From patchwork Fri Jul 28 19:30:52 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dan Williams X-Patchwork-Id: 12790 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:918b:0:b0:3e4:2afc:c1 with SMTP id s11csp668031vqg; Fri, 28 Jul 2023 13:11:09 -0700 (PDT) X-Google-Smtp-Source: APBJJlHV73NMVGVgGH1kQBHM5oLqiTzYhmHGch6WiLZM6L1Mzi1pCMl6q1s0+g0M+iLmVGxTEXVs X-Received: by 2002:a17:907:a04f:b0:982:8de1:aad9 with SMTP id gz15-20020a170907a04f00b009828de1aad9mr319435ejc.64.1690575069298; Fri, 28 Jul 2023 13:11:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1690575069; cv=none; d=google.com; s=arc-20160816; b=XCDHfSGAtYAydZtd6/O09gILMv3fm3SGGWMbFjc2mUryRqaAusU8UbgWBMb7wV53B9 et+m606OoFN8yegMQNaJXPkJ+uMblBGpdrSGTWyAugkM43YG8ZDwqnNGYqp99qqPq0bZ alX7NJQWjqHfqUES0/XbV8xYyatZayq1i8n7GsE0U94YNjLhVe7l3sAmuXFZk3vHcsUV I2MrOJ8zMAC4IpXGNb2ZPzZcRZne0wnWp6FOuus2i5igPGkYUysT9wZwSnWAgU1N/uFs 0oJznsA2GCBMp6E+jcoSi5uR2ZJ4cCnkZ4Blj+bCpCSiQKBVM79aBb+cqUgzITtJl6Mb gYtQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:message-id:date:cc:to:from:subject:dkim-signature; bh=k9DRMClIjZAWOkrreQPHB9HMTUpmir85wUTDI/iLZCI=; fh=mX1AEqphAefVx6SW0BXgRqM9g9KnApzTG7iCp8D0KBI=; b=hq4LM+NkhYzRB5JaIBidShZzo9QyCnqMR+zVWxAj9C+pmKGp3TynKChmy5qTNMY+ni EfAv2Z/9GWHwjG1G3PG9ouQPzzSNKU4jctka7CxlrOjIFDUvBSiD73Hcfwz4GlQwJh48 vJNHikW1JHituCUtRVmN2oN7dGKT9Lv1bVAYUe+bfq9FgTYpTXVHPPKyLQsF4suhOAMK BxIfzzgXR5/T3jXGZjKEgro031414D3TmcfC4w/JzHu179hJ0GDt2IK9GxPzhA5EDt0W tTYlynPEp3XQ5ITFqbjzGF27AP9MlsfIW7C2hJdnhc+ZHu89sZhcs3uHfFVPmsFRB7ec 4QeA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=e5qXd1VZ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id u23-20020a1709064ad700b0099bcd1d96acsi2412789ejt.9.2023.07.28.13.10.45; Fri, 28 Jul 2023 13:11:09 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=e5qXd1VZ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233790AbjG1TbD (ORCPT + 99 others); Fri, 28 Jul 2023 15:31:03 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48896 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233739AbjG1TbB (ORCPT ); Fri, 28 Jul 2023 15:31:01 -0400 Received: from mgamail.intel.com (unknown [192.55.52.93]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 98589268B; Fri, 28 Jul 2023 12:30:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1690572654; x=1722108654; h=subject:from:to:cc:date:message-id:mime-version: content-transfer-encoding; bh=XEvRgEzLzJgiPhpM8NRlpjxiZhfplAwFtjWJ70NzV80=; b=e5qXd1VZms38OVQCUwk7DEdxNhZaPB1gsE1jXm/OAcrSsAN3Ja70RJL1 tJKfh4t2V2dxDxCnTssBHS1P++OqllEKX66R/70UlEJ454lrYt3OllZoP 4hWR1/a8mb/H2PuQ4CCY4H9d/MtBYdq0nrqNWyHUurKCDavRCed9WZRSS +EFKCmJbGN0bsL6dYp4YvqiHh5IuQEe/bPqglHmsf9e6Bz6/jkmxsLkLw NMSYnps1O/sqJ78TeykE4tfirZNZNFiHFfv5sdFnoAfZ5/eJMBcLg85Pz 8VE3DLI58hZ6GvBQLWVboI8oGhyD2ddnd1b/5mq1TcAFhmLkrBUFGkA8t A==; X-IronPort-AV: E=McAfee;i="6600,9927,10785"; a="366137067" X-IronPort-AV: E=Sophos;i="6.01,238,1684825200"; d="scan'208";a="366137067" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by fmsmga102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Jul 2023 12:30:53 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10785"; a="762694002" X-IronPort-AV: E=Sophos;i="6.01,238,1684825200"; d="scan'208";a="762694002" Received: from