71 static bool is_vmpck_empty(struct snp_guest_dev *snp_dev)  in is_vmpck_empty()  argument
75 	if (snp_dev->vmpck)  in is_vmpck_empty()
76 		return !memcmp(snp_dev->vmpck, zero_key, VMPCK_KEY_LEN);  in is_vmpck_empty()
98 static void snp_disable_vmpck(struct snp_guest_dev *snp_dev)  in snp_disable_vmpck()  argument
100 	dev_alert(snp_dev->dev, "Disabling vmpck_id %d to prevent IV reuse.\n",  in snp_disable_vmpck()
102 	memzero_explicit(snp_dev->vmpck, VMPCK_KEY_LEN);  in snp_disable_vmpck()
103 	snp_dev->vmpck = NULL;  in snp_disable_vmpck()
106 static inline u64 __snp_get_msg_seqno(struct snp_guest_dev *snp_dev)  in __snp_get_msg_seqno()  argument
113 	count = *snp_dev->os_area_msg_seqno;  in __snp_get_msg_seqno()
119 static u64 snp_get_msg_seqno(struct snp_guest_dev *snp_dev)  in snp_get_msg_seqno()  argument
121 	u64 count = __snp_get_msg_seqno(snp_dev);  in snp_get_msg_seqno()
132 		dev_err(snp_dev->dev, "request message sequence counter overflow\n");  in snp_get_msg_seqno()
139 static void snp_inc_msg_seqno(struct snp_guest_dev *snp_dev)  in snp_inc_msg_seqno()  argument
145 	*snp_dev->os_area_msg_seqno += 2;  in snp_inc_msg_seqno()
155 static struct snp_guest_crypto *init_crypto(struct snp_guest_dev *snp_dev, u8 *key, size_t keylen)  in init_crypto()  argument
177 			dev_err(snp_dev->dev, "failed to set authsize to %d\n", MAX_AUTHTAG_LEN);  in init_crypto()
249 static int __enc_payload(struct snp_guest_dev *snp_dev, struct snp_guest_msg *msg,  in __enc_payload()  argument
252 	struct snp_guest_crypto *crypto = snp_dev->crypto;  in __enc_payload()
261 static int dec_payload(struct snp_guest_dev *snp_dev, struct snp_guest_msg *msg,  in dec_payload()  argument
264 	struct snp_guest_crypto *crypto = snp_dev->crypto;  in dec_payload()
274 static int verify_and_dec_payload(struct snp_guest_dev *snp_dev, void *payload, u32 sz)  in verify_and_dec_payload()  argument
276 	struct snp_guest_crypto *crypto = snp_dev->crypto;  in verify_and_dec_payload()
277 	struct snp_guest_msg *resp = &snp_dev->secret_response;  in verify_and_dec_payload()
278 	struct snp_guest_msg *req = &snp_dev->secret_request;  in verify_and_dec_payload()
282 	dev_dbg(snp_dev->dev, "response [seqno %lld type %d version %d sz %d]\n",  in verify_and_dec_payload()
286 	memcpy(resp, snp_dev->response, sizeof(*resp));  in verify_and_dec_payload()
305 	return dec_payload(snp_dev, resp, payload, resp_hdr->msg_sz + crypto->a_len);  in verify_and_dec_payload()
308 static int enc_payload(struct snp_guest_dev *snp_dev, u64 seqno, int version, u8 type,  in enc_payload()  argument
311 	struct snp_guest_msg *req = &snp_dev->secret_request;  in enc_payload()
329 	dev_dbg(snp_dev->dev, "request [seqno %lld type %d version %d sz %d]\n",  in enc_payload()
332 	return __enc_payload(snp_dev, req, payload, sz);  in enc_payload()
335 static int __handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code,  in __handle_guest_request()  argument
350 	rc = snp_issue_guest_request(exit_code, &snp_dev->input, rio);  in __handle_guest_request()
360 		override_npages = snp_dev->input.data_npages;  in __handle_guest_request()
400 	snp_inc_msg_seqno(snp_dev);  in __handle_guest_request()
416 		snp_dev->input.data_npages = override_npages;  in __handle_guest_request()
421 static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code,  in handle_guest_request()  argument
430 	seqno = snp_get_msg_seqno(snp_dev);  in handle_guest_request()
435 	memset(snp_dev->response, 0, sizeof(struct snp_guest_msg));  in handle_guest_request()
438 	rc = enc_payload(snp_dev, seqno, rio->msg_version, type, req_buf, req_sz);  in handle_guest_request()
446 	memcpy(snp_dev->request, &snp_dev->secret_request,  in handle_guest_request()
447 	       sizeof(snp_dev->secret_request));  in handle_guest_request()
449 	rc = __handle_guest_request(snp_dev, exit_code, rio);  in handle_guest_request()
455 		dev_alert(snp_dev->dev,  in handle_guest_request()
459 		snp_disable_vmpck(snp_dev);  in handle_guest_request()
463 	rc = verify_and_dec_payload(snp_dev, resp_buf, resp_sz);  in handle_guest_request()
465 		dev_alert(snp_dev->dev, "Detected unexpected decode failure from ASP. rc: %d\n", rc);  in handle_guest_request()
466 		snp_disable_vmpck(snp_dev);  in handle_guest_request()
473 static int get_report(struct snp_guest_dev *snp_dev, struct snp_guest_request_ioctl *arg)  in get_report()  argument
475 	struct snp_guest_crypto *crypto = snp_dev->crypto;  in get_report()
498 	rc = handle_guest_request(snp_dev, SVM_VMGEXIT_GUEST_REQUEST, arg,  in get_report()
512 static int get_derived_key(struct snp_guest_dev *snp_dev, struct snp_guest_request_ioctl *arg)  in get_derived_key()  argument
514 	struct snp_guest_crypto *crypto = snp_dev->crypto;  in get_derived_key()
538 	rc = handle_guest_request(snp_dev, SVM_VMGEXIT_GUEST_REQUEST, arg,  in get_derived_key()
553 static int get_ext_report(struct snp_guest_dev *snp_dev, struct snp_guest_request_ioctl *arg)  in get_ext_report()  argument
555 	struct snp_guest_crypto *crypto = snp_dev->crypto;  in get_ext_report()
585 	memset(snp_dev->certs_data, 0, req.certs_len);  in get_ext_report()
598 	snp_dev->input.data_npages = npages;  in get_ext_report()
599 	ret = handle_guest_request(snp_dev, SVM_VMGEXIT_EXT_GUEST_REQUEST, arg,  in get_ext_report()
605 		req.certs_len = snp_dev->input.data_npages << PAGE_SHIFT;  in get_ext_report()
615 	    copy_to_user((void __user *)req.certs_address, snp_dev->certs_data,  in get_ext_report()
631 	struct snp_guest_dev *snp_dev = to_snp_dev(file);  in snp_guest_ioctl()  local
648 	if (is_vmpck_empty(snp_dev)) {  in snp_guest_ioctl()
649 		dev_err_ratelimited(snp_dev->dev, "VMPCK is disabled\n");  in snp_guest_ioctl()
656 		ret = get_report(snp_dev, &input);  in snp_guest_ioctl()
659 		ret = get_derived_key(snp_dev, &input);  in snp_guest_ioctl()
662 		ret = get_ext_report(snp_dev, &input);  in snp_guest_ioctl()
751 	struct snp_guest_dev *snp_dev;  in sev_guest_probe()  local
770 	snp_dev = devm_kzalloc(&pdev->dev, sizeof(struct snp_guest_dev), GFP_KERNEL);  in sev_guest_probe()
771 	if (!snp_dev)  in sev_guest_probe()
775 	snp_dev->vmpck = get_vmpck(vmpck_id, layout, &snp_dev->os_area_msg_seqno);  in sev_guest_probe()
776 	if (!snp_dev->vmpck) {  in sev_guest_probe()
782 	if (is_vmpck_empty(snp_dev)) {  in sev_guest_probe()
787 	platform_set_drvdata(pdev, snp_dev);  in sev_guest_probe()
788 	snp_dev->dev = dev;  in sev_guest_probe()
789 	snp_dev->layout = layout;  in sev_guest_probe()
792 	snp_dev->request = alloc_shared_pages(dev, sizeof(struct snp_guest_msg));  in sev_guest_probe()
793 	if (!snp_dev->request)  in sev_guest_probe()
796 	snp_dev->response = alloc_shared_pages(dev, sizeof(struct snp_guest_msg));  in sev_guest_probe()
797 	if (!snp_dev->response)  in sev_guest_probe()
800 	snp_dev->certs_data = alloc_shared_pages(dev, SEV_FW_BLOB_MAX_SIZE);  in sev_guest_probe()
801 	if (!snp_dev->certs_data)  in sev_guest_probe()
805 	snp_dev->crypto = init_crypto(snp_dev, snp_dev->vmpck, VMPCK_KEY_LEN);  in sev_guest_probe()
806 	if (!snp_dev->crypto)  in sev_guest_probe()
809 	misc = &snp_dev->misc;  in sev_guest_probe()
815 	snp_dev->input.req_gpa = __pa(snp_dev->request);  in sev_guest_probe()
816 	snp_dev->input.resp_gpa = __pa(snp_dev->response);  in sev_guest_probe()
817 	snp_dev->input.data_gpa = __pa(snp_dev->certs_data);  in sev_guest_probe()
827 	free_shared_pages(snp_dev->certs_data, SEV_FW_BLOB_MAX_SIZE);  in sev_guest_probe()
829 	free_shared_pages(snp_dev->response, sizeof(struct snp_guest_msg));  in sev_guest_probe()
831 	free_shared_pages(snp_dev->request, sizeof(struct snp_guest_msg));  in sev_guest_probe()
839 	struct snp_guest_dev *snp_dev = platform_get_drvdata(pdev);  in sev_guest_remove()  local
841 	free_shared_pages(snp_dev->certs_data, SEV_FW_BLOB_MAX_SIZE);  in sev_guest_remove()
842 	free_shared_pages(snp_dev->response, sizeof(struct snp_guest_msg));  in sev_guest_remove()
843 	free_shared_pages(snp_dev->request, sizeof(struct snp_guest_msg));  in sev_guest_remove()
844 	deinit_crypto(snp_dev->crypto);  in sev_guest_remove()
845 	misc_deregister(&snp_dev->misc);  in sev_guest_remove()