From: Brijesh Singh <brijesh.singh@amd.com>
To: Borislav Petkov <bp@suse.de>
Cc: brijesh.singh@amd.com, linux-kernel@vger.kernel.org,
kvm@vger.kernel.org, "Paolo Bonzini" <pbonzini@redhat.com>,
"Radim Krčmář" <rkrcmar@redhat.com>,
"Herbert Xu" <herbert@gondor.apana.org.au>,
"Gary Hook" <gary.hook@amd.com>,
"Tom Lendacky" <thomas.lendacky@amd.com>,
linux-crypto@vger.kernel.org
Subject: Re: [Part2 PATCH v4 05/29] crypto: ccp: Add Platform Security Processor (PSP) device support
Date: Sat, 30 Sep 2017 10:55:25 -0500 [thread overview]
Message-ID: <1fc76eee-f25b-cd38-cc8d-0404ec94cf79@amd.com> (raw)
In-Reply-To: <20170929151607.zn4lmdkyn25sczfg@pd.tnic>
On 9/29/17 10:16 AM, Borislav Petkov wrote:
...
> +
>> +config CRYPTO_DEV_SP_PSP
>> + bool "Platform Security Processor (PSP) device"
>> + default y
>> + depends on CRYPTO_DEV_CCP_DD
> So this last symbol CRYPTO_DEV_CCP_DD is default m and it doesn't depend
> on anything. And I'm pretty sure it should depend on CPU_SUP_AMD as this
> is AMD-specific hw. You can add that dependency in a prepatch.
CRYPTO_DEV_CCP_DD is supported on aarch64 and x86. Whereas the PSP
interface I am adding is available on x86 only hence its safe to add add
depend on CPU_SUP_AMD for CRYPTO_DEV_SP_PSP.
> And what happened to adding dependencies on CONFIG_KVM_AMD? Or can you
> use the PSP without virtualization in any sensible way?
Yes its very much possible. The SEV FW provides two sets of commands 1)
platform certificate management and 2) guest management
The platform certificate management commands is used outside the
CONFIG_KVM_AMD.
-Brijesh
next prev parent reply other threads:[~2017-09-30 15:55 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-19 20:45 [Part2 PATCH v4 00/29] x86: Secure Encrypted Virtualization (AMD) Brijesh Singh
2017-09-19 20:46 ` [Part2 PATCH v4 05/29] crypto: ccp: Add Platform Security Processor (PSP) device support Brijesh Singh
2017-09-29 15:16 ` Borislav Petkov
2017-09-29 16:23 ` [Part2 PATCH v4.1 05/30] " Brijesh Singh
2017-09-30 8:30 ` [PATCH] crypto: ccp: Build the AMD secure processor driver only with AMD CPU support Borislav Petkov
2017-09-30 14:06 ` Brijesh Singh
2017-09-30 15:53 ` Borislav Petkov
2017-09-30 15:55 ` Brijesh Singh [this message]
2017-09-30 16:11 ` [Part2 PATCH v4 05/29] crypto: ccp: Add Platform Security Processor (PSP) device support Borislav Petkov
2017-10-01 20:05 ` Brijesh Singh
2017-10-03 16:17 ` Borislav Petkov
2017-10-03 16:19 ` Brijesh Singh
2017-10-02 16:43 ` [Part2 Patch v4.2] " Brijesh Singh
2017-10-04 6:36 ` P J P
2017-10-04 9:15 ` Borislav Petkov
2017-09-19 20:46 ` [Part2 PATCH v4 06/29] ccp: crypto: Define SEV key management command id Brijesh Singh
2017-09-19 20:46 ` [Part2 PATCH v4 07/29] crypto: ccp: Add Secure Encrypted Virtualization (SEV) command support Brijesh Singh
2017-09-22 21:35 ` kbuild test robot
2017-09-22 21:35 ` [PATCH] crypto: ccp: fix eno.cocci warnings kbuild test robot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1fc76eee-f25b-cd38-cc8d-0404ec94cf79@amd.com \
--to=brijesh.singh@amd.com \
--cc=bp@suse.de \
--cc=gary.hook@amd.com \
--cc=herbert@gondor.apana.org.au \
--cc=kvm@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=rkrcmar@redhat.com \
--cc=thomas.lendacky@amd.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox