lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 15 Apr 2019 20:04:24 +0800
From:   Hao Feng <fenghao@...on.cn>
To:     "'Tom Lendacky '" <thomas.lendacky@....com>,
        "'Gary Hook '" <gary.hook@....com>,
        "'Herbert Xu '" <herbert@...dor.apana.org.au>,
        "' David S. Miller '" <davem@...emloft.net>,
        "'Janakarajan Natarajan '" <Janakarajan.Natarajan@....com>
CC:     "'Zhaohui Du '" <duzhaohui@...on.cn>,
        "'Zhiwei Ying '" <yingzhiwei@...on.cn>,
        "'Wen Pu '" <puwen@...on.cn>, Hao Feng <fenghao@...on.cn>,
        <linux-crypto@...r.kernel.org>, <linux-kernel@...r.kernel.org>
Subject: [PATCH 2/6] crypto: ccp: Define Hygon SEV commands

1. SEV_CMD_GM_PUBKEY_GEN - Get SM2 random public key from SEV firmware
to start SM2 key exchange.

2. SEV_CMD_GM_GET_DIGEST - Get key digest from SEV firmware during SM2
key exchange.

3. SEV_CMD_GM_VERIFY_DIGEST - Verify guest owner's key digest during
SM2 key exchange.

Signed-off-by: Hao Feng <fenghao@...on.cn>
---
 drivers/crypto/ccp/psp-dev.c |  3 +++
 include/linux/psp-sev.h      | 49 ++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 52 insertions(+)

diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c
index fadf859..fafebf4 100644
--- a/drivers/crypto/ccp/psp-dev.c
+++ b/drivers/crypto/ccp/psp-dev.c
@@ -139,6 +139,9 @@ static int sev_cmd_buffer_len(int cmd)
 	case SEV_CMD_LAUNCH_UPDATE_SECRET:	return sizeof(struct sev_data_launch_secret);
 	case SEV_CMD_DOWNLOAD_FIRMWARE:		return sizeof(struct sev_data_download_firmware);
 	case SEV_CMD_GET_ID:			return sizeof(struct sev_data_get_id);
+	case SEV_CMD_GM_PUBKEY_GEN:		return sizeof(struct sev_data_gm_pubkey_gen);
+	case SEV_CMD_GM_GET_DIGEST:		return sizeof(struct sev_data_gm_get_digest);
+	case SEV_CMD_GM_VERIFY_DIGEST:		return sizeof(struct sev_data_gm_verify_digest);
 	default:				return 0;
 	}
 
diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h
index 827c601..0171849 100644
--- a/include/linux/psp-sev.h
+++ b/include/linux/psp-sev.h
@@ -87,6 +87,11 @@ enum sev_cmd {
 	SEV_CMD_DBG_DECRYPT		= 0x060,
 	SEV_CMD_DBG_ENCRYPT		= 0x061,
 
+	/* GM specific commands */
+	SEV_CMD_GM_PUBKEY_GEN		= 0x070,
+	SEV_CMD_GM_GET_DIGEST		= 0x071,
+	SEV_CMD_GM_VERIFY_DIGEST	= 0x072,
+
 	SEV_CMD_MAX,
 };
 
@@ -485,6 +490,50 @@ struct sev_data_dbg {
 	u32 len;				/* In */
 } __packed;
 
+/**
+ * struct sev_data_gm_pubkey_gen - GM_PUBKEY_GEN command parameters
+ *
+ * @key_id_address: physical address containing key id
+ * @key_id_len: len of key id
+ * @pubkey_address: physical address containing GM public key
+ * @pubkey_len: len of GM public key
+ */
+struct sev_data_gm_pubkey_gen {
+	u64 key_id_address;		/* In */
+	u32 key_id_len;			/* In */
+	u32 reserved;
+	u64 pubkey_address;		/* In */
+	u32 pubkey_len;			/* In/Out */
+} __packed;
+
+/**
+ * struct sev_data_gm_get_digest - GM_GET_DIGEST command parameters
+ *
+ * @handle: handle of the VM to process
+ * @address: physical address containing the digest blob
+ * @len: len of digest blob
+ */
+struct sev_data_gm_get_digest {
+	u32 handle;				/* In */
+	u32 reserved;
+	u64 address;			/* In */
+	u32 len;				/* In/Out */
+} __packed;
+
+/**
+ * struct sev_data_gm_verify_digest - GM_VERIFY_DIGEST command parameters
+ *
+ * @handle: handle of the VM to verify
+ * @address: physical address containing the digest blob
+ * @len: len of digest blob
+ */
+struct sev_data_gm_verify_digest {
+	u32 handle;		/* In */
+	u32 reserved;
+	u64 address;	/* In */
+	u32 len;		/* In */
+};
+
 #ifdef CONFIG_CRYPTO_DEV_SP_PSP
 
 /**
-- 
2.7.4

Powered by blists - more mailing lists