| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250730154630.00004905@huawei.com>
Date: Wed, 30 Jul 2025 15:46:30 +0100
From: Jonathan Cameron <Jonathan.Cameron@...wei.com>
To: "Aneesh Kumar K.V (Arm)" <aneesh.kumar@...nel.org>
CC: <linux-coco@...ts.linux.dev>, <kvmarm@...ts.linux.dev>,
<linux-pci@...r.kernel.org>, <linux-kernel@...r.kernel.org>, <aik@....com>,
<lukas@...ner.de>, Samuel Ortiz <sameo@...osinc.com>, Xu Yilun
<yilun.xu@...ux.intel.com>, Jason Gunthorpe <jgg@...pe.ca>, "Suzuki K
Poulose" <Suzuki.Poulose@....com>, Steven Price <steven.price@....com>,
Catalin Marinas <catalin.marinas@....com>, Marc Zyngier <maz@...nel.org>,
Will Deacon <will@...nel.org>, Oliver Upton <oliver.upton@...ux.dev>
Subject: Re: [RFC PATCH v1 31/38] coco: guest: arm64: Add support for
fetching interface report and certificate chain from host
On Mon, 28 Jul 2025 19:22:08 +0530
"Aneesh Kumar K.V (Arm)" <aneesh.kumar@...nel.org> wrote:
> Fetch interface report and certificate chain from the host using RHI calls.
>
> Signed-off-by: Aneesh Kumar K.V (Arm) <aneesh.kumar@...nel.org>
Comments inline
> diff --git a/drivers/virt/coco/arm-cca-guest/rsi-da.c b/drivers/virt/coco/arm-cca-guest/rsi-da.c
> index 28ec946df1e2..47b379318e7c 100644
> --- a/drivers/virt/coco/arm-cca-guest/rsi-da.c
> +++ b/drivers/virt/coco/arm-cca-guest/rsi-da.c
> @@ -4,6 +4,7 @@
> */
>
> #include <linux/pci.h>
> +#include <linux/mem_encrypt.h>
> #include <asm/rsi_cmds.h>
>
> #include "rsi-da.h"
> @@ -50,6 +51,121 @@ rsi_rdev_get_interface_report(struct pci_dev *pdev, unsigned long vdev_id,
> return RSI_SUCCESS;
> }
>
> +static long rhi_get_report(int vdev_id, int da_object_type, void **report, int *report_size)
> +{
> + int ret, enc_ret = 0;
> + int nr_pages;
> + int max_data_len;
> + void *data_buf_shared, *data_buf_private;
> + struct rsi_host_call *rhicall;
> +
> + rhicall = kmalloc(sizeof(struct rsi_host_call), GFP_KERNEL);
> + if (!rhicall)
> + return -ENOMEM;
> +
> + rhicall->imm = 0;
> + rhicall->gprs[0] = RHI_DA_FEATURES;
> +
> + ret = rsi_host_call(virt_to_phys(rhicall));
> + if (ret != RSI_SUCCESS) {
> + ret = -EIO;
Extra space.
> + goto err_out;
> + }
> +
> + if (rhicall->gprs[0] != 0x3) {
> + ret = -EIO;
> + goto err_out;
> + }
> +
> + rhicall->imm = 0;
> + rhicall->gprs[0] = RHI_DA_OBJECT_SIZE;
> + rhicall->gprs[1] = vdev_id;
> + rhicall->gprs[2] = da_object_type;
> +
> + ret = rsi_host_call(virt_to_phys(rhicall));
> + if (ret != RSI_SUCCESS) {
> + ret = -EIO;
> + goto err_out;
> + }
> + if (rhicall->gprs[0] != RHI_DA_SUCCESS) {
> + ret = -EIO;
> + goto err_out;
> + }
> + max_data_len = rhicall->gprs[1];
> + *report_size = max_data_len;
> +
> + /*
> + * We need to share this memory with hypervisor.
> + * So it should be multiple of sharing unit.
> + */
> + max_data_len = ALIGN(max_data_len, PAGE_SIZE);
> + nr_pages = max_data_len >> PAGE_SHIFT;
> +
> + if (!max_data_len || nr_pages > MAX_ORDER_NR_PAGES) {
> + ret = -ENOMEM;
> + goto err_out;
> + }
> +
> + /*
> + * We need to share this memory with hypervisor.
> + * So it should be multiple of sharing unit.
> + */
> + data_buf_shared = (void *)__get_free_pages(GFP_KERNEL, get_order(max_data_len));
> + if (!data_buf_shared) {
> + ret = -ENOMEM;
extra space. All of these seem to have one. Not seeing a reason for it
though.
> + goto err_out;
> + }
> +
> + data_buf_private = kmalloc(*report_size, GFP_KERNEL);
> + if (!data_buf_private) {
> + ret = -ENOMEM;
> + goto err_private_alloc;
> + }
> +
> + ret = set_memory_decrypted((unsigned long)data_buf_shared, nr_pages);
> + if (ret) {
> + ret = -EIO;
> + goto err_decrypt;
> + }
> +
> + rhicall->imm = 0;
> + rhicall->gprs[0] = RHI_DA_OBJECT_READ;
> + rhicall->gprs[1] = vdev_id;
> + rhicall->gprs[2] = da_object_type;
> + rhicall->gprs[3] = 0; /* offset within the data buffer */
> + rhicall->gprs[4] = max_data_len;
> + rhicall->gprs[5] = virt_to_phys(data_buf_shared);
> + ret = rsi_host_call(virt_to_phys(rhicall));
> + if (ret != RSI_SUCCESS || rhicall->gprs[0] != RHI_DA_SUCCESS) {
> + ret = -EIO;
> + goto err_rhi_call;
> + }
> +
> + memcpy(data_buf_private, data_buf_shared, *report_size);
> + enc_ret = set_memory_encrypted((unsigned long)data_buf_shared, nr_pages);
> + if (!enc_ret)
> + /* If we fail to mark it encrypted don't free it back */
> + free_pages((unsigned long)data_buf_shared, get_order(max_data_len));
> +
> + *report = data_buf_private;
> + kfree(rhicall);
> + return 0;
> +
> +err_rhi_call:
> + enc_ret = set_memory_encrypted((unsigned long)data_buf_shared, nr_pages);
> +err_decrypt:
> + kfree(data_buf_private);
> +err_private_alloc:
> + if (!enc_ret)
> + /* If we fail to mark it encrypted don't free it back */
> + free_pages((unsigned long)data_buf_shared, get_order(max_data_len));
> +err_out:
I'd expect there to be nothing to do except return under an err_out label
So rename it.
> + *report = NULL;
> + *report_size = 0;
> + kfree(rhicall);
> + return ret;
> +}
> +
> int rsi_device_lock(struct pci_dev *pdev)
> {
> unsigned long ret;
> @@ -82,5 +198,20 @@ int rsi_device_lock(struct pci_dev *pdev)
> return -EOPNOTSUPP;
> }
>
> + /* Now make a host call to copy the interface report to guest. */
> + ret = rhi_get_report(vdev_id, RHI_DA_OBJECT_INTERFACE_REPORT,
> + &dsm->interface_report, &dsm->interface_report_size);
> + if (ret) {
> + pci_err(pdev, "failed to get interface report from the host (%lu)\n", ret);
> + return -EIO;
> + }
> +
> + ret = rhi_get_report(vdev_id, RHI_DA_OBJECT_CERTIFICATE,
> + &dsm->certificate, &dsm->certificate_size);
> + if (ret) {
> + pci_err(pdev, "failed to get device certificate from the host (%lu)\n", ret);
> + return -EIO;
> + }
> +
> return ret;
return 0;
> }
Powered by blists - more mailing lists