| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1555329868-17895-3-git-send-email-fenghao@hygon.cn>
Date: Mon, 15 Apr 2019 20:04:24 +0800
From: Hao Feng <fenghao@...on.cn>
To: "'Tom Lendacky '" <thomas.lendacky@....com>,
"'Gary Hook '" <gary.hook@....com>,
"'Herbert Xu '" <herbert@...dor.apana.org.au>,
"' David S. Miller '" <davem@...emloft.net>,
"'Janakarajan Natarajan '" <Janakarajan.Natarajan@....com>
CC: "'Zhaohui Du '" <duzhaohui@...on.cn>,
"'Zhiwei Ying '" <yingzhiwei@...on.cn>,
"'Wen Pu '" <puwen@...on.cn>, Hao Feng <fenghao@...on.cn>,
<linux-crypto@...r.kernel.org>, <linux-kernel@...r.kernel.org>
Subject: [PATCH 2/6] crypto: ccp: Define Hygon SEV commands
1. SEV_CMD_GM_PUBKEY_GEN - Get SM2 random public key from SEV firmware
to start SM2 key exchange.
2. SEV_CMD_GM_GET_DIGEST - Get key digest from SEV firmware during SM2
key exchange.
3. SEV_CMD_GM_VERIFY_DIGEST - Verify guest owner's key digest during
SM2 key exchange.
Signed-off-by: Hao Feng <fenghao@...on.cn>
---
drivers/crypto/ccp/psp-dev.c | 3 +++
include/linux/psp-sev.h | 49 ++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 52 insertions(+)
diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c
index fadf859..fafebf4 100644
--- a/drivers/crypto/ccp/psp-dev.c
+++ b/drivers/crypto/ccp/psp-dev.c
@@ -139,6 +139,9 @@ static int sev_cmd_buffer_len(int cmd)
case SEV_CMD_LAUNCH_UPDATE_SECRET: return sizeof(struct sev_data_launch_secret);
case SEV_CMD_DOWNLOAD_FIRMWARE: return sizeof(struct sev_data_download_firmware);
case SEV_CMD_GET_ID: return sizeof(struct sev_data_get_id);
+ case SEV_CMD_GM_PUBKEY_GEN: return sizeof(struct sev_data_gm_pubkey_gen);
+ case SEV_CMD_GM_GET_DIGEST: return sizeof(struct sev_data_gm_get_digest);
+ case SEV_CMD_GM_VERIFY_DIGEST: return sizeof(struct sev_data_gm_verify_digest);
default: return 0;
}
diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h
index 827c601..0171849 100644
--- a/include/linux/psp-sev.h
+++ b/include/linux/psp-sev.h
@@ -87,6 +87,11 @@ enum sev_cmd {
SEV_CMD_DBG_DECRYPT = 0x060,
SEV_CMD_DBG_ENCRYPT = 0x061,
+ /* GM specific commands */
+ SEV_CMD_GM_PUBKEY_GEN = 0x070,
+ SEV_CMD_GM_GET_DIGEST = 0x071,
+ SEV_CMD_GM_VERIFY_DIGEST = 0x072,
+
SEV_CMD_MAX,
};
@@ -485,6 +490,50 @@ struct sev_data_dbg {
u32 len; /* In */
} __packed;
+/**
+ * struct sev_data_gm_pubkey_gen - GM_PUBKEY_GEN command parameters
+ *
+ * @key_id_address: physical address containing key id
+ * @key_id_len: len of key id
+ * @pubkey_address: physical address containing GM public key
+ * @pubkey_len: len of GM public key
+ */
+struct sev_data_gm_pubkey_gen {
+ u64 key_id_address; /* In */
+ u32 key_id_len; /* In */
+ u32 reserved;
+ u64 pubkey_address; /* In */
+ u32 pubkey_len; /* In/Out */
+} __packed;
+
+/**
+ * struct sev_data_gm_get_digest - GM_GET_DIGEST command parameters
+ *
+ * @handle: handle of the VM to process
+ * @address: physical address containing the digest blob
+ * @len: len of digest blob
+ */
+struct sev_data_gm_get_digest {
+ u32 handle; /* In */
+ u32 reserved;
+ u64 address; /* In */
+ u32 len; /* In/Out */
+} __packed;
+
+/**
+ * struct sev_data_gm_verify_digest - GM_VERIFY_DIGEST command parameters
+ *
+ * @handle: handle of the VM to verify
+ * @address: physical address containing the digest blob
+ * @len: len of digest blob
+ */
+struct sev_data_gm_verify_digest {
+ u32 handle; /* In */
+ u32 reserved;
+ u64 address; /* In */
+ u32 len; /* In */
+};
+
#ifdef CONFIG_CRYPTO_DEV_SP_PSP
/**
--
2.7.4
Powered by blists - more mailing lists