Re: [Part2 PATCH v5.1 12.4/31] crypto: ccp: Implement SEV_PLATFORM_STATUS ioctl command

From: Brijesh Singh
Date: Wed Oct 11 2017 - 15:50:11 EST

Next message: Florian Fainelli: "Re: [PATCH 00/11] KASan for arm"
Previous message: Yury Norov: "Re: next: arm64: LTP sendto01 test causes system crash in ilp32 mode"
In reply to: Borislav Petkov: "Re: [Part2 PATCH v5.1 12.4/31] crypto: ccp: Implement SEV_PLATFORM_STATUS ioctl command"
Next in thread: Borislav Petkov: "Re: [Part2 PATCH v5.1 12.4/31] crypto: ccp: Implement SEV_PLATFORM_STATUS ioctl command"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 10/11/2017 12:02 PM, Borislav Petkov wrote:
...

What's with the curly brackets around the case: statements?

I will remove the curly braces.

Anyway, here are some more improvements:

* you can get rid of the struct copying into out and the bitfields by
doing something like this:

ret = sev_do_cmd(SEV_CMD_PLATFORM_STATUS, data, &argp->error);
if (ret)
goto e_free;

/* Clear out reserved fields: */
data->owner &= BIT(0);
data->config &= BIT(0);

I'm not sure those are the ones you need to clear but you get
the idea - you simply poke holes in the reserved fields before
copying to userspace. If you need a more sophisticated mask, use
GENMASK/GENMASK_ULL.

If we decide to go with this approach then we need use GENMASK (see below).

...

--- a/include/linux/psp-sev.h
+++ b/include/linux/psp-sev.h
@@ -144,11 +144,9 @@ struct sev_data_status {

Since the structure is shared with firmware hence I was trying to match it with the spec.

u8 api_major; /* Out */
u8 api_minor; /* Out */
u8 state; /* Out */
- u8 owner : 1; /* Out */
- u8 reserved1 : 7;
- u32 config : 1; /* Out */
- u32 reserved2 : 23;
- u32 build : 8; /* Out */
+ u8 owner; /* Out */

This is OK for now. But in future if FW steals another bit from reserved1 field to expose a new flag then 'owner' name will no longer be valid. If you don't to use bit field then we have to use some generic name instead of naming the field as 'owner'. Please note that its not just userspace, KVM driver also uses the same fields and it may also need to know which bit position to use.

+ u32 config; /* Out */
+ u32 build; /* Out */

This is a tricky one. The 32-bit are packed as:

BIT0 - config.es
BIT1-23: reserved
BIT24-31: build

Now, if we really don't want to use bit field then we have to declare them as:

u8 config[3];
u8 build;

I would prefer to keep the structure as is. I am OK with changing the userspace sev_user_data_status to match with FW's sev_data_status to avoid the coying from FW structure to userspace structure.

u32 guest_count; /* Out */
} __packed;

Next message: Florian Fainelli: "Re: [PATCH 00/11] KASan for arm"
Previous message: Yury Norov: "Re: next: arm64: LTP sendto01 test causes system crash in ilp32 mode"
In reply to: Borislav Petkov: "Re: [Part2 PATCH v5.1 12.4/31] crypto: ccp: Implement SEV_PLATFORM_STATUS ioctl command"
Next in thread: Borislav Petkov: "Re: [Part2 PATCH v5.1 12.4/31] crypto: ccp: Implement SEV_PLATFORM_STATUS ioctl command"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]