From patchwork Tue Nov 1 19:10:15 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "David E. Box" X-Patchwork-Id: 13848 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:6687:0:0:0:0:0 with SMTP id l7csp3155689wru; Tue, 1 Nov 2022 12:14:42 -0700 (PDT) X-Google-Smtp-Source: AMsMyM7v6vfEIBarSc0/x6klarBysNcdy4VvYITXyA4I1GyJhXNLKhEG2jOXYcvjkbYSlleTp44b X-Received: by 2002:a05:6a00:32c9:b0:56b:a54e:68be with SMTP id cl9-20020a056a0032c900b0056ba54e68bemr21282934pfb.16.1667330082048; Tue, 01 Nov 2022 12:14:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1667330082; cv=none; d=google.com; s=arc-20160816; b=gqmcHxtIYdmBSJ5Zmh6FhDaKVIaT9nr+H+krIgdh8hGt8Mt2ag7tk2SIUNpahoPYBY Vb64g+Xer9onoTZJGbQNTRkILdOriTTATrub3fUWUHCsQ6SEw21zystCUt6DJCCShxLZ A4b5pD+tkRt6GLBc19Iph3tUqqbCs6B0I5xHjdNyATBzHOgng17uRB0j6EWv/bX9J/rN crHo5ePQwV/vdM+Dv7c+UMbKUvBZ512b71xHJ44+opLph2EFUJGustSnM8GHv2PZCr8T ftHs3b/0jSO21/cmOeuTxcrivXwec11sHj8KcklHCl6irwu8nJ7F9gnS+LChBCBPRv6M wUhw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=RL7E65oa1FtREs1U5fnE9omo5VfSBj4hJSODtMKix3w=; b=aZFwxr6jZegcrb39Nvul3oGV4/naV2OuSsu0stt7GXvfaSOp0tQPSMXtmG2ooIZ2hJ wfsg1BONVYfZahvbl7tOe9qhrl7g2odPTLGbdR+iiFxQlNPS7LtqlfxmI0QZlWQfyyCh m7OIzxEnL6a6Nl5Xd93n8n9PBTqXGf1e5nb2/kWW/YDyFUu6ECHDbUCK02DTAakMpb6D agV6d0P5UcUPweGjuQyZ0guWON0l8QRoqd9kCL5xPF/v3nuBn+9LZk1te3zYOIsu1sB3 185eRYzHc6/s3gLXds/E2Wc1g5e+d2mdj3Fh/mFGXLGyHesk4wYHoy9NG0/OmIIup0Nx XhYQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=LHBz2zh5; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id b13-20020a170903228d00b001870c4c2722si12478243plh.299.2022.11.01.12.14.28; Tue, 01 Nov 2022 12:14:42 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=LHBz2zh5; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230209AbiKATLU (ORCPT + 99 others); Tue, 1 Nov 2022 15:11:20 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38692 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230345AbiKATLC (ORCPT ); Tue, 1 Nov 2022 15:11:02 -0400 Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1769C1DF27; Tue, 1 Nov 2022 12:11:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1667329861; x=1698865861; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=BsFd6K0vbA/ZPFxh0y/0GJ1X/IwutzDVqy/9HTmBpgE=; b=LHBz2zh5RtuycRJshqoxKUvr2A9qkS4Nh5I9xC7v7NAnKLZwPiG1EazY 55SYqltL97Feu1Z/oNCk+GmOxKycGngtGGkbDpQhKNL7jsQ8zHZlFOtbS bzxLcJYkiLPYDnafcp7/iaunwKlaF/xfVj+Of8EFFY+x2wF62SQ2Bp2dm HVQP3sqJZNAlb3fsbsbLQTPNzzn4v4ZUpZqvlK7TitaJIdrTtlwQbyHp/ GcWgo9/qf9Ox40qEMZHc2BdjJLOfaTLaBNB3V01Y+SOGeLuPoeH54to5w 1UUrucSFp30tzEvSegcpDeyhDzwi911BrlF5wJyFbVk1ybzdjWOHcl2EW A==; X-IronPort-AV: E=McAfee;i="6500,9779,10518"; a="310932227" X-IronPort-AV: E=Sophos;i="5.95,231,1661842800"; d="scan'208";a="310932227" Received: from orsmga006.jf.intel.com ([10.7.209.51]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Nov 2022 12:10:26 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10518"; a="611951132" X-IronPort-AV: E=Sophos;i="5.95,231,1661842800"; d="scan'208";a="611951132" Received: from linux.intel.com ([10.54.29.200]) by orsmga006.jf.intel.com with ESMTP; 01 Nov 2022 12:10:26 -0700 Received: from debox1-desk4.intel.com (unknown [10.212.195.64]) by linux.intel.com (Postfix) with ESMTP id 15303580B9D; Tue, 1 Nov 2022 12:10:26 -0700 (PDT) From: "David E. Box" To: hdegoede@redhat.com, markgross@kernel.org, andriy.shevchenko@linux.intel.com, srinivas.pandruvada@intel.com Cc: "David E. Box" , platform-driver-x86@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH 1/9] platform/x86/intel/sdsi: Add Intel On Demand text Date: Tue, 1 Nov 2022 12:10:15 -0700 Message-Id: <20221101191023.4150315-2-david.e.box@linux.intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221101191023.4150315-1-david.e.box@linux.intel.com> References: <20221101191023.4150315-1-david.e.box@linux.intel.com> MIME-Version: 1.0 X-Spam-Status: No, score=-5.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1748322308314112919?= X-GMAIL-MSGID: =?utf-8?q?1748322308314112919?= Intel Software Defined Silicon (SDSi) is now officially known as Intel On Demand. Add On Demand to the description in the kconfig, documentation, and driver source. Signed-off-by: David E. Box Reviewed-by: Hans de Goede --- .../ABI/testing/sysfs-driver-intel_sdsi | 37 ++++++++++--------- drivers/platform/x86/intel/Kconfig | 8 ++-- drivers/platform/x86/intel/sdsi.c | 4 +- 3 files changed, 25 insertions(+), 24 deletions(-) diff --git a/Documentation/ABI/testing/sysfs-driver-intel_sdsi b/Documentation/ABI/testing/sysfs-driver-intel_sdsi index 96b92c105ec4..9d77f30d9b9a 100644 --- a/Documentation/ABI/testing/sysfs-driver-intel_sdsi +++ b/Documentation/ABI/testing/sysfs-driver-intel_sdsi @@ -4,21 +4,21 @@ KernelVersion: 5.18 Contact: "David E. Box" Description: This directory contains interface files for accessing Intel - Software Defined Silicon (SDSi) features on a CPU. X - represents the socket instance (though not the socket ID). - The socket ID is determined by reading the registers file - and decoding it per the specification. + On Demand (formerly Software Defined Silicon or SDSi) features + on a CPU. X represents the socket instance (though not the + socket ID). The socket ID is determined by reading the + registers file and decoding it per the specification. - Some files communicate with SDSi hardware through a mailbox. - Should the operation fail, one of the following error codes - may be returned: + Some files communicate with On Demand hardware through a + mailbox. Should the operation fail, one of the following error + codes may be returned: ========== ===== Error Code Cause ========== ===== EIO General mailbox failure. Log may indicate cause. EBUSY Mailbox is owned by another agent. - EPERM SDSI capability is not enabled in hardware. + EPERM On Demand capability is not enabled in hardware. EPROTO Failure in mailbox protocol detected by driver. See log for details. EOVERFLOW For provision commands, the size of the data @@ -54,8 +54,8 @@ KernelVersion: 5.18 Contact: "David E. Box" Description: (WO) Used to write an Authentication Key Certificate (AKC) to - the SDSi NVRAM for the CPU. The AKC is used to authenticate a - Capability Activation Payload. Mailbox command. + the On Demand NVRAM for the CPU. The AKC is used to authenticate + a Capability Activation Payload. Mailbox command. What: /sys/bus/auxiliary/devices/intel_vsec.sdsi.X/provision_cap Date: Feb 2022 @@ -63,17 +63,18 @@ KernelVersion: 5.18 Contact: "David E. Box" Description: (WO) Used to write a Capability Activation Payload (CAP) to the - SDSi NVRAM for the CPU. CAPs are used to activate a given CPU - feature. A CAP is validated by SDSi hardware using a previously - provisioned AKC file. Upon successful authentication, the CPU - configuration is updated. A cold reboot is required to fully - activate the feature. Mailbox command. + On Demand NVRAM for the CPU. CAPs are used to activate a given + CPU feature. A CAP is validated by On Demand hardware using a + previously provisioned AKC file. Upon successful authentication, + the CPU configuration is updated. A cold reboot is required to + fully activate the feature. Mailbox command. What: /sys/bus/auxiliary/devices/intel_vsec.sdsi.X/state_certificate Date: Feb 2022 KernelVersion: 5.18 Contact: "David E. Box" Description: - (RO) Used to read back the current State Certificate for the CPU - from SDSi hardware. The State Certificate contains information - about the current licenses on the CPU. Mailbox command. + (RO) Used to read back the current state certificate for the CPU + from On Demand hardware. The state certificate contains + information about the current licenses on the CPU. Mailbox + command. diff --git a/drivers/platform/x86/intel/Kconfig b/drivers/platform/x86/intel/Kconfig index 794968bda115..d5a33473e838 100644 --- a/drivers/platform/x86/intel/Kconfig +++ b/drivers/platform/x86/intel/Kconfig @@ -157,13 +157,13 @@ config INTEL_RST as usual. config INTEL_SDSI - tristate "Intel Software Defined Silicon Driver" + tristate "Intel On Demand (Software Defined Silicon) Driver" depends on INTEL_VSEC depends on X86_64 help - This driver enables access to the Intel Software Defined Silicon - interface used to provision silicon features with an authentication - certificate and capability license. + This driver enables access to the Intel On Demand (formerly Software + Defined Silicon) interface used to provision silicon features with an + authentication certificate and capability license. To compile this driver as a module, choose M here: the module will be called intel_sdsi. diff --git a/drivers/platform/x86/intel/sdsi.c b/drivers/platform/x86/intel/sdsi.c index c830e98dfa38..32793919473d 100644 --- a/drivers/platform/x86/intel/sdsi.c +++ b/drivers/platform/x86/intel/sdsi.c @@ -1,6 +1,6 @@ // SPDX-License-Identifier: GPL-2.0 /* - * Intel Software Defined Silicon driver + * Intel On Demand (Software Defined Silicon) driver * * Copyright (c) 2022, Intel Corporation. * All Rights Reserved. @@ -586,5 +586,5 @@ static struct auxiliary_driver sdsi_aux_driver = { module_auxiliary_driver(sdsi_aux_driver); MODULE_AUTHOR("David E. Box "); -MODULE_DESCRIPTION("Intel Software Defined Silicon driver"); +MODULE_DESCRIPTION("Intel On Demand (SDSi) driver"); MODULE_LICENSE("GPL"); From patchwork Tue Nov 1 19:10:16 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "David E. Box" X-Patchwork-Id: 13842 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:6687:0:0:0:0:0 with SMTP id l7csp3154770wru; Tue, 1 Nov 2022 12:12:47 -0700 (PDT) X-Google-Smtp-Source: AMsMyM5aFChnyiWdV5/WIfrLXmFOH7ZVa50s/rX5lWo4WDbfmXc/2MFOzcNwCi4CzbclwJmZmJUl X-Received: by 2002:a63:d313:0:b0:46b:2ea0:5b68 with SMTP id b19-20020a63d313000000b0046b2ea05b68mr18250642pgg.464.1667329966882; Tue, 01 Nov 2022 12:12:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1667329966; cv=none; d=google.com; s=arc-20160816; b=lYL2NqnbXSzz0tmRGL42QZADjBcwrkPCZGjjUdCHRFB4p806ZF7I0G27BM4W7U1NA/ fdtIw/sq28W1RLpCrmxSY93/uvydIagBuUxrZ3KlE8u+n+Cs/P1seloEzh27JSOwws6L Ypd6WNqGgfrHVrLvQpF3kJEEcE1qs/8dCHVDEcj+oStdQTGDRCJCJk4YQnsmdcI2kYED tz06Uy7x9HoO5wmRAEFpgcKcIVv8pcUKI+fFKXz4NT3X3+NqDpZvD2SEdsykYdAh8nGq TVs8yq8LCMZTrQFmQXQ52O0DQKfiwfbMzF2JbcGOZ1f3RdbrWA6NmlmYhNdlcFQHnxVH zBTw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=0WmvkvybAn/d12w2EcK/dF6rE3ma9KaKEBLyqo5sGNU=; b=F7tmSqD7pEOKeHrLqel2SB2FgPqHPanJw3R/g9m1umP29zi4Dg3rXkUyR769QesXG6 pzQpajKUeHsTatIklfgZQS7PgDDjyZ3nSYH+KOEsmyaAnIuoiJO8iRF+pkFotcgxS5qL J/xxCGuB23YC7NvwSuOLsz4iIJ2jPyfCh3PjKiYsfTyucaODM1UGrMbwGx4MG9I5pf9a SIXKv3hUvkWOGLxhRVXJgwqlgHUNeHlygsFRGfC/vlSvACP6aMPSJM8p0NH9e4w+DZy/ u8M053WsljBQxvzQwK+mcNiX3t9y+Oa2YD7zPxj2qlmxuPbghr+UOQduIyX2jHnfgoA2 o3xw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=RgVqccXR; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id r139-20020a632b91000000b00455ee9915c3si13012012pgr.746.2022.11.01.12.12.33; Tue, 01 Nov 2022 12:12:46 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=RgVqccXR; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230347AbiKATLC (ORCPT + 99 others); Tue, 1 Nov 2022 15:11:02 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38588 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229846AbiKATKy (ORCPT ); Tue, 1 Nov 2022 15:10:54 -0400 Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 656231E71C; Tue, 1 Nov 2022 12:10:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1667329853; x=1698865853; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=kZkezDSibEk4/v19uR3JE7pTdxO5vPRROINTTCkEtq4=; b=RgVqccXRc5hbs+qMMj5dz7WI7Ck8c5QFZop1u6vFE0D5rxGE6s9fjjoI i/Ye9+PDmuCalY6el7z91kt0eTDKzvQSIlAAuaL+NJYKM8RfxJY1QB0/0 JNkZI3LIOIg00PaZCemhPWBj7GTMOtJtqc030reYHk/a7qoLKUQlvhJYR vEjLYSmPCXqd3hGdEh0pNpma/dl5nCxnwp6TjyAPfLIMatlbC6jwMlNu+ l1Ot8JyXI6cfdFhHVx5ooFIPKgwQ1BDRUBB6Z+IwsSnmvvSfIlbUO1C1n 1t4nUIMv19aVHZRf+zV8xDwMXjb/9IDo0HfCA7X12BN4AC0noZeN477ca w==; X-IronPort-AV: E=McAfee;i="6500,9779,10518"; a="395531248" X-IronPort-AV: E=Sophos;i="5.95,231,1661842800"; d="scan'208";a="395531248" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Nov 2022 12:10:26 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10518"; a="759278165" X-IronPort-AV: E=Sophos;i="5.95,231,1661842800"; d="scan'208";a="759278165" Received: from linux.intel.com ([10.54.29.200]) by orsmga004.jf.intel.com with ESMTP; 01 Nov 2022 12:10:26 -0700 Received: from debox1-desk4.intel.com (unknown [10.212.195.64]) by linux.intel.com (Postfix) with ESMTP id 43BDA580C99; Tue, 1 Nov 2022 12:10:26 -0700 (PDT) From: "David E. Box" To: hdegoede@redhat.com, markgross@kernel.org, andriy.shevchenko@linux.intel.com, srinivas.pandruvada@intel.com Cc: "David E. Box" , platform-driver-x86@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH 2/9] platform/x86/intel/sdsi: Hide attributes if hardware doesn't support Date: Tue, 1 Nov 2022 12:10:16 -0700 Message-Id: <20221101191023.4150315-3-david.e.box@linux.intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221101191023.4150315-1-david.e.box@linux.intel.com> References: <20221101191023.4150315-1-david.e.box@linux.intel.com> MIME-Version: 1.0 X-Spam-Status: No, score=-5.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1748322187107354388?= X-GMAIL-MSGID: =?utf-8?q?1748322187107354388?= Provisioning capabilities are enabled by a bit set by BIOS. Read this bit and hide the provisioning attributes if the On Demand feature is not enabled. Also, remove the sdsi_enabled boolean from private and instead add a features register since this will be used for future features. Signed-off-by: David E. Box Reviewed-by: Hans de Goede --- drivers/platform/x86/intel/sdsi.c | 33 ++++++++++++++++++++----------- 1 file changed, 22 insertions(+), 11 deletions(-) diff --git a/drivers/platform/x86/intel/sdsi.c b/drivers/platform/x86/intel/sdsi.c index 32793919473d..bca05b4dd983 100644 --- a/drivers/platform/x86/intel/sdsi.c +++ b/drivers/platform/x86/intel/sdsi.c @@ -41,7 +41,8 @@ #define SDSI_SIZE_READ_MSG (SDSI_SIZE_MAILBOX * 4) #define SDSI_ENABLED_FEATURES_OFFSET 16 -#define SDSI_ENABLED BIT(3) +#define SDSI_FEATURE_SDSI BIT(3) + #define SDSI_SOCKET_ID_OFFSET 64 #define SDSI_SOCKET_ID GENMASK(3, 0) @@ -100,7 +101,7 @@ struct sdsi_priv { void __iomem *mbox_addr; void __iomem *regs_addr; u32 guid; - bool sdsi_enabled; + u32 features; }; /* SDSi mailbox operations must be performed using 64bit mov instructions */ @@ -332,9 +333,6 @@ static ssize_t sdsi_provision(struct sdsi_priv *priv, char *buf, size_t count, struct sdsi_mbox_info info; int ret; - if (!priv->sdsi_enabled) - return -EPERM; - if (count > (SDSI_SIZE_WRITE_MSG - SDSI_SIZE_CMD)) return -EOVERFLOW; @@ -405,9 +403,6 @@ static long state_certificate_read(struct file *filp, struct kobject *kobj, size_t size; int ret; - if (!priv->sdsi_enabled) - return -EPERM; - if (off) return 0; @@ -464,6 +459,23 @@ static struct bin_attribute *sdsi_bin_attrs[] = { NULL }; +static umode_t +sdsi_battr_is_visible(struct kobject *kobj, struct bin_attribute *attr, int n) +{ + struct device *dev = kobj_to_dev(kobj); + struct sdsi_priv *priv = dev_get_drvdata(dev); + + /* Registers file is always readable if the device is present */ + if (attr == &bin_attr_registers) + return attr->attr.mode; + + /* All other attributes not visible if BIOS has not enabled On Demand */ + if (!(priv->features & SDSI_FEATURE_SDSI)) + return 0; + + return attr->attr.mode; +} + static ssize_t guid_show(struct device *dev, struct device_attribute *attr, char *buf) { struct sdsi_priv *priv = dev_get_drvdata(dev); @@ -480,6 +492,7 @@ static struct attribute *sdsi_attrs[] = { static const struct attribute_group sdsi_group = { .attrs = sdsi_attrs, .bin_attrs = sdsi_bin_attrs, + .is_bin_visible = sdsi_battr_is_visible, }; __ATTRIBUTE_GROUPS(sdsi); @@ -490,7 +503,6 @@ static int sdsi_map_mbox_registers(struct sdsi_priv *priv, struct pci_dev *paren u32 size = FIELD_GET(DT_SIZE, disc_table->access_info); u32 tbir = FIELD_GET(DT_TBIR, disc_table->offset); u32 offset = DT_OFFSET(disc_table->offset); - u32 features_offset; struct resource res = {}; /* Starting location of SDSi MMIO region based on access type */ @@ -528,8 +540,7 @@ static int sdsi_map_mbox_registers(struct sdsi_priv *priv, struct pci_dev *paren priv->mbox_addr = priv->control_addr + SDSI_SIZE_CONTROL; priv->regs_addr = priv->mbox_addr + SDSI_SIZE_MAILBOX; - features_offset = readq(priv->regs_addr + SDSI_ENABLED_FEATURES_OFFSET); - priv->sdsi_enabled = !!(features_offset & SDSI_ENABLED); + priv->features = readq(priv->regs_addr + SDSI_ENABLED_FEATURES_OFFSET); return 0; } From patchwork Tue Nov 1 19:10:17 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "David E. Box" X-Patchwork-Id: 13844 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:6687:0:0:0:0:0 with SMTP id l7csp3154902wru; Tue, 1 Nov 2022 12:13:00 -0700 (PDT) X-Google-Smtp-Source: AMsMyM7782B0MqkV4wJfYT4DNnGa2NoBgqPDVb0TKPnmlkEDHuKNoSCl5zG6mzocjTO1ex+xcrvR X-Received: by 2002:a17:902:f651:b0:184:6925:d127 with SMTP id m17-20020a170902f65100b001846925d127mr20822764plg.140.1667329980553; Tue, 01 Nov 2022 12:13:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1667329980; cv=none; d=google.com; s=arc-20160816; b=RGp1y3y6Zaz2iuJtJ83UXjqJrsJj+jjktmfW+0AE9w2bmbgwcGB8qKvcnoEcDkH0i0 K2f67UUCHxaZA+sODDpMmbOmOc0AKH0YEyx/XKU+B7a+GOeXexW9Hnwd8Oi+6LexUw4a dxIFTpQ13W0R27TdESP7qRSLB9s1I08h0k3WgpiVvRtS5gtTMbTbfANgdd/LheW1o7Vh /GUl5yXnZeEPOroET6ZDqjZVV12QH4MY0ry9oxTw1yC/wfGQbgVd8MMuh6PopmPH0zAz jbyYlgB7Q1eCwe24DiNvTalAXTcSpvsb0M+oXD6ECvJfZmSxW2A+CQWu2ZzzYT+usmVl 7dvQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=/CEZD98TXUMEUusUW8lIECfXSgo5/hNV44Rq261CdEE=; b=ZS4hUEhHul1iiYp8gJeSITBX4ROaUIj9YpElhj7/Mijb9kF9kpqz0qgC3HPjNoJf4l Ch8nBjyiJSLv//hu7mnNG6YemAk44zC1ESWuWscMym0h0Uv1MdGOYwP0CYz4RK8ipzMV SgfMO1fze5gwCxtBxKWvflqjEynfnMhTrsWSYATUUSY83QR2QU+lV9O096D4Ao2uI798 3rm2z6UdE5i/scBIeLFdS3a5EBHyXEGfax1+UqNyIs6f7sONC29saXeONu0EROAtN07u MNzsiBpBL248TREDpYig1rDUaDhRYirgHH9ftaZHUlP4BQd1Va4X95MqV3X1AgCPcVct 7r2A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=eyf6Axlr; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id x22-20020a170902b41600b001783df7f2e9si12388814plr.166.2022.11.01.12.12.44; Tue, 01 Nov 2022 12:13:00 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=eyf6Axlr; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230371AbiKATLI (ORCPT + 99 others); Tue, 1 Nov 2022 15:11:08 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38608 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230219AbiKATKz (ORCPT ); Tue, 1 Nov 2022 15:10:55 -0400 Received: from mga17.intel.com (mga17.intel.com [192.55.52.151]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0E2821CB10; Tue, 1 Nov 2022 12:10:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1667329855; x=1698865855; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=NA5/t41ZCbqszgHs3lJC1knncUR7kRh2Cap2isglxDI=; b=eyf6Axlr/KQZNbcUoeOkGWBnmTn+LgD3LWsLDM7jtUTShVnntEvKVwLt lVipl6iYQoBbexu4lPkNTs54ur18/xeLamU0HDmVOLh9vpKGJV67HLDNK vfPi4T5naMi8QB9G/iiLCHI0W5eezlkyE/YnwUbvtHcXcNWyn+VyiFM70 sISiVG8QdPFZjz5BvRzwqpTo/ub6qx1NNHlrY0Er1ix9EgVaPE6yI9lD4 LIvd7KDRX11Y9SulHCMLu+5LkYgATInwmk+axWStvV3tyIi1PZkDWq3JR gSRrwr5MHQsMMXhfxBHXjYwYllmwkHTbVza9Ld5CPv2dSQpBxiHJFJX2H g==; X-IronPort-AV: E=McAfee;i="6500,9779,10518"; a="289607881" X-IronPort-AV: E=Sophos;i="5.95,231,1661842800"; d="scan'208";a="289607881" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Nov 2022 12:10:27 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10518"; a="667299027" X-IronPort-AV: E=Sophos;i="5.95,231,1661842800"; d="scan'208";a="667299027" Received: from linux.intel.com ([10.54.29.200]) by orsmga001.jf.intel.com with ESMTP; 01 Nov 2022 12:10:26 -0700 Received: from debox1-desk4.intel.com (unknown [10.212.195.64]) by linux.intel.com (Postfix) with ESMTP id 70A9A580AA7; Tue, 1 Nov 2022 12:10:26 -0700 (PDT) From: "David E. Box" To: hdegoede@redhat.com, markgross@kernel.org, andriy.shevchenko@linux.intel.com, srinivas.pandruvada@intel.com Cc: "David E. Box" , platform-driver-x86@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH 3/9] platform/x86/intel/sdsi: Support different GUIDs Date: Tue, 1 Nov 2022 12:10:17 -0700 Message-Id: <20221101191023.4150315-4-david.e.box@linux.intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221101191023.4150315-1-david.e.box@linux.intel.com> References: <20221101191023.4150315-1-david.e.box@linux.intel.com> MIME-Version: 1.0 X-Spam-Status: No, score=-5.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1748322201798576266?= X-GMAIL-MSGID: =?utf-8?q?1748322201798576266?= Newer versions of Intel On Demand hardware may have an expanded list of registers to support new features. The register layout is identified by a unique GUID that's read during driver probe. Add support for handling different GUIDs and add support for current GUIDs [1]. [1] https://github.com/intel/intel-sdsi/blob/master/os-interface.rst Signed-off-by: David E. Box Reviewed-by: Hans de Goede --- drivers/platform/x86/intel/sdsi.c | 47 +++++++++++++++++++++++++++++-- 1 file changed, 44 insertions(+), 3 deletions(-) diff --git a/drivers/platform/x86/intel/sdsi.c b/drivers/platform/x86/intel/sdsi.c index bca05b4dd983..ab1f65919fc5 100644 --- a/drivers/platform/x86/intel/sdsi.c +++ b/drivers/platform/x86/intel/sdsi.c @@ -27,10 +27,10 @@ #define ACCESS_TYPE_LOCAL 3 #define SDSI_MIN_SIZE_DWORDS 276 -#define SDSI_SIZE_CONTROL 8 #define SDSI_SIZE_MAILBOX 1024 -#define SDSI_SIZE_REGS 72 +#define SDSI_SIZE_REGS 80 #define SDSI_SIZE_CMD sizeof(u64) +#define SDSI_SIZE_MAILBOX 1024 /* * Write messages are currently up to the size of the mailbox @@ -76,6 +76,9 @@ #define DT_TBIR GENMASK(2, 0) #define DT_OFFSET(v) ((v) & GENMASK(31, 3)) +#define SDSI_GUID_V1 0x006DD191 +#define SDSI_GUID_V2 0xF210D9EF + enum sdsi_command { SDSI_CMD_PROVISION_AKC = 0x04, SDSI_CMD_PROVISION_CAP = 0x08, @@ -100,6 +103,9 @@ struct sdsi_priv { void __iomem *control_addr; void __iomem *mbox_addr; void __iomem *regs_addr; + int control_size; + int maibox_size; + int registers_size; u32 guid; u32 features; }; @@ -444,6 +450,18 @@ static ssize_t registers_read(struct file *filp, struct kobject *kobj, struct device *dev = kobj_to_dev(kobj); struct sdsi_priv *priv = dev_get_drvdata(dev); void __iomem *addr = priv->regs_addr; + int size = priv->registers_size; + + /* + * The check below is performed by the sysfs caller based on the static + * file size. But this may be greater than the actual size which is based + * on the GUID. So check here again based on actual size before reading. + */ + if (off >= size) + return 0; + + if (off + count > size) + count = size - off; memcpy_fromio(buf, addr + off, count); @@ -496,6 +514,24 @@ static const struct attribute_group sdsi_group = { }; __ATTRIBUTE_GROUPS(sdsi); +static int sdsi_get_layout(struct sdsi_priv *priv, struct disc_table *table) +{ + switch (table->guid) { + case SDSI_GUID_V1: + priv->control_size = 8; + priv->registers_size = 72; + break; + case SDSI_GUID_V2: + priv->control_size = 16; + priv->registers_size = 80; + break; + default: + dev_err(priv->dev, "Unrecognized GUID 0x%x\n", table->guid); + return -EINVAL; + } + return 0; +} + static int sdsi_map_mbox_registers(struct sdsi_priv *priv, struct pci_dev *parent, struct disc_table *disc_table, struct resource *disc_res) { @@ -537,7 +573,7 @@ static int sdsi_map_mbox_registers(struct sdsi_priv *priv, struct pci_dev *paren if (IS_ERR(priv->control_addr)) return PTR_ERR(priv->control_addr); - priv->mbox_addr = priv->control_addr + SDSI_SIZE_CONTROL; + priv->mbox_addr = priv->control_addr + priv->control_size; priv->regs_addr = priv->mbox_addr + SDSI_SIZE_MAILBOX; priv->features = readq(priv->regs_addr + SDSI_ENABLED_FEATURES_OFFSET); @@ -572,6 +608,11 @@ static int sdsi_probe(struct auxiliary_device *auxdev, const struct auxiliary_de priv->guid = disc_table.guid; + /* Get guid based layout info */ + ret = sdsi_get_layout(priv, &disc_table); + if (ret) + return ret; + /* Map the SDSi mailbox registers */ ret = sdsi_map_mbox_registers(priv, intel_cap_dev->pcidev, &disc_table, disc_res); if (ret) From patchwork Tue Nov 1 19:10:18 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "David E. Box" X-Patchwork-Id: 13840 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:6687:0:0:0:0:0 with SMTP id l7csp3154595wru; Tue, 1 Nov 2022 12:12:31 -0700 (PDT) X-Google-Smtp-Source: AMsMyM6XNaTBUqhLkvQ0P8bc6vWFbW7XuscN9zVVhdmc+xYW1LI9yqwWicUoK6v8NucVD+j9kB7X X-Received: by 2002:a63:494e:0:b0:448:5163:4788 with SMTP id y14-20020a63494e000000b0044851634788mr17731142pgk.507.1667329950883; Tue, 01 Nov 2022 12:12:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1667329950; cv=none; d=google.com; s=arc-20160816; b=AUk8XHLFyS8QWBbeIk/b067uJr30s0XIlhb9RIp3hWOSV1ch0eeUbd9xxK8QG2q+v9 LLX4a4ah4bz6Ro4qU9KW5806h2SCkiGVeaUBnqGY1JHU5y2DXdEnTUWtY45Mc0B9OQoH jPzsuYNx9TGGgDLxJy7zpDcQzOz3tDs7B3bC04mf+7yI0TMsTk1UhgzaXOM+8/QmMN9x OwkV/yjaL64Q9MW8Xge44FN/Q7dT7215zjZwipETfItayJgbRH+1FWy2ljhkJWC2o/6q w8eDzsivzO9YohOO0/VFXYCRBS9p07wHxQuSmX8Z2xT5/LuBm0IIt4BYuXHwOPV3AhsK VANA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Jt1h0KCLhXGGKWzBXxKq4JRtqMX+lvBvQ7u+cxd1FFc=; b=j6aecCSKMb1MmPnQ6c62+rc5tE4nPBPoUhGlWQf438J/s1PwFqMKBO7rZQXRIuBrUU jOXVV0aJq8GVfLZ9o6DTpQMVF6mYpptqHj3YQvukrD1d5mFVu0r35YxBN1pAe2NdaWcu l7w1ZGL50f/ioP5GuGbrhE6dVHiVcX9RSxMvzyIYEwK8T15PQ6U972j2k3udCG7DTyHY XrbqS1hU8fnFYAZ+VDunje7SkCOnzbGnH/BxSKJQYSPkQvytd8ZSJt3U1JZQssqy+EQK fSWZv8710yRBohQptV5nFDfsNsX5WyMMSWg/Lm9CCrXTDabcztQvxjSBzyTR19CwX2ty HdTA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=bHjC+l6G; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id pl12-20020a17090b268c00b0020d887ded6esi13081220pjb.120.2022.11.01.12.12.17; Tue, 01 Nov 2022 12:12:30 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=bHjC+l6G; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230235AbiKATKz (ORCPT + 99 others); Tue, 1 Nov 2022 15:10:55 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38580 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229556AbiKATKx (ORCPT ); Tue, 1 Nov 2022 15:10:53 -0400 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 88A571C416; Tue, 1 Nov 2022 12:10:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1667329852; x=1698865852; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=K6E1RFYeJekr3s2TcMWi6yPlXHIkdOkuHKVN7RzSc9s=; b=bHjC+l6GtMZEPiI0xuJAY5NvEDTasNPaosynun9/od1KA32TZKUAPyXh 2VJ9y/+NJNRz1v4EHeHz9CJA6AUwEu0f6XGQTM5X6myo3mXjUf6gINwoV z/E3xJxjPcrF27tJXc6OY8u9ve8imeSyOaaARNwiZqkEjP66N+lgyGHBj 02F4fLN85Znhc1FVvG8S5MA/ChE2i/7whKYVShg/Fv6VNfvs4tOclLelp szlkFGTV8VO80W16SB7zDfcBvQlbKmyEtEzgjLgvhteM6kkVhry7lJKtn SIIT603fmL06RYZ/2sCDEooQoe7lgqd/SBevaYgfKALT6yP8alU5CitGN Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10518"; a="296656329" X-IronPort-AV: E=Sophos;i="5.95,231,1661842800"; d="scan'208";a="296656329" Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Nov 2022 12:10:27 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10518"; a="702985441" X-IronPort-AV: E=Sophos;i="5.95,231,1661842800"; d="scan'208";a="702985441" Received: from linux.intel.com ([10.54.29.200]) by fmsmga004.fm.intel.com with ESMTP; 01 Nov 2022 12:10:26 -0700 Received: from debox1-desk4.intel.com (unknown [10.212.195.64]) by linux.intel.com (Postfix) with ESMTP id 9DBBF580B9D; Tue, 1 Nov 2022 12:10:26 -0700 (PDT) From: "David E. Box" To: hdegoede@redhat.com, markgross@kernel.org, andriy.shevchenko@linux.intel.com, srinivas.pandruvada@intel.com Cc: "David E. Box" , platform-driver-x86@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH 4/9] platform/x86/intel/sdsi: Add meter certificate support Date: Tue, 1 Nov 2022 12:10:18 -0700 Message-Id: <20221101191023.4150315-5-david.e.box@linux.intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221101191023.4150315-1-david.e.box@linux.intel.com> References: <20221101191023.4150315-1-david.e.box@linux.intel.com> MIME-Version: 1.0 X-Spam-Status: No, score=-5.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1748322170672141663?= X-GMAIL-MSGID: =?utf-8?q?1748322170672141663?= Add support for reading the meter certificate from Intel On Demand hardware. The meter certificate [1] is used to access the utilization metrics of enabled features in support of the Intel On Demand consumption model. Similar to the state certificate, the meter certificate is read by mailbox command. [1] https://github.com/intel-sandbox/debox1.intel_sdsi/blob/gnr-review/meter-certificate.rst Signed-off-by: David E. Box --- .../ABI/testing/sysfs-driver-intel_sdsi | 10 ++++ drivers/platform/x86/intel/sdsi.c | 52 +++++++++++++++---- 2 files changed, 52 insertions(+), 10 deletions(-) diff --git a/Documentation/ABI/testing/sysfs-driver-intel_sdsi b/Documentation/ABI/testing/sysfs-driver-intel_sdsi index 9d77f30d9b9a..f8afed127107 100644 --- a/Documentation/ABI/testing/sysfs-driver-intel_sdsi +++ b/Documentation/ABI/testing/sysfs-driver-intel_sdsi @@ -69,6 +69,16 @@ Description: the CPU configuration is updated. A cold reboot is required to fully activate the feature. Mailbox command. +What: /sys/bus/auxiliary/devices/intel_vsec.sdsi.X/meter_certificate +Date: Nov 2022 +KernelVersion: 6.2 +Contact: "David E. Box" +Description: + (RO) Used to read back the current meter certificate for the CPU + from Intel On Demand hardware. The meter certificate contains + utilization metrics of On Demand enabled features. Mailbox + command. + What: /sys/bus/auxiliary/devices/intel_vsec.sdsi.X/state_certificate Date: Feb 2022 KernelVersion: 5.18 diff --git a/drivers/platform/x86/intel/sdsi.c b/drivers/platform/x86/intel/sdsi.c index ab1f65919fc5..1dee10822df7 100644 --- a/drivers/platform/x86/intel/sdsi.c +++ b/drivers/platform/x86/intel/sdsi.c @@ -42,6 +42,7 @@ #define SDSI_ENABLED_FEATURES_OFFSET 16 #define SDSI_FEATURE_SDSI BIT(3) +#define SDSI_FEATURE_METERING BIT(26) #define SDSI_SOCKET_ID_OFFSET 64 #define SDSI_SOCKET_ID GENMASK(3, 0) @@ -80,9 +81,10 @@ #define SDSI_GUID_V2 0xF210D9EF enum sdsi_command { - SDSI_CMD_PROVISION_AKC = 0x04, - SDSI_CMD_PROVISION_CAP = 0x08, - SDSI_CMD_READ_STATE = 0x10, + SDSI_CMD_PROVISION_AKC = 0x0004, + SDSI_CMD_PROVISION_CAP = 0x0008, + SDSI_CMD_READ_STATE = 0x0010, + SDSI_CMD_READ_METER = 0x0014, }; struct sdsi_mbox_info { @@ -398,13 +400,10 @@ static ssize_t provision_cap_write(struct file *filp, struct kobject *kobj, } static BIN_ATTR_WO(provision_cap, SDSI_SIZE_WRITE_MSG); -static long state_certificate_read(struct file *filp, struct kobject *kobj, - struct bin_attribute *attr, char *buf, loff_t off, - size_t count) +static ssize_t +certificate_read(u64 command, struct sdsi_priv *priv, char *buf, loff_t off, + size_t count) { - struct device *dev = kobj_to_dev(kobj); - struct sdsi_priv *priv = dev_get_drvdata(dev); - u64 command = SDSI_CMD_READ_STATE; struct sdsi_mbox_info info; size_t size; int ret; @@ -441,8 +440,31 @@ static long state_certificate_read(struct file *filp, struct kobject *kobj, return size; } + +static ssize_t +state_certificate_read(struct file *filp, struct kobject *kobj, + struct bin_attribute *attr, char *buf, loff_t off, + size_t count) +{ + struct device *dev = kobj_to_dev(kobj); + struct sdsi_priv *priv = dev_get_drvdata(dev); + + return certificate_read(SDSI_CMD_READ_STATE, priv, buf, off, count); +} static BIN_ATTR(state_certificate, 0400, state_certificate_read, NULL, SDSI_SIZE_READ_MSG); +static ssize_t +meter_certificate_read(struct file *filp, struct kobject *kobj, + struct bin_attribute *attr, char *buf, loff_t off, + size_t count) +{ + struct device *dev = kobj_to_dev(kobj); + struct sdsi_priv *priv = dev_get_drvdata(dev); + + return certificate_read(SDSI_CMD_READ_METER, priv, buf, off, count); +} +static BIN_ATTR(meter_certificate, 0400, meter_certificate_read, NULL, SDSI_SIZE_READ_MSG); + static ssize_t registers_read(struct file *filp, struct kobject *kobj, struct bin_attribute *attr, char *buf, loff_t off, size_t count) @@ -472,6 +494,7 @@ static BIN_ATTR(registers, 0400, registers_read, NULL, SDSI_SIZE_REGS); static struct bin_attribute *sdsi_bin_attrs[] = { &bin_attr_registers, &bin_attr_state_certificate, + &bin_attr_meter_certificate, &bin_attr_provision_akc, &bin_attr_provision_cap, NULL @@ -491,7 +514,16 @@ sdsi_battr_is_visible(struct kobject *kobj, struct bin_attribute *attr, int n) if (!(priv->features & SDSI_FEATURE_SDSI)) return 0; - return attr->attr.mode; + if (attr == &bin_attr_state_certificate || + attr == &bin_attr_provision_akc || + attr == &bin_attr_provision_cap) + return attr->attr.mode; + + if (attr == &bin_attr_meter_certificate && + !!(priv->features & SDSI_FEATURE_METERING)) + return attr->attr.mode; + + return 0; } static ssize_t guid_show(struct device *dev, struct device_attribute *attr, char *buf) From patchwork Tue Nov 1 19:10:19 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "David E. Box" X-Patchwork-Id: 13847 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:6687:0:0:0:0:0 with SMTP id l7csp3155381wru; Tue, 1 Nov 2022 12:14:00 -0700 (PDT) X-Google-Smtp-Source: AMsMyM6JWykvFmU/FldbCzHgSxpJdjK59qsYA/RScG3QkhdmrrC7VqZOf81w92MY83ZMsMwCK6xd X-Received: by 2002:a17:903:244e:b0:186:c41e:ce9e with SMTP id l14-20020a170903244e00b00186c41ece9emr21330684pls.100.1667330040304; Tue, 01 Nov 2022 12:14:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1667330040; cv=none; d=google.com; s=arc-20160816; b=BX5hWUZ7rKtU+Ss6EprEGBdn0Fjj3Ik1QwFsyn6Wr27sRxD0JZSmZ+r9IiuyN71Hk+ Lj1TpeHzdWWyKfR2//5ekWBFszEFs+jC8wPUCnV3zk7X0WAbBXWj/x8GZvXlWBb//s0E WQg24JPXqc1fK8+ySfX7qpAoyZ+DYTL8q3nDviHkcc0+S/JXlEH4qLKNnTcSu0w5p3ky inNHX2h3/UU7pecwUGMgAQ49ExDYAQHn9QRnxySgCAif8RhCK0SjDQP/lZOzOfqf5aO3 /DdFZ0Pif0AyBc4DWT6W1tliOQUF2hBmCL+VkMTx8GYg+yYkLFTJmjYMpFPDH+mGphCV qDbw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=6FXAp9bY81I6epcIIy0JsH+o7gNstxM9MRoxojnk3K4=; b=HPWxQXIOkPPQaeKb1Q2z+QMvsbqshVarqT8+yRMoPFSENq7hCENZZh8ASTY7QNqDCp 9xTXht3YbpzpR/WcCxM0/qoOs0RuO9uJhTHZZZ/rjnU7oiY/QI+3kWb5Wxu0akerYan+ Vj82jv4b8JkL/ueIx4ygUsQuIp3y4BCti6x+vNQ+RoSGOZ7BHrz7+wN0grfH3mCt6lGj ZTdZpcEc/MyqBt8OCey8+2h+K+V2rly/7UeBDGqoVyeHqosLO6/3xVT6jsYjqGPLzBQz dhYlnyFcp9pMVwEG99g0Pecl+gygM+tg7l1fjn1kmHC3Hfb8HjgTphBNSrxHXLxGVd4K GSIg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=MY5VKUgO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id p2-20020a17090a4f0200b0020dcf30338fsi12328193pjh.96.2022.11.01.12.13.47; Tue, 01 Nov 2022 12:14:00 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=MY5VKUgO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230281AbiKATLX (ORCPT + 99 others); Tue, 1 Nov 2022 15:11:23 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38762 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230358AbiKATLD (ORCPT ); Tue, 1 Nov 2022 15:11:03 -0400 Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 469861CB10; Tue, 1 Nov 2022 12:11:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1667329862; x=1698865862; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=psz8zJlgYjfUL1vT/RFKZgOUtluJ4XfLpI5eSvucdXk=; b=MY5VKUgOqvAM/BRNal/JK9XebHNOLNLfxI0jSCCrUyT9wpJMO5WTtCqx ikOVo4qohmMghtLfBicGO9zNahmBBl8bCMCMtjZYafFKhPlJPeCgXNL8V FMZCuTd6oaT9PzgkGE1uwPVHPvARmYP1SaiqptfI5wzNpalTp3Aw6Dhd8 2asPwt6NtXsI+1kBFwde4M/D1NxBLirp87vP7jwAKcZe4kXIBnQ4x2IDs yZF6q+UQqoBIVViYbnQ9S3byuoMwOHtlsLu/54hUyi0huhr95s+hTm9I+ UzwXoFdaYIGKvWmwPvAIk/w0KwI0sDRDha7GY4l6mN10arhCelBKi5YN5 Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10518"; a="310932234" X-IronPort-AV: E=Sophos;i="5.95,231,1661842800"; d="scan'208";a="310932234" Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Nov 2022 12:10:27 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10518"; a="963233021" X-IronPort-AV: E=Sophos;i="5.95,231,1661842800"; d="scan'208";a="963233021" Received: from linux.intel.com ([10.54.29.200]) by fmsmga005.fm.intel.com with ESMTP; 01 Nov 2022 12:10:27 -0700 Received: from debox1-desk4.intel.com (unknown [10.212.195.64]) by linux.intel.com (Postfix) with ESMTP id CCBE9580C99; Tue, 1 Nov 2022 12:10:26 -0700 (PDT) From: "David E. Box" To: hdegoede@redhat.com, markgross@kernel.org, andriy.shevchenko@linux.intel.com, srinivas.pandruvada@intel.com Cc: "David E. Box" , platform-driver-x86@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH 5/9] tools/arch/x86: intel_sdsi: Add support for reading state certificates Date: Tue, 1 Nov 2022 12:10:19 -0700 Message-Id: <20221101191023.4150315-6-david.e.box@linux.intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221101191023.4150315-1-david.e.box@linux.intel.com> References: <20221101191023.4150315-1-david.e.box@linux.intel.com> MIME-Version: 1.0 X-Spam-Status: No, score=-5.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1748322264341678867?= X-GMAIL-MSGID: =?utf-8?q?1748322264341678867?= Add option to read and decode On Demand state certificates. Link: https://github.com/intel/intel-sdsi/blob/master/state-certificate-encoding.rst Signed-off-by: David E. Box Reviewed-by: Hans de Goede --- tools/arch/x86/intel_sdsi/intel_sdsi.c | 268 ++++++++++++++++++------- 1 file changed, 198 insertions(+), 70 deletions(-) diff --git a/tools/arch/x86/intel_sdsi/intel_sdsi.c b/tools/arch/x86/intel_sdsi/intel_sdsi.c index c0e2f2349db4..9dd94014a672 100644 --- a/tools/arch/x86/intel_sdsi/intel_sdsi.c +++ b/tools/arch/x86/intel_sdsi/intel_sdsi.c @@ -22,11 +22,24 @@ #include +#ifndef __packed +#define __packed __attribute__((packed)) +#endif + +#define min(x, y) ({ \ + typeof(x) _min1 = (x); \ + typeof(y) _min2 = (y); \ + (void) (&_min1 == &_min2); \ + _min1 < _min2 ? _min1 : _min2; }) + #define SDSI_DEV "intel_vsec.sdsi" #define AUX_DEV_PATH "/sys/bus/auxiliary/devices/" #define SDSI_PATH (AUX_DEV_DIR SDSI_DEV) #define GUID 0x6dd191 #define REGISTERS_MIN_SIZE 72 +#define STATE_CERT_MAX_SIZE 4096 +#define STATE_MAX_NUM_LICENSES 16 +#define STATE_MAX_NUM_IN_BUNDLE (uint32_t)8 #define __round_mask(x, y) ((__typeof__(x))((y) - 1)) #define round_up(x, y) ((((x) - 1) | __round_mask(x, y)) + 1) @@ -49,6 +62,7 @@ struct availability { uint64_t reserved:48; uint64_t available:3; uint64_t threshold:3; + uint64_t reserved2:10; }; struct sdsi_regs { @@ -63,17 +77,55 @@ struct sdsi_regs { uint64_t socket_id; }; +#define CONTENT_TYPE_LK_ENC 0xD +#define CONTENT_TYPE_LK_BLOB_ENC 0xE + +struct state_certificate { + uint32_t content_type; + uint32_t region_rev_id; + uint32_t header_size; + uint32_t total_size; + uint32_t key_size; + uint32_t num_licenses; +}; + +struct license_key_info { + uint32_t key_rev_id; + uint64_t key_image_content[6]; +} __packed; + +#define LICENSE_BLOB_SIZE(l) (((l) & 0x7fffffff) * 4) +#define LICENSE_VALID(l) (!!((l) & 0x80000000)) + +// License Group Types +#define LBT_ONE_TIME_UPGRADE 1 +#define LBT_METERED_UPGRADE 2 + +struct license_blob_content { + uint32_t type; + uint64_t id; + uint64_t ppin; + uint64_t previous_ppin; + uint32_t rev_id; + uint32_t num_bundles; +} __packed; + +struct bundle_encoding { + uint32_t encoding; + uint32_t encoding_rsvd[7]; +}; + struct sdsi_dev { struct sdsi_regs regs; + struct state_certificate sc; char *dev_name; char *dev_path; int guid; }; enum command { - CMD_NONE, CMD_SOCKET_INFO, - CMD_DUMP_CERT, + CMD_STATE_CERT, CMD_PROV_AKC, CMD_PROV_CAP, }; @@ -168,20 +220,56 @@ static int sdsi_read_reg(struct sdsi_dev *s) return 0; } -static int sdsi_certificate_dump(struct sdsi_dev *s) +static char *license_blob_type(uint32_t type) +{ + switch (type) { + case LBT_ONE_TIME_UPGRADE: + return "One time upgrade"; + case LBT_METERED_UPGRADE: + return "Metered upgrade"; + default: + return "Unknown license blob type"; + } +} + +static char *content_type(uint32_t type) +{ + switch (type) { + case CONTENT_TYPE_LK_ENC: + return "Licencse key encoding"; + case CONTENT_TYPE_LK_BLOB_ENC: + return "License key + Blob encoding"; + default: + return "Unknown content type"; + } +} + +static void get_feature(uint32_t encoding, char *feature) +{ + char *name = (char *)&encoding; + + feature[3] = name[0]; + feature[2] = name[1]; + feature[1] = name[2]; + feature[0] = name[3]; +} + +static int sdsi_state_cert_show(struct sdsi_dev *s) { - uint64_t state_certificate[512] = {0}; - bool first_instance; - uint64_t previous; + char buf[STATE_CERT_MAX_SIZE] = {0}; + struct state_certificate *sc; + struct license_key_info *lki; + uint32_t offset = 0; + uint32_t count = 0; FILE *cert_ptr; - int i, ret, size; + int ret, size; ret = sdsi_update_registers(s); if (ret) return ret; if (!s->regs.en_features.sdsi) { - fprintf(stderr, "SDSi feature is present but not enabled."); + fprintf(stderr, "On Demand feature is present but not enabled."); fprintf(stderr, " Unable to read state certificate"); return -1; } @@ -198,32 +286,74 @@ static int sdsi_certificate_dump(struct sdsi_dev *s) return -1; } - size = fread(state_certificate, 1, sizeof(state_certificate), cert_ptr); + size = fread(buf, 1, sizeof(buf), cert_ptr); if (!size) { fprintf(stderr, "Could not read 'state_certificate' file\n"); fclose(cert_ptr); return -1; } + fclose(cert_ptr); - printf("%3d: 0x%lx\n", 0, state_certificate[0]); - previous = state_certificate[0]; - first_instance = true; + sc = (struct state_certificate *)buf; - for (i = 1; i < (int)(round_up(size, sizeof(uint64_t))/sizeof(uint64_t)); i++) { - if (state_certificate[i] == previous) { - if (first_instance) { - puts("*"); - first_instance = false; - } - continue; + /* Print register info for this guid */ + printf("\n"); + printf("State certificate for device %s\n", s->dev_name); + printf("\n"); + printf("Content Type: %s\n", content_type(sc->content_type)); + printf("Region Revision ID: %d\n", sc->region_rev_id); + printf("Header Size: %d\n", sc->header_size * 4); + printf("Total Size: %d\n", sc->total_size); + printf("OEM Key Size: %d\n", sc->key_size * 4); + printf("Number of Licenses: %d\n", sc->num_licenses); + + /* Skip over the license sizes 4 bytes per license) to get the license key info */ + lki = (void *)sc + sizeof(*sc) + (4 * sc->num_licenses); + + printf("License blob Info:\n"); + printf(" License Key Revision ID: 0x%x\n", lki->key_rev_id); + printf(" License Key Image Content: 0x%lx%lx%lx%lx%lx%lx\n", + lki->key_image_content[5], lki->key_image_content[4], + lki->key_image_content[3], lki->key_image_content[2], + lki->key_image_content[1], lki->key_image_content[0]); + + while (count++ < sc->num_licenses) { + uint32_t blob_size_field = *(uint32_t *)(buf + 0x14 + count * 4); + uint32_t blob_size = LICENSE_BLOB_SIZE(blob_size_field); + bool license_valid = LICENSE_VALID(blob_size_field); + struct license_blob_content *lbc = + (void *)(sc) + // start of the state certificate + sizeof(*sc) + // size of the state certificate + (4 * sc->num_licenses) + // total size of the blob size blocks + sizeof(*lki) + // size of the license key info + offset; // offset to this blob content + struct bundle_encoding *bundle = (void *)(lbc) + sizeof(*lbc); + char feature[5]; + uint32_t i; + + printf(" Blob %d:\n", count - 1); + printf(" License blob size: %u\n", blob_size); + printf(" License is valid: %s\n", license_valid ? "Yes" : "No"); + printf(" License blob type: %s\n", license_blob_type(lbc->type)); + printf(" License blob ID: 0x%lx\n", lbc->id); + printf(" PPIN: 0x%lx\n", lbc->ppin); + printf(" Previous PPIN: 0x%lx\n", lbc->previous_ppin); + printf(" Blob revision ID: %u\n", lbc->rev_id); + printf(" Number of Features: %u\n", lbc->num_bundles); + + feature[4] = '\0'; + + for (i = 0; i < min(lbc->num_bundles, STATE_MAX_NUM_IN_BUNDLE); i++) { + get_feature(bundle[i].encoding, feature); + printf(" Feature %d: %s\n", i, feature); } - printf("%3d: 0x%lx\n", i, state_certificate[i]); - previous = state_certificate[i]; - first_instance = true; - } - printf("%3d\n", i); - fclose(cert_ptr); + if (lbc->num_bundles > STATE_MAX_NUM_IN_BUNDLE) + fprintf(stderr, " Warning: %d > %d licenses in bundle reported.\n", + lbc->num_bundles, STATE_MAX_NUM_IN_BUNDLE); + + offset += blob_size; + }; return 0; } @@ -231,7 +361,7 @@ static int sdsi_certificate_dump(struct sdsi_dev *s) static int sdsi_provision(struct sdsi_dev *s, char *bin_file, enum command command) { int bin_fd, prov_fd, size, ret; - char buf[4096] = { 0 }; + char buf[STATE_CERT_MAX_SIZE] = { 0 }; char cap[] = "provision_cap"; char akc[] = "provision_akc"; char *prov_file; @@ -266,7 +396,7 @@ static int sdsi_provision(struct sdsi_dev *s, char *bin_file, enum command comma } /* Read the binary file into the buffer */ - size = read(bin_fd, buf, 4096); + size = read(bin_fd, buf, STATE_CERT_MAX_SIZE); if (size == -1) { close(bin_fd); close(prov_fd); @@ -443,25 +573,26 @@ static void sdsi_free_dev(struct sdsi_dev *s) static void usage(char *prog) { - printf("Usage: %s [-l] [-d DEVNO [-iD] [-a FILE] [-c FILE]]\n", prog); + printf("Usage: %s [-l] [-d DEVNO [-i] [-s] [-a FILE] [-c FILE]]\n", prog); } static void show_help(void) { printf("Commands:\n"); - printf(" %-18s\t%s\n", "-l, --list", "list available sdsi devices"); - printf(" %-18s\t%s\n", "-d, --devno DEVNO", "sdsi device number"); - printf(" %-18s\t%s\n", "-i --info", "show socket information"); - printf(" %-18s\t%s\n", "-D --dump", "dump state certificate data"); - printf(" %-18s\t%s\n", "-a --akc FILE", "provision socket with AKC FILE"); - printf(" %-18s\t%s\n", "-c --cap FILE>", "provision socket with CAP FILE"); + printf(" %-18s\t%s\n", "-l, --list", "list available On Demand devices"); + printf(" %-18s\t%s\n", "-d, --devno DEVNO", "On Demand device number"); + printf(" %-18s\t%s\n", "-i, --info", "show socket information"); + printf(" %-18s\t%s\n", "-s, --state", "show state certificate"); + printf(" %-18s\t%s\n", "-a, --akc FILE", "provision socket with AKC FILE"); + printf(" %-18s\t%s\n", "-c, --cap FILE>", "provision socket with CAP FILE"); } int main(int argc, char *argv[]) { char bin_file[PATH_MAX], *dev_no = NULL; + bool device_selected = false; char *progname; - enum command command = CMD_NONE; + enum command command = -1; struct sdsi_dev *s; int ret = 0, opt; int option_index = 0; @@ -470,21 +601,22 @@ int main(int argc, char *argv[]) {"akc", required_argument, 0, 'a'}, {"cap", required_argument, 0, 'c'}, {"devno", required_argument, 0, 'd'}, - {"dump", no_argument, 0, 'D'}, {"help", no_argument, 0, 'h'}, {"info", no_argument, 0, 'i'}, {"list", no_argument, 0, 'l'}, + {"state", no_argument, 0, 's'}, {0, 0, 0, 0 } }; progname = argv[0]; - while ((opt = getopt_long_only(argc, argv, "+a:c:d:Da:c:h", long_options, + while ((opt = getopt_long_only(argc, argv, "+a:c:d:hils", long_options, &option_index)) != -1) { switch (opt) { case 'd': dev_no = optarg; + device_selected = true; break; case 'l': sdsi_list_devices(); @@ -492,8 +624,8 @@ int main(int argc, char *argv[]) case 'i': command = CMD_SOCKET_INFO; break; - case 'D': - command = CMD_DUMP_CERT; + case 's': + command = CMD_STATE_CERT; break; case 'a': case 'c': @@ -520,39 +652,35 @@ int main(int argc, char *argv[]) } } - if (!dev_no) { - if (command != CMD_NONE) - fprintf(stderr, "Missing device number, DEVNO, for this command\n"); - usage(progname); - return -1; - } + if (device_selected) { + s = sdsi_create_dev(dev_no); + if (!s) + return -1; - s = sdsi_create_dev(dev_no); - if (!s) - return -1; + switch (command) { + case CMD_SOCKET_INFO: + ret = sdsi_read_reg(s); + break; + case CMD_STATE_CERT: + ret = sdsi_state_cert_show(s); + break; + case CMD_PROV_AKC: + ret = sdsi_provision_akc(s, bin_file); + break; + case CMD_PROV_CAP: + ret = sdsi_provision_cap(s, bin_file); + break; + default: + fprintf(stderr, "No command specified\n"); + return -1; + } + + sdsi_free_dev(s); - /* Run the command */ - switch (command) { - case CMD_NONE: - fprintf(stderr, "Missing command for device %s\n", dev_no); - usage(progname); - break; - case CMD_SOCKET_INFO: - ret = sdsi_read_reg(s); - break; - case CMD_DUMP_CERT: - ret = sdsi_certificate_dump(s); - break; - case CMD_PROV_AKC: - ret = sdsi_provision_akc(s, bin_file); - break; - case CMD_PROV_CAP: - ret = sdsi_provision_cap(s, bin_file); - break; - } - - - sdsi_free_dev(s); + } else { + fprintf(stderr, "No device specified\n"); + return -1; + } return ret; } From patchwork Tue Nov 1 19:10:20 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "David E. Box" X-Patchwork-Id: 13845 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:6687:0:0:0:0:0 with SMTP id l7csp3155051wru; Tue, 1 Nov 2022 12:13:18 -0700 (PDT) X-Google-Smtp-Source: AMsMyM7gy/X/rZWimFPC8g1qbSLtKXiGcxqV26MnSA/ZK689e/YhAOA5juEdlwzhkBvHM/6FAQqy X-Received: by 2002:a17:902:ec01:b0:186:748f:e8b6 with SMTP id l1-20020a170902ec0100b00186748fe8b6mr20758162pld.131.1667329998274; Tue, 01 Nov 2022 12:13:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1667329998; cv=none; d=google.com; s=arc-20160816; b=taxZjbn5zexVziUS/zhHwMw4pysuqsPEDXIgJBIgoX39PQLd/zzSNOHqTmOn65ES+3 Ozuomc0Ro242MUENOBsjI0F5hcCo72Z1TV/yZg0qdMldiuKXkRS9O3qqmHf2lpgqSqlw xEB6bLqe9CA6Ns3qdKzhUqc8zF/tU12w4uGBR6IcdFpHFk/6/QH/FuvNRZXxR5XZJeMO O+j2MHwGZCrbJCMg0eVbPAJmi/cG2H51wVQq30S9MavRfAfXTtpW+IHmf5CW0A9a6TVT W9R27TFIMcphQrHEND8qhMbR5tV4li0Hpfg9W+Fag8MAmzWhwKltaUXQ92Q4mQuBed9K w3xw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=5ePQ/1XuK4o1UGN+ucVSQR/q6+X93DiiubmfRezFInk=; b=JyxYpGLnPoXpptFBUS+hpLvVFXi/QEs4IVmsVs5qZVxJxKLCUZgsVoV2cEauvPzdHk YRIWD1L/by48SUXs8ztctNntzXLOUIGL+JZslvv6K/v2hpFtPwYqr4MZLPGTT8J0+Mtq P3JQmF+pWgcMl5wBAjACLX8CxNxx4KYXGn+IMAjuS8sO3tAX5V6vOrWc3gfAIxSbbbW4 LNLrH99MAwUWfYKBzcgwE7B3Pyz+M2VGMym2jG536saaoEFkkYuxUBQ8JvFdi5vhRnWr qYng6wXGaaQdy/wf7B2aAWbFac6zh2uRiYVNhaCtBMcWXPyfUKowe082oVXKt/DIL0yp ItLw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=OpfCuFBS; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id p13-20020a170902e74d00b00176a116a20csi15159793plf.567.2022.11.01.12.13.01; Tue, 01 Nov 2022 12:13:18 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=OpfCuFBS; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230379AbiKATLO (ORCPT + 99 others); Tue, 1 Nov 2022 15:11:14 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38658 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230336AbiKATK6 (ORCPT ); Tue, 1 Nov 2022 15:10:58 -0400 Received: from mga07.intel.com (mga07.intel.com [134.134.136.100]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AAC611E71D; Tue, 1 Nov 2022 12:10:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1667329857; x=1698865857; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=l9kRG3w3jGLZontziusyMLJGEXBiEEFAIDr6h2pUM40=; b=OpfCuFBSU35tXNFhJKAzWZFfW7ru2/Tz+kL/qbpBPIUftFBGva+bNY53 lwfddZCJsSSkuqz14h7FDu7gJ5j1QH30O5g2N+GtgPC32GagMhUYjpMD/ ryXCtXVsPcnPmoIbt5cHlV9udH54Ksw0dQma97PELyFIJmFX7qJFZ3Z/B ogE3ijVI1b4uqQeIlNKGB6sqrQB3qC3x+SO4J2K5nbMlJUpAx4mSSIb47 IZBlFv/N2FIyqk4EUAN19TLfpPLM5ZGGPB8nI9DXOlsIhuPkoWLXaidRO fk0fCvxc5/Gb7xpIVKMBn2QJqGj/bBDrgi98FvxYUlnv4iJsk+iEdS06e w==; X-IronPort-AV: E=McAfee;i="6500,9779,10518"; a="373440766" X-IronPort-AV: E=Sophos;i="5.95,231,1661842800"; d="scan'208";a="373440766" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Nov 2022 12:10:28 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10518"; a="776605731" X-IronPort-AV: E=Sophos;i="5.95,231,1661842800"; d="scan'208";a="776605731" Received: from linux.intel.com ([10.54.29.200]) by fmsmga001.fm.intel.com with ESMTP; 01 Nov 2022 12:10:27 -0700 Received: from debox1-desk4.intel.com (unknown [10.212.195.64]) by linux.intel.com (Postfix) with ESMTP id 08D9A580AA7; Tue, 1 Nov 2022 12:10:27 -0700 (PDT) From: "David E. Box" To: hdegoede@redhat.com, markgross@kernel.org, andriy.shevchenko@linux.intel.com, srinivas.pandruvada@intel.com Cc: "David E. Box" , platform-driver-x86@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH 6/9] tools/arch/x86: intel_sdsi: Add Intel On Demand text Date: Tue, 1 Nov 2022 12:10:20 -0700 Message-Id: <20221101191023.4150315-7-david.e.box@linux.intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221101191023.4150315-1-david.e.box@linux.intel.com> References: <20221101191023.4150315-1-david.e.box@linux.intel.com> MIME-Version: 1.0 X-Spam-Status: No, score=-5.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1748322219867733023?= X-GMAIL-MSGID: =?utf-8?q?1748322219867733023?= Intel Software Defined Silicon (SDSi) is now officially known as Intel On Demand. Change text in tool to indicate this. Signed-off-by: David E. Box Reviewed-by: Hans de Goede --- tools/arch/x86/intel_sdsi/intel_sdsi.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tools/arch/x86/intel_sdsi/intel_sdsi.c b/tools/arch/x86/intel_sdsi/intel_sdsi.c index 9dd94014a672..3718bd0c05cb 100644 --- a/tools/arch/x86/intel_sdsi/intel_sdsi.c +++ b/tools/arch/x86/intel_sdsi/intel_sdsi.c @@ -1,7 +1,7 @@ // SPDX-License-Identifier: GPL-2.0 /* - * sdsi: Intel Software Defined Silicon tool for provisioning certificates - * and activation payloads on supported cpus. + * sdsi: Intel On Demand (formerly Software Defined Silicon) tool for + * provisioning certificates and activation payloads on supported cpus. * * See https://github.com/intel/intel-sdsi/blob/master/os-interface.rst * for register descriptions. @@ -150,7 +150,7 @@ static void sdsi_list_devices(void) } if (!found) - fprintf(stderr, "No sdsi devices found.\n"); + fprintf(stderr, "No On Demand devices found.\n"); } static int sdsi_update_registers(struct sdsi_dev *s) @@ -206,7 +206,7 @@ static int sdsi_read_reg(struct sdsi_dev *s) printf("\n"); printf("PPIN: 0x%lx\n", s->regs.ppin); printf("Enabled Features\n"); - printf(" SDSi: %s\n", !!s->regs.en_features.sdsi ? "Enabled" : "Disabled"); + printf(" On Demand: %s\n", !!s->regs.en_features.sdsi ? "Enabled" : "Disabled"); printf("Authorization Failure Count\n"); printf(" AKC Failure Count: %d\n", s->regs.auth_fail_count.key_failure_count); printf(" AKC Failure Threshold: %d\n", s->regs.auth_fail_count.key_failure_threshold); @@ -428,7 +428,7 @@ static int sdsi_provision_akc(struct sdsi_dev *s, char *bin_file) return ret; if (!s->regs.en_features.sdsi) { - fprintf(stderr, "SDSi feature is present but not enabled. Unable to provision"); + fprintf(stderr, "On Demand feature is present but not enabled. Unable to provision"); return -1; } @@ -458,7 +458,7 @@ static int sdsi_provision_cap(struct sdsi_dev *s, char *bin_file) return ret; if (!s->regs.en_features.sdsi) { - fprintf(stderr, "SDSi feature is present but not enabled. Unable to provision"); + fprintf(stderr, "On Demand feature is present but not enabled. Unable to provision"); return -1; } From patchwork Tue Nov 1 19:10:21 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "David E. Box" X-Patchwork-Id: 13843 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:6687:0:0:0:0:0 with SMTP id l7csp3154815wru; Tue, 1 Nov 2022 12:12:52 -0700 (PDT) X-Google-Smtp-Source: AMsMyM4lULSIfXaV4bswBf1MsDrFs3NjGal6vs6gVpP78YRzl15BgUEPMwu+NAFKtVCM6RKBYjTb X-Received: by 2002:a17:90a:d244:b0:213:aa62:7a91 with SMTP id o4-20020a17090ad24400b00213aa627a91mr19620308pjw.101.1667329971913; Tue, 01 Nov 2022 12:12:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1667329971; cv=none; d=google.com; s=arc-20160816; b=Qv2UjbinaD/SvIXj1d9NNi6Uwr3gNhoRIK1gI1MCaEuSypg4WqP8GaoeD5csUVfX5J tzBVj/Ml26Uvv//6a+j6H4QWs6qXBt9mDzdO/y2+K6u13lI36tThyx5X0RyQGzZ0gj8Y OLrJQeLy345/qEvdzeWIwVH9HZBYuvxPuJeUT76XToG9g15biRoBdz64yco6Vkw3rLwZ P1dDfQa8LmzOTdrlloaGepV9uLCJRH0HqEMSwX4zEil4Y2HsQytaUlA54h+iFE5ugJbO dV+SHGc/qKgVw+4rLQpN3udjqY5VERjvv1RPmxiNm7Z0s5niA0Qg9k01LU8VG1egSrNY FYgw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=kao+T/YvmKUBUFTmuDB++c2Of+JBBW4PXl8z9uuQG0g=; b=B6OQUt8H0tpeXiYrmJDxttRzLpA8D0cT+j7iHyGRJMaoSDp62nz0Qo73QMO0H5dI7O OayBOkwCXd3ieXRV5qUB9Z/SryOwQOpHVpFiy7Etz3dGrv2y+rrGNykZJ+97OhwmVjZ1 NanFAHoiepX7X2DR6u4KRT0Gnwa811zlhLWsJ27HqpeDq80bxAgQxQjS09yWmpHFXRpu BwxCwznMMTgplSoVtuHW6UrysXovuHGu6rVHP5HC6MbWPMZnp4Y5ToaiG1xsOuCqN1ai BCTNW1KU7ncVZkDDfd6WYtrMkzFYykkMneX17eaDaVxe11pmsdjCas/+zhkubbH5vnuh 36ag== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=W8msGmwL; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id p33-20020a056a000a2100b0056bcb93e983si14532643pfh.17.2022.11.01.12.12.38; Tue, 01 Nov 2022 12:12:51 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=W8msGmwL; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230365AbiKATLF (ORCPT + 99 others); Tue, 1 Nov 2022 15:11:05 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38594 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230047AbiKATKy (ORCPT ); Tue, 1 Nov 2022 15:10:54 -0400 Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EF8A11E3FC; Tue, 1 Nov 2022 12:10:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1667329854; x=1698865854; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=b1LAhIocLucoL1ImscGJbvcIGzaRlOd5dHOoHc/QWNI=; b=W8msGmwLT1kl1wPRsOdv059I6vaAl6f2A6gfBTkWSwZWSvZJLoo5YVAr 7rX9QmhIPcrPnUzzf3wf3sfMbQKD+w8Vi0mjcQO/MB4N5z4QPCbSOlj60 uBgZQTNaPJMqKKfcuznp3DJstR4coq656sGU0KyiUJTZUy0H+598Qhgrf bDEnPB325crZCJiU0YtyKMf/liZo3YFn0vDTrojBUrURJkgBQtXoQFkEd WN9giVhfykA46R/txz/g9lpSS39d2GmG2JaXIiv+/Yj683AQeeJ4watot lgFuClu3GyKDqd03UoRsKjBA1+qrJsEzJUDJjtFVkhTToi2CVkuVhJf2Z w==; X-IronPort-AV: E=McAfee;i="6500,9779,10518"; a="395531251" X-IronPort-AV: E=Sophos;i="5.95,231,1661842800"; d="scan'208";a="395531251" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Nov 2022 12:10:27 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10518"; a="759278176" X-IronPort-AV: E=Sophos;i="5.95,231,1661842800"; d="scan'208";a="759278176" Received: from linux.intel.com ([10.54.29.200]) by orsmga004.jf.intel.com with ESMTP; 01 Nov 2022 12:10:27 -0700 Received: from debox1-desk4.intel.com (unknown [10.212.195.64]) by linux.intel.com (Postfix) with ESMTP id 38D9D580DBC; Tue, 1 Nov 2022 12:10:27 -0700 (PDT) From: "David E. Box" To: hdegoede@redhat.com, markgross@kernel.org, andriy.shevchenko@linux.intel.com, srinivas.pandruvada@intel.com Cc: "David E. Box" , platform-driver-x86@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH 7/9] tools/arch/x86: intel_sdsi: Read more On Demand registers Date: Tue, 1 Nov 2022 12:10:21 -0700 Message-Id: <20221101191023.4150315-8-david.e.box@linux.intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221101191023.4150315-1-david.e.box@linux.intel.com> References: <20221101191023.4150315-1-david.e.box@linux.intel.com> MIME-Version: 1.0 X-Spam-Status: No, score=-5.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1748322192473135241?= X-GMAIL-MSGID: =?utf-8?q?1748322192473135241?= Add decoding of the following On Demand register fields: 1. NVRAM content authorization error status 2. Enabled features: telemetry and attestation 3. Key provisioning status 4. NVRAM update limit 5. PCU_CR3_CAPID_CFG Link: https://github.com/intel/intel-sdsi/blob/master/state-certificate-encoding.rst Signed-off-by: David E. Box Reviewed-by: Hans de Goede --- tools/arch/x86/intel_sdsi/intel_sdsi.c | 50 +++++++++++++++++++++++--- 1 file changed, 45 insertions(+), 5 deletions(-) diff --git a/tools/arch/x86/intel_sdsi/intel_sdsi.c b/tools/arch/x86/intel_sdsi/intel_sdsi.c index 3718bd0c05cb..01b5f9994e11 100644 --- a/tools/arch/x86/intel_sdsi/intel_sdsi.c +++ b/tools/arch/x86/intel_sdsi/intel_sdsi.c @@ -44,10 +44,28 @@ #define __round_mask(x, y) ((__typeof__(x))((y) - 1)) #define round_up(x, y) ((((x) - 1) | __round_mask(x, y)) + 1) +struct nvram_content_auth_err_sts { + uint64_t reserved:3; + uint64_t sdsi_content_auth_err:1; + uint64_t reserved1:1; + uint64_t sdsi_metering_auth_err:1; + uint64_t reserved2:58; +}; + struct enabled_features { uint64_t reserved:3; uint64_t sdsi:1; - uint64_t reserved1:60; + uint64_t reserved1:8; + uint64_t attestation:1; + uint64_t reserved2:13; + uint64_t metering:1; + uint64_t reserved3:37; +}; + +struct key_provision_status { + uint64_t reserved:1; + uint64_t license_key_provisioned:1; + uint64_t reserved2:62; }; struct auth_fail_count { @@ -65,15 +83,23 @@ struct availability { uint64_t reserved2:10; }; +struct nvram_update_limit { + uint64_t reserved:12; + uint64_t sdsi_50_pct:1; + uint64_t sdsi_75_pct:1; + uint64_t sdsi_90_pct:1; + uint64_t reserved2:49; +}; + struct sdsi_regs { uint64_t ppin; - uint64_t reserved; + struct nvram_content_auth_err_sts auth_err_sts; struct enabled_features en_features; - uint64_t reserved1; + struct key_provision_status key_prov_sts; struct auth_fail_count auth_fail_count; struct availability prov_avail; - uint64_t reserved2; - uint64_t reserved3; + struct nvram_update_limit limits; + uint64_t pcu_cr3_capid_cfg; uint64_t socket_id; }; @@ -205,8 +231,18 @@ static int sdsi_read_reg(struct sdsi_dev *s) printf("Socket information for device %s\n", s->dev_name); printf("\n"); printf("PPIN: 0x%lx\n", s->regs.ppin); + printf("NVRAM Content Authorization Error Status\n"); + printf(" SDSi Auth Err Sts: %s\n", !!s->regs.auth_err_sts.sdsi_content_auth_err ? "Error" : "Okay"); + + if (!!s->regs.en_features.metering) + printf(" Metering Auth Err Sts: %s\n", !!s->regs.auth_err_sts.sdsi_metering_auth_err ? "Error" : "Okay"); + printf("Enabled Features\n"); printf(" On Demand: %s\n", !!s->regs.en_features.sdsi ? "Enabled" : "Disabled"); + printf(" Attestation: %s\n", !!s->regs.en_features.attestation ? "Enabled" : "Disabled"); + printf(" On Demand: %s\n", !!s->regs.en_features.sdsi ? "Enabled" : "Disabled"); + printf(" Metering: %s\n", !!s->regs.en_features.metering ? "Enabled" : "Disabled"); + printf("License Key (AKC) Provisioned: %s\n", !!s->regs.key_prov_sts.license_key_provisioned ? "Yes" : "No"); printf("Authorization Failure Count\n"); printf(" AKC Failure Count: %d\n", s->regs.auth_fail_count.key_failure_count); printf(" AKC Failure Threshold: %d\n", s->regs.auth_fail_count.key_failure_threshold); @@ -215,6 +251,10 @@ static int sdsi_read_reg(struct sdsi_dev *s) printf("Provisioning Availability\n"); printf(" Updates Available: %d\n", s->regs.prov_avail.available); printf(" Updates Threshold: %d\n", s->regs.prov_avail.threshold); + printf("NVRAM Udate Limit\n"); + printf(" 50%% Limit Reached: %s\n", !!s->regs.limits.sdsi_50_pct ? "Yes" : "No"); + printf(" 75%% Limit Reached: %s\n", !!s->regs.limits.sdsi_75_pct ? "Yes" : "No"); + printf(" 90%% Limit Reached: %s\n", !!s->regs.limits.sdsi_90_pct ? "Yes" : "No"); printf("Socket ID: %ld\n", s->regs.socket_id & 0xF); return 0; From patchwork Tue Nov 1 19:10:22 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "David E. Box" X-Patchwork-Id: 13841 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:6687:0:0:0:0:0 with SMTP id l7csp3154657wru; Tue, 1 Nov 2022 12:12:38 -0700 (PDT) X-Google-Smtp-Source: AMsMyM6Oc1cXE4iHXE/GX46/I3dTfqisEtJihXcliHwFUQwMXYF94Fjba0vn0GI3ImbK5lDVaIqA X-Received: by 2002:a17:902:ccc4:b0:17c:7cc1:a401 with SMTP id z4-20020a170902ccc400b0017c7cc1a401mr5226469ple.58.1667329957758; Tue, 01 Nov 2022 12:12:37 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1667329957; cv=none; d=google.com; s=arc-20160816; b=J4nRIjXRGHGnQyhijUqw1fG2DJM28n3Z71Miope5sdCigoenW6JcaG2iheyZ0ooA0G 8tuu48Sxnffk0ofQXVTQmksnZRIvSwKxMvoQFAF7Zj5yOYwzkmGkhTZfpezcrogHsupo mOmBYkUMnVGFm6t2SUG7LJWkUN9w2CM9YIFCST7fX883h0BXWGO1AoRMiv6qdkCv78X5 x5xIJrxxzNdmd6F9EgxCb/qMFD5T65y0ag6GNhgTZ2Q1EPSDilL/G/KcxPfezn/c+oyZ vCyxEh5grpLoR7kWFH/qjgrcfrSMwYkYDk4v5rFHKpBPky+YksFEoDn2LKb2QmDQyFwS 1Vaw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=UA+kF77Z0GHDnE2lpYaabdNOO6sfWvReFhs7qqb5JD8=; b=SNp0Tn4hmn2PVWthX2jrJQ6htMBkBcgeyBWwskNgsB1bdG5c6YgD0S9Sr5ETYvz20Q VMae3adRjZevqoQu0w8Y66oPs4pvjsso+eX6cQqQPuM6shBQU2hVUJJB6IYoKPQcvm9i 4C3qwqu8ja4BWihQoaPRLj3/Y2O5eXvxuyf7Ty8aTdeQKFXzW8TZKfgVfJQipCqlqMf6 +vaIdBwbFF+DJsb4Lv8N8x+cE7/4FaZ9BjTgaNNt4/Fhunttv3hG7U31YahyVxzwQReu iiYGWHY8ITBVwdSG/W+WxVzhXbJV5Vz2PxGJqDis/GPIeTrcMNWLKtlgZocpZLq6y/89 3uKQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=QLggou5E; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id n6-20020a170902d2c600b0017492fb90b0si15461042plc.182.2022.11.01.12.12.21; Tue, 01 Nov 2022 12:12:37 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=QLggou5E; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230335AbiKATK5 (ORCPT + 99 others); Tue, 1 Nov 2022 15:10:57 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38586 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229962AbiKATKy (ORCPT ); Tue, 1 Nov 2022 15:10:54 -0400 Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5205E1CB10; Tue, 1 Nov 2022 12:10:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1667329853; x=1698865853; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=O/S/QsYQFEc16tb+lsIX+I1kIQ7ZiqtVom56wMadWUw=; b=QLggou5E+XtCmjABTe4FfFR3evE61KL16DFgkhCuhAKrwSUEe4/2RmlG v1+95X0wQ35GPNXlS5tP7Fa5kDzHHtauO4m85NtRGGx+WLIR5rCFrGPw4 cLE5gXK4+mSyqoLIQCArulf1CO8otHav0iIcL6cDLmNUmAzRnYPICNQxS gQU/fP9TWmrMP2+p+fQqU/BcqdfyCS0fXpBU1MjjFwiu3dQyogdWFKy2n XBfwL5hqsaiS6+7uXGAZvwjFsoUpuzwRopFlMH/m/4MhWYyl0J6pvyb2e tJ6tBbqzSBy5TdIxTYZk3Abl4ZrJTJOAp4oqLJr7sicO3m+/S/3SvN356 Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10518"; a="335892059" X-IronPort-AV: E=Sophos;i="5.95,231,1661842800"; d="scan'208";a="335892059" Received: from orsmga003.jf.intel.com ([10.7.209.27]) by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Nov 2022 12:10:28 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10518"; a="585114145" X-IronPort-AV: E=Sophos;i="5.95,231,1661842800"; d="scan'208";a="585114145" Received: from linux.intel.com ([10.54.29.200]) by orsmga003.jf.intel.com with ESMTP; 01 Nov 2022 12:10:27 -0700 Received: from debox1-desk4.intel.com (unknown [10.212.195.64]) by linux.intel.com (Postfix) with ESMTP id 6739D580B9D; Tue, 1 Nov 2022 12:10:27 -0700 (PDT) From: "David E. Box" To: hdegoede@redhat.com, markgross@kernel.org, andriy.shevchenko@linux.intel.com, srinivas.pandruvada@intel.com Cc: "David E. Box" , platform-driver-x86@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH 8/9] tools/arch/x86: intel_sdsi: Add support for new GUID Date: Tue, 1 Nov 2022 12:10:22 -0700 Message-Id: <20221101191023.4150315-9-david.e.box@linux.intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221101191023.4150315-1-david.e.box@linux.intel.com> References: <20221101191023.4150315-1-david.e.box@linux.intel.com> MIME-Version: 1.0 X-Spam-Status: No, score=-8.0 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1748322177637575857?= X-GMAIL-MSGID: =?utf-8?q?1748322177637575857?= The structure and content of the On Demand registers is based on the GUID which is read from hardware through sysfs. Add support for decoding the registers of a new GUID 0xF210D9EF. Signed-off-by: David E. Box --- tools/arch/x86/intel_sdsi/intel_sdsi.c | 32 ++++++++++++++++++-------- 1 file changed, 22 insertions(+), 10 deletions(-) diff --git a/tools/arch/x86/intel_sdsi/intel_sdsi.c b/tools/arch/x86/intel_sdsi/intel_sdsi.c index 01b5f9994e11..0680eda78b1a 100644 --- a/tools/arch/x86/intel_sdsi/intel_sdsi.c +++ b/tools/arch/x86/intel_sdsi/intel_sdsi.c @@ -35,7 +35,8 @@ #define SDSI_DEV "intel_vsec.sdsi" #define AUX_DEV_PATH "/sys/bus/auxiliary/devices/" #define SDSI_PATH (AUX_DEV_DIR SDSI_DEV) -#define GUID 0x6dd191 +#define GUID_V1 0x6dd191 +#define GUID_V2 0xF210D9EF #define REGISTERS_MIN_SIZE 72 #define STATE_CERT_MAX_SIZE 4096 #define STATE_MAX_NUM_LICENSES 16 @@ -100,9 +101,17 @@ struct sdsi_regs { struct availability prov_avail; struct nvram_update_limit limits; uint64_t pcu_cr3_capid_cfg; - uint64_t socket_id; + union { + struct { + uint64_t socket_id; + } v1; + struct { + uint64_t reserved; + uint64_t socket_id; + uint64_t reserved2; + } v2; + } extra; }; - #define CONTENT_TYPE_LK_ENC 0xD #define CONTENT_TYPE_LK_BLOB_ENC 0xE @@ -146,7 +155,7 @@ struct sdsi_dev { struct state_certificate sc; char *dev_name; char *dev_path; - int guid; + uint32_t guid; }; enum command { @@ -199,7 +208,7 @@ static int sdsi_update_registers(struct sdsi_dev *s) return -1; } - if (s->guid != GUID) { + if (s->guid != GUID_V1 && s->guid != GUID_V2) { fprintf(stderr, "Unrecognized guid, 0x%x\n", s->guid); fclose(regs_ptr); return -1; @@ -207,7 +216,7 @@ static int sdsi_update_registers(struct sdsi_dev *s) /* Update register info for this guid */ ret = fread(&s->regs, sizeof(uint8_t), sizeof(s->regs), regs_ptr); - if (ret != sizeof(s->regs)) { + if (ret > (int)sizeof(s->regs)) { /* FIXME: Check size by guid */ fprintf(stderr, "Could not read 'registers' file\n"); fclose(regs_ptr); return -1; @@ -252,10 +261,13 @@ static int sdsi_read_reg(struct sdsi_dev *s) printf(" Updates Available: %d\n", s->regs.prov_avail.available); printf(" Updates Threshold: %d\n", s->regs.prov_avail.threshold); printf("NVRAM Udate Limit\n"); - printf(" 50%% Limit Reached: %s\n", !!s->regs.limits.sdsi_50_pct ? "Yes" : "No"); - printf(" 75%% Limit Reached: %s\n", !!s->regs.limits.sdsi_75_pct ? "Yes" : "No"); - printf(" 90%% Limit Reached: %s\n", !!s->regs.limits.sdsi_90_pct ? "Yes" : "No"); - printf("Socket ID: %ld\n", s->regs.socket_id & 0xF); + printf(" 50%% Limit Reached: %s\n", !!s->regs.limits.sdsi_50_pct ? "Yes" : "No"); + printf(" 75%% Limit Reached: %s\n", !!s->regs.limits.sdsi_75_pct ? "Yes" : "No"); + printf(" 90%% Limit Reached: %s\n", !!s->regs.limits.sdsi_90_pct ? "Yes" : "No"); + if (s->guid == GUID_V1) + printf("Socket ID: %ld\n", s->regs.extra.v1.socket_id & 0xF); + else + printf("Socket ID: %ld\n", s->regs.extra.v2.socket_id & 0xF); return 0; } From patchwork Tue Nov 1 19:10:23 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "David E. Box" X-Patchwork-Id: 13846 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:6687:0:0:0:0:0 with SMTP id l7csp3155124wru; Tue, 1 Nov 2022 12:13:29 -0700 (PDT) X-Google-Smtp-Source: AMsMyM5aWQFjp7K9QkKuyufB1bJDmcR7yIflC1cdK1Hnx/OziQGr/hYT7B/TMC36zfNjdgQnp/Sm X-Received: by 2002:a63:4507:0:b0:43c:9cf4:f1d6 with SMTP id s7-20020a634507000000b0043c9cf4f1d6mr18851892pga.316.1667330008932; Tue, 01 Nov 2022 12:13:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1667330008; cv=none; d=google.com; s=arc-20160816; b=vRhmuoa/aGrNFfUqgWmZxAwYh//aUxKwt0saGWDj7jVoGtMkL6GOkIo7SP8yqZEr8R 9gZVXCAvHDkDILYQkhLIGRfUp6ex0ZCjg0uVxKeC4pY2pq1PoPjLeuPYprEEFkq9ujhB nsEmvtADU/OY80ErzNrk6tbBTw9JjVqFoTRbHthy89PivDePcnc0iHHDwob9KRNafMjq AmAFtvMWPtxU8t7McwhtNmhaRUHTA2QwRZP9hvDQBWUzRbWR0UJTVtUfXyUE/IQAuuJa 7BqYZibY/eeh6fcexfDP8qXYmbQY1756fRWMqDtwe0kvj3JDGciDOJNp3llSV0vJZa2Z weXQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=xcyACYvRx8kMHMbvDxu3olR2DeLJHGlr9UR7HF/ZXmI=; b=XsiO0BY2SnKMNdzk5kafX3LhbnSi5Kx84Ee34O3AHorkmBjMc8S8+6dNmOCKpGfu9g 2jOwjfH4KIwik9+SYjLCaqUNpJ3YSRnx8xFOJ5cosTCnjr20g2k7r7+v5XnJ2bmlGAzJ ZRo/M0q2eJ23wwKUbfp0MkOkdM7CJRuF0QBUEWRvnY1+NC7Aa+pb6iejzcU5w+F8hFVF OKWUmxhrkHvaxpbpMmeUew0v9A3ZtJK1fl2+zdbTDkrgeHsyq8xRjrB8sdEcmXUxEHrq TwFM3tI7C2IhVCw7RFSF2TlcTSsqOKn3OVfh4EkDSZXySU3cDW6FMgaoaHBuQD4Zrv4F DpDw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=EoxOxxFa; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id b13-20020a170903228d00b001870c4c2722si12500125plh.299.2022.11.01.12.13.10; Tue, 01 Nov 2022 12:13:28 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=EoxOxxFa; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230386AbiKATLQ (ORCPT + 99 others); Tue, 1 Nov 2022 15:11:16 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38666 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230338AbiKATK7 (ORCPT ); Tue, 1 Nov 2022 15:10:59 -0400 Received: from mga07.intel.com (mga07.intel.com [134.134.136.100]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 96E211C416; Tue, 1 Nov 2022 12:10:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1667329858; x=1698865858; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=VmV32OVHi9fb2P0Ej7w8R1hN8TMIjIqdcfI5b5Yocxo=; b=EoxOxxFaImcqZbbqPs4Xzk5aLUMLiSZqFqTFsMMJsfsGELJfYOydusTj eyAUMq+W1+sf+Ltj4lKMRuuQ9gPz5qn81IH1iIvAii1fYp/CSwUTo79yt np0+KlbBA0U+h9juYBjF1fL18RKV7Ibyn87+BJraG2ozn7MWqtLMsBwv1 Coip9y5ZYktYvlru2ijBTmZMIXeadV7rnj7n7lwgYC1CVfSSGDNG7bK6y OT+yRV2Mv8N2rqrA1FiazyD3l092HzX0fyQ0hSMq0gC3aRq2XbOBWC4Mx 1uwbCcufEUEDV0hIt25SzRM7HF9QKMQFKtjLu7mFj5rPOIuQAoUbuRJYo w==; X-IronPort-AV: E=McAfee;i="6500,9779,10518"; a="373440772" X-IronPort-AV: E=Sophos;i="5.95,231,1661842800"; d="scan'208";a="373440772" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Nov 2022 12:10:28 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10518"; a="776605740" X-IronPort-AV: E=Sophos;i="5.95,231,1661842800"; d="scan'208";a="776605740" Received: from linux.intel.com ([10.54.29.200]) by fmsmga001.fm.intel.com with ESMTP; 01 Nov 2022 12:10:28 -0700 Received: from debox1-desk4.intel.com (unknown [10.212.195.64]) by linux.intel.com (Postfix) with ESMTP id 95675580C99; Tue, 1 Nov 2022 12:10:27 -0700 (PDT) From: "David E. Box" To: hdegoede@redhat.com, markgross@kernel.org, andriy.shevchenko@linux.intel.com, srinivas.pandruvada@intel.com Cc: "David E. Box" , platform-driver-x86@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH 9/9] tools/arch/x86: intel_sdsi: Add support for reading meter certificates Date: Tue, 1 Nov 2022 12:10:23 -0700 Message-Id: <20221101191023.4150315-10-david.e.box@linux.intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221101191023.4150315-1-david.e.box@linux.intel.com> References: <20221101191023.4150315-1-david.e.box@linux.intel.com> MIME-Version: 1.0 X-Spam-Status: No, score=-5.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1748322231232970413?= X-GMAIL-MSGID: =?utf-8?q?1748322231232970413?= Add option to read and decode On Demand meter certificates. Link: https://github.com/intel/intel-sdsi/blob/master/meter-certificate.rst Signed-off-by: David E. Box Reviewed-by: Hans de Goede --- tools/arch/x86/intel_sdsi/intel_sdsi.c | 110 ++++++++++++++++++++++++- 1 file changed, 107 insertions(+), 3 deletions(-) diff --git a/tools/arch/x86/intel_sdsi/intel_sdsi.c b/tools/arch/x86/intel_sdsi/intel_sdsi.c index 0680eda78b1a..ebf076ee6ef8 100644 --- a/tools/arch/x86/intel_sdsi/intel_sdsi.c +++ b/tools/arch/x86/intel_sdsi/intel_sdsi.c @@ -39,8 +39,10 @@ #define GUID_V2 0xF210D9EF #define REGISTERS_MIN_SIZE 72 #define STATE_CERT_MAX_SIZE 4096 +#define METER_CERT_MAX_SIZE 4096 #define STATE_MAX_NUM_LICENSES 16 #define STATE_MAX_NUM_IN_BUNDLE (uint32_t)8 +#define METER_MAX_NUM_BUNDLES 8 #define __round_mask(x, y) ((__typeof__(x))((y) - 1)) #define round_up(x, y) ((((x) - 1) | __round_mask(x, y)) + 1) @@ -150,6 +152,21 @@ struct bundle_encoding { uint32_t encoding_rsvd[7]; }; +struct meter_certificate { + uint32_t block_signature; + uint32_t counter_unit; + uint64_t ppin; + uint32_t bundle_length; + uint32_t reserved; + uint32_t mmrc_encoding; + uint32_t mmrc_counter; +}; + +struct bundle_encoding_counter { + uint32_t encoding; + uint32_t counter; +}; + struct sdsi_dev { struct sdsi_regs regs; struct state_certificate sc; @@ -160,6 +177,7 @@ struct sdsi_dev { enum command { CMD_SOCKET_INFO, + CMD_METER_CERT, CMD_STATE_CERT, CMD_PROV_AKC, CMD_PROV_CAP, @@ -306,6 +324,86 @@ static void get_feature(uint32_t encoding, char *feature) feature[0] = name[3]; } +static int sdsi_meter_cert_show(struct sdsi_dev *s) +{ + char buf[METER_CERT_MAX_SIZE] = {0}; + struct bundle_encoding_counter *bec; + struct meter_certificate *mc; + uint32_t count = 0; + FILE *cert_ptr; + int ret, size; + + ret = sdsi_update_registers(s); + if (ret) + return ret; + + if (!s->regs.en_features.sdsi) { + fprintf(stderr, "SDSi feature is present but not enabled.\n"); + fprintf(stderr, " Unable to read meter certificate\n"); + return -1; + } + + if (!s->regs.en_features.metering) { + fprintf(stderr, "Metering not supporting on this socket.\n"); + return -1; + } + + ret = chdir(s->dev_path); + if (ret == -1) { + perror("chdir"); + return ret; + } + + cert_ptr = fopen("meter_certificate", "r"); + if (!cert_ptr) { + perror("Could not open 'meter_certificate' file"); + return -1; + } + + size = fread(buf, 1, sizeof(buf), cert_ptr); + if (!size) { + fprintf(stderr, "Could not read 'meter_certificate' file\n"); + fclose(cert_ptr); + return -1; + } + fclose(cert_ptr); + + mc = (struct meter_certificate *)buf; + + printf("\n"); + printf("Meter certificate for device %s\n", s->dev_name); + printf("\n"); + printf("Block Signature: 0x%x\n", mc->block_signature); + printf("Count Unit: %dms\n", mc->counter_unit); + printf("PPIN: 0x%lx\n", mc->ppin); + printf("Feature Bundle Length: %d\n", mc->bundle_length); + printf("MMRC encoding: %d\n", mc->mmrc_encoding); + printf("MMRC counter: %d\n", mc->mmrc_counter); + if (mc->bundle_length % 8) { + fprintf(stderr, "Invalid bundle length\n"); + return -1; + } + + if (mc->bundle_length > METER_MAX_NUM_BUNDLES * 8) { + fprintf(stderr, "More the %d bundles: %d\n", + METER_MAX_NUM_BUNDLES, mc->bundle_length / 8); + return -1; + } + + bec = (void *)(mc) + sizeof(mc); + + printf("Number of Feature Counters: %d\n", mc->bundle_length / 8); + while (count++ < mc->bundle_length / 8) { + char feature[5]; + + feature[4] = '\0'; + get_feature(bec[count].encoding, feature); + printf(" %s: %d\n", feature, bec[count].counter); + } + + return 0; +} + static int sdsi_state_cert_show(struct sdsi_dev *s) { char buf[STATE_CERT_MAX_SIZE] = {0}; @@ -625,7 +723,7 @@ static void sdsi_free_dev(struct sdsi_dev *s) static void usage(char *prog) { - printf("Usage: %s [-l] [-d DEVNO [-i] [-s] [-a FILE] [-c FILE]]\n", prog); + printf("Usage: %s [-l] [-d DEVNO [-i] [-s] [-m] [-a FILE] [-c FILE]]\n", prog); } static void show_help(void) @@ -635,6 +733,7 @@ static void show_help(void) printf(" %-18s\t%s\n", "-d, --devno DEVNO", "On Demand device number"); printf(" %-18s\t%s\n", "-i, --info", "show socket information"); printf(" %-18s\t%s\n", "-s, --state", "show state certificate"); + printf(" %-18s\t%s\n", "-m, --meter", "show meter certificate"); printf(" %-18s\t%s\n", "-a, --akc FILE", "provision socket with AKC FILE"); printf(" %-18s\t%s\n", "-c, --cap FILE>", "provision socket with CAP FILE"); } @@ -656,6 +755,7 @@ int main(int argc, char *argv[]) {"help", no_argument, 0, 'h'}, {"info", no_argument, 0, 'i'}, {"list", no_argument, 0, 'l'}, + {"meter", no_argument, 0, 'm'}, {"state", no_argument, 0, 's'}, {0, 0, 0, 0 } }; @@ -663,7 +763,7 @@ int main(int argc, char *argv[]) progname = argv[0]; - while ((opt = getopt_long_only(argc, argv, "+a:c:d:hils", long_options, + while ((opt = getopt_long_only(argc, argv, "+a:c:d:hilms", long_options, &option_index)) != -1) { switch (opt) { case 'd': @@ -676,8 +776,9 @@ int main(int argc, char *argv[]) case 'i': command = CMD_SOCKET_INFO; break; + case 'm': case 's': - command = CMD_STATE_CERT; + command = (opt == 'm') ? CMD_METER_CERT : CMD_STATE_CERT; break; case 'a': case 'c': @@ -713,6 +814,9 @@ int main(int argc, char *argv[]) case CMD_SOCKET_INFO: ret = sdsi_read_reg(s); break; + case CMD_METER_CERT: + ret = sdsi_meter_cert_show(s); + break; case CMD_STATE_CERT: ret = sdsi_state_cert_show(s); break;