sev-guest: configfs-tsm: Allow the privlevel_floor attribute to be updated

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

With the introduction of an SVSM, Linux will be running at a non-zero
VMPL. Any request for an attestation report at a higher privilege VMPL
than what Linux is currently running will result in an error. Allow for
the privlevel_floor attribute to be updated dynamically.

[ bp: Trim commit message. ]

Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Link: https://lore.kernel.org/r/5a736be9384aebd98a0b7c929660f8a97cbdc366.1717600736.git.thomas.lendacky@amd.com

authored by

Tom Lendacky and committed by

Borislav Petkov (AMD) 2 years ago 614dc0fb eb65f96c

+5 -2

2 changed files

expand all

drivers

virt

coco

sev-guest

sev-guest.c

include

linux

tsm.h

+4 -1

drivers/virt/coco/sev-guest/sev-guest.c

··· 892 892 return 0; 893 893 } 894 894 895 - static const struct tsm_ops sev_tsm_ops = { 895 + static struct tsm_ops sev_tsm_ops = { 896 896 .name = KBUILD_MODNAME, 897 897 .report_new = sev_report_new, 898 898 }; ··· 978 978 snp_dev->input.req_gpa = __pa(snp_dev->request); 979 979 snp_dev->input.resp_gpa = __pa(snp_dev->response); 980 980 snp_dev->input.data_gpa = __pa(snp_dev->certs_data); 981 + 982 + /* Set the privlevel_floor attribute based on the vmpck_id */ 983 + sev_tsm_ops.privlevel_floor = vmpck_id; 981 984 982 985 ret = tsm_register(&sev_tsm_ops, snp_dev, &tsm_report_extra_type); 983 986 if (ret)

+1 -1

include/linux/tsm.h

··· 54 54 */ 55 55 struct tsm_ops { 56 56 const char *name; 57 - const unsigned int privlevel_floor; 57 + unsigned int privlevel_floor; 58 58 int (*report_new)(struct tsm_report *report, void *data); 59 59 }; 60 60