tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

configfs-tsm: Namespace TSM report symbols

In preparation for new + common TSM (TEE Security Manager)
infrastructure, namespace the TSM report symbols in tsm.h with an
_REPORT suffix to differentiate them from other incoming tsm work.

Cc: Yilun Xu <yilun.xu@intel.com>
Cc: Samuel Ortiz <sameo@rivosinc.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Steven Price <steven.price@arm.com>
Reviewed-by: Alexey Kardashevskiy <aik@amd.com>
Reviewed-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Reviewed-by: Kai Huang <kai.huang@intel.com>
Reviewed-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>
Reviewed-by: Steven Price <steven.price@arm.com>
Link: https://patch.msgid.link/174107246021.1288555.7203769833791489618.stgit@dwillia2-xfh.jf.intel.com
Signed-off-by: Dan Williams <dan.j.williams@intel.com>

Dan Williams 71ded61b 8ffd015d

+42 -42
Documentation/ABI/testing/configfs-tsm Documentation/ABI/testing/configfs-tsm-report
+1 -1
MAINTAINERS
··· 24559 24559 M: Dan Williams <dan.j.williams@intel.com> 24560 24560 L: linux-coco@lists.linux.dev 24561 24561 S: Maintained 24562 - F: Documentation/ABI/testing/configfs-tsm 24562 + F: Documentation/ABI/testing/configfs-tsm-report 24563 24563 F: drivers/virt/coco/tsm.c 24564 24564 F: include/linux/tsm.h 24565 24565
+4 -4
drivers/virt/coco/arm-cca-guest/arm-cca-guest.c
··· 96 96 struct arm_cca_token_info info; 97 97 void *buf; 98 98 u8 *token __free(kvfree) = NULL; 99 - struct tsm_desc *desc = &report->desc; 99 + struct tsm_report_desc *desc = &report->desc; 100 100 101 101 if (desc->inblob_len < 32 || desc->inblob_len > 64) 102 102 return -EINVAL; ··· 181 181 return ret; 182 182 } 183 183 184 - static const struct tsm_ops arm_cca_tsm_ops = { 184 + static const struct tsm_report_ops arm_cca_tsm_ops = { 185 185 .name = KBUILD_MODNAME, 186 186 .report_new = arm_cca_report_new, 187 187 }; ··· 202 202 if (!is_realm_world()) 203 203 return -ENODEV; 204 204 205 - ret = tsm_register(&arm_cca_tsm_ops, NULL); 205 + ret = tsm_report_register(&arm_cca_tsm_ops, NULL); 206 206 if (ret < 0) 207 207 pr_err("Error %d registering with TSM\n", ret); 208 208 ··· 216 216 */ 217 217 static void __exit arm_cca_guest_exit(void) 218 218 { 219 - tsm_unregister(&arm_cca_tsm_ops); 219 + tsm_report_unregister(&arm_cca_tsm_ops); 220 220 } 221 221 module_exit(arm_cca_guest_exit); 222 222
+6 -6
drivers/virt/coco/sev-guest/sev-guest.c
··· 346 346 static int sev_svsm_report_new(struct tsm_report *report, void *data) 347 347 { 348 348 unsigned int rep_len, man_len, certs_len; 349 - struct tsm_desc *desc = &report->desc; 349 + struct tsm_report_desc *desc = &report->desc; 350 350 struct svsm_attest_call ac = {}; 351 351 unsigned int retry_count; 352 352 void *rep, *man, *certs; ··· 481 481 static int sev_report_new(struct tsm_report *report, void *data) 482 482 { 483 483 struct snp_msg_cert_entry *cert_table; 484 - struct tsm_desc *desc = &report->desc; 484 + struct tsm_report_desc *desc = &report->desc; 485 485 struct snp_guest_dev *snp_dev = data; 486 486 struct snp_msg_report_resp_hdr hdr; 487 487 const u32 report_size = SZ_4K; ··· 610 610 return false; 611 611 } 612 612 613 - static struct tsm_ops sev_tsm_ops = { 613 + static struct tsm_report_ops sev_tsm_report_ops = { 614 614 .name = KBUILD_MODNAME, 615 615 .report_new = sev_report_new, 616 616 .report_attr_visible = sev_report_attr_visible, ··· 619 619 620 620 static void unregister_sev_tsm(void *data) 621 621 { 622 - tsm_unregister(&sev_tsm_ops); 622 + tsm_report_unregister(&sev_tsm_report_ops); 623 623 } 624 624 625 625 static int __init sev_guest_probe(struct platform_device *pdev) ··· 656 656 misc->fops = &snp_guest_fops; 657 657 658 658 /* Set the privlevel_floor attribute based on the vmpck_id */ 659 - sev_tsm_ops.privlevel_floor = mdesc->vmpck_id; 659 + sev_tsm_report_ops.privlevel_floor = mdesc->vmpck_id; 660 660 661 - ret = tsm_register(&sev_tsm_ops, snp_dev); 661 + ret = tsm_report_register(&sev_tsm_report_ops, snp_dev); 662 662 if (ret) 663 663 goto e_msg_init; 664 664
+4 -4
drivers/virt/coco/tdx-guest/tdx-guest.c
··· 161 161 { 162 162 u8 *buf, *reportdata = NULL, *tdreport = NULL; 163 163 struct tdx_quote_buf *quote_buf = quote_data; 164 - struct tsm_desc *desc = &report->desc; 164 + struct tsm_report_desc *desc = &report->desc; 165 165 int ret; 166 166 u64 err; 167 167 ··· 297 297 }; 298 298 MODULE_DEVICE_TABLE(x86cpu, tdx_guest_ids); 299 299 300 - static const struct tsm_ops tdx_tsm_ops = { 300 + static const struct tsm_report_ops tdx_tsm_ops = { 301 301 .name = KBUILD_MODNAME, 302 302 .report_new = tdx_report_new, 303 303 .report_attr_visible = tdx_report_attr_visible, ··· 322 322 goto free_misc; 323 323 } 324 324 325 - ret = tsm_register(&tdx_tsm_ops, NULL); 325 + ret = tsm_report_register(&tdx_tsm_ops, NULL); 326 326 if (ret) 327 327 goto free_quote; 328 328 ··· 339 339 340 340 static void __exit tdx_guest_exit(void) 341 341 { 342 - tsm_unregister(&tdx_tsm_ops); 342 + tsm_report_unregister(&tdx_tsm_ops); 343 343 free_quote_buf(quote_data); 344 344 misc_deregister(&tdx_misc_dev); 345 345 }
+16 -16
drivers/virt/coco/tsm.c
··· 13 13 #include <linux/configfs.h> 14 14 15 15 static struct tsm_provider { 16 - const struct tsm_ops *ops; 16 + const struct tsm_report_ops *ops; 17 17 void *data; 18 18 } provider; 19 19 static DECLARE_RWSEM(tsm_rwsem); ··· 98 98 * SEV-SNP GHCB) and a minimum of a TSM selected floor value no less 99 99 * than 0. 100 100 */ 101 - if (provider.ops->privlevel_floor > val || val > TSM_PRIVLEVEL_MAX) 101 + if (provider.ops->privlevel_floor > val || val > TSM_REPORT_PRIVLEVEL_MAX) 102 102 return -EINVAL; 103 103 104 104 guard(rwsem_write)(&tsm_rwsem); ··· 202 202 memcpy(report->desc.inblob, buf, count); 203 203 return count; 204 204 } 205 - CONFIGFS_BIN_ATTR_WO(tsm_report_, inblob, NULL, TSM_INBLOB_MAX); 205 + CONFIGFS_BIN_ATTR_WO(tsm_report_, inblob, NULL, TSM_REPORT_INBLOB_MAX); 206 206 207 207 static ssize_t tsm_report_generation_show(struct config_item *cfg, char *buf) 208 208 { ··· 272 272 size_t count, enum tsm_data_select select) 273 273 { 274 274 struct tsm_report_state *state = to_state(report); 275 - const struct tsm_ops *ops; 275 + const struct tsm_report_ops *ops; 276 276 ssize_t rc; 277 277 278 278 /* try to read from the existing report if present and valid... */ ··· 314 314 315 315 return tsm_report_read(report, buf, count, TSM_REPORT); 316 316 } 317 - CONFIGFS_BIN_ATTR_RO(tsm_report_, outblob, NULL, TSM_OUTBLOB_MAX); 317 + CONFIGFS_BIN_ATTR_RO(tsm_report_, outblob, NULL, TSM_REPORT_OUTBLOB_MAX); 318 318 319 319 static ssize_t tsm_report_auxblob_read(struct config_item *cfg, void *buf, 320 320 size_t count) ··· 323 323 324 324 return tsm_report_read(report, buf, count, TSM_CERTS); 325 325 } 326 - CONFIGFS_BIN_ATTR_RO(tsm_report_, auxblob, NULL, TSM_OUTBLOB_MAX); 326 + CONFIGFS_BIN_ATTR_RO(tsm_report_, auxblob, NULL, TSM_REPORT_OUTBLOB_MAX); 327 327 328 328 static ssize_t tsm_report_manifestblob_read(struct config_item *cfg, void *buf, 329 329 size_t count) ··· 332 332 333 333 return tsm_report_read(report, buf, count, TSM_MANIFEST); 334 334 } 335 - CONFIGFS_BIN_ATTR_RO(tsm_report_, manifestblob, NULL, TSM_OUTBLOB_MAX); 335 + CONFIGFS_BIN_ATTR_RO(tsm_report_, manifestblob, NULL, TSM_REPORT_OUTBLOB_MAX); 336 336 337 337 static struct configfs_attribute *tsm_report_attrs[] = { 338 338 [TSM_REPORT_GENERATION] = &tsm_report_attr_generation, ··· 448 448 .su_mutex = __MUTEX_INITIALIZER(tsm_configfs.su_mutex), 449 449 }; 450 450 451 - int tsm_register(const struct tsm_ops *ops, void *priv) 451 + int tsm_report_register(const struct tsm_report_ops *ops, void *priv) 452 452 { 453 - const struct tsm_ops *conflict; 453 + const struct tsm_report_ops *conflict; 454 454 455 455 guard(rwsem_write)(&tsm_rwsem); 456 456 conflict = provider.ops; ··· 463 463 provider.data = priv; 464 464 return 0; 465 465 } 466 - EXPORT_SYMBOL_GPL(tsm_register); 466 + EXPORT_SYMBOL_GPL(tsm_report_register); 467 467 468 - int tsm_unregister(const struct tsm_ops *ops) 468 + int tsm_report_unregister(const struct tsm_report_ops *ops) 469 469 { 470 470 guard(rwsem_write)(&tsm_rwsem); 471 471 if (ops != provider.ops) ··· 474 474 provider.data = NULL; 475 475 return 0; 476 476 } 477 - EXPORT_SYMBOL_GPL(tsm_unregister); 477 + EXPORT_SYMBOL_GPL(tsm_report_unregister); 478 478 479 479 static struct config_group *tsm_report_group; 480 480 481 - static int __init tsm_init(void) 481 + static int __init tsm_report_init(void) 482 482 { 483 483 struct config_group *root = &tsm_configfs.su_group; 484 484 struct config_group *tsm; ··· 499 499 500 500 return 0; 501 501 } 502 - module_init(tsm_init); 502 + module_init(tsm_report_init); 503 503 504 - static void __exit tsm_exit(void) 504 + static void __exit tsm_report_exit(void) 505 505 { 506 506 configfs_unregister_default_group(tsm_report_group); 507 507 configfs_unregister_subsystem(&tsm_configfs); 508 508 } 509 - module_exit(tsm_exit); 509 + module_exit(tsm_report_exit); 510 510 511 511 MODULE_LICENSE("GPL"); 512 512 MODULE_DESCRIPTION("Provide Trusted Security Module attestation reports via configfs");
+11 -11
include/linux/tsm.h
··· 6 6 #include <linux/types.h> 7 7 #include <linux/uuid.h> 8 8 9 - #define TSM_INBLOB_MAX 64 10 - #define TSM_OUTBLOB_MAX SZ_32K 9 + #define TSM_REPORT_INBLOB_MAX 64 10 + #define TSM_REPORT_OUTBLOB_MAX SZ_32K 11 11 12 12 /* 13 13 * Privilege level is a nested permission concept to allow confidential 14 14 * guests to partition address space, 4-levels are supported. 15 15 */ 16 - #define TSM_PRIVLEVEL_MAX 3 16 + #define TSM_REPORT_PRIVLEVEL_MAX 3 17 17 18 18 /** 19 - * struct tsm_desc - option descriptor for generating tsm report blobs 19 + * struct tsm_report_desc - option descriptor for generating tsm report blobs 20 20 * @privlevel: optional privilege level to associate with @outblob 21 21 * @inblob_len: sizeof @inblob 22 22 * @inblob: arbitrary input data ··· 24 24 * @service_guid: optional service-provider service guid to attest 25 25 * @service_manifest_version: optional service-provider service manifest version requested 26 26 */ 27 - struct tsm_desc { 27 + struct tsm_report_desc { 28 28 unsigned int privlevel; 29 29 size_t inblob_len; 30 - u8 inblob[TSM_INBLOB_MAX]; 30 + u8 inblob[TSM_REPORT_INBLOB_MAX]; 31 31 char *service_provider; 32 32 guid_t service_guid; 33 33 unsigned int service_manifest_version; ··· 44 44 * @manifestblob: (optional) manifest data associated with the report 45 45 */ 46 46 struct tsm_report { 47 - struct tsm_desc desc; 47 + struct tsm_report_desc desc; 48 48 size_t outblob_len; 49 49 u8 *outblob; 50 50 size_t auxblob_len; ··· 88 88 }; 89 89 90 90 /** 91 - * struct tsm_ops - attributes and operations for tsm instances 91 + * struct tsm_report_ops - attributes and operations for tsm_report instances 92 92 * @name: tsm id reflected in /sys/kernel/config/tsm/report/$report/provider 93 93 * @privlevel_floor: convey base privlevel for nested scenarios 94 94 * @report_new: Populate @report with the report blob and auxblob ··· 99 99 * Implementation specific ops, only one is expected to be registered at 100 100 * a time i.e. only one of "sev-guest", "tdx-guest", etc. 101 101 */ 102 - struct tsm_ops { 102 + struct tsm_report_ops { 103 103 const char *name; 104 104 unsigned int privlevel_floor; 105 105 int (*report_new)(struct tsm_report *report, void *data); ··· 107 107 bool (*report_bin_attr_visible)(int n); 108 108 }; 109 109 110 - int tsm_register(const struct tsm_ops *ops, void *priv); 111 - int tsm_unregister(const struct tsm_ops *ops); 110 + int tsm_report_register(const struct tsm_report_ops *ops, void *priv); 111 + int tsm_report_unregister(const struct tsm_report_ops *ops); 112 112 #endif /* __TSM_H */