Skip to content

Commit 45d59bd

Browse files
ashkalraherbertx
ashkalra
authored and
herbertx
committed
crypto: ccp - Introduce new API interface to indicate SEV-SNP Ciphertext hiding feature
Implement an API that checks the overall feature support for SEV-SNP ciphertext hiding. This API verifies both the support of the SEV firmware for the feature and its enablement in the platform's BIOS. Reviewed-by: Tom Lendacky <[email protected]> Signed-off-by: Ashish Kalra <[email protected]> Reviewed-by: Kim Phillips <[email protected]> Signed-off-by: Herbert Xu <[email protected]>
1 parent 33cfb80 commit 45d59bd

File tree

2 files changed

+26
-0
lines changed

2 files changed

+26
-0
lines changed

drivers/crypto/ccp/sev-dev.c

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1074,6 +1074,27 @@ static void snp_set_hsave_pa(void *arg)
10741074
wrmsrq(MSR_VM_HSAVE_PA, 0);
10751075
}
10761076

1077+
bool sev_is_snp_ciphertext_hiding_supported(void)
1078+
{
1079+
struct psp_device *psp = psp_master;
1080+
struct sev_device *sev;
1081+
1082+
if (!psp || !psp->sev_data)
1083+
return false;
1084+
1085+
sev = psp->sev_data;
1086+
1087+
/*
1088+
* Feature information indicates if CipherTextHiding feature is
1089+
* supported by the SEV firmware and additionally platform status
1090+
* indicates if CipherTextHiding feature is enabled in the
1091+
* Platform BIOS.
1092+
*/
1093+
return ((sev->snp_feat_info_0.ecx & SNP_CIPHER_TEXT_HIDING_SUPPORTED) &&
1094+
sev->snp_plat_status.ciphertext_hiding_cap);
1095+
}
1096+
EXPORT_SYMBOL_GPL(sev_is_snp_ciphertext_hiding_supported);
1097+
10771098
static int snp_get_platform_data(struct sev_device *sev, int *error)
10781099
{
10791100
struct sev_data_snp_feature_info snp_feat_info;

include/linux/psp-sev.h

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -843,6 +843,8 @@ struct snp_feature_info {
843843
u32 edx;
844844
} __packed;
845845

846+
#define SNP_CIPHER_TEXT_HIDING_SUPPORTED BIT(3)
847+
846848
#ifdef CONFIG_CRYPTO_DEV_SP_PSP
847849

848850
/**
@@ -986,6 +988,7 @@ void *psp_copy_user_blob(u64 uaddr, u32 len);
986988
void *snp_alloc_firmware_page(gfp_t mask);
987989
void snp_free_firmware_page(void *addr);
988990
void sev_platform_shutdown(void);
991+
bool sev_is_snp_ciphertext_hiding_supported(void);
989992

990993
#else /* !CONFIG_CRYPTO_DEV_SP_PSP */
991994

@@ -1022,6 +1025,8 @@ static inline void snp_free_firmware_page(void *addr) { }
10221025

10231026
static inline void sev_platform_shutdown(void) { }
10241027

1028+
static inline bool sev_is_snp_ciphertext_hiding_supported(void) { return false; }
1029+
10251030
#endif /* CONFIG_CRYPTO_DEV_SP_PSP */
10261031

10271032
#endif /* __PSP_SEV_H__ */

0 commit comments

Comments
 (0)