[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1fc76eee-f25b-cd38-cc8d-0404ec94cf79@amd.com>
Date: Sat, 30 Sep 2017 10:55:25 -0500
From: Brijesh Singh <brijesh.singh@....com>
To: Borislav Petkov <bp@...e.de>
Cc: brijesh.singh@....com, linux-kernel@...r.kernel.org,
kvm@...r.kernel.org, Paolo Bonzini <pbonzini@...hat.com>,
Radim Krčmář <rkrcmar@...hat.com>,
Herbert Xu <herbert@...dor.apana.org.au>,
Gary Hook <gary.hook@....com>,
Tom Lendacky <thomas.lendacky@....com>,
linux-crypto@...r.kernel.org
Subject: Re: [Part2 PATCH v4 05/29] crypto: ccp: Add Platform Security
Processor (PSP) device support
On 9/29/17 10:16 AM, Borislav Petkov wrote:
...
> +
>> +config CRYPTO_DEV_SP_PSP
>> + bool "Platform Security Processor (PSP) device"
>> + default y
>> + depends on CRYPTO_DEV_CCP_DD
> So this last symbol CRYPTO_DEV_CCP_DD is default m and it doesn't depend
> on anything. And I'm pretty sure it should depend on CPU_SUP_AMD as this
> is AMD-specific hw. You can add that dependency in a prepatch.
CRYPTO_DEV_CCP_DD is supported on aarch64 and x86. Whereas the PSP
interface I am adding is available on x86 only hence its safe to add add
depend on CPU_SUP_AMD for CRYPTO_DEV_SP_PSP.
> And what happened to adding dependencies on CONFIG_KVM_AMD? Or can you
> use the PSP without virtualization in any sensible way?
Yes its very much possible. The SEV FW provides two sets of commands 1)
platform certificate management and 2) guest management
The platform certificate management commands is used outside the
CONFIG_KVM_AMD.
-Brijesh
Powered by blists - more mailing lists