto/ccp/psp-dev.c | 77 +++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 76 insertions(+), 1 deletion(-) diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c index 9915a6c604a3..b49583a45a55 100644 --- a/drivers/crypto/ccp/psp-dev.c +++ b/drivers/crypto/ccp/psp-dev.c @@ -232,9 +232,84 @@ static int sev_platform_shutdown(int *error) return rc; } +static int sev_get_platform_state(int *state, int *error) +{ + int rc; + + rc = __sev_do_cmd_locked(SEV_CMD_PLATFORM_STATUS, + &psp_master->status_cmd_buf, error); + if (rc) + return rc; + + *state = psp_master->status_cmd_buf.state; + return rc; +} + +static int sev_ioctl_do_reset(struct sev_issue_cmd *argp) +{ + int state, rc; + + /* + * The SEV spec requires that FACTORY_RESET must be issued in + * UNINIT state. Before we go further lets check if any guest is + * active. + * + * If FW is in WORKING state then deny the request otherwise issue + * SHUTDOWN command do INIT -> UNINIT before issuing the FACTORY_RESET. + * + */ + rc = sev_get_platform_state(&state, &argp->error); + if (rc) + return rc; + + if (state == SEV_STATE_WORKING) + return -EBUSY; + + if (state == SEV_STATE_INIT) { + rc = __sev_platform_shutdown_locked(&argp->error); + if (rc) + return rc; + } + + return __sev_do_cmd_locked(SEV_CMD_FACTORY_RESET, 0, &argp->error); +} + static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) { - return -ENOTTY; + void __user *argp = (void __user *)arg; + struct sev_issue_cmd input; + int ret = -EFAULT; + + if (!psp_master) + return -ENODEV; + + if (ioctl != SEV_ISSUE_CMD) + return -EINVAL; + + if (copy_from_user(&input, argp, sizeof(struct sev_issue_cmd))) + return -EFAULT; + + if (input.cmd > SEV_MAX) + return -EINVAL; + + mutex_lock(&sev_cmd_mutex); + + switch (input.cmd) { + + case SEV_FACTORY_RESET: + ret = sev_ioctl_do_reset(&input); + break; + default: + ret = -EINVAL; + goto out; + } + + if (copy_to_user(argp, &input, sizeof(struct sev_issue_cmd))) + ret = -EFAULT; +out: + mutex_unlock(&sev_cmd_mutex); + + return ret; } static const struct file_operations sev_fops = { -- 2.9.5