[7/9] tools/arch/x86: intel_sdsi: Read more On Demand registers

Message ID 20221101191023.4150315-8-david.e.box@linux.intel.com
State New
Headers
Series Extend Intel On Demand (SDSi) support |

Commit Message

David E. Box Nov. 1, 2022, 7:10 p.m. UTC
  Add decoding of the following On Demand register fields:

1. NVRAM content authorization error status
2. Enabled features: telemetry and attestation
3. Key provisioning status
4. NVRAM update limit
5. PCU_CR3_CAPID_CFG

Link: https://github.com/intel/intel-sdsi/blob/master/state-certificate-encoding.rst

Signed-off-by: David E. Box <david.e.box@linux.intel.com>
---
 tools/arch/x86/intel_sdsi/intel_sdsi.c | 50 +++++++++++++++++++++++---
 1 file changed, 45 insertions(+), 5 deletions(-)
  

Comments

Hans de Goede Nov. 17, 2022, 1:52 p.m. UTC | #1
Hi,

On 11/1/22 20:10, David E. Box wrote:
> Add decoding of the following On Demand register fields:
> 
> 1. NVRAM content authorization error status
> 2. Enabled features: telemetry and attestation
> 3. Key provisioning status
> 4. NVRAM update limit
> 5. PCU_CR3_CAPID_CFG
> 
> Link: https://github.com/intel/intel-sdsi/blob/master/state-certificate-encoding.rst
> 
> Signed-off-by: David E. Box <david.e.box@linux.intel.com>

Thanks, patch looks good to me:

Reviewed-by: Hans de Goede <hdegoede@redhat.com>

Regards,

Hans



> ---
>  tools/arch/x86/intel_sdsi/intel_sdsi.c | 50 +++++++++++++++++++++++---
>  1 file changed, 45 insertions(+), 5 deletions(-)
> 
> diff --git a/tools/arch/x86/intel_sdsi/intel_sdsi.c b/tools/arch/x86/intel_sdsi/intel_sdsi.c
> index 3718bd0c05cb..01b5f9994e11 100644
> --- a/tools/arch/x86/intel_sdsi/intel_sdsi.c
> +++ b/tools/arch/x86/intel_sdsi/intel_sdsi.c
> @@ -44,10 +44,28 @@
>  #define __round_mask(x, y) ((__typeof__(x))((y) - 1))
>  #define round_up(x, y) ((((x) - 1) | __round_mask(x, y)) + 1)
>  
> +struct nvram_content_auth_err_sts {
> +	uint64_t reserved:3;
> +	uint64_t sdsi_content_auth_err:1;
> +	uint64_t reserved1:1;
> +	uint64_t sdsi_metering_auth_err:1;
> +	uint64_t reserved2:58;
> +};
> +
>  struct enabled_features {
>  	uint64_t reserved:3;
>  	uint64_t sdsi:1;
> -	uint64_t reserved1:60;
> +	uint64_t reserved1:8;
> +	uint64_t attestation:1;
> +	uint64_t reserved2:13;
> +	uint64_t metering:1;
> +	uint64_t reserved3:37;
> +};
> +
> +struct key_provision_status {
> +	uint64_t reserved:1;
> +	uint64_t license_key_provisioned:1;
> +	uint64_t reserved2:62;
>  };
>  
>  struct auth_fail_count {
> @@ -65,15 +83,23 @@ struct availability {
>  	uint64_t reserved2:10;
>  };
>  
> +struct nvram_update_limit {
> +	uint64_t reserved:12;
> +	uint64_t sdsi_50_pct:1;
> +	uint64_t sdsi_75_pct:1;
> +	uint64_t sdsi_90_pct:1;
> +	uint64_t reserved2:49;
> +};
> +
>  struct sdsi_regs {
>  	uint64_t ppin;
> -	uint64_t reserved;
> +	struct nvram_content_auth_err_sts auth_err_sts;
>  	struct enabled_features en_features;
> -	uint64_t reserved1;
> +	struct key_provision_status key_prov_sts;
>  	struct auth_fail_count auth_fail_count;
>  	struct availability prov_avail;
> -	uint64_t reserved2;
> -	uint64_t reserved3;
> +	struct nvram_update_limit limits;
> +	uint64_t pcu_cr3_capid_cfg;
>  	uint64_t socket_id;
>  };
>  
> @@ -205,8 +231,18 @@ static int sdsi_read_reg(struct sdsi_dev *s)
>  	printf("Socket information for device %s\n", s->dev_name);
>  	printf("\n");
>  	printf("PPIN:                           0x%lx\n", s->regs.ppin);
> +	printf("NVRAM Content Authorization Error Status\n");
> +	printf("    SDSi Auth Err Sts:          %s\n", !!s->regs.auth_err_sts.sdsi_content_auth_err ? "Error" : "Okay");
> +
> +	if (!!s->regs.en_features.metering)
> +		printf("    Metering Auth Err Sts:      %s\n", !!s->regs.auth_err_sts.sdsi_metering_auth_err ? "Error" : "Okay");
> +
>  	printf("Enabled Features\n");
>  	printf("    On Demand:                  %s\n", !!s->regs.en_features.sdsi ? "Enabled" : "Disabled");
> +	printf("    Attestation:                %s\n", !!s->regs.en_features.attestation ? "Enabled" : "Disabled");
> +	printf("    On Demand:                  %s\n", !!s->regs.en_features.sdsi ? "Enabled" : "Disabled");
> +	printf("    Metering:                   %s\n", !!s->regs.en_features.metering ? "Enabled" : "Disabled");
> +	printf("License Key (AKC) Provisioned:  %s\n", !!s->regs.key_prov_sts.license_key_provisioned ? "Yes" : "No");
>  	printf("Authorization Failure Count\n");
>  	printf("    AKC Failure Count:          %d\n", s->regs.auth_fail_count.key_failure_count);
>  	printf("    AKC Failure Threshold:      %d\n", s->regs.auth_fail_count.key_failure_threshold);
> @@ -215,6 +251,10 @@ static int sdsi_read_reg(struct sdsi_dev *s)
>  	printf("Provisioning Availability\n");
>  	printf("    Updates Available:          %d\n", s->regs.prov_avail.available);
>  	printf("    Updates Threshold:          %d\n", s->regs.prov_avail.threshold);
> +	printf("NVRAM Udate Limit\n");
> +	printf("    50%% Limit Reached:         %s\n", !!s->regs.limits.sdsi_50_pct ? "Yes" : "No");
> +	printf("    75%% Limit Reached:         %s\n", !!s->regs.limits.sdsi_75_pct ? "Yes" : "No");
> +	printf("    90%% Limit Reached:         %s\n", !!s->regs.limits.sdsi_90_pct ? "Yes" : "No");
>  	printf("Socket ID:                      %ld\n", s->regs.socket_id & 0xF);
>  
>  	return 0;
  

Patch

diff --git a/tools/arch/x86/intel_sdsi/intel_sdsi.c b/tools/arch/x86/intel_sdsi/intel_sdsi.c
index 3718bd0c05cb..01b5f9994e11 100644
--- a/tools/arch/x86/intel_sdsi/intel_sdsi.c
+++ b/tools/arch/x86/intel_sdsi/intel_sdsi.c
@@ -44,10 +44,28 @@ 
 #define __round_mask(x, y) ((__typeof__(x))((y) - 1))
 #define round_up(x, y) ((((x) - 1) | __round_mask(x, y)) + 1)
 
+struct nvram_content_auth_err_sts {
+	uint64_t reserved:3;
+	uint64_t sdsi_content_auth_err:1;
+	uint64_t reserved1:1;
+	uint64_t sdsi_metering_auth_err:1;
+	uint64_t reserved2:58;
+};
+
 struct enabled_features {
 	uint64_t reserved:3;
 	uint64_t sdsi:1;
-	uint64_t reserved1:60;
+	uint64_t reserved1:8;
+	uint64_t attestation:1;
+	uint64_t reserved2:13;
+	uint64_t metering:1;
+	uint64_t reserved3:37;
+};
+
+struct key_provision_status {
+	uint64_t reserved:1;
+	uint64_t license_key_provisioned:1;
+	uint64_t reserved2:62;
 };
 
 struct auth_fail_count {
@@ -65,15 +83,23 @@  struct availability {
 	uint64_t reserved2:10;
 };
 
+struct nvram_update_limit {
+	uint64_t reserved:12;
+	uint64_t sdsi_50_pct:1;
+	uint64_t sdsi_75_pct:1;
+	uint64_t sdsi_90_pct:1;
+	uint64_t reserved2:49;
+};
+
 struct sdsi_regs {
 	uint64_t ppin;
-	uint64_t reserved;
+	struct nvram_content_auth_err_sts auth_err_sts;
 	struct enabled_features en_features;
-	uint64_t reserved1;
+	struct key_provision_status key_prov_sts;
 	struct auth_fail_count auth_fail_count;
 	struct availability prov_avail;
-	uint64_t reserved2;
-	uint64_t reserved3;
+	struct nvram_update_limit limits;
+	uint64_t pcu_cr3_capid_cfg;
 	uint64_t socket_id;
 };
 
@@ -205,8 +231,18 @@  static int sdsi_read_reg(struct sdsi_dev *s)
 	printf("Socket information for device %s\n", s->dev_name);
 	printf("\n");
 	printf("PPIN:                           0x%lx\n", s->regs.ppin);
+	printf("NVRAM Content Authorization Error Status\n");
+	printf("    SDSi Auth Err Sts:          %s\n", !!s->regs.auth_err_sts.sdsi_content_auth_err ? "Error" : "Okay");
+
+	if (!!s->regs.en_features.metering)
+		printf("    Metering Auth Err Sts:      %s\n", !!s->regs.auth_err_sts.sdsi_metering_auth_err ? "Error" : "Okay");
+
 	printf("Enabled Features\n");
 	printf("    On Demand:                  %s\n", !!s->regs.en_features.sdsi ? "Enabled" : "Disabled");
+	printf("    Attestation:                %s\n", !!s->regs.en_features.attestation ? "Enabled" : "Disabled");
+	printf("    On Demand:                  %s\n", !!s->regs.en_features.sdsi ? "Enabled" : "Disabled");
+	printf("    Metering:                   %s\n", !!s->regs.en_features.metering ? "Enabled" : "Disabled");
+	printf("License Key (AKC) Provisioned:  %s\n", !!s->regs.key_prov_sts.license_key_provisioned ? "Yes" : "No");
 	printf("Authorization Failure Count\n");
 	printf("    AKC Failure Count:          %d\n", s->regs.auth_fail_count.key_failure_count);
 	printf("    AKC Failure Threshold:      %d\n", s->regs.auth_fail_count.key_failure_threshold);
@@ -215,6 +251,10 @@  static int sdsi_read_reg(struct sdsi_dev *s)
 	printf("Provisioning Availability\n");
 	printf("    Updates Available:          %d\n", s->regs.prov_avail.available);
 	printf("    Updates Threshold:          %d\n", s->regs.prov_avail.threshold);
+	printf("NVRAM Udate Limit\n");
+	printf("    50%% Limit Reached:         %s\n", !!s->regs.limits.sdsi_50_pct ? "Yes" : "No");
+	printf("    75%% Limit Reached:         %s\n", !!s->regs.limits.sdsi_75_pct ? "Yes" : "No");
+	printf("    90%% Limit Reached:         %s\n", !!s->regs.limits.sdsi_90_pct ? "Yes" : "No");
 	printf("Socket ID:                      %ld\n", s->regs.socket_id & 0xF);
 
 	return 0;