Re: [PATCH v11 42/45] virt: Add SEV-SNP guest driver

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Brijesh,

On 24/02/2022 18:56, Brijesh Singh wrote:
> The SEV-SNP specification provides the guest a mechanism to communicate
> with the PSP without risk from a malicious hypervisor who wishes to
> read, alter, drop or replay the messages sent. The driver uses
> snp_issue_guest_request() to issue GHCB SNP_GUEST_REQUEST or
> SNP_EXT_GUEST_REQUEST NAE events to submit the request to PSP.
> 
> The PSP requires that all communication should be encrypted using key
> specified through the platform_data.
> 
> Userspace can use SNP_GET_REPORT ioctl() to query the guest attestation
> report.
> 
> See SEV-SNP spec section Guest Messages for more details.
> 
> Signed-off-by: Brijesh Singh <brijesh.singh@xxxxxxx>
> ---

[...]

> +
> +static struct snp_guest_crypto *init_crypto(struct snp_guest_dev *snp_dev, u8 *key, size_t keylen)
> +{
> +	struct snp_guest_crypto *crypto;
> +
> +	crypto = kzalloc(sizeof(*crypto), GFP_KERNEL_ACCOUNT);
> +	if (!crypto)
> +		return NULL;
> +
> +	crypto->tfm = crypto_alloc_aead("gcm(aes)", 0, 0);
> +	if (IS_ERR(crypto->tfm))
> +		goto e_free;


When trying this series, the sevguest module didn't load (and printed no
error message).  After adding some debug messages, I found that the
crypto_alloc_read() call returned an error.  I found out that
CONFIG_CRYPTO_GCM was disabled in my config.

Consider modifying sevguest/Kconfig to force it in:



diff --git a/drivers/virt/coco/sevguest/Kconfig b/drivers/virt/coco/sevguest/Kconfig
index 2be45820e86c..74ca1fe09437 100644
--- a/drivers/virt/coco/sevguest/Kconfig
+++ b/drivers/virt/coco/sevguest/Kconfig
@@ -1,7 +1,9 @@
 config SEV_GUEST
        tristate "AMD SEV Guest driver"
        default m
-       depends on AMD_MEM_ENCRYPT && CRYPTO_AEAD2
+       depends on AMD_MEM_ENCRYPT
+       select CRYPTO_AEAD2
+       select CRYPTO_GCM
        help
          SEV-SNP firmware provides the guest a mechanism to communicate with
          the PSP without risk from a malicious hypervisor who wishes to read,



Another thing to consider is to add messages to the various error paths
in snp_guest_probe().  Not sure what is the common practice in other modules.

-Dov


> +
> +	if (crypto_aead_setkey(crypto->tfm, key, keylen))
> +		goto e_free_crypto;
> +
> +	crypto->iv_len = crypto_aead_ivsize(crypto->tfm);
> +	crypto->iv = kmalloc(crypto->iv_len, GFP_KERNEL_ACCOUNT);
> +	if (!crypto->iv)
> +		goto e_free_crypto;
> +
> +	if (crypto_aead_authsize(crypto->tfm) > MAX_AUTHTAG_LEN) {
> +		if (crypto_aead_setauthsize(crypto->tfm, MAX_AUTHTAG_LEN)) {
> +			dev_err(snp_dev->dev, "failed to set authsize to %d\n", MAX_AUTHTAG_LEN);
> +			goto e_free_iv;
> +		}
> +	}
> +
> +	crypto->a_len = crypto_aead_authsize(crypto->tfm);
> +	crypto->authtag = kmalloc(crypto->a_len, GFP_KERNEL_ACCOUNT);
> +	if (!crypto->authtag)
> +		goto e_free_auth;
> +
> +	return crypto;
> +
> +e_free_auth:
> +	kfree(crypto->authtag);
> +e_free_iv:
> +	kfree(crypto->iv);
> +e_free_crypto:
> +	crypto_free_aead(crypto->tfm);
> +e_free:
> +	kfree(crypto);
> +
> +	return NULL;
> +}

[...]




[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux