From patchwork Mon Feb  5 15:46:01 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Borislav Petkov <bp@alien8.de>
X-Patchwork-Id: 196878
Return-Path: <linux-kernel+bounces-52942-ouuuleilei=gmail.com@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a05:7301:168b:b0:106:860b:bbdd with SMTP id
 ma11csp961183dyb;
        Mon, 5 Feb 2024 07:49:09 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IGeHFcQuGvxIk5Vy8hNdoJ8gYlhvey7okHvmHG5hMlAVES6wZSpFdKfWeQ7F0w/jW0wCffR
X-Received: by 2002:a05:6359:5c2a:b0:178:b7c0:323f with SMTP id
 pu42-20020a0563595c2a00b00178b7c0323fmr124875rwb.19.1707148149203;
        Mon, 05 Feb 2024 07:49:09 -0800 (PST)
ARC-Seal: i=2; a=rsa-sha256; t=1707148149; cv=pass;
        d=google.com; s=arc-20160816;
        b=Y4GGjJadCiYde4tC0j8bMwYgh94ymn1//QgN3Vs6n2OZ2gLc5dL7JiJR3W8seDJS3H
         yJWhYKmsZsJQGW+ndXHp2hBLhykvbmwT/IEfc9yJyBKC/awME3My3XMwBkyMCjGAmBd+
         Gepi1ZR6RYBgOj3Unu6UAjAMia/DWcYjTt+q3+VXoY9lKfxNvkJCEM/aWu8FnVR4DWUQ
         pig2Bb/rxW86YvvCzIIMB9PkuF5XUwB561ClIHwl0akThPa3GZ6rMdGhMmMuRnyS4PAb
         RAIqRbwyWgeNyTp+G0gklT/w7/L8aH6RxrOvnggNLbAD6LVEtTtPe1exPvIo8/3qhTir
         Ki5A==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=content-transfer-encoding:mime-version:list-unsubscribe
         :list-subscribe:list-id:precedence:message-id:date:subject:cc:to
         :from:dkim-signature;
        bh=ywJA0ei++eTVMAcjwn0RF81H+bqQsN0l+XcTEYZs3fc=;
        fh=qVjcFxL6zGBgY5TRE2LmsS/fAWSPgSzqoEmScTi77UM=;
        b=efqe+9bfqTAuEJR7mSToLbhFFY9z8goRvAJEVr0RBF104nTlNK8dzqSVSIlSYlRODF
         g5RXYJeL6Mvt11/IttLIx2dh2XR3STsNxhzNoKGoXksGMI7Xl0OSFeCK7Lnyt325qb3T
         EjkjIPyrv2xDyKTEToXA5zoYLHuCaIX2Fe3IB+N2H7rgCPseuJPkBgjquNdgtUlWidWr
         JoNhJVJX0shx0u80Wt8kUYXMw7AfogucC9CT13+SvlohdVfSZciLZqn8FpSMR6OL4bhy
         /X1KZb57krry17SZVHFrR4lsVDpEhpbu64c2y30gikeEdB2aJJfZO6sq5KPRfbVP7bl+
         n66w==;
        dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
       dkim=neutral (body hash did not verify) header.i=@alien8.de
 header.s=alien8 header.b=OOCwvCd5;
       arc=pass (i=1 spf=pass spfdomain=alien8.de dmarc=pass
 fromdomain=alien8.de);
       spf=pass (google.com: domain of
 linux-kernel+bounces-52942-ouuuleilei=gmail.com@vger.kernel.org designates
 2604:1380:45e3:2400::1 as permitted sender)
 smtp.mailfrom="linux-kernel+bounces-52942-ouuuleilei=gmail.com@vger.kernel.org";
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alien8.de
X-Forwarded-Encrypted: i=1;
 AJvYcCWVK7eMoOnO4HxhgS+CXJOAwCx6qbSvsBTztLsUNqVAkuHSyBzGswpzqJ85BLhL+4kJ+emrp7gW8YxvNqn+myhfxyjJ0g==
Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org.
 [2604:1380:45e3:2400::1])
        by mx.google.com with ESMTPS id
 g24-20020a632018000000b005d8b313de1asi52918pgg.624.2024.02.05.07.49.09
        for <ouuuleilei@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Mon, 05 Feb 2024 07:49:09 -0800 (PST)
Received-SPF: pass (google.com: domain of
 linux-kernel+bounces-52942-ouuuleilei=gmail.com@vger.kernel.org designates
 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1;
Authentication-Results: mx.google.com;
       dkim=neutral (body hash did not verify) header.i=@alien8.de
 header.s=alien8 header.b=OOCwvCd5;
       arc=pass (i=1 spf=pass spfdomain=alien8.de dmarc=pass
 fromdomain=alien8.de);
       spf=pass (google.com: domain of
 linux-kernel+bounces-52942-ouuuleilei=gmail.com@vger.kernel.org designates
 2604:1380:45e3:2400::1 as permitted sender)
 smtp.mailfrom="linux-kernel+bounces-52942-ouuuleilei=gmail.com@vger.kernel.org";
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alien8.de
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org
 [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by sv.mirrors.kernel.org (Postfix) with ESMTPS id 8C06328345F
	for <ouuuleilei@gmail.com>; Mon,  5 Feb 2024 15:46:37 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id B66203A27E;
	Mon,  5 Feb 2024 15:46:25 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
	dkim=fail reason="signature verification failed" (4096-bit key)
 header.d=alien8.de header.i=@alien8.de header.b="OOCwvCd5"
Received: from mail.alien8.de (mail.alien8.de [65.109.113.108])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9F2C92E416;
	Mon,  5 Feb 2024 15:46:17 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=65.109.113.108
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1707147981; cv=none;
 b=aBnoa85ipNRiw56m/+XDVhPaPDfwIl0FlpSNG+FyecbI7rtES2u1n4Gcde3nMI7CePCd0lguWXahFPv/bhcbDhOPukMP8N/yfyCj51E8ecDZuJ7wVfp8Kw9MbQr4jfMqPb7wtVbYu+2QITunyuxKx7DFELPlMi2Vuuay7Vi2kmk=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1707147981; c=relaxed/simple;
	bh=99DLMoiQw9UdibYsb7nW4kjtVppg2enuDKrfn5xnVBo=;
	h=From:To:Cc:Subject:Date:Message-ID:MIME-Version;
 b=K5XrCojhOyBsHcfOTRZ9M4noEFF2anA4/zWpQPd880C+Qge4EUscyUY3FScBbkeAlPhMu5V79gS5CgfztwcdqCxv0hhp42IHf/Moc6JT7LhVuFQ+ucsUmwmxg7ABX5TxQapqPmVEeXKGKiG5PDNzXC6rqVwScF1lYrd/QTlDkDM=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=none dis=none) header.from=alien8.de;
 spf=pass smtp.mailfrom=alien8.de;
 dkim=fail (4096-bit key) header.d=alien8.de header.i=@alien8.de
 header.b=OOCwvCd5 reason="signature verification failed";
 arc=none smtp.client-ip=65.109.113.108
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=none dis=none) header.from=alien8.de
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=alien8.de
Received: from localhost (localhost.localdomain [127.0.0.1])
	by mail.alien8.de (SuperMail on ZX Spectrum 128k) with ESMTP id 3DC5940E023B;
	Mon,  5 Feb 2024 15:46:15 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at mail.alien8.de
Authentication-Results: mail.alien8.de (amavisd-new); dkim=fail (4096-bit key)
	reason="fail (body has been altered)" header.d=alien8.de
Received: from mail.alien8.de ([127.0.0.1])
	by localhost (mail.alien8.de [127.0.0.1]) (amavisd-new, port 10026)
	with ESMTP id vjXImscZRHXO; Mon,  5 Feb 2024 15:46:13 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=alien8;
	t=1707147972; bh=wbm3Vi14SEHcJedVBXKYDq7ca7nh/UFMqRcdkimkw/E=;
	h=From:To:Cc:Subject:Date:From;
	b=OOCwvCd5/pLan3qvX+REeAAkY0+icWbWTYpNGlSt7Fr4ugiRQm2mHi1fI4867IU8m
	 SZUQ8Zb2ZJ1eEoyh7Rd5qExLze2GAViBfTc6e75cXvzo1rtDNuL4R7tMkPWOdhYKy0
	 UexLSiEOvw9/8PfrZBf5gtz0QvndmcZwmh8M2C3UhNISgMzLy14edLYbnfMux1HlFc
	 3K9Jqz2mmYAtw7eV419OJOrH42CrHfrlCBgdk7qKKN90ZMn8xt3rCyofg5+C8VoWe0
	 Z8+0tZHhDDOURvqCqMxQ+Q+KFcrivqDuleR+wZeQWX6xc6w4oMxwCabTwKir5qUJAA
	 o76ILQ/lUENzce4AyygZQfIDC5a8LRLikIoBmVYZlie+EXM/+IKhI4g2titKHjmWPx
	 vpeE2bK80HbifGq+wjhe4sor+f+DhbywzYclEpqVSs5IHNODDCV1D7FP8zSs3yr7CE
	 tM29DcXBkIzcFOcNf9+M/S0TzeeSBWeKiKSuzSGJ99q26/nEFZHX1ftFi6DtL/JO4P
	 sHpfQn2X094jQwxTXAZLEoXfICYAfFbsob5tkTJBDWldYVuMD29XHFXuZwQEGJeJAT
	 bHGeXyB9MTnvsS2HGxVTxkZuqjpRc0qkdBPzRyi4XJaBSlHnwcKgEnL3kBNP9wqomT
	 fHGJ5EaHm9EFwuJKpaYgNHpE=
Received: from zn.tnic (pd953021b.dip0.t-ipconnect.de [217.83.2.27])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange ECDHE (P-256) server-signature ECDSA (P-256) server-digest
 SHA256)
	(No client certificate requested)
	by mail.alien8.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id
 6C55B40E01A9;
	Mon,  5 Feb 2024 15:46:08 +0000 (UTC)
From: Borislav Petkov <bp@alien8.de>
To: Tom Lendacky <thomas.lendacky@amd.com>
Cc: John Allen <john.allen@amd.com>,
	linux-crypto@vger.kernel.org,
	LKML <linux-kernel@vger.kernel.org>
Subject: [PATCH] crypto: ccp - State in dmesg that TSME is enabled
Date: Mon,  5 Feb 2024 16:46:01 +0100
Message-ID: <20240205154602.21411-1-bp@alien8.de>
X-Mailer: git-send-email 2.43.0
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1790074577707579438
X-GMAIL-MSGID: 1790074577707579438

From: "Borislav Petkov (AMD)" <bp@alien8.de>

In the case when only TSME is enabled, it is useful to state that fact
too, so that users are aware that memory encryption is still enabled
even when the corresponding software variant of memory encryption is not
enabled.

Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Acked-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 drivers/crypto/ccp/psp-dev.c | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c
index 124a2e0c8999..56bf832c2947 100644
--- a/drivers/crypto/ccp/psp-dev.c
+++ b/drivers/crypto/ccp/psp-dev.c
@@ -156,11 +156,14 @@ static unsigned int psp_get_capability(struct psp_device *psp)
 	}
 	psp->capability = val;
 
-	/* Detect if TSME and SME are both enabled */
+	/* Detect TSME and/or SME status */
 	if (PSP_CAPABILITY(psp, PSP_SECURITY_REPORTING) &&
-	    psp->capability & (PSP_SECURITY_TSME_STATUS << PSP_CAPABILITY_PSP_SECURITY_OFFSET) &&
-	    cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT))
-		dev_notice(psp->dev, "psp: Both TSME and SME are active, SME is unnecessary when TSME is active.\n");
+	    psp->capability & (PSP_SECURITY_TSME_STATUS << PSP_CAPABILITY_PSP_SECURITY_OFFSET)) {
+		if (cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT))
+			dev_notice(psp->dev, "psp: Both TSME and SME are active, SME is unnecessary when TSME is active.\n");
+		else
+			dev_notice(psp->dev, "psp: TSME enabled\n");
+	}
 
 	return 0;
 }