cheehong-laptop.gar.corp.intel.com (HELO dwillia2-xfh.jf.intel.com) ([10.212.158.179]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Jul 2023 12:30:52 -0700 Subject: [PATCH 0/4] keys: Introduce a keys frontend for attestation reports From: Dan Williams To: dhowells@redhat.com Cc: Brijesh Singh , Kuppuswamy Sathyanarayanan , Peter Zijlstra , Tom Lendacky , Dionna Amalie Glaze , Borislav Petkov , Jarkko Sakkinen , Samuel Ortiz , Dionna Glaze , Greg Kroah-Hartman , Andrew Morton , linux-coco@lists.linux.dev, keyrings@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org Date: Fri, 28 Jul 2023 12:30:52 -0700 Message-ID: <169057265210.180586.7950140104251236598.stgit@dwillia2-xfh.jf.intel.com> User-Agent: StGit/0.18-3-g996c MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772696443774444099 X-GMAIL-MSGID: 1772696443774444099 The bulk of the justification for this patch kit is in "[PATCH 1/4] keys: Introduce tsm keys". The short summary is that the current approach of adding new char devs and new ioctls, for what amounts to the same functionality with minor formatting differences across vendors, is untenable. Common concepts and the community benefit from common infrastructure. Use Keys to build common infrastructure for confidential computing attestation report blobs, convert sevguest to use it (leaving the deprecation question alone for now), and pave the way for tdx-guest and the eventual risc-v equivalent to use it in lieu of new ioctls. The sevguest conversion is only compile-tested. This submission is To:David since he needs to sign-off on the idea of a new Keys type, the rest is up to the confidential-computing driver maintainers to adopt. Changes from / credit for internal review: - highlight copy_{to,from}_sockptr() as a common way to mix copy_user() and memcpy() paths (Andy) - add MODULE_DESCRIPTION() (Andy) - clarify how the user-defined portion blob might be used (Elena) - clarify the key instantiation options (Sathya) - drop usage of a list for registering providers (Sathya) - drop list.h include from tsm.h (Andy) - add a comment for how TSM_DATA_MAX was derived (Andy) - stop open coding kmemdup_nul() (Andy) - add types.h to tsm.h (Andy) - fix punctuation in comment (Andy) - reorder security/keys/Makefile (Andy) - add some missing includes to tsm.c (Andy) - undo an 81 column clang-format line break (Andy) - manually reflow tsm_token indentation (Andy) - move allocations after input validation in tsm_instantiate() (Andy) - switch to bin2hex() in tsm_read() (Andy) - move init/exit declarations next to their functions (Andy) --- Dan Williams (4): keys: Introduce tsm keys virt: sevguest: Prep for kernel internal {get,get_ext}_report() mm/slab: Add __free() support for kvfree virt: sevguest: Add TSM key support for SNP_{GET,GET_EXT}_REPORT drivers/virt/coco/sev-guest/Kconfig | 2 drivers/virt/coco/sev-guest/sev-guest.c | 135 ++++++++++++++- include/keys/tsm.h | 71 ++++++++ include/linux/slab.h | 2 security/keys/Kconfig | 12 + security/keys/Makefile | 1 security/keys/tsm.c | 282 +++++++++++++++++++++++++++++++ 7 files changed, 494 insertions(+), 11 deletions(-) create mode 100644 include/keys/tsm.h create mode 100644 security/keys/tsm.c base-commit: 06c2afb862f9da8dc5efa4b6076a0e48c3fbaaa5