From: Brijesh Singh <brijesh.singh@amd.com>
To: Borislav Petkov <bp@suse.de>
Cc: brijesh.singh@amd.com, "Paolo Bonzini" <pbonzini@redhat.com>,
"Radim Krčmář" <rkrcmar@redhat.com>,
"Herbert Xu" <herbert@gondor.apana.org.au>,
"Gary Hook" <gary.hook@amd.com>,
"Tom Lendacky" <thomas.lendacky@amd.com>,
linux-crypto@vger.kernel.org, kvm@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [Part2 PATCH v5.1 12.1/31] crypto: ccp: Add Secure Encrypted Virtualization (SEV) command support
Date: Sun, 8 Oct 2017 19:11:04 -0500 [thread overview]
Message-ID: <7131ad30-6c07-16d5-8cfc-06d446a66dca@amd.com> (raw)
In-Reply-To: <20171008140019.flvyovgq2xpqdcoq@pd.tnic>
On 10/8/17 9:00 AM, Borislav Petkov wrote:
> On Sun, Oct 08, 2017 at 08:30:47AM -0500, Brijesh Singh wrote:
>> During the device probe, sev_ops_init() will be called for every device
>> instance which claims to support the SEV. One of the device will be
>> 'master' but we don't the master until we probe all the instances. Hence
>> the probe for all SEV devices must return success.
> I still am wondering whether that design with multiple devices - master
> and non-master devices is optimal. Why isn't the security processor a
> single driver which provides the whole functionality, PSP including? Why
> do you need all that register and unregister glue and get_master bla if
> you can simply put the whole thing in a single module?
There is a single security processor driver (ccp) which provides the
complete functionality including PSP. But the driver should be able to
work with multiple devices. e.g In my 2P EPYC configuration, security
processor driver is used for the following devices
02:00.2 Encryption controller: Advanced Micro Devices, Inc. [AMD] Device
1456
03:00.1 Encryption controller: Advanced Micro Devices, Inc. [AMD] Device
1468
13:00.2 Encryption controller: Advanced Micro Devices, Inc. [AMD] Device
1456
14:00.1 Encryption controller: Advanced Micro Devices, Inc. [AMD] Device
1468
22:00.2 Encryption controller: Advanced Micro Devices, Inc. [AMD] Device
1456
23:00.1 Encryption controller: Advanced Micro Devices, Inc. [AMD] Device
1468
31:00.2 Encryption controller: Advanced Micro Devices, Inc. [AMD] Device
1456
32:00.1 Encryption controller: Advanced Micro Devices, Inc. [AMD] Device
1468
41:00.2 Encryption controller: Advanced Micro Devices, Inc. [AMD] Device
1456
42:00.1 Encryption controller: Advanced Micro Devices, Inc. [AMD] Device
1468
51:00.2 Encryption controller: Advanced Micro Devices, Inc. [AMD] Device
1456
52:00.1 Encryption controller: Advanced Micro Devices, Inc. [AMD] Device
1468
61:00.2 Encryption controller: Advanced Micro Devices, Inc. [AMD] Device
1456
62:00.1 Encryption controller: Advanced Micro Devices, Inc. [AMD] Device
1468
71:00.2 Encryption controller: Advanced Micro Devices, Inc. [AMD] Device
1456
72:00.1 Encryption controller: Advanced Micro Devices, Inc. [AMD] Device
1468
Some of the these devices support CCP only and some support both PSP and
CCP. It's possible that multiple devices support the PSP functionality
but only one of them is master which can be used for issuing SEV
commands. There isn't a register which we can read to determine whether
the device is master. We have to probe all the devices which supports
the PSP to determine which one of them is a master.
> And the fact that you need a global variable to mark that you've
> registered the misc device should already tell you that something's
> not optimal. Because if you had a single driver, it will go, detect
> the whole functionality, initialize it, register services and be done
> with it. No registering of devices, no finding of masters, no global
> variables, no unnecessary glue.
>
> IOW, in this diagram:
>
> +--- CCP
> |
> AMD-SP --|
> | +--- SEV
> | |
> +---- PSP ---*
> |
> +---- TEE
>
> why isn't the whole PSP functionality part of drivers/crypto/ccp/sp-dev.c ?
>
> That driver is almost barebones minimal thing. You can very well add the
> PSP/SEV stuff in there and if there's an *actual* reason to carve pieces
> out, only then to do so, not to split it now unnecessarily and make your
> life complicated for no reason.
I was trying to follow the CCP model -- in which sp-dev.c simply
forwards the call to ccp-dev.c which does the real work. Currently,
sev-dev.c contains barebone common code. IMO, keeping all the PSP
private functions and data structure outside the sp-dev.c/.h is right
thing. Having said that, I am okay with moving all the PSP stuff in
sp-dev.c but before we do that lets see what CCP maintainers say.
Tom and Gary, comments please ?
Additionally, I would like to highlight that if we decide to go with
moving all the PSP functionality in sp-dev.c then we have to add #ifdef
CONFIG_CRYPTO_DEV_SP_PSP because PSP feature depends on X86_66, whereas
the sp-dev.c gets compiled for all architectures (including aarch64,
i386 and x86_64).
>
> Or am I missing some obvious and important reason?
next prev parent reply other threads:[~2017-10-09 0:11 UTC|newest]
Thread overview: 74+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-04 13:13 [Part2 PATCH v5 00/31] x86: Secure Encrypted Virtualization (AMD) Brijesh Singh
2017-10-04 13:13 ` [Part2 PATCH v5 09/31] crypto: ccp: Build the AMD secure processor driver only with AMD CPU support Brijesh Singh
2017-10-04 21:47 ` Borislav Petkov
2017-10-04 23:06 ` Brijesh Singh
2017-10-04 13:13 ` [Part2 PATCH v5 10/31] crypto: ccp: Add Platform Security Processor (PSP) device support Brijesh Singh
2017-10-05 9:56 ` Borislav Petkov
2017-10-06 23:09 ` [Part2 PATCH v5.1 " Brijesh Singh
2017-10-04 13:13 ` [Part2 PATCH v5 11/31] crypto: ccp: Define SEV key management command id Brijesh Singh
2017-10-05 20:56 ` Borislav Petkov
2017-10-08 21:14 ` Brijesh Singh
2017-10-04 13:13 ` [Part2 PATCH v5 12/31] crypto: ccp: Add Secure Encrypted Virtualization (SEV) command support Brijesh Singh
2017-10-06 18:49 ` Borislav Petkov
2017-10-06 19:48 ` Brijesh Singh
2017-10-07 18:13 ` Brijesh Singh
2017-10-07 1:05 ` [Part2 PATCH v5.1 12.1/31] " Brijesh Singh
2017-10-07 1:06 ` [Part2 PATCH v5.1 12.2/31] crypto: ccp: Define SEV userspace ioctl and command id Brijesh Singh
2017-10-07 14:20 ` Borislav Petkov
2017-10-08 21:18 ` Brijesh Singh
2017-10-11 16:46 ` [Part2 PATCH v5.2 12.1/31] " Brijesh Singh
2017-10-12 13:27 ` Borislav Petkov
2017-10-12 14:18 ` Brijesh Singh
2017-10-07 1:06 ` [Part2 PATCH v5.1 12.3/31] crypto: ccp: Implement SEV_FACTORY_RESET ioctl command Brijesh Singh
