tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

crypto: ccp - Introduce new API interface to indicate SEV-SNP Ciphertext hiding feature

Implement an API that checks the overall feature support for SEV-SNP
ciphertext hiding.

This API verifies both the support of the SEV firmware for the feature
and its enablement in the platform's BIOS.

Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Ashish Kalra <ashish.kalra@amd.com>
Reviewed-by: Kim Phillips <kim.phillips@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Ashish Kalra and committed by
Herbert Xu 45d59bd4 33cfb80d

+26
+21
drivers/crypto/ccp/sev-dev.c
··· 1074 1074 wrmsrq(MSR_VM_HSAVE_PA, 0); 1075 1075 } 1076 1076 1077 + bool sev_is_snp_ciphertext_hiding_supported(void) 1078 + { 1079 + struct psp_device *psp = psp_master; 1080 + struct sev_device *sev; 1081 + 1082 + if (!psp || !psp->sev_data) 1083 + return false; 1084 + 1085 + sev = psp->sev_data; 1086 + 1087 + /* 1088 + * Feature information indicates if CipherTextHiding feature is 1089 + * supported by the SEV firmware and additionally platform status 1090 + * indicates if CipherTextHiding feature is enabled in the 1091 + * Platform BIOS. 1092 + */ 1093 + return ((sev->snp_feat_info_0.ecx & SNP_CIPHER_TEXT_HIDING_SUPPORTED) && 1094 + sev->snp_plat_status.ciphertext_hiding_cap); 1095 + } 1096 + EXPORT_SYMBOL_GPL(sev_is_snp_ciphertext_hiding_supported); 1097 + 1077 1098 static int snp_get_platform_data(struct sev_device *sev, int *error) 1078 1099 { 1079 1100 struct sev_data_snp_feature_info snp_feat_info;
+5
include/linux/psp-sev.h
··· 843 843 u32 edx; 844 844 } __packed; 845 845 846 + #define SNP_CIPHER_TEXT_HIDING_SUPPORTED BIT(3) 847 + 846 848 #ifdef CONFIG_CRYPTO_DEV_SP_PSP 847 849 848 850 /** ··· 988 986 void *snp_alloc_firmware_page(gfp_t mask); 989 987 void snp_free_firmware_page(void *addr); 990 988 void sev_platform_shutdown(void); 989 + bool sev_is_snp_ciphertext_hiding_supported(void); 991 990 992 991 #else /* !CONFIG_CRYPTO_DEV_SP_PSP */ 993 992 ··· 1024 1021 static inline void snp_free_firmware_page(void *addr) { } 1025 1022 1026 1023 static inline void sev_platform_shutdown(void) { } 1024 + 1025 + static inline bool sev_is_snp_ciphertext_hiding_supported(void) { return false; } 1027 1026 1028 1027 #endif /* CONFIG_CRYPTO_DEV_SP_PSP */ 1029 1028