x86/tdx: Add a wrapper to get TDREPORT0 from the TDX Module
To support TDX attestation, the TDX guest driver exposes an IOCTL interface to allow userspace to get the TDREPORT0 (a.k.a. TDREPORT subtype 0) from the TDX module via TDG.MR.TDREPORT TDCALL. In order to get the TDREPORT0 in the TDX guest driver, instead of using a low level function like __tdx_module_call(), add a tdx_mcall_get_report0() wrapper function to handle it. This is a preparatory patch for adding attestation support. Signed-off-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com> Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com> Acked-by: Wander Lairson Costa <wander@redhat.com> Link: https://lore.kernel.org/all/20221116223820.819090-2-sathyanarayanan.kuppuswamy%40linux.intel.com
This commit is contained in:
parent
094226ad94
commit
51acfe89af
@ -5,6 +5,8 @@
|
|||||||
#define pr_fmt(fmt) "tdx: " fmt
|
#define pr_fmt(fmt) "tdx: " fmt
|
||||||
|
|
||||||
#include <linux/cpufeature.h>
|
#include <linux/cpufeature.h>
|
||||||
|
#include <linux/export.h>
|
||||||
|
#include <linux/io.h>
|
||||||
#include <asm/coco.h>
|
#include <asm/coco.h>
|
||||||
#include <asm/tdx.h>
|
#include <asm/tdx.h>
|
||||||
#include <asm/vmx.h>
|
#include <asm/vmx.h>
|
||||||
@ -15,6 +17,7 @@
|
|||||||
/* TDX module Call Leaf IDs */
|
/* TDX module Call Leaf IDs */
|
||||||
#define TDX_GET_INFO 1
|
#define TDX_GET_INFO 1
|
||||||
#define TDX_GET_VEINFO 3
|
#define TDX_GET_VEINFO 3
|
||||||
|
#define TDX_GET_REPORT 4
|
||||||
#define TDX_ACCEPT_PAGE 6
|
#define TDX_ACCEPT_PAGE 6
|
||||||
|
|
||||||
/* TDX hypercall Leaf IDs */
|
/* TDX hypercall Leaf IDs */
|
||||||
@ -36,6 +39,12 @@
|
|||||||
|
|
||||||
#define ATTR_SEPT_VE_DISABLE BIT(28)
|
#define ATTR_SEPT_VE_DISABLE BIT(28)
|
||||||
|
|
||||||
|
/* TDX Module call error codes */
|
||||||
|
#define TDCALL_RETURN_CODE(a) ((a) >> 32)
|
||||||
|
#define TDCALL_INVALID_OPERAND 0xc0000100
|
||||||
|
|
||||||
|
#define TDREPORT_SUBTYPE_0 0
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Wrapper for standard use of __tdx_hypercall with no output aside from
|
* Wrapper for standard use of __tdx_hypercall with no output aside from
|
||||||
* return code.
|
* return code.
|
||||||
@ -100,6 +109,37 @@ static inline void tdx_module_call(u64 fn, u64 rcx, u64 rdx, u64 r8, u64 r9,
|
|||||||
panic("TDCALL %lld failed (Buggy TDX module!)\n", fn);
|
panic("TDCALL %lld failed (Buggy TDX module!)\n", fn);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* tdx_mcall_get_report0() - Wrapper to get TDREPORT0 (a.k.a. TDREPORT
|
||||||
|
* subtype 0) using TDG.MR.REPORT TDCALL.
|
||||||
|
* @reportdata: Address of the input buffer which contains user-defined
|
||||||
|
* REPORTDATA to be included into TDREPORT.
|
||||||
|
* @tdreport: Address of the output buffer to store TDREPORT.
|
||||||
|
*
|
||||||
|
* Refer to section titled "TDG.MR.REPORT leaf" in the TDX Module
|
||||||
|
* v1.0 specification for more information on TDG.MR.REPORT TDCALL.
|
||||||
|
* It is used in the TDX guest driver module to get the TDREPORT0.
|
||||||
|
*
|
||||||
|
* Return 0 on success, -EINVAL for invalid operands, or -EIO on
|
||||||
|
* other TDCALL failures.
|
||||||
|
*/
|
||||||
|
int tdx_mcall_get_report0(u8 *reportdata, u8 *tdreport)
|
||||||
|
{
|
||||||
|
u64 ret;
|
||||||
|
|
||||||
|
ret = __tdx_module_call(TDX_GET_REPORT, virt_to_phys(tdreport),
|
||||||
|
virt_to_phys(reportdata), TDREPORT_SUBTYPE_0,
|
||||||
|
0, NULL);
|
||||||
|
if (ret) {
|
||||||
|
if (TDCALL_RETURN_CODE(ret) == TDCALL_INVALID_OPERAND)
|
||||||
|
return -EINVAL;
|
||||||
|
return -EIO;
|
||||||
|
}
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
EXPORT_SYMBOL_GPL(tdx_mcall_get_report0);
|
||||||
|
|
||||||
static void tdx_parse_tdinfo(u64 *cc_mask)
|
static void tdx_parse_tdinfo(u64 *cc_mask)
|
||||||
{
|
{
|
||||||
struct tdx_module_output out;
|
struct tdx_module_output out;
|
||||||
|
@ -67,6 +67,8 @@ void tdx_safe_halt(void);
|
|||||||
|
|
||||||
bool tdx_early_handle_ve(struct pt_regs *regs);
|
bool tdx_early_handle_ve(struct pt_regs *regs);
|
||||||
|
|
||||||
|
int tdx_mcall_get_report0(u8 *reportdata, u8 *tdreport);
|
||||||
|
|
||||||
#else
|
#else
|
||||||
|
|
||||||
static inline void tdx_early_init(void) { };
|
static inline void tdx_early_init(void) { };
|
||||||
|
Loading…
Reference in New Issue
Block a user