From: Borislav Petkov <bp@alien8.de>
To: Tom Lendacky <thomas.lendacky@amd.com>
Cc: John Allen <john.allen@amd.com>,
linux-crypto@vger.kernel.org, LKML <linux-kernel@vger.kernel.org>
Subject: [PATCH] crypto: ccp - State in dmesg that TSME is enabled
Date: Mon, 5 Feb 2024 16:46:01 +0100 [thread overview]
Message-ID: <20240205154602.21411-1-bp@alien8.de> (raw)
From: "Borislav Petkov (AMD)" <bp@alien8.de>
In the case when only TSME is enabled, it is useful to state that fact
too, so that users are aware that memory encryption is still enabled
even when the corresponding software variant of memory encryption is not
enabled.
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
---
drivers/crypto/ccp/psp-dev.c | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c
index 124a2e0c8999..56bf832c2947 100644
--- a/drivers/crypto/ccp/psp-dev.c
+++ b/drivers/crypto/ccp/psp-dev.c
@@ -156,11 +156,14 @@ static unsigned int psp_get_capability(struct psp_device *psp)
}
psp->capability = val;
- /* Detect if TSME and SME are both enabled */
+ /* Detect TSME and/or SME status */
if (PSP_CAPABILITY(psp, PSP_SECURITY_REPORTING) &&
- psp->capability & (PSP_SECURITY_TSME_STATUS << PSP_CAPABILITY_PSP_SECURITY_OFFSET) &&
- cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT))
- dev_notice(psp->dev, "psp: Both TSME and SME are active, SME is unnecessary when TSME is active.\n");
+ psp->capability & (PSP_SECURITY_TSME_STATUS << PSP_CAPABILITY_PSP_SECURITY_OFFSET)) {
+ if (cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT))
+ dev_notice(psp->dev, "psp: Both TSME and SME are active, SME is unnecessary when TSME is active.\n");
+ else
+ dev_notice(psp->dev, "psp: TSME enabled\n");
+ }
return 0;
}
--
2.43.0
next reply other threads:[~2024-02-05 15:46 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-05 15:46 Borislav Petkov [this message]
2024-02-06 18:56 ` [PATCH] crypto: ccp - State in dmesg that TSME is enabled Tom Lendacky
2024-02-17 1:13 ` Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240205154602.21411-1-bp@alien8.de \
--to=bp@alien8.de \
--cc=john.allen@amd.com \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=thomas.lendacky@amd.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox