[PATCH RFC v9 18/51] crypto: ccp: Provide API to issue SEV and SNP commands

From: Michael Roth
Date: Mon Jun 12 2023 - 00:33:28 EST

Next message: Michael Roth: "[PATCH RFC v9 19/51] x86/sev: Introduce snp leaked pages list"
Previous message: Michael Roth: "[PATCH RFC v9 17/51] crypto: ccp: Add support to initialize the AMD-SP for SEV-SNP"
In reply to: Michael Roth: "[PATCH RFC v9 17/51] crypto: ccp: Add support to initialize the AMD-SP for SEV-SNP"
Next in thread: Michael Roth: "[PATCH RFC v9 19/51] x86/sev: Introduce snp leaked pages list"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Brijesh Singh <brijesh.singh@xxxxxxx>

Make sev_do_cmd() a generic API interface for the hypervisor
to issue commands to manage an SEV and SNP guest. The commands
for SEV and SNP are defined in the SEV and SEV-SNP firmware
specifications.

Signed-off-by: Brijesh Singh <brijesh.singh@xxxxxxx>
Signed-off-by: Ashish Kalra <ashish.kalra@xxxxxxx>
Signed-off-by: Michael Roth <michael.roth@xxxxxxx>
---
drivers/crypto/ccp/sev-dev.c | 3 ++-
include/linux/psp-sev.h | 17 +++++++++++++++++
2 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index d3764ee073f3..88c5bf264a87 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -418,7 +418,7 @@ static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret)
return ret;
}

-static int sev_do_cmd(int cmd, void *data, int *psp_ret)
+int sev_do_cmd(int cmd, void *data, int *psp_ret)
{
int rc;

@@ -428,6 +428,7 @@ static int sev_do_cmd(int cmd, void *data, int *psp_ret)

return rc;
}
+EXPORT_SYMBOL_GPL(sev_do_cmd);

static int __sev_init_locked(int *error)
{
diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h
index 06d0619ca442..c8656a36baeb 100644
--- a/include/linux/psp-sev.h
+++ b/include/linux/psp-sev.h
@@ -891,6 +891,20 @@ int sev_guest_df_flush(int *error);
*/
int sev_guest_decommission(struct sev_data_decommission *data, int *error);

+/**
+ * sev_do_cmd - perform SEV command
+ *
+ * @error: SEV command return code
+ *
+ * Returns:
+ * 0 if the SEV successfully processed the command
+ * -%ENODEV if the SEV device is not available
+ * -%ENOTSUPP if the SEV does not support SEV
+ * -%ETIMEDOUT if the SEV command timed out
+ * -%EIO if the SEV returned a non-zero return code
+ */
+int sev_do_cmd(int cmd, void *data, int *psp_ret);
+
void *psp_copy_user_blob(u64 uaddr, u32 len);

#else /* !CONFIG_CRYPTO_DEV_SP_PSP */
@@ -906,6 +920,9 @@ sev_guest_deactivate(struct sev_data_deactivate *data, int *error) { return -ENO
static inline int
sev_guest_decommission(struct sev_data_decommission *data, int *error) { return -ENODEV; }

+static inline int
+sev_do_cmd(int cmd, void *data, int *psp_ret) { return -ENODEV; }
+
static inline int
sev_guest_activate(struct sev_data_activate *data, int *error) { return -ENODEV; }

--
2.25.1

Next message: Michael Roth: "[PATCH RFC v9 19/51] x86/sev: Introduce snp leaked pages list"
Previous message: Michael Roth: "[PATCH RFC v9 17/51] crypto: ccp: Add support to initialize the AMD-SP for SEV-SNP"
In reply to: Michael Roth: "[PATCH RFC v9 17/51] crypto: ccp: Add support to initialize the AMD-SP for SEV-SNP"
Next in thread: Michael Roth: "[PATCH RFC v9 19/51] x86/sev: Introduce snp leaked pages list"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]