diff options
Diffstat (limited to 'meta-amd-bsp/recipes-kernel/linux/linux-yocto-4.14.71-e3000/0025-crypto-ccp-Implement-SEV_FACTORY_RESET-ioctl-command.patch')
-rw-r--r-- | meta-amd-bsp/recipes-kernel/linux/linux-yocto-4.14.71-e3000/0025-crypto-ccp-Implement-SEV_FACTORY_RESET-ioctl-command.patch | 121 |
1 files changed, 0 insertions, 121 deletions
diff --git a/meta-amd-bsp/recipes-kernel/linux/linux-yocto-4.14.71-e3000/0025-crypto-ccp-Implement-SEV_FACTORY_RESET-ioctl-command.patch b/meta-amd-bsp/recipes-kernel/linux/linux-yocto-4.14.71-e3000/0025-crypto-ccp-Implement-SEV_FACTORY_RESET-ioctl-command.patch deleted file mode 100644 index 8cb8fa2e..00000000 --- a/meta-amd-bsp/recipes-kernel/linux/linux-yocto-4.14.71-e3000/0025-crypto-ccp-Implement-SEV_FACTORY_RESET-ioctl-command.patch +++ /dev/null @@ -1,121 +0,0 @@ -From 6a488d9cf6428aaf117d57413c019f3e073914eb Mon Sep 17 00:00:00 2001 -From: Brijesh Singh <brijesh.singh@amd.com> -Date: Mon, 4 Dec 2017 10:57:29 -0600 -Subject: [PATCH 25/95] crypto: ccp: Implement SEV_FACTORY_RESET ioctl command -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The SEV_FACTORY_RESET command can be used by the platform owner to -reset the non-volatile SEV related data. The command is defined in -SEV spec section 5.4 - -Cc: Paolo Bonzini <pbonzini@redhat.com> -Cc: "Radim Krčmář" <rkrcmar@redhat.com> -Cc: Borislav Petkov <bp@suse.de> -Cc: Herbert Xu <herbert@gondor.apana.org.au> -Cc: Gary Hook <gary.hook@amd.com> -Cc: Tom Lendacky <thomas.lendacky@amd.com> -Cc: linux-crypto@vger.kernel.org -Cc: kvm@vger.kernel.org -Cc: linux-kernel@vger.kernel.org -Improvements-by: Borislav Petkov <bp@suse.de> -Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> -Signed-off-by: Sudheesh Mavila <sudheesh.mavila@amd.com> ---- - drivers/crypto/ccp/psp-dev.c | 77 +++++++++++++++++++++++++++++++++++++++++++- - 1 file changed, 76 insertions(+), 1 deletion(-) - -diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c -index 9915a6c..b49583a4 100644 ---- a/drivers/crypto/ccp/psp-dev.c -+++ b/drivers/crypto/ccp/psp-dev.c -@@ -232,9 +232,84 @@ static int sev_platform_shutdown(int *error) - return rc; - } - -+static int sev_get_platform_state(int *state, int *error) -+{ -+ int rc; -+ -+ rc = __sev_do_cmd_locked(SEV_CMD_PLATFORM_STATUS, -+ &psp_master->status_cmd_buf, error); -+ if (rc) -+ return rc; -+ -+ *state = psp_master->status_cmd_buf.state; -+ return rc; -+} -+ -+static int sev_ioctl_do_reset(struct sev_issue_cmd *argp) -+{ -+ int state, rc; -+ -+ /* -+ * The SEV spec requires that FACTORY_RESET must be issued in -+ * UNINIT state. Before we go further lets check if any guest is -+ * active. -+ * -+ * If FW is in WORKING state then deny the request otherwise issue -+ * SHUTDOWN command do INIT -> UNINIT before issuing the FACTORY_RESET. -+ * -+ */ -+ rc = sev_get_platform_state(&state, &argp->error); -+ if (rc) -+ return rc; -+ -+ if (state == SEV_STATE_WORKING) -+ return -EBUSY; -+ -+ if (state == SEV_STATE_INIT) { -+ rc = __sev_platform_shutdown_locked(&argp->error); -+ if (rc) -+ return rc; -+ } -+ -+ return __sev_do_cmd_locked(SEV_CMD_FACTORY_RESET, 0, &argp->error); -+} -+ - static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) - { -- return -ENOTTY; -+ void __user *argp = (void __user *)arg; -+ struct sev_issue_cmd input; -+ int ret = -EFAULT; -+ -+ if (!psp_master) -+ return -ENODEV; -+ -+ if (ioctl != SEV_ISSUE_CMD) -+ return -EINVAL; -+ -+ if (copy_from_user(&input, argp, sizeof(struct sev_issue_cmd))) -+ return -EFAULT; -+ -+ if (input.cmd > SEV_MAX) -+ return -EINVAL; -+ -+ mutex_lock(&sev_cmd_mutex); -+ -+ switch (input.cmd) { -+ -+ case SEV_FACTORY_RESET: -+ ret = sev_ioctl_do_reset(&input); -+ break; -+ default: -+ ret = -EINVAL; -+ goto out; -+ } -+ -+ if (copy_to_user(argp, &input, sizeof(struct sev_issue_cmd))) -+ ret = -EFAULT; -+out: -+ mutex_unlock(&sev_cmd_mutex); -+ -+ return ret; - } - - static const struct file_operations sev_fops = { --- -2.7.4 - |