On Mon, Oct 16, 2023 at 08:27:48AM -0500, Michael Roth wrote:
> From: Brijesh Singh <brijesh.singh@xxxxxxx>
>
> The command can be used by the userspace to query the SNP platform status
s/by the userspace //
> report. See the SEV-SNP spec for more details.
>
> Signed-off-by: Brijesh Singh <brijesh.singh@xxxxxxx>
> Signed-off-by: Ashish Kalra <ashish.kalra@xxxxxxx>
Mike, this doesn't have your SOB at the end. The whole set should have
it if you're sending it. Please go through the whole thing.
> ---
> Documentation/virt/coco/sev-guest.rst | 27 ++++++++++++++++
> drivers/crypto/ccp/sev-dev.c | 45 +++++++++++++++++++++++++++
> include/uapi/linux/psp-sev.h | 1 +
> 3 files changed, 73 insertions(+)
>
> diff --git a/Documentation/virt/coco/sev-guest.rst b/Documentation/virt/coco/sev-guest.rst
> index 68b0d2363af8..e828c5326936 100644
> --- a/Documentation/virt/coco/sev-guest.rst
> +++ b/Documentation/virt/coco/sev-guest.rst
> @@ -67,6 +67,22 @@ counter (e.g. counter overflow), then -EIO will be returned.
> };
> };
>
> +The host ioctl should be called to /dev/sev device. The ioctl accepts commanda
"... should be sent to the... "
> +id and command input structure.
> +
> +::
> + struct sev_issue_cmd {
> + /* Command ID */
> + __u32 cmd;
> +
> + /* Command request structure */
> + __u64 data;
> +
> + /* firmware error code on failure (see psp-sev.h) */
> + __u32 error;
> + };
> +
> +
> 2.1 SNP_GET_REPORT
> ------------------
>
> @@ -124,6 +140,17 @@ be updated with the expected value.
>
> See GHCB specification for further detail on how to parse the certificate blob.
>
> +2.4 SNP_PLATFORM_STATUS
> +-----------------------
> +:Technology: sev-snp
> +:Type: hypervisor ioctl cmd
> +:Parameters (in): struct sev_data_snp_platform_status
> +:Returns (out): 0 on success, -negative on error
> +
> +The SNP_PLATFORM_STATUS command is used to query the SNP platform status. The
> +status includes API major, minor version and more. See the SEV-SNP
> +specification for further details.
> +
> 3. SEV-SNP CPUID Enforcement
> ============================
>
> diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
> index b574b0ef2b1f..679b8d6fc09a 100644
> --- a/drivers/crypto/ccp/sev-dev.c
> +++ b/drivers/crypto/ccp/sev-dev.c
> @@ -1772,6 +1772,48 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable)
> return ret;
> }
>
> +static int sev_ioctl_snp_platform_status(struct sev_issue_cmd *argp)
sev_ioctl_do_snp_platform_status like the others.
> +{
> + struct sev_device *sev = psp_master->sev_data;
> + struct sev_data_snp_addr buf;
> + struct page *status_page;
> + void *data;
> + int ret;
> +
> + if (!sev->snp_initialized || !argp->data)
> + return -EINVAL;
> +
> + status_page = alloc_page(GFP_KERNEL_ACCOUNT);
> + if (!status_page)
> + return -ENOMEM;
> +
> + data = page_address(status_page);
> + if (rmp_mark_pages_firmware(__pa(data), 1, true)) {
> + __free_pages(status_page, 0);
> + return -EFAULT;
ret = -EFAULT;
goto cleanup;
instead.
...
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
