| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAMkAt6paBpDpX0w_0WzXp4KhoiryZ0mCvLZJDZUspTxEvS4Skg@mail.gmail.com>
Date: Tue, 1 Oct 2024 15:40:41 -0600
From: Peter Gonda <pgonda@...gle.com>
To: Ashish Kalra <Ashish.Kalra@....com>
Cc: seanjc@...gle.com, pbonzini@...hat.com, tglx@...utronix.de,
mingo@...hat.com, bp@...en8.de, dave.hansen@...ux.intel.com, hpa@...or.com,
herbert@...dor.apana.org.au, x86@...nel.org, john.allen@....com,
davem@...emloft.net, thomas.lendacky@....com, michael.roth@....com,
kvm@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-crypto@...r.kernel.org
Subject: Re: [PATCH v2 1/3] crypto: ccp: New bit-field definitions for
SNP_PLATFORM_STATUS command
On Tue, Sep 17, 2024 at 2:16 PM Ashish Kalra <Ashish.Kalra@....com> wrote:
>
> From: Ashish Kalra <ashish.kalra@....com>
>
> Define new bit-field definitions returned by SNP_PLATFORM_STATUS command
> such as new capabilities like SNP_FEATURE_INFO command availability,
> ciphertext hiding enabled and capability.
>
> Signed-off-by: Ashish Kalra <ashish.kalra@....com>
> ---
> include/uapi/linux/psp-sev.h | 10 +++++++++-
> 1 file changed, 9 insertions(+), 1 deletion(-)
>
> diff --git a/include/uapi/linux/psp-sev.h b/include/uapi/linux/psp-sev.h
> index 832c15d9155b..dd7298b67b37 100644
> --- a/include/uapi/linux/psp-sev.h
> +++ b/include/uapi/linux/psp-sev.h
> @@ -178,6 +178,10 @@ struct sev_user_data_get_id2 {
> * @mask_chip_id: whether chip id is present in attestation reports or not
> * @mask_chip_key: whether attestation reports are signed or not
> * @vlek_en: VLEK (Version Loaded Endorsement Key) hashstick is loaded
> + * @feature_info: whether SNP_FEATURE_INFO command is available
> + * @rapl_dis: whether RAPL is disabled
> + * @ciphertext_hiding_cap: whether platform has ciphertext hiding capability
> + * @ciphertext_hiding_en: whether ciphertext hiding is enabled
> * @rsvd1: reserved
> * @guest_count: the number of guest currently managed by the firmware
> * @current_tcb_version: current TCB version
> @@ -193,7 +197,11 @@ struct sev_user_data_snp_status {
> __u32 mask_chip_id:1; /* Out */
> __u32 mask_chip_key:1; /* Out */
> __u32 vlek_en:1; /* Out */
> - __u32 rsvd1:29;
> + __u32 feature_info:1; /* Out */
Is this the right way for userspace to check if a command is
available? None of the other commands are detailed like this one is.
> + __u32 rapl_dis:1; /* Out */
> + __u32 ciphertext_hiding_cap:1; /* Out */
> + __u32 ciphertext_hiding_en:1; /* Out */
> + __u32 rsvd1:25;
> __u32 guest_count; /* Out */
> __u64 current_tcb_version; /* Out */
> __u64 reported_tcb_version; /* Out */
> --
> 2.34.1
>
>
Powered by blists - more mailing lists