[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20230621061508.1429913-3-tien.sung.ang@intel.com>
Date: Wed, 21 Jun 2023 14:15:07 +0800
From: tien.sung.ang@...el.com
To: Dinh Nguyen <dinguyen@...nel.org>
Cc: linux-kernel@...r.kernel.org,
Ang Tien Sung <tien.sung.ang@...el.com>
Subject: [PATCH 2/3] firmware: stratix10-svc: extend for single certificate
From: Ang Tien Sung <tien.sung.ang@...el.com>
Extend Intel service layer driver to support a single certificate to allow
unauthenticated updates to the PTS counter.
PTS = Pseudo Time Stamp
Signed-off-by: Ang Tien Sung <tien.sung.ang@...el.com>
---
drivers/firmware/stratix10-svc.c | 11 +++++++++++
include/linux/firmware/intel/stratix10-smc.h | 18 ++++++++++++++++++
.../firmware/intel/stratix10-svc-client.h | 5 +++++
3 files changed, 34 insertions(+)
diff --git a/drivers/firmware/stratix10-svc.c b/drivers/firmware/stratix10-svc.c
index a277fe9c4db4..be0a39900570 100644
--- a/drivers/firmware/stratix10-svc.c
+++ b/drivers/firmware/stratix10-svc.c
@@ -329,6 +329,7 @@ static void svc_thread_recv_status_ok(struct stratix10_svc_data *p_data,
case COMMAND_FCS_DATA_ENCRYPTION:
case COMMAND_FCS_DATA_DECRYPTION:
case COMMAND_FCS_PSGSIGMA_TEARDOWN:
+ case COMMAND_FCS_COUNTER_SET_PREAUTHORIZED:
cb_data->status = BIT(SVC_STATUS_OK);
break;
case COMMAND_RECONFIG_DATA_SUBMIT:
@@ -524,8 +525,17 @@ static int svc_normal_to_secure_thread(void *data)
a1 = (unsigned long)pdata->paddr;
a2 = (unsigned long)pdata->size;
break;
+ case COMMAND_FCS_COUNTER_SET_PREAUTHORIZED:
+ a0 = INTEL_SIP_SMC_FCS_COUNTER_SET_PREAUTHORIZED;
+ a1 = pdata->arg[0];
+ a2 = pdata->arg[1];
+ a3 = pdata->arg[2];
+ break;
case COMMAND_FCS_GET_PROVISION_DATA:
a0 = INTEL_SIP_SMC_FCS_GET_PROVISION_DATA;
+ a1 = 0;
+ a2 = 0;
+ break;
case COMMAND_FCS_PSGSIGMA_TEARDOWN:
a0 = INTEL_SIP_SMC_FCS_PSGSIGMA_TEARDOWN;
a1 = pdata->arg[0];
@@ -633,6 +643,7 @@ static int svc_normal_to_secure_thread(void *data)
case COMMAND_FCS_GET_CHIP_ID:
case COMMAND_FCS_ATTESTATION_SUBKEY:
case COMMAND_FCS_ATTESTATION_MEASUREMENTS:
+ case COMMAND_FCS_COUNTER_SET_PREAUTHORIZED:
cbdata->status = BIT(SVC_STATUS_INVALID_PARAM);
cbdata->kaddr1 = NULL;
cbdata->kaddr2 = NULL;
diff --git a/include/linux/firmware/intel/stratix10-smc.h b/include/linux/firmware/intel/stratix10-smc.h
index d9f0251256e9..8f92a55ba51d 100644
--- a/include/linux/firmware/intel/stratix10-smc.h
+++ b/include/linux/firmware/intel/stratix10-smc.h
@@ -594,6 +594,24 @@ INTEL_SIP_SMC_FAST_CALL_VAL(INTEL_SIP_SMC_FUNCID_FPGA_CONFIG_COMPLETED_WRITE)
#define INTEL_SIP_SMC_FUNCID_FCS_GET_PROVISION_DATA 94
#define INTEL_SIP_SMC_FCS_GET_PROVISION_DATA \
INTEL_SIP_SMC_FAST_CALL_VAL(INTEL_SIP_SMC_FUNCID_FCS_GET_PROVISION_DATA)
+/**
+ * Request INTEL_SIP_SMC_FCS_COUNTER_SET_PREAUTHORIZED
+ * Sync call to update counter value w/o signed certificate
+ *
+ * Call register usage:
+ * a0 INTEL_SIP_SMC_FCS_COUNTER_SET_PREAUTHORIZED
+ * a1 counter type
+ * a2 counter value
+ * a3 test bit
+ * a3-a7 not used
+ *
+ * Return status:
+ * a0 INTEL_SIP_SMC_STATUS_OK or INTEL_SIP_SMC_STATUS_ERROR
+ * a1-a4 not used
+ */
+#define INTEL_SIP_SMC_FUNCID_FCS_COUNTER_SET_PREAUTHORIZED 95
+#define INTEL_SIP_SMC_FCS_COUNTER_SET_PREAUTHORIZED \
+ INTEL_SIP_SMC_FAST_CALL_VAL(INTEL_SIP_SMC_FUNCID_FCS_COUNTER_SET_PREAUTHORIZED)
/**
* Request INTEL_SIP_SMC_FCS_PSGSIGMA_TEARDOWN
diff --git a/include/linux/firmware/intel/stratix10-svc-client.h b/include/linux/firmware/intel/stratix10-svc-client.h
index 5346967dd2fe..4703f6c486a1 100644
--- a/include/linux/firmware/intel/stratix10-svc-client.h
+++ b/include/linux/firmware/intel/stratix10-svc-client.h
@@ -139,6 +139,10 @@ struct stratix10_svc_chan;
* @COMMAND_FCS_RANDOM_NUMBER_GEN: generate a random number, return status
* is SVC_STATUS_OK, SVC_STATUS_ERROR
*
+ * @COMMAND_FCS_COUNTER_SET_PREAUTHORIZED: update the counter value for
+ * the selected counter without the signed certificate, return status is
+ * SVC_STATUS_OK, or SVC_STATUS_ERROR
+ *
* @COMMAND_FCS_PSGSIGMA_TEARDOWN: tear down all previous black key
* provision sessions and delete keys assicated with those sessions,
* return status is SVC_STATUS_SUBMITTED or SVC_STATUS_ERROR
@@ -175,6 +179,7 @@ enum stratix10_svc_command_code {
COMMAND_FCS_DATA_ENCRYPTION,
COMMAND_FCS_DATA_DECRYPTION,
COMMAND_FCS_RANDOM_NUMBER_GEN,
+ COMMAND_FCS_COUNTER_SET_PREAUTHORIZED,
/* for Attestation */
COMMAND_FCS_PSGSIGMA_TEARDOWN = 30,
COMMAND_FCS_GET_CHIP_ID,
--
2.25.1
Powered by blists - more mailing lists