2017-10-11 14:32 ` Borislav Petkov
2017-10-11 16:55 ` [Part2 PATCH v5.2 " Brijesh Singh
2017-10-12 14:13 ` Borislav Petkov
2017-10-07 1:06 ` [Part2 PATCH v5.1 12.4/31] crypto: ccp: Implement SEV_PLATFORM_STATUS " Brijesh Singh
2017-10-11 17:01 ` [Part2 PATCH v5.2 " Brijesh Singh
2017-10-11 17:02 ` [Part2 PATCH v5.1 " Borislav Petkov
2017-10-11 19:49 ` Brijesh Singh
2017-10-11 20:04 ` Borislav Petkov
2017-10-11 20:10 ` Borislav Petkov
2017-10-11 20:10 ` Brijesh Singh
2017-10-11 20:28 ` Borislav Petkov
2017-10-11 20:45 ` Brijesh Singh
2017-10-11 20:53 ` Brijesh Singh
2017-10-11 20:54 ` Borislav Petkov
2017-10-07 1:06 ` [Part2 PATCH v5.1 12.5/31] crypto: ccp: Implement SEV_PEK_GEN " Brijesh Singh
2017-10-12 18:28 ` Borislav Petkov
2017-10-12 20:11 ` Brijesh Singh
2017-10-12 20:21 ` Borislav Petkov
2017-10-12 20:34 ` Brijesh Singh
2017-10-07 1:06 ` [Part2 PATCH v5.1 12.6/31] crypto: ccp: Implement SEV_PDH_GEN " Brijesh Singh
2017-10-12 18:48 ` Borislav Petkov
2017-10-12 20:21 ` Brijesh Singh
2017-10-12 20:23 ` Borislav Petkov
2017-10-07 1:06 ` [Part2 PATCH v5.1 12.7/31] crypto: ccp: Implement SEV_PEK_CSR " Brijesh Singh
2017-10-12 19:53 ` Borislav Petkov
2017-10-13 2:24 ` Brijesh Singh
2017-10-13 4:13 ` Brijesh Singh
2017-10-13 10:20 ` Borislav Petkov
2017-10-13 9:14 ` Borislav Petkov
2017-10-07 1:06 ` [Part2 PATCH v5.1 12.8/31] crypto: ccp: Implement SEV_PEK_CERT_IMPORT " Brijesh Singh
2017-10-13 14:53 ` Borislav Petkov
2017-10-13 16:09 ` Brijesh Singh
2017-10-07 1:06 ` [Part2 PATCH v5.1 12.9/31] crypto: ccp: Implement SEV_PDH_CERT_EXPORT " Brijesh Singh
2017-10-13 15:01 ` Borislav Petkov
2017-10-07 18:40 ` [Part2 PATCH v5.1 12.1/31] crypto: ccp: Add Secure Encrypted Virtualization (SEV) command support Borislav Petkov
2017-10-08 13:30 ` Brijesh Singh
2017-10-08 14:00 ` Borislav Petkov
2017-10-09 0:11 ` Brijesh Singh [this message]
2017-10-09 15:21 ` Borislav Petkov
2017-10-10 15:00 ` Brijesh Singh
2017-10-10 18:43 ` Tom Lendacky
2017-10-10 20:04 ` Borislav Petkov
2017-10-11 14:19 ` Borislav Petkov
2017-10-11 14:23 ` Brijesh Singh
2017-10-11 16:50 ` [Part2 PATCH v5.2 12.2/31] " Brijesh Singh
2017-10-12 14:08 ` Borislav Petkov
2017-10-12 21:11 ` Brijesh Singh
2017-10-12 21:41 ` Borislav Petkov
2017-10-12 21:52 ` Brijesh Singh
2017-10-12 22:22 ` Borislav Petkov
2017-10-12 18:21 ` Borislav Petkov
2017-10-12 20:05 ` Brijesh Singh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7131ad30-6c07-16d5-8cfc-06d446a66dca@amd.com \
--to=brijesh.singh@amd.com \
--cc=bp@suse.de \
--cc=gary.hook@amd.com \
--cc=herbert@gondor.apana.org.au \
--cc=kvm@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=rkrcmar@redhat.com \
--cc=thomas.lendacky@amd.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox