76 static bool is_vmpck_empty(struct snp_guest_dev *snp_dev)  in is_vmpck_empty()  argument
80 	if (snp_dev->vmpck)  in is_vmpck_empty()
81 		return !memcmp(snp_dev->vmpck, zero_key, VMPCK_KEY_LEN);  in is_vmpck_empty()
103 static void snp_disable_vmpck(struct snp_guest_dev *snp_dev)  in snp_disable_vmpck()  argument
105 	dev_alert(snp_dev->dev, "Disabling vmpck_id %d to prevent IV reuse.\n",  in snp_disable_vmpck()
107 	memzero_explicit(snp_dev->vmpck, VMPCK_KEY_LEN);  in snp_disable_vmpck()
108 	snp_dev->vmpck = NULL;  in snp_disable_vmpck()
111 static inline u64 __snp_get_msg_seqno(struct snp_guest_dev *snp_dev)  in __snp_get_msg_seqno()  argument
118 	count = *snp_dev->os_area_msg_seqno;  in __snp_get_msg_seqno()
124 static u64 snp_get_msg_seqno(struct snp_guest_dev *snp_dev)  in snp_get_msg_seqno()  argument
126 	u64 count = __snp_get_msg_seqno(snp_dev);  in snp_get_msg_seqno()
137 		dev_err(snp_dev->dev, "request message sequence counter overflow\n");  in snp_get_msg_seqno()
144 static void snp_inc_msg_seqno(struct snp_guest_dev *snp_dev)  in snp_inc_msg_seqno()  argument
150 	*snp_dev->os_area_msg_seqno += 2;  in snp_inc_msg_seqno()
160 static struct snp_guest_crypto *init_crypto(struct snp_guest_dev *snp_dev, u8 *key, size_t keylen)  in init_crypto()  argument
182 			dev_err(snp_dev->dev, "failed to set authsize to %d\n", MAX_AUTHTAG_LEN);  in init_crypto()
254 static int __enc_payload(struct snp_guest_dev *snp_dev, struct snp_guest_msg *msg,  in __enc_payload()  argument
257 	struct snp_guest_crypto *crypto = snp_dev->crypto;  in __enc_payload()
266 static int dec_payload(struct snp_guest_dev *snp_dev, struct snp_guest_msg *msg,  in dec_payload()  argument
269 	struct snp_guest_crypto *crypto = snp_dev->crypto;  in dec_payload()
279 static int verify_and_dec_payload(struct snp_guest_dev *snp_dev, void *payload, u32 sz)  in verify_and_dec_payload()  argument
281 	struct snp_guest_crypto *crypto = snp_dev->crypto;  in verify_and_dec_payload()
282 	struct snp_guest_msg *resp = &snp_dev->secret_response;  in verify_and_dec_payload()
283 	struct snp_guest_msg *req = &snp_dev->secret_request;  in verify_and_dec_payload()
287 	dev_dbg(snp_dev->dev, "response [seqno %lld type %d version %d sz %d]\n",  in verify_and_dec_payload()
291 	memcpy(resp, snp_dev->response, sizeof(*resp));  in verify_and_dec_payload()
310 	return dec_payload(snp_dev, resp, payload, resp_hdr->msg_sz + crypto->a_len);  in verify_and_dec_payload()
313 static int enc_payload(struct snp_guest_dev *snp_dev, u64 seqno, int version, u8 type,  in enc_payload()  argument
316 	struct snp_guest_msg *req = &snp_dev->secret_request;  in enc_payload()
334 	dev_dbg(snp_dev->dev, "request [seqno %lld type %d version %d sz %d]\n",  in enc_payload()
337 	return __enc_payload(snp_dev, req, payload, sz);  in enc_payload()
340 static int __handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code,  in __handle_guest_request()  argument
355 	rc = snp_issue_guest_request(exit_code, &snp_dev->input, rio);  in __handle_guest_request()
365 		override_npages = snp_dev->input.data_npages;  in __handle_guest_request()
405 	snp_inc_msg_seqno(snp_dev);  in __handle_guest_request()
421 		snp_dev->input.data_npages = override_npages;  in __handle_guest_request()
426 static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code,  in handle_guest_request()  argument
435 	seqno = snp_get_msg_seqno(snp_dev);  in handle_guest_request()
440 	memset(snp_dev->response, 0, sizeof(struct snp_guest_msg));  in handle_guest_request()
443 	rc = enc_payload(snp_dev, seqno, rio->msg_version, type, req_buf, req_sz);  in handle_guest_request()
451 	memcpy(snp_dev->request, &snp_dev->secret_request,  in handle_guest_request()
452 	       sizeof(snp_dev->secret_request));  in handle_guest_request()
454 	rc = __handle_guest_request(snp_dev, exit_code, rio);  in handle_guest_request()
460 		dev_alert(snp_dev->dev,  in handle_guest_request()
464 		snp_disable_vmpck(snp_dev);  in handle_guest_request()
468 	rc = verify_and_dec_payload(snp_dev, resp_buf, resp_sz);  in handle_guest_request()
470 		dev_alert(snp_dev->dev, "Detected unexpected decode failure from ASP. rc: %d\n", rc);  in handle_guest_request()
471 		snp_disable_vmpck(snp_dev);  in handle_guest_request()
478 static int get_report(struct snp_guest_dev *snp_dev, struct snp_guest_request_ioctl *arg)  in get_report()  argument
480 	struct snp_guest_crypto *crypto = snp_dev->crypto;  in get_report()
481 	struct snp_report_req *req = &snp_dev->req.report;  in get_report()
503 	rc = handle_guest_request(snp_dev, SVM_VMGEXIT_GUEST_REQUEST, arg,  in get_report()
517 static int get_derived_key(struct snp_guest_dev *snp_dev, struct snp_guest_request_ioctl *arg)  in get_derived_key()  argument
519 	struct snp_derived_key_req *req = &snp_dev->req.derived_key;  in get_derived_key()
520 	struct snp_guest_crypto *crypto = snp_dev->crypto;  in get_derived_key()
543 	rc = handle_guest_request(snp_dev, SVM_VMGEXIT_GUEST_REQUEST, arg,  in get_derived_key()
558 static int get_ext_report(struct snp_guest_dev *snp_dev, struct snp_guest_request_ioctl *arg)  in get_ext_report()  argument
560 	struct snp_ext_report_req *req = &snp_dev->req.ext_report;  in get_ext_report()
561 	struct snp_guest_crypto *crypto = snp_dev->crypto;  in get_ext_report()
590 	memset(snp_dev->certs_data, 0, req->certs_len);  in get_ext_report()
603 	snp_dev->input.data_npages = npages;  in get_ext_report()
604 	ret = handle_guest_request(snp_dev, SVM_VMGEXIT_EXT_GUEST_REQUEST, arg,  in get_ext_report()
610 		req->certs_len = snp_dev->input.data_npages << PAGE_SHIFT;  in get_ext_report()
620 	    copy_to_user((void __user *)req->certs_address, snp_dev->certs_data,  in get_ext_report()
636 	struct snp_guest_dev *snp_dev = to_snp_dev(file);  in snp_guest_ioctl()  local
653 	if (is_vmpck_empty(snp_dev)) {  in snp_guest_ioctl()
654 		dev_err_ratelimited(snp_dev->dev, "VMPCK is disabled\n");  in snp_guest_ioctl()
661 		ret = get_report(snp_dev, &input);  in snp_guest_ioctl()
664 		ret = get_derived_key(snp_dev, &input);  in snp_guest_ioctl()
667 		ret = get_ext_report(snp_dev, &input);  in snp_guest_ioctl()
756 	struct snp_guest_dev *snp_dev;  in sev_guest_probe()  local
775 	snp_dev = devm_kzalloc(&pdev->dev, sizeof(struct snp_guest_dev), GFP_KERNEL);  in sev_guest_probe()
776 	if (!snp_dev)  in sev_guest_probe()
780 	snp_dev->vmpck = get_vmpck(vmpck_id, layout, &snp_dev->os_area_msg_seqno);  in sev_guest_probe()
781 	if (!snp_dev->vmpck) {  in sev_guest_probe()
787 	if (is_vmpck_empty(snp_dev)) {  in sev_guest_probe()
792 	platform_set_drvdata(pdev, snp_dev);  in sev_guest_probe()
793 	snp_dev->dev = dev;  in sev_guest_probe()
794 	snp_dev->layout = layout;  in sev_guest_probe()
797 	snp_dev->request = alloc_shared_pages(dev, sizeof(struct snp_guest_msg));  in sev_guest_probe()
798 	if (!snp_dev->request)  in sev_guest_probe()
801 	snp_dev->response = alloc_shared_pages(dev, sizeof(struct snp_guest_msg));  in sev_guest_probe()
802 	if (!snp_dev->response)  in sev_guest_probe()
805 	snp_dev->certs_data = alloc_shared_pages(dev, SEV_FW_BLOB_MAX_SIZE);  in sev_guest_probe()
806 	if (!snp_dev->certs_data)  in sev_guest_probe()
810 	snp_dev->crypto = init_crypto(snp_dev, snp_dev->vmpck, VMPCK_KEY_LEN);  in sev_guest_probe()
811 	if (!snp_dev->crypto)  in sev_guest_probe()
814 	misc = &snp_dev->misc;  in sev_guest_probe()
820 	snp_dev->input.req_gpa = __pa(snp_dev->request);  in sev_guest_probe()
821 	snp_dev->input.resp_gpa = __pa(snp_dev->response);  in sev_guest_probe()
822 	snp_dev->input.data_gpa = __pa(snp_dev->certs_data);  in sev_guest_probe()
832 	free_shared_pages(snp_dev->certs_data, SEV_FW_BLOB_MAX_SIZE);  in sev_guest_probe()
834 	free_shared_pages(snp_dev->response, sizeof(struct snp_guest_msg));  in sev_guest_probe()
836 	free_shared_pages(snp_dev->request, sizeof(struct snp_guest_msg));  in sev_guest_probe()
844 	struct snp_guest_dev *snp_dev = platform_get_drvdata(pdev);  in sev_guest_remove()  local
846 	free_shared_pages(snp_dev->certs_data, SEV_FW_BLOB_MAX_SIZE);  in sev_guest_remove()
847 	free_shared_pages(snp_dev->response, sizeof(struct snp_guest_msg));  in sev_guest_remove()
848 	free_shared_pages(snp_dev->request, sizeof(struct snp_guest_msg));  in sev_guest_remove()
849 	deinit_crypto(snp_dev->crypto);  in sev_guest_remove()
850 	misc_deregister(&snp_dev->misc);  in sev_guest_remove()