60 static bool is_vmpck_empty(struct snp_guest_dev *snp_dev)  in is_vmpck_empty()  argument
64 	if (snp_dev->vmpck)  in is_vmpck_empty()
65 		return !memcmp(snp_dev->vmpck, zero_key, VMPCK_KEY_LEN);  in is_vmpck_empty()
87 static void snp_disable_vmpck(struct snp_guest_dev *snp_dev)  in snp_disable_vmpck()  argument
89 	dev_alert(snp_dev->dev, "Disabling vmpck_id %d to prevent IV reuse.\n",  in snp_disable_vmpck()
91 	memzero_explicit(snp_dev->vmpck, VMPCK_KEY_LEN);  in snp_disable_vmpck()
92 	snp_dev->vmpck = NULL;  in snp_disable_vmpck()
95 static inline u64 __snp_get_msg_seqno(struct snp_guest_dev *snp_dev)  in __snp_get_msg_seqno()  argument
102 	count = *snp_dev->os_area_msg_seqno;  in __snp_get_msg_seqno()
108 static u64 snp_get_msg_seqno(struct snp_guest_dev *snp_dev)  in snp_get_msg_seqno()  argument
110 	u64 count = __snp_get_msg_seqno(snp_dev);  in snp_get_msg_seqno()
121 		dev_err(snp_dev->dev, "request message sequence counter overflow\n");  in snp_get_msg_seqno()
128 static void snp_inc_msg_seqno(struct snp_guest_dev *snp_dev)  in snp_inc_msg_seqno()  argument
134 	*snp_dev->os_area_msg_seqno += 2;  in snp_inc_msg_seqno()
144 static struct snp_guest_crypto *init_crypto(struct snp_guest_dev *snp_dev, u8 *key, size_t keylen)  in init_crypto()  argument
166 			dev_err(snp_dev->dev, "failed to set authsize to %d\n", MAX_AUTHTAG_LEN);  in init_crypto()
240 static int __enc_payload(struct snp_guest_dev *snp_dev, struct snp_guest_msg *msg,  in __enc_payload()  argument
243 	struct snp_guest_crypto *crypto = snp_dev->crypto;  in __enc_payload()
252 static int dec_payload(struct snp_guest_dev *snp_dev, struct snp_guest_msg *msg,  in dec_payload()  argument
255 	struct snp_guest_crypto *crypto = snp_dev->crypto;  in dec_payload()
265 static int verify_and_dec_payload(struct snp_guest_dev *snp_dev, void *payload, u32 sz)  in verify_and_dec_payload()  argument
267 	struct snp_guest_crypto *crypto = snp_dev->crypto;  in verify_and_dec_payload()
268 	struct snp_guest_msg *resp = snp_dev->response;  in verify_and_dec_payload()
269 	struct snp_guest_msg *req = snp_dev->request;  in verify_and_dec_payload()
273 	dev_dbg(snp_dev->dev, "response [seqno %lld type %d version %d sz %d]\n",  in verify_and_dec_payload()
293 	return dec_payload(snp_dev, resp, payload, resp_hdr->msg_sz + crypto->a_len);  in verify_and_dec_payload()
296 static int enc_payload(struct snp_guest_dev *snp_dev, u64 seqno, int version, u8 type,  in enc_payload()  argument
299 	struct snp_guest_msg *req = snp_dev->request;  in enc_payload()
317 	dev_dbg(snp_dev->dev, "request [seqno %lld type %d version %d sz %d]\n",  in enc_payload()
320 	return __enc_payload(snp_dev, req, payload, sz);  in enc_payload()
323 static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, int msg_ver,  in handle_guest_request()  argument
332 	seqno = snp_get_msg_seqno(snp_dev);  in handle_guest_request()
336 	memset(snp_dev->response, 0, sizeof(struct snp_guest_msg));  in handle_guest_request()
339 	rc = enc_payload(snp_dev, seqno, msg_ver, type, req_buf, req_sz);  in handle_guest_request()
349 	rc = snp_issue_guest_request(exit_code, &snp_dev->input, &err);  in handle_guest_request()
359 		const unsigned int certs_npages = snp_dev->input.data_npages;  in handle_guest_request()
371 		rc = snp_issue_guest_request(exit_code, &snp_dev->input, &err);  in handle_guest_request()
379 		snp_dev->input.data_npages = certs_npages;  in handle_guest_request()
386 		dev_alert(snp_dev->dev,  in handle_guest_request()
392 	rc = verify_and_dec_payload(snp_dev, resp_buf, resp_sz);  in handle_guest_request()
394 		dev_alert(snp_dev->dev,  in handle_guest_request()
401 	snp_inc_msg_seqno(snp_dev);  in handle_guest_request()
406 	snp_disable_vmpck(snp_dev);  in handle_guest_request()
410 static int get_report(struct snp_guest_dev *snp_dev, struct snp_guest_request_ioctl *arg)  in get_report()  argument
412 	struct snp_guest_crypto *crypto = snp_dev->crypto;  in get_report()
435 	rc = handle_guest_request(snp_dev, SVM_VMGEXIT_GUEST_REQUEST, arg->msg_version,  in get_report()
449 static int get_derived_key(struct snp_guest_dev *snp_dev, struct snp_guest_request_ioctl *arg)  in get_derived_key()  argument
451 	struct snp_guest_crypto *crypto = snp_dev->crypto;  in get_derived_key()
475 	rc = handle_guest_request(snp_dev, SVM_VMGEXIT_GUEST_REQUEST, arg->msg_version,  in get_derived_key()
491 static int get_ext_report(struct snp_guest_dev *snp_dev, struct snp_guest_request_ioctl *arg)  in get_ext_report()  argument
493 	struct snp_guest_crypto *crypto = snp_dev->crypto;  in get_ext_report()
523 	memset(snp_dev->certs_data, 0, req.certs_len);  in get_ext_report()
536 	snp_dev->input.data_npages = npages;  in get_ext_report()
537 	ret = handle_guest_request(snp_dev, SVM_VMGEXIT_EXT_GUEST_REQUEST, arg->msg_version,  in get_ext_report()
543 		req.certs_len = snp_dev->input.data_npages << PAGE_SHIFT;  in get_ext_report()
553 	    copy_to_user((void __user *)req.certs_address, snp_dev->certs_data,  in get_ext_report()
569 	struct snp_guest_dev *snp_dev = to_snp_dev(file);  in snp_guest_ioctl()  local
586 	if (is_vmpck_empty(snp_dev)) {  in snp_guest_ioctl()
587 		dev_err_ratelimited(snp_dev->dev, "VMPCK is disabled\n");  in snp_guest_ioctl()
594 		ret = get_report(snp_dev, &input);  in snp_guest_ioctl()
597 		ret = get_derived_key(snp_dev, &input);  in snp_guest_ioctl()
600 		ret = get_ext_report(snp_dev, &input);  in snp_guest_ioctl()
689 	struct snp_guest_dev *snp_dev;  in sev_guest_probe()  local
705 	snp_dev = devm_kzalloc(&pdev->dev, sizeof(struct snp_guest_dev), GFP_KERNEL);  in sev_guest_probe()
706 	if (!snp_dev)  in sev_guest_probe()
710 	snp_dev->vmpck = get_vmpck(vmpck_id, layout, &snp_dev->os_area_msg_seqno);  in sev_guest_probe()
711 	if (!snp_dev->vmpck) {  in sev_guest_probe()
717 	if (is_vmpck_empty(snp_dev)) {  in sev_guest_probe()
722 	platform_set_drvdata(pdev, snp_dev);  in sev_guest_probe()
723 	snp_dev->dev = dev;  in sev_guest_probe()
724 	snp_dev->layout = layout;  in sev_guest_probe()
727 	snp_dev->request = alloc_shared_pages(dev, sizeof(struct snp_guest_msg));  in sev_guest_probe()
728 	if (!snp_dev->request)  in sev_guest_probe()
731 	snp_dev->response = alloc_shared_pages(dev, sizeof(struct snp_guest_msg));  in sev_guest_probe()
732 	if (!snp_dev->response)  in sev_guest_probe()
735 	snp_dev->certs_data = alloc_shared_pages(dev, SEV_FW_BLOB_MAX_SIZE);  in sev_guest_probe()
736 	if (!snp_dev->certs_data)  in sev_guest_probe()
740 	snp_dev->crypto = init_crypto(snp_dev, snp_dev->vmpck, VMPCK_KEY_LEN);  in sev_guest_probe()
741 	if (!snp_dev->crypto)  in sev_guest_probe()
744 	misc = &snp_dev->misc;  in sev_guest_probe()
750 	snp_dev->input.req_gpa = __pa(snp_dev->request);  in sev_guest_probe()
751 	snp_dev->input.resp_gpa = __pa(snp_dev->response);  in sev_guest_probe()
752 	snp_dev->input.data_gpa = __pa(snp_dev->certs_data);  in sev_guest_probe()
762 	free_shared_pages(snp_dev->certs_data, SEV_FW_BLOB_MAX_SIZE);  in sev_guest_probe()
764 	free_shared_pages(snp_dev->response, sizeof(struct snp_guest_msg));  in sev_guest_probe()
766 	free_shared_pages(snp_dev->request, sizeof(struct snp_guest_msg));  in sev_guest_probe()
774 	struct snp_guest_dev *snp_dev = platform_get_drvdata(pdev);  in sev_guest_remove()  local
776 	free_shared_pages(snp_dev->certs_data, SEV_FW_BLOB_MAX_SIZE);  in sev_guest_remove()
777 	free_shared_pages(snp_dev->response, sizeof(struct snp_guest_msg));  in sev_guest_remove()
778 	free_shared_pages(snp_dev->request, sizeof(struct snp_guest_msg));  in sev_guest_remove()
779 	deinit_crypto(snp_dev->crypto);  in sev_guest_remove()
780 	misc_deregister(&snp_dev->misc);  in sev_guest_remove()