From nobody Sun Feb 8 17:42:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7B01B2755E5 for ; Fri, 28 Feb 2025 17:07:38 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740762461; cv=none; b=tw61N+8pu3lwh1Ue4Xgw2FXz4OeeEjU+Z0BlMDoKo9vgsIrR9JLd7dLxlpXXLvp9JGqo2jgK683UmG0mbZAHWLo/Gj4FjtUQ3TaZ6AI4PfhoWktZZgUcwLvNVhvT7q1Eg3GSRVIIcq9qlXVJoGm7Kc4vHyOKYXkLzVMWiG5B96s= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740762461; c=relaxed/simple; bh=aEEZifLiGL53ScaXp+CXWqgBL/vGbd9gqxOvNaB+tFk=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=IUazaUcD/huuSn8Jkm7cTl3o51Cl8dbH5ViqDv8ZtxAV1XvGBOMrAzHoLlM7YYu8qorvg+lCIEhTv+WW0PeJUyi8Eztg9djGDOcl9JvRzP1V+yRkdT/pr8OL2R+ws+S6JUP35tXikZZ7rqzTN1OGJ3BIbfladwW5mJ+XccjdTa4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=WM90rHSu; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="WM90rHSu" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1740762457; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=qecp1vaZHwIDMhKlcuRnrXpf0LcVGcRS2iGT3pazr30=; b=WM90rHSuHKM/RSngXIg1bE5wpxrRCDMFPTce0oG0xCBHGYj3yYLHhf0gQDaG+XO2thkSv7 C8HO9HeDXcnJhtgUZN0+rfK3RQB5aCfU8mrD/UZFsOQ5KWTelwJOrdVKUPKDMdsP5BlJYo wMeGym7WjX8xiUYR6dgk4xSTUo15HSU= Received: from mail-wr1-f72.google.com (mail-wr1-f72.google.com [209.85.221.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-333-gpsduMJaNT2h-WsLh_6iDQ-1; Fri, 28 Feb 2025 12:07:36 -0500 X-MC-Unique: gpsduMJaNT2h-WsLh_6iDQ-1 X-Mimecast-MFC-AGG-ID: gpsduMJaNT2h-WsLh_6iDQ_1740762455 Received: by mail-wr1-f72.google.com with SMTP id ffacd0b85a97d-38f4c0c1738so1942989f8f.1 for ; Fri, 28 Feb 2025 09:07:35 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740762455; x=1741367255; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=qecp1vaZHwIDMhKlcuRnrXpf0LcVGcRS2iGT3pazr30=; b=KOFZKh/1f5Hl7kBnwdT3qhJrDv69kz7RS9y51W8VsCi94M5+yBgmlTCbtGApQzhkx3 j5nbKT+Zo8PRF4IIdJ7sco0OsmvoWT67vQo9d6ptp7n1U8xUGHPDBbod9AF3LwcslzXs oSO++PiS+Bcbhjp+YSjtJM/4OtJq78ubGgyz8t42yOIubp4CK4RKTJ2zRpyM3h4q4aG0 +Qq2V2k4Vk3wWtTY0dT3uwbiBx7NrVmM9V6yV90TFId8V14aircpmgnDVnBOo9Va/eDc hVXyGN1Inbs5ag3TqRxXaO5beGnXgrqvFK1St9emy8BbtUCDZCO84wWQjE8LfauRgR9c ukvA== X-Forwarded-Encrypted: i=1; AJvYcCWp8JWajYdoRHTMM4mnvHrdXLNvOLuH9n8U5Cxxr1PPJcraWTyOHnrv7/38oXYcSntYscJBsVfc+MoV388=@vger.kernel.org X-Gm-Message-State: AOJu0YytKzQWw+zZeisDXgHlTCxk2XqZVGvKZwu6Sv2tUojc9bPRirVM KxjkDdB6KyFJCY5xO6V71VTk21rloGU5H35AvR9OXW3pccieKVnuqSgizYsg0+kBNeXRXvwAzqX bU5fwfy2MH9pe4yOZv+VbGB/vh1N23r9VT813GZvrP/qXzpkt6n2AYktJe/VJQg== X-Gm-Gg: ASbGncsr0QBtDIRnpfz8R5d7nM3rvKY6wxXFu2Qudh1gstzxXoIDTlQO/bWTLbyV0A6 2Gyy5FSD6sVY1TlsLEElrJ825N7BEao/XRclOpR7q6B/7JdFf1gExTmggNeEnXz6yW4H7LmeMbM I5lwoSmIF28Dsd26RtRB0s5xEHQNN43EKOMriXDR4NrYk9SJoIxiOiAcSXuBmjhALVh6W86GtNb 7fBKyExEbknBsmU12+zI+Py2iRZcuhthI/OrEuTuw5G8Um76ZlzLiN0U0O0eV5e9fnSZ9iWkZJi JckzLna0gZTIlstZnJYh X-Received: by 2002:a05:6000:2cd:b0:390:ebfb:ab62 with SMTP id ffacd0b85a97d-390ec7ca2cdmr2939261f8f.4.1740762454675; Fri, 28 Feb 2025 09:07:34 -0800 (PST) X-Google-Smtp-Source: AGHT+IEYTdPfOuJtFP7Q89g8LktQNvlTWyj6T8itcLSVDjI66N081G17gpijbMoIoSAJ3qAUH7gyfA== X-Received: by 2002:a05:6000:2cd:b0:390:ebfb:ab62 with SMTP id ffacd0b85a97d-390ec7ca2cdmr2939200f8f.4.1740762453994; Fri, 28 Feb 2025 09:07:33 -0800 (PST) Received: from stex1.redhat.com ([5.179.147.181]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-390e47a7473sm5847556f8f.38.2025.02.28.09.07.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Feb 2025 09:07:29 -0800 (PST) From: Stefano Garzarella To: Jarkko Sakkinen Cc: Thomas Gleixner , Claudio Carvalho , Peter Huewe , x86@kernel.org, Dov Murik , linux-coco@lists.linux.dev, Dionna Glaze , James Bottomley , Ingo Molnar , Joerg Roedel , Jason Gunthorpe , linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org, Dave Hansen , Tom Lendacky , Borislav Petkov , "H. Peter Anvin" , Stefano Garzarella Subject: [RFC PATCH v2 1/6] x86/sev: add SVSM call macros for the vTPM protocol Date: Fri, 28 Feb 2025 18:07:15 +0100 Message-ID: <20250228170720.144739-2-sgarzare@redhat.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250228170720.144739-1-sgarzare@redhat.com> References: <20250228170720.144739-1-sgarzare@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add macros for SVSM_VTPM_QUERY and SVSM_VTPM_CMD calls as defined in the "Secure VM Service Module for SEV-SNP Guests" Publication # 58019 Revision: 1.00 Link: https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/= specifications/58019.pdf Signed-off-by: Stefano Garzarella --- arch/x86/include/asm/sev.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 1581246491b5..f6ebf4492606 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -384,6 +384,10 @@ struct svsm_call { #define SVSM_ATTEST_SERVICES 0 #define SVSM_ATTEST_SINGLE_SERVICE 1 =20 +#define SVSM_VTPM_CALL(x) ((2ULL << 32) | (x)) +#define SVSM_VTPM_QUERY 0 +#define SVSM_VTPM_CMD 1 + #ifdef CONFIG_AMD_MEM_ENCRYPT =20 extern u8 snp_vmpl; --=20 2.48.1 From nobody Sun Feb 8 17:42:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8D04B2777F4 for ; Fri, 28 Feb 2025 17:07:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740762467; cv=none; b=FIVa52XtiZdfs+NDIcajulSGHZw39jLlQhIpUQUDdK/vTwwUu6sFTp6JipNXmgTdfnvp3GxTFapNI5YJ2aIsWSEq1M3k21DZFODcoEfYVasm3LgVLEJ07D1tkCqXiuwDjdZIsdh/0d/1XyZF8Y3xCu9MC5c4BD47XFt/r95Vx6Y= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740762467; c=relaxed/simple; bh=isgbJApTlCyBGPxQFjLRsJbEwGToiMAg7wsViEvYcmk=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=SK401/4I73COhu9HTzNcZ0T1A6Y47qmlafQM1e6w4rN5BzrxSUCsy3YILeJjgoxyEpLj7u0XAFGyPgZkociuJY5oUTnIVI8DfphIUPo22tlGCD705s52v02/1KHXhp+ol24d8BYCT6HxgvGr3y7RZG0Fs6eXomjHUagdlfoU9VM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=CVVr/aAL; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="CVVr/aAL" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1740762464; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=7eRRsXwQ9b5BVtkXOCbQvcRoNNZrcFjbeyN4c0+Tojs=; b=CVVr/aALEvSXmtQUhS9t/OakErMgsj72vPqIH2ray6IYxHsH56PFeixTttZLze7Kdy7qat 5rRN0JG0IkLcAvJc3j2g28bEQpcbJKszcsEnvYuTBNBj0mO4RFIzqTOKHZLdjuYlKCgkcU RfLabSseSwhQc8QAwvAH+uPRsXL55vo= Received: from mail-wr1-f72.google.com (mail-wr1-f72.google.com [209.85.221.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-448-tk6EE9euNyOJ2Oi-0pgSzg-1; Fri, 28 Feb 2025 12:07:43 -0500 X-MC-Unique: tk6EE9euNyOJ2Oi-0pgSzg-1 X-Mimecast-MFC-AGG-ID: tk6EE9euNyOJ2Oi-0pgSzg_1740762462 Received: by mail-wr1-f72.google.com with SMTP id ffacd0b85a97d-390f6aa50c5so110082f8f.2 for ; Fri, 28 Feb 2025 09:07:43 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740762462; x=1741367262; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=7eRRsXwQ9b5BVtkXOCbQvcRoNNZrcFjbeyN4c0+Tojs=; b=E63q/rpmBlOA2sHnQSP3hg5pM26rx54aHa5fyaQbnNimT+UgmGcFDJLVhDhWfqepv9 cLFORPtNyRHgbxVF3sqW1vESE5Z7Uw3aELcg7gv6nZ/QAGsuC97HLUHH35lEhXUIYCk7 FgNnWZ2wsX4L+SpNN8+amSUq1xqapUEOd/YA2Ap6CZro9zw6e1SqobfiVqHq0rPIon6E MXxtKW71BhNbFchSTGznqKgOxDOmWj7yGIgc1c26X3njhLbTxwVQFmrq7xyYMxZFhyK/ U8bk0LqEWgfQrZrjzhUbdLssPaJmYfvgl7DYAoOo7vngZaonyZUdcFXn+8qRtjB76BJG ARlQ== X-Forwarded-Encrypted: i=1; AJvYcCX3GBiF1Xcdnmp/yKNcxIBydLPGz75wA7YSJkTG1Rde4Hibp4IHwuZt9VOoqjslYIN3tUFO1C+ImbtMoZ0=@vger.kernel.org X-Gm-Message-State: AOJu0Yw2fgjTUB0q0NjuOik0FrP9cZe+vhJNzg0ffjmfWWdiC2BYEBDC 3I8skjqtk41g8SCXUVxOw0UJArvEWD9xxFwFRTOBVSPqtGgO9QPx27vigVzOQYE/8fO6JZedlKL sLlENI9lDsSf7OOJ+xAzG+z9NzPuutWvdT9NTIEVp92B9Ow+Lpc30DKFu31AEzg== X-Gm-Gg: ASbGncv6DH7xL9pjmXqGGI1JdTbAPxGlmEyCLrn1x0gm6KC/fjNqOW8YKCNDcbc6YTV zY2Q2iJwxAdsenx+wYYTQMB/WowJcXbPG1LO0buRvwjKZ9bRhFh//R/Kpxf0DX//WfyQqg/g5Y6 H9rUv+ItIc+vPv8h2AB22/U45E7HmFN41f/Y98/me/nId6x6bSbgxox4lOUQcpAJbTz3PcNf6LT +gLDOLScENF/1pMrKFgN0ECWLXrYRRpfhZLyRXFzGDrtyEZZyU+VHCFcVzhrUeoetNy8/XBqMMb kZsBrRi86AQOg9Q0WAoe X-Received: by 2002:a5d:64cf:0:b0:38f:30a3:51fe with SMTP id ffacd0b85a97d-390eca53071mr3032887f8f.42.1740762461814; Fri, 28 Feb 2025 09:07:41 -0800 (PST) X-Google-Smtp-Source: AGHT+IFUfCkTRPfiaBO1sKSMwjiWtyLlnIdvMfWDewKknFvnz/aj1uQU6OJDIxFqKk7dZj8v3YEtog== X-Received: by 2002:a5d:64cf:0:b0:38f:30a3:51fe with SMTP id ffacd0b85a97d-390eca53071mr3032826f8f.42.1740762461199; Fri, 28 Feb 2025 09:07:41 -0800 (PST) Received: from stex1.redhat.com ([5.179.147.181]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-43b7a28bcfdsm62305695e9.40.2025.02.28.09.07.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Feb 2025 09:07:38 -0800 (PST) From: Stefano Garzarella To: Jarkko Sakkinen Cc: Thomas Gleixner , Claudio Carvalho , Peter Huewe , x86@kernel.org, Dov Murik , linux-coco@lists.linux.dev, Dionna Glaze , James Bottomley , Ingo Molnar , Joerg Roedel , Jason Gunthorpe , linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org, Dave Hansen , Tom Lendacky , Borislav Petkov , "H. Peter Anvin" , Stefano Garzarella Subject: [RFC PATCH v2 2/6] x86/sev: add SVSM vTPM probe/send_command functions Date: Fri, 28 Feb 2025 18:07:16 +0100 Message-ID: <20250228170720.144739-3-sgarzare@redhat.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250228170720.144739-1-sgarzare@redhat.com> References: <20250228170720.144739-1-sgarzare@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add two new functions to probe and send commands to the SVSM vTPM. They leverage the two calls defined by the AMD SVSM specification for the vTPM protocol: SVSM_VTPM_QUERY and SVSM_VTPM_CMD. Expose these functions to be used by other modules such as a tpm driver. Co-developed-by: James Bottomley Signed-off-by: James Bottomley Co-developed-by: Claudio Carvalho Signed-off-by: Claudio Carvalho Signed-off-by: Stefano Garzarella --- James, Claudio are you fine with the Cdb, Sob? The code is pretty much similar to what was in the initial RFC, but I changed the context for that I reset the author but added C-o-b. Please, let me know if this is okay or if I need to do anything else (reset the author, etc.) --- arch/x86/include/asm/sev.h | 3 +++ arch/x86/coco/sev/core.c | 47 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 50 insertions(+) diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index f6ebf4492606..e379bcdddf07 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -485,6 +485,9 @@ void snp_msg_free(struct snp_msg_desc *mdesc); int snp_send_guest_request(struct snp_msg_desc *mdesc, struct snp_guest_re= q *req, struct snp_guest_request_ioctl *rio); =20 +bool snp_svsm_vtpm_probe(void); +int snp_svsm_vtpm_send_command(u8 *buffer); + void __init snp_secure_tsc_prepare(void); void __init snp_secure_tsc_init(void); =20 diff --git a/arch/x86/coco/sev/core.c b/arch/x86/coco/sev/core.c index 82492efc5d94..4158e447d645 100644 --- a/arch/x86/coco/sev/core.c +++ b/arch/x86/coco/sev/core.c @@ -2628,6 +2628,53 @@ static int snp_issue_guest_request(struct snp_guest_= req *req, struct snp_req_dat return ret; } =20 +bool snp_svsm_vtpm_probe(void) +{ + struct svsm_call call =3D {}; + u64 send_cmd_mask =3D 0; + u64 platform_cmds; + u64 features; + int ret; + + /* The vTPM device is available only if we have a SVSM */ + if (!snp_vmpl) + return false; + + call.caa =3D svsm_get_caa(); + call.rax =3D SVSM_VTPM_CALL(SVSM_VTPM_QUERY); + + ret =3D svsm_perform_call_protocol(&call); + + if (ret !=3D SVSM_SUCCESS) + return false; + + features =3D call.rdx_out; + platform_cmds =3D call.rcx_out; + + /* No feature supported, it should be zero */ + if (features) + pr_warn("SNP SVSM vTPM unsupported features: 0x%llx\n", + features); + + /* TPM_SEND_COMMAND - platform command 8 */ + send_cmd_mask =3D 1 << 8; + + return (platform_cmds & send_cmd_mask) =3D=3D send_cmd_mask; +} +EXPORT_SYMBOL_GPL(snp_svsm_vtpm_probe); + +int snp_svsm_vtpm_send_command(u8 *buffer) +{ + struct svsm_call call =3D {}; + + call.caa =3D svsm_get_caa(); + call.rax =3D SVSM_VTPM_CALL(SVSM_VTPM_CMD); + call.rcx =3D __pa(buffer); + + return svsm_perform_call_protocol(&call); +} +EXPORT_SYMBOL_GPL(snp_svsm_vtpm_send_command); + static struct platform_device sev_guest_device =3D { .name =3D "sev-guest", .id =3D -1, --=20 2.48.1 From nobody Sun Feb 8 17:42:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CE983281358 for ; Fri, 28 Feb 2025 17:07:52 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740762474; cv=none; b=GNVxF3By2mMcyGwxRHhY5ELwJZpknwo79NSxlrumF96LbOXN152Dc7IbcKj4tdScZE2ku1rUBR9g8u68qZXkBZxieK/HPlETGunppI7dp8YiuM+xSOLsj7F7Ju816h8QkWLF1dNTj4mbU7P9cIppfSpwenkbzh/o4lPbEACVz5I= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740762474; c=relaxed/simple; bh=UdkFdwGky8r8xX5xE/qH3AptQWC28byd36YcVlJKMHQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=EJxsoYoMTwZN9GkXc4SKEEM6beAh9Enm8h4a/PFz31DsFXz2VrCwjjiTnPYDZVn/WTLMZKVy3WMk3AlguKLH9pAzKCmL9LQcgwwMpfOG9Qk4d9x5UMHlRPqm8yk5APDIgf6MI4E4+97UbCZAniUrnfdL8f/AVGyGfmLO5Bs+HkE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=MbSWl/mV; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="MbSWl/mV" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1740762471; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=h8oGEg/h+TCiOvWbhbC4Zsf5+aY/ltLTYIAtq8932Y4=; b=MbSWl/mVDxTkx2HXVmSsjzp+2XzWxjsQvagry1++a2dAz7d3Xo8aRjl7vSSCseaX1PhVd0 P2n7nAQxPUsuYPCwcyp3WNPKyMNzVt89ce4HYSoQXSCQ+4zozYgnthEnuIdjlXyXCobVAd TB3H1Ouq/Y6A0BKnpW6D2uOq6VwIZzs= Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com [209.85.221.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-196-2qUm4zspPBCUM25_PdBXIg-1; Fri, 28 Feb 2025 12:07:50 -0500 X-MC-Unique: 2qUm4zspPBCUM25_PdBXIg-1 X-Mimecast-MFC-AGG-ID: 2qUm4zspPBCUM25_PdBXIg_1740762469 Received: by mail-wr1-f70.google.com with SMTP id ffacd0b85a97d-390f11e6fdbso418189f8f.0 for ; Fri, 28 Feb 2025 09:07:49 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740762469; x=1741367269; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=h8oGEg/h+TCiOvWbhbC4Zsf5+aY/ltLTYIAtq8932Y4=; b=bkS23yzlrGf03O/GtixvSuwFh5XCAcgGvY1gtvacgzYORn/P0cqIk1Bsq1MXO2P+vX 48f1hMOvILZfBHrUyBjbvnGqSVK1IxZIihi+yoVKtZvpaKnKKDesVLRECn0HZGdqiy+S BtZaWm7QglKi7Jy6u06BAfYmjdJdtH8ehY4Tp4pSDthhkIvQ/017oMsy3nVlokyynVwd pIyozTg4NmrgvJtHkFy4mhVATDo/lXfzYcz7uDdGMKHBrmurrQXDim5NX8a66b8OgX72 hUpMtKoGehm4GuY2CWxL3oZLdoBm7Trh0qPvgKplxyLq8jbJ7wQufkjvfW10BidAlRrw Qi/g== X-Forwarded-Encrypted: i=1; AJvYcCV/s9oZQiLpaBA2ultBPIe48pctK2fL0jQWIBkSWITKYI10WvXr4kMkF9c23u1gcZ7pG/D1Jct29fi90c4=@vger.kernel.org X-Gm-Message-State: AOJu0YyW/to+XKO5c5hV+I3ZER1NaJH2FSg+rTqmVMJz/gNmnMyAs3/9 kEzgICHTKzhwFsmSQwJCudFdaz2fEiNk67KR+C+Owp2YWt+dUZlymzX5vNd5RyMnYy5CCE9flBD 5p24dXZxMAI1qtAVFtyf/mdihvxkl2YzWj9QkIyxLABRJHBA8PO4bYMw2CWQcew== X-Gm-Gg: ASbGncs072nqUvGxeUcyFrM/c7xDbR2pU5xYFL9+csi5aNNusCfAWVDF/tv+hDoimCI +MBr5cYgqOVyd1SSe93ZpdwTev4+lZNBby/8JWByYHJGbKbmnFlEcM6wORqBKSfVjXCpT0E802e FVgazIabpqesP3/9+agclqYCYBHAMdsTQU96o5OzXnaH5IB5eDzdGnigvVGoCLuHYJWazVhuHjx PgQSC5g9I33kCvbEHzzSAXwVM70veG0ncAsEW2g5OhmAva/9kqMumkH0pm+ZE/LxZ9XpeQSDEP/ 8N7VUXNvxC+FMrNIS1As X-Received: by 2002:a5d:64a6:0:b0:38f:503c:ad80 with SMTP id ffacd0b85a97d-390ec7c7039mr3336363f8f.5.1740762468725; Fri, 28 Feb 2025 09:07:48 -0800 (PST) X-Google-Smtp-Source: AGHT+IG/Nxe6WMAVJwXXr/C1J+GuxrUo1O7QoMaasTUiuVrqT64txBIeDvvVO3zbdNEwK5gDuewOmA== X-Received: by 2002:a5d:64a6:0:b0:38f:503c:ad80 with SMTP id ffacd0b85a97d-390ec7c7039mr3336286f8f.5.1740762467958; Fri, 28 Feb 2025 09:07:47 -0800 (PST) Received: from stex1.redhat.com ([5.179.147.181]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-43aba5710ebsm98667785e9.26.2025.02.28.09.07.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Feb 2025 09:07:45 -0800 (PST) From: Stefano Garzarella To: Jarkko Sakkinen Cc: Thomas Gleixner , Claudio Carvalho , Peter Huewe , x86@kernel.org, Dov Murik , linux-coco@lists.linux.dev, Dionna Glaze , James Bottomley , Ingo Molnar , Joerg Roedel , Jason Gunthorpe , linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org, Dave Hansen , Tom Lendacky , Borislav Petkov , "H. Peter Anvin" , Stefano Garzarella Subject: [RFC PATCH v2 3/6] tpm: add send_recv() ops in tpm_class_ops Date: Fri, 28 Feb 2025 18:07:17 +0100 Message-ID: <20250228170720.144739-4-sgarzare@redhat.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250228170720.144739-1-sgarzare@redhat.com> References: <20250228170720.144739-1-sgarzare@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Some devices do not support interrupts and provide a single operation to send the command and receive the response on the same buffer. To support this scenario, a driver could set TPM_CHIP_FLAG_IRQ in the chip's flags to get recv() to be called immediately after send() in tpm_try_transmit(). Instead of abusing TPM_CHIP_FLAG_IRQ, introduce a new callback send_recv(). If that callback is defined, it is called in tpm_try_transmit() to send the command and receive the response on the same buffer in a single call. Suggested-by: Jason Gunthorpe Signed-off-by: Stefano Garzarella --- include/linux/tpm.h | 2 ++ drivers/char/tpm/tpm-interface.c | 8 +++++++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/include/linux/tpm.h b/include/linux/tpm.h index 20a40ade8030..2ede8e0592d3 100644 --- a/include/linux/tpm.h +++ b/include/linux/tpm.h @@ -88,6 +88,8 @@ struct tpm_class_ops { bool (*req_canceled)(struct tpm_chip *chip, u8 status); int (*recv) (struct tpm_chip *chip, u8 *buf, size_t len); int (*send) (struct tpm_chip *chip, u8 *buf, size_t len); + int (*send_recv)(struct tpm_chip *chip, u8 *buf, size_t buf_len, + size_t to_send); void (*cancel) (struct tpm_chip *chip); u8 (*status) (struct tpm_chip *chip); void (*update_timeouts)(struct tpm_chip *chip, diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interf= ace.c index b1daa0d7b341..4f92b0477696 100644 --- a/drivers/char/tpm/tpm-interface.c +++ b/drivers/char/tpm/tpm-interface.c @@ -82,6 +82,9 @@ static ssize_t tpm_try_transmit(struct tpm_chip *chip, vo= id *buf, size_t bufsiz) return -E2BIG; } =20 + if (chip->ops->send_recv) + goto out_recv; + rc =3D chip->ops->send(chip, buf, count); if (rc < 0) { if (rc !=3D -EPIPE) @@ -123,7 +126,10 @@ static ssize_t tpm_try_transmit(struct tpm_chip *chip,= void *buf, size_t bufsiz) return -ETIME; =20 out_recv: - len =3D chip->ops->recv(chip, buf, bufsiz); + if (chip->ops->send_recv) + len =3D chip->ops->send_recv(chip, buf, bufsiz, count); + else + len =3D chip->ops->recv(chip, buf, bufsiz); if (len < 0) { rc =3D len; dev_err(&chip->dev, "tpm_transmit: tpm_recv: error %d\n", rc); --=20 2.48.1 From nobody Sun Feb 8 17:42:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EE385286294 for ; Fri, 28 Feb 2025 17:07:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740762482; cv=none; b=F55BpktyobWumA5DY+vmFg6n1P8lDrjJ0hduFNTiOtmoEEj+hGD+dDFqsq9TVpW4ls8p1sKP+UUriAcdCiD9CrW8jKtGIqUwIV3tQwlimwYGtz8RCWQBH9XUo/46o8fi8vvmBiNIQwbGVLcsQGJQXJsUtU29GSg6yvEv7UXxvig= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740762482; c=relaxed/simple; bh=Ksa1M2URKta/PhoGiy4gircs0cKYJG4eWuTkZ5ZKvjA=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=YXXe/Sn4mPRjVzutSEoYwkIPd/ouDnYP1pIA4EgxmNrq1tG1QeVFYfXY6D9qqudL02uLLdLa1esQUdcgrKSCL1TDYj0sBYJDsuaxgkAwwuDEh0htVL/NrfjzHCHIBjtjl5NdNKnJPlN7SsBjvJ/RhZ84qdv4yeiYk0HF77BwdWc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=fHWccgVv; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="fHWccgVv" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1740762479; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=0nS7fF8L8t1+avyJ6pviS0kCFZYZceBM1sa3c81ODJY=; b=fHWccgVvVAsa0aPqBL/I5hjlekvrvGWIACReWt+SnXdZ5juOUuVSb+k/LraXdmmauhGT4S 4HXYkfbtDOhrgumjfLMr3bLnoFPsXcYTTZona3Gf8Zvaw6ZeaG2joiu6eIYesWg+UTdyUy UEKJjO0GuHHrlsiTBAqaRAVSFRaDNbY= Received: from mail-wm1-f70.google.com (mail-wm1-f70.google.com [209.85.128.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-197-k6__FZqwNOW8ich6CGxs0w-1; Fri, 28 Feb 2025 12:07:57 -0500 X-MC-Unique: k6__FZqwNOW8ich6CGxs0w-1 X-Mimecast-MFC-AGG-ID: k6__FZqwNOW8ich6CGxs0w_1740762476 Received: by mail-wm1-f70.google.com with SMTP id 5b1f17b1804b1-439a0e28cfaso13751425e9.2 for ; Fri, 28 Feb 2025 09:07:57 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740762476; x=1741367276; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=0nS7fF8L8t1+avyJ6pviS0kCFZYZceBM1sa3c81ODJY=; b=cni6E9F+yf0Eyw8zP3rYtiW6aTq10qwUNZgN5DJCSR1kWg9jolRYwRQYQwsy2c47+X 000Nop1ZS5A369zJORkuUUvvJYn68Q8Gq/9Ob61XuL+958ol3pc7iu+eYcXjmSaX9dsT 02w8j+P6I7rWxNCkmn6+i8jAsYpxU/9duCLYTEzc2S1zCFz/uPbiwx5uCrQTIREH9L1D duXwLty4QM/a0QS1ymy/wJz2hp+NSRQYuL6tPzorhno6AQjeZt+IwB9VgBbQ5ov9LVyT v1Vfodqe8rPhd9A+0Zzkp0LiB8arXfh39FWo8cM8diIxPvOwottYxB/E+nB97BkBnsqG X4pQ== X-Forwarded-Encrypted: i=1; AJvYcCV/VfFqzF691JXNtIYWgoebVKzRPdhMz+AQvJcF0Gvrp+lcgZYZ/1rsbOGvh9vVWjp2e+Uzk9hZsyM/xSw=@vger.kernel.org X-Gm-Message-State: AOJu0YwDmS5pzGg+p/JZKx6CNzZkIBuZo9tMH/uocGRiLApP19rHjepb R0hebXH1dtPjux/EMpYLg/93PsNDlfbws/MWizGMLKRFJXWt3iY3kZN4DS57xRSe5jMoBuX9hwM ddQXxqDGFhKWjFBwoFL5Sc1da3L7osxgsVRXw5EnAmZ+NBpkVlNP6PMUsCah5iQ== X-Gm-Gg: ASbGncsI4LfzFWgjvfZX+cw5hlcZh2pUkA6olJ7jeAcm/b1Rq4VYxXxMKQZx5HAnOVV hXyD0+gupuZbhVMpXfr1un2TMWIiFbR/VpwOqy4FynebF00RTIqk9dXWR9PTlDH1g9zdCWX2nWM RSWUi1bQTxLPQXIyExIR2QPwqByp/8JFpSPnTxg42+H+/sU2lHlX8g9nadB5ISF5p29LlSRmJML ryRwlt+qTBBeRXSQ37jtgIK+pIHaF/ptS+j6MqQRwv1p5NXTsg7QP9obOnb0WIiabaHf3HMK6gq t1/5bVsaHoaR3B5ClpyF X-Received: by 2002:a05:600c:1c25:b0:439:8340:637 with SMTP id 5b1f17b1804b1-43ba6774ba2mr41118225e9.30.1740762476032; Fri, 28 Feb 2025 09:07:56 -0800 (PST) X-Google-Smtp-Source: AGHT+IFT5lVwEvi1NYBOm/4AGf7I1bPtCAZ2aMeaY+YrZA5HnzpATeQRyKTtPTEseLbhxBVQleI/AQ== X-Received: by 2002:a05:600c:1c25:b0:439:8340:637 with SMTP id 5b1f17b1804b1-43ba6774ba2mr41117315e9.30.1740762475346; Fri, 28 Feb 2025 09:07:55 -0800 (PST) Received: from stex1.redhat.com ([5.179.147.181]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-390e47b7dcfsm5841288f8f.55.2025.02.28.09.07.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Feb 2025 09:07:52 -0800 (PST) From: Stefano Garzarella To: Jarkko Sakkinen Cc: Thomas Gleixner , Claudio Carvalho , Peter Huewe , x86@kernel.org, Dov Murik , linux-coco@lists.linux.dev, Dionna Glaze , James Bottomley , Ingo Molnar , Joerg Roedel , Jason Gunthorpe , linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org, Dave Hansen , Tom Lendacky , Borislav Petkov , "H. Peter Anvin" , Stefano Garzarella Subject: [RFC PATCH v2 4/6] tpm: add interface to interact with devices based on TCG Simulator Date: Fri, 28 Feb 2025 18:07:18 +0100 Message-ID: <20250228170720.144739-5-sgarzare@redhat.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250228170720.144739-1-sgarzare@redhat.com> References: <20250228170720.144739-1-sgarzare@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" This is primarily designed to support an enlightened driver for the AMD SVSM based vTPM, but it could be used by any TPM driver which communicates with a TPM device implemented through the TCG TPM reference implementation (https://github.com/TrustedComputingGroup/TPM) Co-developed-by: James Bottomley Signed-off-by: James Bottomley Co-developed-by: Claudio Carvalho Signed-off-by: Claudio Carvalho Signed-off-by: Stefano Garzarella --- James, Claudio are you fine with the Cdb, Sob? The code is based to what was in the initial RFC, but I removed the tpm_platform module, moved some code in the header, changed some names, etc. For these reasons I reset the author but added C-o-b. Please, let me know if this is okay or if I need to do anything else (reset the author, etc.) --- include/linux/tpm_tcgsim.h | 136 +++++++++++++++++++++++++++++++++++++ 1 file changed, 136 insertions(+) create mode 100644 include/linux/tpm_tcgsim.h diff --git a/include/linux/tpm_tcgsim.h b/include/linux/tpm_tcgsim.h new file mode 100644 index 000000000000..bd5b123c393b --- /dev/null +++ b/include/linux/tpm_tcgsim.h @@ -0,0 +1,136 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * Copyright (C) 2023 James.Bottomley@HansenPartnership.com + * Copyright (C) 2025 Red Hat, Inc. All Rights Reserved. + * + * Generic interface usable by TPM drivers interacting with devices + * implemented through the TCG Simulator. + */ +#ifndef _TPM_TCGSIM_H_ +#define _TPM_TCGSIM_H_ + +#include +#include +#include + +/* + * The current TCG Simulator TPM commands we support. The complete list is + * in the TcpTpmProtocol header: + * + * https://github.com/TrustedComputingGroup/TPM/blob/main/TPMCmd/Simulator= /include/TpmTcpProtocol.h + */ + +#define TPM_SEND_COMMAND 8 +#define TPM_SIGNAL_CANCEL_ON 9 +#define TPM_SIGNAL_CANCEL_OFF 10 +/* + * Any platform specific commands should be placed here and should start + * at 0x8000 to avoid clashes with the TCG Simulator protocol. They should + * follow the same self describing buffer format below. + */ + +#define TPM_TCGSIM_MAX_BUFFER 4096 /* max req/resp buffer size */ + +/** + * struct tpm_req - generic request header for single word command + * + * @cmd: The command to send + */ +struct tpm_req { + u32 cmd; +} __packed; + +/** + * struct tpm_resp - generic response header + * + * @size: The response size (zero if nothing follows) + * + * Note: most TCG Simulator commands simply return zero here with no indic= ation + * of success or failure. + */ +struct tpm_resp { + u32 size; +} __packed; + +/** + * struct tpm_send_cmd_req - Structure for a TPM_SEND_COMMAND request + * + * @hdr: The request header whit the command (must be TPM_SEND_COMMAND) + * @locality: The locality + * @inbuf_size: The size of the input buffer following + * @inbuf: A buffer of size inbuf_size + * + * Note that TCG Simulator expects @inbuf_size to be equal to the size of = the + * specific TPM command, otherwise an TPM_RC_COMMAND_SIZE error is + * returned. + */ +struct tpm_send_cmd_req { + struct tpm_req hdr; + u8 locality; + u32 inbuf_size; + u8 inbuf[]; +} __packed; + +/** + * struct tpm_send_cmd_req - Structure for a TPM_SEND_COMMAND response + * + * @hdr: The response header whit the following size + * @outbuf: A buffer of size hdr.size + */ +struct tpm_send_cmd_resp { + struct tpm_resp hdr; + u8 outbuf[]; +} __packed; + +/** + * tpm_tcgsim_fill_send_cmd() - fill a struct tpm_send_cmd_req to be sent = to the + * TCG Simulator. + * @req: The struct tpm_send_cmd_req to fill + * @locality: The locality + * @buf: The buffer from where to copy the payload of the command + * @len: The size of the buffer + * + * Return: 0 on success, negative error code on failure. + */ +static inline int +tpm_tcgsim_fill_send_cmd(struct tpm_send_cmd_req *req, u8 locality, + const u8 *buf, size_t len) +{ + if (len > TPM_TCGSIM_MAX_BUFFER - sizeof(*req)) + return -EINVAL; + + req->hdr.cmd =3D TPM_SEND_COMMAND; + req->locality =3D locality; + req->inbuf_size =3D len; + + memcpy(req->inbuf, buf, len); + + return 0; +} + +/** + * tpm_tcgsim_parse_send_cmd() - Parse a struct tpm_send_cmd_resp received= from + * the TCG Simulator + * @resp: The struct tpm_send_cmd_resp to parse + * @buf: The buffer where to copy the response + * @len: The size of the buffer + * + * Return: buffer size filled with the response on success, negative error + * code on failure. + */ +static inline int +tpm_tcgsim_parse_send_cmd(const struct tpm_send_cmd_resp *resp, u8 *buf, + size_t len) +{ + if (len < resp->hdr.size) + return -E2BIG; + + if (resp->hdr.size > TPM_TCGSIM_MAX_BUFFER - sizeof(*resp)) + return -EINVAL; // Invalid response from the platform TPM + + memcpy(buf, resp->outbuf, resp->hdr.size); + + return resp->hdr.size; +} + +#endif /* _TPM_TCGSIM_H_ */ --=20 2.48.1 From nobody Sun Feb 8 17:42:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0940A1F4C97 for ; Fri, 28 Feb 2025 17:08:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740762489; cv=none; b=fySfoTeFPN67QNaInBdiNCJ1GMa/7O2gN5lCshx7esHTUX3rSXsu0CzMeLIik7cJJT5ecOZZZvKnJwtrvvEAuW+Hgs0MxLk3CvS3rYm8I2NlFy3ZHdk3E4w39zNRbSKubtwmKQID78K6apeDuVMUv6chZqFEPxCpKPhwdBH3Y2o= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740762489; c=relaxed/simple; bh=fD7myLE7ZbsP4UOrvsDMKLYCzpzMGkG8rvS6jnv0syU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=heQ0i78XZkoAQea1Jed5DfMTp787fH9Rd/621FP45tHXludchXhSpXfX3lJMRd9//dCLG+J+M6Rp1mhFMoiS81sCdYdwFj41Jp0uKmaN9qzbWJ6m6st6wpNv2HT4ts0Ha6clzwgsqSlF0bYjgxZyzmqEdDGwrQsiIzLrbZx0zDk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=i+QtIARl; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="i+QtIARl" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1740762487; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=PCDQVqTr6hmhHqFxDWe5bIvKzwcioj+1kYTpxwIAaU4=; b=i+QtIARlpqJqXiAAS5gddm7MLIR9bUlpJlbCgtZYVwh7KVQa9pzQvtSGK9f2rqCfwQ8f79 oUZ+AYVJUz/1c6SDAZ2JLuHWRt0X6l2QHRUBifLm20EzQooSsWakqBzeuECurpQHlAq3Ws Lyk7A4TNylS438rvd01Hztq+OS12684= Received: from mail-wr1-f72.google.com (mail-wr1-f72.google.com [209.85.221.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-645-PYR8LiudPnSw8T0muAyRng-1; Fri, 28 Feb 2025 12:08:05 -0500 X-MC-Unique: PYR8LiudPnSw8T0muAyRng-1 X-Mimecast-MFC-AGG-ID: PYR8LiudPnSw8T0muAyRng_1740762484 Received: by mail-wr1-f72.google.com with SMTP id ffacd0b85a97d-38f4156f3daso1762444f8f.2 for ; Fri, 28 Feb 2025 09:08:05 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740762484; x=1741367284; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=PCDQVqTr6hmhHqFxDWe5bIvKzwcioj+1kYTpxwIAaU4=; b=c4x6Boekg9vyaK8NG9t0nrhwGkOCmOtw7jiMMSyO9JYaIZdnpVCeeKi9h/1Hsleqk7 HtV5XXLBt3EnJqf/Y1TReueDVOKEH7eU0gK+kz6CmwvACvCmZiAtEq4w3goh6HGtpWce hUp/JVHEGdUBs0xT+P18OyldOqXUpImqa8uhYNF82YM+2XbGHBfDZq/6uOD/pdnsy05U /3mKgT2g29ci1gCk3DspFtA6WsUiGNGKGnuRW9Ke9+VWMbbY2gUfPeJHDUazS0e9E9Re CoC+EqlNxB1lmrruH19psDqEBAz6+4P1rR5XzfcOOC5LLRgklgvfcKDv/03qmTt2iCEO y+8g== X-Forwarded-Encrypted: i=1; AJvYcCU/zYpDlKiGpZtZ3qjFzD6UIPw7LY+S1b0JhSLYayBtaMHKhGfDUdUrbmdwAiRULtvr/fILzK8WCTJkAf8=@vger.kernel.org X-Gm-Message-State: AOJu0Yxd0tG6LSWL8xfvZSVki0ooiHby5WX/BPLrnf3ALUydwz941HQ2 UGdOoI/5wm1Dp/vCHtI2+7Gj+ow/Yv03jzZbts3Jr8Td20t9kiZc1t9y4FzC5nVlyH90F0Demcp Vl7izjDn6V2EE+rjOYCT9sBv99ahKgAjUkkT/LlPC4H/+64D2od081lW2HfXMYA== X-Gm-Gg: ASbGncsjND3Ys8FL8NoJkpaqvHAbn1lT50r6RKsoQRV8l/cSPuoC2afB9vinlJGET7M Vm/DK3g2H8kJL7hNG5Phw8RwfOPY9HUuuacLC63UD1X9TsnWkugUbEeLhISAsRNxiCeyN5epToz 031UCI55QoAkTfr3m9JGc8EyDrkBBy+mUH14ZpjIARKK1wXfIrh/WG5OQDGCP3r/kskpuzas4id /Srjf2Y/tk9YEvmzAJnsFZnAzKDJ0Nm6+VruzEh/5Zg6LZldS8KklwJ1riI2cxZgxNan4vSR5Bz x6FVhH3wPnLzNQ2xkF/L X-Received: by 2002:a05:6000:1f8b:b0:38c:5cd0:ecf3 with SMTP id ffacd0b85a97d-390ec7c8e6amr5632226f8f.11.1740762483981; Fri, 28 Feb 2025 09:08:03 -0800 (PST) X-Google-Smtp-Source: AGHT+IEi3+55T3gLjFA7+VRsA+/+pw6DGiNP5lywvegd/8noBWWF1sFz3oYBCHvDQEOy4ijFyvRJyQ== X-Received: by 2002:a05:6000:1f8b:b0:38c:5cd0:ecf3 with SMTP id ffacd0b85a97d-390ec7c8e6amr5632102f8f.11.1740762483303; Fri, 28 Feb 2025 09:08:03 -0800 (PST) Received: from stex1.redhat.com ([5.179.147.181]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-390e47b7d69sm5911935f8f.60.2025.02.28.09.07.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Feb 2025 09:07:59 -0800 (PST) From: Stefano Garzarella To: Jarkko Sakkinen Cc: Thomas Gleixner , Claudio Carvalho , Peter Huewe , x86@kernel.org, Dov Murik , linux-coco@lists.linux.dev, Dionna Glaze , James Bottomley , Ingo Molnar , Joerg Roedel , Jason Gunthorpe , linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org, Dave Hansen , Tom Lendacky , Borislav Petkov , "H. Peter Anvin" , Stefano Garzarella Subject: [RFC PATCH v2 5/6] tpm: add SNP SVSM vTPM driver Date: Fri, 28 Feb 2025 18:07:19 +0100 Message-ID: <20250228170720.144739-6-sgarzare@redhat.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250228170720.144739-1-sgarzare@redhat.com> References: <20250228170720.144739-1-sgarzare@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add driver for the vTPM defined by the AMD SVSM spec [1]. The specification defines a protocol that a SEV-SNP guest OS can use to discover and talk to a vTPM emulated by the Secure VM Service Module (SVSM) in the guest context, but at a more privileged level (VMPL0). The new tpm-svsm platform driver uses two functions exposed by x86/sev to verify that the device is actually emulated by the platform and to send commands and receive responses. The vTPM is emulated through the TCG reference implementation, so this driver leverages tpm_tcgsim.h to fill commands and parse responses. The device cannot be hot-plugged/unplugged as it is emulated by the platform, so we can use module_platform_driver_probe(). The probe function will only check whether in the current runtime configuration, SVSM is present and provides a vTPM. [1] "Secure VM Service Module for SEV-SNP Guests" Publication # 58019 Revision: 1.00 https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/sp= ecifications/58019.pdf Signed-off-by: Stefano Garzarella --- drivers/char/tpm/tpm_svsm.c | 120 ++++++++++++++++++++++++++++++++++++ drivers/char/tpm/Kconfig | 10 +++ drivers/char/tpm/Makefile | 1 + 3 files changed, 131 insertions(+) create mode 100644 drivers/char/tpm/tpm_svsm.c diff --git a/drivers/char/tpm/tpm_svsm.c b/drivers/char/tpm/tpm_svsm.c new file mode 100644 index 000000000000..1c34133990c5 --- /dev/null +++ b/drivers/char/tpm/tpm_svsm.c @@ -0,0 +1,120 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * Copyright (C) 2025 Red Hat, Inc. All Rights Reserved. + * + * Driver for the vTPM defined by the AMD SVSM spec [1]. + * + * The specification defines a protocol that a SEV-SNP guest OS can use to + * discover and talk to a vTPM emulated by the Secure VM Service Module (S= VSM) + * in the guest context, but at a more privileged level (usually VMPL0). + * + * The vTPM is emulated through the TCG reference implementation, so this + * driver leverages tpm_tcgsim.h to fill commands and parse responses. + * + * [1] "Secure VM Service Module for SEV-SNP Guests" + * Publication # 58019 Revision: 1.00 + * https://www.amd.com/content/dam/amd/en/documents/epyc-technical-doc= s/specifications/58019.pdf + */ + +#include +#include +#include +#include +#include + +#include "tpm.h" + +struct tpm_svsm_priv { + u8 buffer[TPM_TCGSIM_MAX_BUFFER]; + u8 locality; +}; + +static int tpm_svsm_send_recv(struct tpm_chip *chip, u8 *buf, size_t buf_l= en, + size_t to_send) +{ + struct tpm_svsm_priv *priv =3D dev_get_drvdata(&chip->dev); + int ret; + + ret =3D tpm_tcgsim_fill_send_cmd((struct tpm_send_cmd_req *)priv->buffer, + priv->locality, buf, to_send); + if (ret) + return ret; + + ret =3D snp_svsm_vtpm_send_command(priv->buffer); + if (ret) + return ret; + + return tpm_tcgsim_parse_send_cmd((struct tpm_send_cmd_resp *)priv->buffer, + buf, buf_len); +} + +static struct tpm_class_ops tpm_chip_ops =3D { + .flags =3D TPM_OPS_AUTO_STARTUP, + .send_recv =3D tpm_svsm_send_recv, +}; + +static int __init tpm_svsm_probe(struct platform_device *pdev) +{ + struct device *dev =3D &pdev->dev; + struct tpm_svsm_priv *priv; + struct tpm_chip *chip; + int err; + + if (!snp_svsm_vtpm_probe()) + return -ENODEV; + + priv =3D devm_kmalloc(dev, sizeof(*priv), GFP_KERNEL); + if (!priv) + return -ENOMEM; + + /* + * FIXME: before implementing locality we need to agree what it means + * for the SNP SVSM vTPM + */ + priv->locality =3D 0; + + chip =3D tpmm_chip_alloc(dev, &tpm_chip_ops); + if (IS_ERR(chip)) + return PTR_ERR(chip); + + dev_set_drvdata(&chip->dev, priv); + + err =3D tpm2_probe(chip); + if (err) + return err; + + err =3D tpm_chip_register(chip); + if (err) + return err; + + dev_info(dev, "SNP SVSM vTPM %s device\n", + (chip->flags & TPM_CHIP_FLAG_TPM2) ? "2.0" : "1.2"); + + return 0; +} + +static void __exit tpm_svsm_remove(struct platform_device *pdev) +{ + struct tpm_chip *chip =3D platform_get_drvdata(pdev); + + tpm_chip_unregister(chip); +} + +/* + * tpm_svsm_remove() lives in .exit.text. For drivers registered via + * module_platform_driver_probe() this is ok because they cannot get unbou= nd + * at runtime. So mark the driver struct with __refdata to prevent modpost + * triggering a section mismatch warning. + */ +static struct platform_driver tpm_svsm_driver __refdata =3D { + .remove =3D __exit_p(tpm_svsm_remove), + .driver =3D { + .name =3D "tpm-svsm", + }, +}; + +module_platform_driver_probe(tpm_svsm_driver, tpm_svsm_probe); + +MODULE_DESCRIPTION("SNP SVSM vTPM Driver"); +MODULE_LICENSE("GPL"); +MODULE_ALIAS("platform:tpm-svsm"); diff --git a/drivers/char/tpm/Kconfig b/drivers/char/tpm/Kconfig index 0fc9a510e059..fc3f1d10d31d 100644 --- a/drivers/char/tpm/Kconfig +++ b/drivers/char/tpm/Kconfig @@ -225,5 +225,15 @@ config TCG_FTPM_TEE help This driver proxies for firmware TPM running in TEE. =20 +config TCG_SVSM + tristate "SNP SVSM vTPM interface" + depends on AMD_MEM_ENCRYPT + help + This is a driver for the AMD SVSM vTPM protocol that a SEV-SNP guest + OS can use to discover and talk to a vTPM emulated by the Secure VM + Service Module (SVSM) in the guest context, but at a more privileged + level (usually VMPL0). To compile this driver as a module, choose M + here; the module will be called tpm_svsm. + source "drivers/char/tpm/st33zp24/Kconfig" endif # TCG_TPM diff --git a/drivers/char/tpm/Makefile b/drivers/char/tpm/Makefile index 9bb142c75243..52d9d80a0f56 100644 --- a/drivers/char/tpm/Makefile +++ b/drivers/char/tpm/Makefile @@ -44,3 +44,4 @@ obj-$(CONFIG_TCG_XEN) +=3D xen-tpmfront.o obj-$(CONFIG_TCG_CRB) +=3D tpm_crb.o obj-$(CONFIG_TCG_VTPM_PROXY) +=3D tpm_vtpm_proxy.o obj-$(CONFIG_TCG_FTPM_TEE) +=3D tpm_ftpm_tee.o +obj-$(CONFIG_TCG_SVSM) +=3D tpm_svsm.o --=20 2.48.1 From nobody Sun Feb 8 17:42:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D50E71F4CB1 for ; Fri, 28 Feb 2025 17:08:17 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740762499; cv=none; b=f/KnE7zg5zNWdWLkd+PPCo6wEEaFFBxNAtCMu/As0f7VPaZbFnzDnRZs/PXRFXAQ9LAv/1jggqK6+WOr50gIWg9l0cWRVQ3IPFLhynO4p0jDCfSyXfMOW5xZOaI5EQvnrPJbNJw2d5sdsrb4VhPvMclwntvckU1kOs7yHu080bY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740762499; c=relaxed/simple; bh=qJd0Z4j/r1sbdRqfPYytxXq2rpI9PhS6oCSmMOfbFOw=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Y8tKjUZZM0A5IYEZ5ApcdZ0H7I2qlLgjr5ySGNBhDxWMXd1bG3hwksdcLs3DtIgFsuaBcZv6NnIZFjVwD6JhQirEMJkEJMVMvbOuFpbw231m/SGgSLrwMjF0SGnWs0wSbSDdCHI8MFn1dgN6sNwIvpNxB0CRqik5slBKgxUhRJ4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=PzOeph8c; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="PzOeph8c" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1740762496; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=dnSy+8VlJ8fotBQ+d996WFV/2A3QtkEvLLAc1C6w9D0=; b=PzOeph8cxuZG+OqWjsU9Kp7ozJ4LTa2qAQ/mtkP65huM5iAnhIo54EqsAExKaLubs6KdI4 qXyMR35gmT5wuC8WfDg557EKrWgJ7iYdaM96QAm5mGjDk4+LsxQGtdG3b+vwqQcZxNKL4d aY910g7QVGa8Hu0NvRB65T+D3IXE+9Q= Received: from mail-wr1-f69.google.com (mail-wr1-f69.google.com [209.85.221.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-121-UzQ8ElUAOxWIzhxz3UsdUQ-1; Fri, 28 Feb 2025 12:08:13 -0500 X-MC-Unique: UzQ8ElUAOxWIzhxz3UsdUQ-1 X-Mimecast-MFC-AGG-ID: UzQ8ElUAOxWIzhxz3UsdUQ_1740762492 Received: by mail-wr1-f69.google.com with SMTP id ffacd0b85a97d-390df5962e1so1369073f8f.0 for ; Fri, 28 Feb 2025 09:08:13 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740762492; x=1741367292; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=dnSy+8VlJ8fotBQ+d996WFV/2A3QtkEvLLAc1C6w9D0=; b=b5+koTPDmMfH1kh7R8ocjR8YoHl5U7/yWmSzBKuX/PnmbKi7AWZUZD2A+fiMVRyq1j Y7KTWnPjCm3Ce5TvCas7SnSq8f90LvfwX7OFq52msMfjgDBf1b79VmyMXq4+BN1CPBBk Pj7VrMz0l6lzcpuJZ8v4y03E9E4Ci+whnPjXPnDUUFTrJV4aIX9BHzLZSrd7HU72UHw8 8s9ja/zRkmEdPevREaF9gQ2zFFYtjpbeZ/+v/8e/1niur6FMhln6jnKeSiq/JkB/MQDM d5/c9lcIvj0r5G+MxPtMQ2qBYNMCdTDdcyw0arOrUT/ZkEAcgh6hG2O643NKcL83w+Z/ cAuA== X-Forwarded-Encrypted: i=1; AJvYcCWr1J/CO7IeBidrbfDA8Idif77FmC49RXl2fA3M98Jj+xMtpCNfUygLIFSjrlLng7TPbGwpKGg1H8097xs=@vger.kernel.org X-Gm-Message-State: AOJu0YxP4sYdVb8ds1g1/GKZlTOctsv4bpg3ilWyPMHsac2hxjvAU9Cv zjsBRQ5zvSLFm4MQeOG7SXXnoteAW3SPV+TeVqDZJISO3pIfLHyhqW29Zm0Jgtdpmz8tyQrCQVv sBB6Zc8+APRVqElbIygTBHSNsEoqlYee6bia4KuCzQw4ZMBRiLv8ftak4hhuXJg== X-Gm-Gg: ASbGnctqe++Q3RZNc9tee3fGoPvNysdV/RiLcIj1L9iyBNmSs2Odu3bWf9n96ZSq4aD f9TusYUsbDwmrgy/HsTbE2eUFLaw+Opksb2YM47c+d17+oGuEwImG9Ofu5KEt4xbv1KlOQgSJjd FOxt/vZtedYiD1981LAZ6Dr6ecOKKosnD5HCibhpqnPD42WjFvSPEOVdC/GtZ8CxJk9gbl+5Q2u WX5PgvhnXvTBVUJZ0p+5P91hL43wSDOyoMYQnNmOLUQxdRklGMXmapkGNRMyBxUV0e5tl+D5rfI ahNtJFDjbEFWV1cbt2qk X-Received: by 2002:a5d:5847:0:b0:38d:e3da:8b4f with SMTP id ffacd0b85a97d-390ebf7f818mr3864167f8f.0.1740762492229; Fri, 28 Feb 2025 09:08:12 -0800 (PST) X-Google-Smtp-Source: AGHT+IEzR5hk357PFuAqN46Kj8Gt6yD0kfZMjS/ZQgfr804lPGex0gArLFn/VwUHjTCi7DihJcYMUQ== X-Received: by 2002:a5d:5847:0:b0:38d:e3da:8b4f with SMTP id ffacd0b85a97d-390ebf7f818mr3864097f8f.0.1740762491681; Fri, 28 Feb 2025 09:08:11 -0800 (PST) Received: from stex1.redhat.com ([5.179.147.181]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-390e47b7d69sm5912302f8f.60.2025.02.28.09.08.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Feb 2025 09:08:07 -0800 (PST) From: Stefano Garzarella To: Jarkko Sakkinen Cc: Thomas Gleixner , Claudio Carvalho , Peter Huewe , x86@kernel.org, Dov Murik , linux-coco@lists.linux.dev, Dionna Glaze , James Bottomley , Ingo Molnar , Joerg Roedel , Jason Gunthorpe , linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org, Dave Hansen , Tom Lendacky , Borislav Petkov , "H. Peter Anvin" , Stefano Garzarella Subject: [RFC PATCH v2 6/6] x86/sev: register tpm-svsm platform device Date: Fri, 28 Feb 2025 18:07:20 +0100 Message-ID: <20250228170720.144739-7-sgarzare@redhat.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250228170720.144739-1-sgarzare@redhat.com> References: <20250228170720.144739-1-sgarzare@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" SNP platform can provide a vTPM device emulated by SVSM. The "tpm-svsm" device can be handled by the platform driver added by the previous commit in drivers/char/tpm/tpm_svsm.c The driver will call snp_svsm_vtpm_probe() to check if SVSM is present and if it's support the vTPM protocol. Signed-off-by: Stefano Garzarella --- arch/x86/coco/sev/core.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/arch/x86/coco/sev/core.c b/arch/x86/coco/sev/core.c index 4158e447d645..7e91fae7d43a 100644 --- a/arch/x86/coco/sev/core.c +++ b/arch/x86/coco/sev/core.c @@ -2680,6 +2680,11 @@ static struct platform_device sev_guest_device =3D { .id =3D -1, }; =20 +static struct platform_device tpm_svsm_device =3D { + .name =3D "tpm-svsm", + .id =3D -1, +}; + static int __init snp_init_platform_device(void) { if (!cc_platform_has(CC_ATTR_GUEST_SEV_SNP)) @@ -2688,6 +2693,9 @@ static int __init snp_init_platform_device(void) if (platform_device_register(&sev_guest_device)) return -ENODEV; =20 + if (platform_device_register(&tpm_svsm_device)) + return -ENODEV; + pr_info("SNP guest platform device initialized.\n"); return 0; } --=20 2.48.1