From patchwork Sat Nov 19 00:23:35 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "David E. Box" X-Patchwork-Id: 23164 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp502556wrr; Fri, 18 Nov 2022 17:27:33 -0800 (PST) X-Google-Smtp-Source: AA0mqf648IsRO0y33T7PULEX1fws8buwovY2L4gFiXzH/l6BMikQuBb/53M2rS+lNzQZWInSdQqH X-Received: by 2002:aa7:9282:0:b0:56b:d03d:fdb4 with SMTP id j2-20020aa79282000000b0056bd03dfdb4mr10279042pfa.79.1668821252978; Fri, 18 Nov 2022 17:27:32 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668821252; cv=none; d=google.com; s=arc-20160816; b=A7bjIowjRDj40fGHg8ECct4ACAqP6Ew7OHpZ+SK08SdzVDpVzQrPj17tVoDukmJ7Sg /0PJD3btPlESnXKi6wJACEubaiDwE3Yc6tNhyz2+HbkJhotgvUteaWcZAeYEFePvkZXD wedjP/FBwfkG4w19ByX8QCEYYM3e9LVj1cZRJ4FfnolG1kwQhOisPWMk2lFhgdZRtFsp gLV4UFpjHytfSIk9Nhnx77k+uXtqP/YdsOzOZJvqI/05qkVCaHqAbD7vmE8q1HZzRZIZ wx8bomdxiRIV2swuUkeYIENp2OKNyoTiwrwZcTBiLekJgj//+r+iUgt4ruvh0DSrAVXz 7Xtg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=SAirY7Ortpptl4MBc59Azvf4br6Tq9gN+pVODJM+Ii8=; b=AquyPehur8hkLaa+WS9Vu/wA+XFKXoAoZ7sU97SU6vFW9TVRplDveCCmReozkBnQnt M3ZHUK1P2Nzt0Hghr0UZKgc2CK+t/eljcyCE5WaSxiJzlArU+fh3Yu/XVWgYXLHlxMwq YxaFlVvdK7P7rUwaiJi6VFTrUdjAgdDL1AisXrsrUjI5KFf6UfZojUZ+VESZ6KbWery+ C2h+/3qv5xp7EFPxQj63e37DQP94T41W9LlVO70B/qKq4MLj5HmgSvozP0e6MUXXdZAp DqeHvwBeVYUWrmnBn1GVrL55vs1EnpP7TvGSBgU/rHDO23Y9kutGlzkWwQOpv5zoFz/o vqmw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=GqngL5tO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id r138-20020a632b90000000b0046fabccb7ffsi5123175pgr.494.2022.11.18.17.27.20; Fri, 18 Nov 2022 17:27:32 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=GqngL5tO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229666AbiKSBXp (ORCPT + 99 others); Fri, 18 Nov 2022 20:23:45 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51716 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233147AbiKSBW4 (ORCPT ); Fri, 18 Nov 2022 20:22:56 -0500 Received: from mga07.intel.com (mga07.intel.com [134.134.136.100]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1E8845216F; Fri, 18 Nov 2022 16:23:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1668817434; x=1700353434; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=p3Ad8CrMISyEI6hYcYQIG7mpTw7IAYSnxttSXGW5Yaw=; b=GqngL5tORLH6720ZUjpJUY7t59zZhKqc3lWMGBOzTsT0fhMBjNZaaHEZ fHQmbv5zG4CJM72TBVFel5iq6RhKRpkySyW/d5PA49PSomLiXSHLz4vUT VLNQ4JjFlSi98M8yKyYolSvqguUmUbgzOBml0Jp0zCdYrrt7GlobrkU3a 0DwP+8qC+y4MGW49khu7yEDTAqAE8HJSYa2g2FLkfXKEq6Jz/kiPgcUjK 4XioViI18HCahLuK3qr3jR/TOnDBPZDHAn+QVTSMAp6BT2u916Nyj3kPY kBRjQnGSgKIc6XjCba9yyfuFUgdElvyQlEwSE99JiMu5PPwLgPRSO6b2o w==; X-IronPort-AV: E=McAfee;i="6500,9779,10535"; a="377533829" X-IronPort-AV: E=Sophos;i="5.96,175,1665471600"; d="scan'208";a="377533829" Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 18 Nov 2022 16:23:45 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10535"; a="591194491" X-IronPort-AV: E=Sophos;i="5.96,175,1665471600"; d="scan'208";a="591194491" Received: from linux.intel.com ([10.54.29.200]) by orsmga003.jf.intel.com with ESMTP; 18 Nov 2022 16:23:45 -0800 Received: from debox1-desk4.lan (unknown [10.252.138.169]) by linux.intel.com (Postfix) with ESMTP id 7FE97580DFA; Fri, 18 Nov 2022 16:23:45 -0800 (PST) From: "David E. Box" To: david.e.box@linux.intel.com, hdegoede@redhat.com, markgross@kernel.org, andriy.shevchenko@linux.intel.com Cc: platform-driver-x86@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH V2 1/9] platform/x86/intel/sdsi: Add Intel On Demand text Date: Fri, 18 Nov 2022 16:23:35 -0800 Message-Id: <20221119002343.1281885-2-david.e.box@linux.intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20221119002343.1281885-1-david.e.box@linux.intel.com> References: <20221119002343.1281885-1-david.e.box@linux.intel.com> MIME-Version: 1.0 X-Spam-Status: No, score=-4.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1749885914119280836?= X-GMAIL-MSGID: =?utf-8?q?1749885914119280836?= Intel Software Defined Silicon (SDSi) is now officially known as Intel On Demand. Add On Demand to the description in the kconfig, documentation, and driver source. Signed-off-by: David E. Box Reviewed-by: Hans de Goede --- V2 - No change .../ABI/testing/sysfs-driver-intel_sdsi | 37 ++++++++++--------- drivers/platform/x86/intel/Kconfig | 8 ++-- drivers/platform/x86/intel/sdsi.c | 4 +- 3 files changed, 25 insertions(+), 24 deletions(-) diff --git a/Documentation/ABI/testing/sysfs-driver-intel_sdsi b/Documentation/ABI/testing/sysfs-driver-intel_sdsi index 96b92c105ec4..9d77f30d9b9a 100644 --- a/Documentation/ABI/testing/sysfs-driver-intel_sdsi +++ b/Documentation/ABI/testing/sysfs-driver-intel_sdsi @@ -4,21 +4,21 @@ KernelVersion: 5.18 Contact: "David E. Box" Description: This directory contains interface files for accessing Intel - Software Defined Silicon (SDSi) features on a CPU. X - represents the socket instance (though not the socket ID). - The socket ID is determined by reading the registers file - and decoding it per the specification. + On Demand (formerly Software Defined Silicon or SDSi) features + on a CPU. X represents the socket instance (though not the + socket ID). The socket ID is determined by reading the + registers file and decoding it per the specification. - Some files communicate with SDSi hardware through a mailbox. - Should the operation fail, one of the following error codes - may be returned: + Some files communicate with On Demand hardware through a + mailbox. Should the operation fail, one of the following error + codes may be returned: ========== ===== Error Code Cause ========== ===== EIO General mailbox failure. Log may indicate cause. EBUSY Mailbox is owned by another agent. - EPERM SDSI capability is not enabled in hardware. + EPERM On Demand capability is not enabled in hardware. EPROTO Failure in mailbox protocol detected by driver. See log for details. EOVERFLOW For provision commands, the size of the data @@ -54,8 +54,8 @@ KernelVersion: 5.18 Contact: "David E. Box" Description: (WO) Used to write an Authentication Key Certificate (AKC) to - the SDSi NVRAM for the CPU. The AKC is used to authenticate a - Capability Activation Payload. Mailbox command. + the On Demand NVRAM for the CPU. The AKC is used to authenticate + a Capability Activation Payload. Mailbox command. What: /sys/bus/auxiliary/devices/intel_vsec.sdsi.X/provision_cap Date: Feb 2022 @@ -63,17 +63,18 @@ KernelVersion: 5.18 Contact: "David E. Box" Description: (WO) Used to write a Capability Activation Payload (CAP) to the - SDSi NVRAM for the CPU. CAPs are used to activate a given CPU - feature. A CAP is validated by SDSi hardware using a previously - provisioned AKC file. Upon successful authentication, the CPU - configuration is updated. A cold reboot is required to fully - activate the feature. Mailbox command. + On Demand NVRAM for the CPU. CAPs are used to activate a given + CPU feature. A CAP is validated by On Demand hardware using a + previously provisioned AKC file. Upon successful authentication, + the CPU configuration is updated. A cold reboot is required to + fully activate the feature. Mailbox command. What: /sys/bus/auxiliary/devices/intel_vsec.sdsi.X/state_certificate Date: Feb 2022 KernelVersion: 5.18 Contact: "David E. Box" Description: - (RO) Used to read back the current State Certificate for the CPU - from SDSi hardware. The State Certificate contains information - about the current licenses on the CPU. Mailbox command. + (RO) Used to read back the current state certificate for the CPU + from On Demand hardware. The state certificate contains + information about the current licenses on the CPU. Mailbox + command. diff --git a/drivers/platform/x86/intel/Kconfig b/drivers/platform/x86/intel/Kconfig index 794968bda115..d5a33473e838 100644 --- a/drivers/platform/x86/intel/Kconfig +++ b/drivers/platform/x86/intel/Kconfig @@ -157,13 +157,13 @@ config INTEL_RST as usual. config INTEL_SDSI - tristate "Intel Software Defined Silicon Driver" + tristate "Intel On Demand (Software Defined Silicon) Driver" depends on INTEL_VSEC depends on X86_64 help - This driver enables access to the Intel Software Defined Silicon - interface used to provision silicon features with an authentication - certificate and capability license. + This driver enables access to the Intel On Demand (formerly Software + Defined Silicon) interface used to provision silicon features with an + authentication certificate and capability license. To compile this driver as a module, choose M here: the module will be called intel_sdsi. diff --git a/drivers/platform/x86/intel/sdsi.c b/drivers/platform/x86/intel/sdsi.c index c830e98dfa38..32793919473d 100644 --- a/drivers/platform/x86/intel/sdsi.c +++ b/drivers/platform/x86/intel/sdsi.c @@ -1,6 +1,6 @@ // SPDX-License-Identifier: GPL-2.0 /* - * Intel Software Defined Silicon driver + * Intel On Demand (Software Defined Silicon) driver * * Copyright (c) 2022, Intel Corporation. * All Rights Reserved. @@ -586,5 +586,5 @@ static struct auxiliary_driver sdsi_aux_driver = { module_auxiliary_driver(sdsi_aux_driver); MODULE_AUTHOR("David E. Box "); -MODULE_DESCRIPTION("Intel Software Defined Silicon driver"); +MODULE_DESCRIPTION("Intel On Demand (SDSi) driver"); MODULE_LICENSE("GPL"); From patchwork Sat Nov 19 00:23:36 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "David E. Box" X-Patchwork-Id: 23167 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp508170wrr; Fri, 18 Nov 2022 17:46:03 -0800 (PST) X-Google-Smtp-Source: AA0mqf7N/sEjtZm+u2+Za89TN/Bq31fk4Q1Ikut/NK29SNbpRMK7RrMCFi9XkFsYt1SUYSRYtIx2 X-Received: by 2002:a17:902:e886:b0:185:4ec3:c703 with SMTP id w6-20020a170902e88600b001854ec3c703mr1950345plg.165.1668822362713; Fri, 18 Nov 2022 17:46:02 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668822362; cv=none; d=google.com; s=arc-20160816; b=t2+lNCAiJogw0aHnrlwoGeIhXEEY3SUraKVTJ4EAAHtUpA+sMHZ77P+lhA95cOSt4D Raolq4LOueBthJa4rDANmSyu/uWKUaJ5SJCDuG+fv2EAIhXuAN32PWiuV/RMP1qEYP7T 7UWWhHtI3O6MR02c4h79J5b5lHNrJZnLc4f2/weoDCLW7694B1hJ1DfTUYdQ22sBVyuY bjdhKYb5hzUsc2XCxLFTM33gLAlaiFAyRcveySyEOXoTKXTTWYsKrJNnk6SYxXhaRJNy CAXhRKFQdOFjPbFKq6T9WjuJoEUkvqBaPpOtadveiZ/hl7cSRPxBS9nNB49rmimiA37z gMHA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=cAEOcoi9Ygq4Kv00zrw6fPpUkW+MnItZgmQfXUHCjDk=; b=TuVkdr/iZuW2+JoW8jPf6I772zwB6KZg8/UiVRfUoGDRHoGgcayObt/qsfn30ZW1a9 pzZqMs3Ukc4wXQPD2fvFPmpLIQbDmUOGRxQWQgo3jgQlBzLdSlQBBeFBtuqUx/pVoszo gQXi/WFin6vbthvHUuTnmrdiIHX6SX7Er8N7kHdjQGW2Ro06tft8i/mDObIDb56/zkzV ZfOOaSqgWANISMjt6yEC33bnnvG2N0vaKHJZRljnsnzFVUUbqu/z+qCE8rlRc7aDg/Ut BSSDaIng0x/PgBy/A/tILSrjDekVlK68+1q1AF7ikJ0K14ntz33dR58UFR/BlCKfc5cE YE1A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=ZlvQD5LA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id bj8-20020a170902850800b00178aec118c9si4698530plb.378.2022.11.18.17.45.49; Fri, 18 Nov 2022 17:46:02 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=ZlvQD5LA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231945AbiKSBYI (ORCPT + 99 others); Fri, 18 Nov 2022 20:24:08 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51688 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233053AbiKSBWz (ORCPT ); Fri, 18 Nov 2022 20:22:55 -0500 Received: from mga17.intel.com (mga17.intel.com [192.55.52.151]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5AA3232B82; Fri, 18 Nov 2022 16:23:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1668817431; x=1700353431; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=kG3nCP9dnjVyAb0rhxfcQS0XfXKR+QBYZvRjPdhXez0=; b=ZlvQD5LAiE5dqkBxDSWQ5XXgNmhCR8+KYFPKnBpCp2xG0LtmtdkALozS OXpHqJhlH9f6kE02XUQ40a/B21fGk4+P4AGeSkNmHRP82+0qtPUS4Dke2 4IyB8RGZBFymMY8zZnGaVNOrOSWTTn6DNVlWmFwC0ucM33iC8p7qc+qIO sOPY+GrrqOLTJeVEszXnR0C4lg2BWyneJGn/KVXOB2l/FIwfM4/Dp9wx+ UP/FgXHbFhxyjRaw2j/j8lAFQvw88NqFQb5ltUq42qYaEqUpaiYyPQIyj xc8W72luu+JJMHZ/lRI3p9KuOlflOeDS7AKRqNn6Tx0123GLzJstXWysH Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10535"; a="293656147" X-IronPort-AV: E=Sophos;i="5.96,175,1665471600"; d="scan'208";a="293656147" Received: from orsmga006.jf.intel.com ([10.7.209.51]) by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 18 Nov 2022 16:23:46 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10535"; a="618202703" X-IronPort-AV: E=Sophos;i="5.96,175,1665471600"; d="scan'208";a="618202703" Received: from linux.intel.com ([10.54.29.200]) by orsmga006.jf.intel.com with ESMTP; 18 Nov 2022 16:23:45 -0800 Received: from debox1-desk4.lan (unknown [10.252.138.169]) by linux.intel.com (Postfix) with ESMTP id B43B9580A6C; Fri, 18 Nov 2022 16:23:45 -0800 (PST) From: "David E. Box" To: david.e.box@linux.intel.com, hdegoede@redhat.com, markgross@kernel.org, andriy.shevchenko@linux.intel.com Cc: platform-driver-x86@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH V2 2/9] platform/x86/intel/sdsi: Hide attributes if hardware doesn't support Date: Fri, 18 Nov 2022 16:23:36 -0800 Message-Id: <20221119002343.1281885-3-david.e.box@linux.intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20221119002343.1281885-1-david.e.box@linux.intel.com> References: <20221119002343.1281885-1-david.e.box@linux.intel.com> MIME-Version: 1.0 X-Spam-Status: No, score=-4.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1749887078131307091?= X-GMAIL-MSGID: =?utf-8?q?1749887078131307091?= Provisioning capabilities are enabled by a bit set by BIOS. Read this bit and hide the provisioning attributes if the On Demand feature is not enabled. Also, remove the sdsi_enabled boolean from private and instead add a features register since this will be used for future features. Signed-off-by: David E. Box Reviewed-by: Hans de Goede --- V2 - No change drivers/platform/x86/intel/sdsi.c | 33 ++++++++++++++++++++----------- 1 file changed, 22 insertions(+), 11 deletions(-) diff --git a/drivers/platform/x86/intel/sdsi.c b/drivers/platform/x86/intel/sdsi.c index 32793919473d..bca05b4dd983 100644 --- a/drivers/platform/x86/intel/sdsi.c +++ b/drivers/platform/x86/intel/sdsi.c @@ -41,7 +41,8 @@ #define SDSI_SIZE_READ_MSG (SDSI_SIZE_MAILBOX * 4) #define SDSI_ENABLED_FEATURES_OFFSET 16 -#define SDSI_ENABLED BIT(3) +#define SDSI_FEATURE_SDSI BIT(3) + #define SDSI_SOCKET_ID_OFFSET 64 #define SDSI_SOCKET_ID GENMASK(3, 0) @@ -100,7 +101,7 @@ struct sdsi_priv { void __iomem *mbox_addr; void __iomem *regs_addr; u32 guid; - bool sdsi_enabled; + u32 features; }; /* SDSi mailbox operations must be performed using 64bit mov instructions */ @@ -332,9 +333,6 @@ static ssize_t sdsi_provision(struct sdsi_priv *priv, char *buf, size_t count, struct sdsi_mbox_info info; int ret; - if (!priv->sdsi_enabled) - return -EPERM; - if (count > (SDSI_SIZE_WRITE_MSG - SDSI_SIZE_CMD)) return -EOVERFLOW; @@ -405,9 +403,6 @@ static long state_certificate_read(struct file *filp, struct kobject *kobj, size_t size; int ret; - if (!priv->sdsi_enabled) - return -EPERM; - if (off) return 0; @@ -464,6 +459,23 @@ static struct bin_attribute *sdsi_bin_attrs[] = { NULL }; +static umode_t +sdsi_battr_is_visible(struct kobject *kobj, struct bin_attribute *attr, int n) +{ + struct device *dev = kobj_to_dev(kobj); + struct sdsi_priv *priv = dev_get_drvdata(dev); + + /* Registers file is always readable if the device is present */ + if (attr == &bin_attr_registers) + return attr->attr.mode; + + /* All other attributes not visible if BIOS has not enabled On Demand */ + if (!(priv->features & SDSI_FEATURE_SDSI)) + return 0; + + return attr->attr.mode; +} + static ssize_t guid_show(struct device *dev, struct device_attribute *attr, char *buf) { struct sdsi_priv *priv = dev_get_drvdata(dev); @@ -480,6 +492,7 @@ static struct attribute *sdsi_attrs[] = { static const struct attribute_group sdsi_group = { .attrs = sdsi_attrs, .bin_attrs = sdsi_bin_attrs, + .is_bin_visible = sdsi_battr_is_visible, }; __ATTRIBUTE_GROUPS(sdsi); @@ -490,7 +503,6 @@ static int sdsi_map_mbox_registers(struct sdsi_priv *priv, struct pci_dev *paren u32 size = FIELD_GET(DT_SIZE, disc_table->access_info); u32 tbir = FIELD_GET(DT_TBIR, disc_table->offset); u32 offset = DT_OFFSET(disc_table->offset); - u32 features_offset; struct resource res = {}; /* Starting location of SDSi MMIO region based on access type */ @@ -528,8 +540,7 @@ static int sdsi_map_mbox_registers(struct sdsi_priv *priv, struct pci_dev *paren priv->mbox_addr = priv->control_addr + SDSI_SIZE_CONTROL; priv->regs_addr = priv->mbox_addr + SDSI_SIZE_MAILBOX; - features_offset = readq(priv->regs_addr + SDSI_ENABLED_FEATURES_OFFSET); - priv->sdsi_enabled = !!(features_offset & SDSI_ENABLED); + priv->features = readq(priv->regs_addr + SDSI_ENABLED_FEATURES_OFFSET); return 0; } From patchwork Sat Nov 19 00:23:37 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "David E. Box" X-Patchwork-Id: 23162 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp501965wrr; Fri, 18 Nov 2022 17:25:30 -0800 (PST) X-Google-Smtp-Source: AA0mqf4XhleHv3U5a3xQa8bkcmcubxrAPoXm9pMGu23vYUVkpfaHNIaiwe0WQ8gB/Sn8Zn5+CHCZ X-Received: by 2002:a17:902:b40b:b0:188:75bb:36d4 with SMTP id x11-20020a170902b40b00b0018875bb36d4mr2105093plr.55.1668821129897; Fri, 18 Nov 2022 17:25:29 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668821129; cv=none; d=google.com; s=arc-20160816; b=brnFUVrevLftZpA37k7gR3Jxo2LqV+eG/iluXhbncal3+/xxIUQy0+0uw4VGtA4Sq7 T4FFS8WhjUnFQOTXsImUqXvM4IDQo+tpXJwP/qORAqcE8YdaJJhogPl2Zzl+P9fDB6SY Ferlia1Mv8dOnMAmEMskcD3CoO2evzvQeTmuFkQkbe8gh9nmHSB3ZGhQSmH96VZCFDx3 zKzo3d3QNQtQAmikO+ieTXGtV9MjZjcOmYOWn1ySHxVXCWjKc6VJsDCnpUHgAHa+S2kT 8aAQKrCBzG77mUDYSUqSOz48Dfa0FtYVmQeZiaWuLEPFhPKtF2w0vqB29WhMTk1pwhJS AJIg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=AWsU9fL0n6KxPnP8+oXJBzn22IR40+WP2//v1GSFpuY=; b=rFIzp9bax39WInvpDed3Tg9vibpi1rREPMZra7B/vOfvpikVJM6dLSslpGdtZcgTQm ykugxSOmrrQMINXqgClAViCf2Nua4aIHRH04sGRG51twfwGsfdsUSjb9XV+G/3XSVoUD S+ui7dLEPN3DMibEeUp51Avh7yl8TicSHxrywBk33mWxxn9sfy2cZzeG3z3OlXa1btvh kcaRYL6EcGjBznSSjBjy/5/Y7BH4doMD2fzbYEeQlz8zoxYwOWBor10GbnXd/58+0x63 Uc7NQGn12hgoKJ3t8Q2ConCTSeFvE7j4zClWwD19yTJPIFA8eQtzruY/zj3+COug19Mt E2SQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="Gbzs/7Yf"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id x27-20020a63171b000000b00476e3bb232dsi5216397pgl.185.2022.11.18.17.25.17; Fri, 18 Nov 2022 17:25:29 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="Gbzs/7Yf"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231445AbiKSBXj (ORCPT + 99 others); Fri, 18 Nov 2022 20:23:39 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51684 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232972AbiKSBWy (ORCPT ); Fri, 18 Nov 2022 20:22:54 -0500 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 59E7129357; Fri, 18 Nov 2022 16:23:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1668817431; x=1700353431; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Iohc0ivLgSmNxHpii1jlB1jLxz88zxScpsa4pec26hw=; b=Gbzs/7YfboXQ1PVR4b7Oh/0FCLDzfY8pp5+biDQ47+LPcbTZbZwClwn+ CU/7LkuI8J8PPwa9ol3g6Ihryps3WDPVCwV3ybe4sK+y7jBVriXMyMp1p 4W4FWdEMM8lbx4Ep2Y9LGlPb3wg7Tymtnvfm5rue/NTPuRDCE4EuVyCHd rsW4Kx4qOuiVLheTxaUd+g/pZOVjplVhKNpd848tCfcPF17O1Gy3PHC9L OWiIiyuOzNq5VFbCbIcTjICBL8RoO/kDJKhUWE7CZVxSIYsBKMTFGWInn R9ySPhYKIMNdhtOuMNq4yMFxB4pRN0XqIFeN8d24bUHOLNFqcwKxQLRSJ Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10535"; a="300807216" X-IronPort-AV: E=Sophos;i="5.96,175,1665471600"; d="scan'208";a="300807216" Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 18 Nov 2022 16:23:46 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10535"; a="709218857" X-IronPort-AV: E=Sophos;i="5.96,175,1665471600"; d="scan'208";a="709218857" Received: from linux.intel.com ([10.54.29.200]) by fmsmga004.fm.intel.com with ESMTP; 18 Nov 2022 16:23:46 -0800 Received: from debox1-desk4.lan (unknown [10.252.138.169]) by linux.intel.com (Postfix) with ESMTP id E36DF580DFA; Fri, 18 Nov 2022 16:23:45 -0800 (PST) From: "David E. Box" To: david.e.box@linux.intel.com, hdegoede@redhat.com, markgross@kernel.org, andriy.shevchenko@linux.intel.com Cc: platform-driver-x86@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH V2 3/9] platform/x86/intel/sdsi: Support different GUIDs Date: Fri, 18 Nov 2022 16:23:37 -0800 Message-Id: <20221119002343.1281885-4-david.e.box@linux.intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20221119002343.1281885-1-david.e.box@linux.intel.com> References: <20221119002343.1281885-1-david.e.box@linux.intel.com> MIME-Version: 1.0 X-Spam-Status: No, score=-4.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1749885785258025432?= X-GMAIL-MSGID: =?utf-8?q?1749885785258025432?= Newer versions of Intel On Demand hardware may have an expanded list of registers to support new features. The register layout is identified by a unique GUID that's read during driver probe. Add support for handling different GUIDs and add support for current GUIDs [1]. Link: https://github.com/intel/intel-sdsi/blob/master/os-interface.rst [1] Signed-off-by: David E. Box Reviewed-by: Hans de Goede --- V2 - Add Link tag in commit and use defines for GUID based sizes. drivers/platform/x86/intel/sdsi.c | 50 +++++++++++++++++++++++++++++-- 1 file changed, 47 insertions(+), 3 deletions(-) diff --git a/drivers/platform/x86/intel/sdsi.c b/drivers/platform/x86/intel/sdsi.c index bca05b4dd983..9cd4339a7370 100644 --- a/drivers/platform/x86/intel/sdsi.c +++ b/drivers/platform/x86/intel/sdsi.c @@ -27,9 +27,8 @@ #define ACCESS_TYPE_LOCAL 3 #define SDSI_MIN_SIZE_DWORDS 276 -#define SDSI_SIZE_CONTROL 8 #define SDSI_SIZE_MAILBOX 1024 -#define SDSI_SIZE_REGS 72 +#define SDSI_SIZE_REGS 80 #define SDSI_SIZE_CMD sizeof(u64) /* @@ -76,6 +75,13 @@ #define DT_TBIR GENMASK(2, 0) #define DT_OFFSET(v) ((v) & GENMASK(31, 3)) +#define SDSI_GUID_V1 0x006DD191 +#define GUID_V1_CNTRL_SIZE 8 +#define GUID_V1_REGS_SIZE 72 +#define SDSI_GUID_V2 0xF210D9EF +#define GUID_V2_CNTRL_SIZE 16 +#define GUID_V2_REGS_SIZE 80 + enum sdsi_command { SDSI_CMD_PROVISION_AKC = 0x04, SDSI_CMD_PROVISION_CAP = 0x08, @@ -100,6 +106,9 @@ struct sdsi_priv { void __iomem *control_addr; void __iomem *mbox_addr; void __iomem *regs_addr; + int control_size; + int maibox_size; + int registers_size; u32 guid; u32 features; }; @@ -444,6 +453,18 @@ static ssize_t registers_read(struct file *filp, struct kobject *kobj, struct device *dev = kobj_to_dev(kobj); struct sdsi_priv *priv = dev_get_drvdata(dev); void __iomem *addr = priv->regs_addr; + int size = priv->registers_size; + + /* + * The check below is performed by the sysfs caller based on the static + * file size. But this may be greater than the actual size which is based + * on the GUID. So check here again based on actual size before reading. + */ + if (off >= size) + return 0; + + if (off + count > size) + count = size - off; memcpy_fromio(buf, addr + off, count); @@ -496,6 +517,24 @@ static const struct attribute_group sdsi_group = { }; __ATTRIBUTE_GROUPS(sdsi); +static int sdsi_get_layout(struct sdsi_priv *priv, struct disc_table *table) +{ + switch (table->guid) { + case SDSI_GUID_V1: + priv->control_size = GUID_V1_CNTRL_SIZE; + priv->registers_size = GUID_V1_REGS_SIZE; + break; + case SDSI_GUID_V2: + priv->control_size = GUID_V2_CNTRL_SIZE; + priv->registers_size = GUID_V2_REGS_SIZE; + break; + default: + dev_err(priv->dev, "Unrecognized GUID 0x%x\n", table->guid); + return -EINVAL; + } + return 0; +} + static int sdsi_map_mbox_registers(struct sdsi_priv *priv, struct pci_dev *parent, struct disc_table *disc_table, struct resource *disc_res) { @@ -537,7 +576,7 @@ static int sdsi_map_mbox_registers(struct sdsi_priv *priv, struct pci_dev *paren if (IS_ERR(priv->control_addr)) return PTR_ERR(priv->control_addr); - priv->mbox_addr = priv->control_addr + SDSI_SIZE_CONTROL; + priv->mbox_addr = priv->control_addr + priv->control_size; priv->regs_addr = priv->mbox_addr + SDSI_SIZE_MAILBOX; priv->features = readq(priv->regs_addr + SDSI_ENABLED_FEATURES_OFFSET); @@ -572,6 +611,11 @@ static int sdsi_probe(struct auxiliary_device *auxdev, const struct auxiliary_de priv->guid = disc_table.guid; + /* Get guid based layout info */ + ret = sdsi_get_layout(priv, &disc_table); + if (ret) + return ret; + /* Map the SDSi mailbox registers */ ret = sdsi_map_mbox_registers(priv, intel_cap_dev->pcidev, &disc_table, disc_res); if (ret) From patchwork Sat Nov 19 00:23:38 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "David E. Box" X-Patchwork-Id: 23166 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp504962wrr; Fri, 18 Nov 2022 17:34:59 -0800 (PST) X-Google-Smtp-Source: AA0mqf5JYIejop4Au7/L96L4h2w1zBdvdWXGH5tfS+/dqnCOJ6SiFyFsiZZWrpbOR7VjiAhvGcij X-Received: by 2002:a17:902:ed94:b0:186:748f:e8c5 with SMTP id e20-20020a170902ed9400b00186748fe8c5mr2113171plj.73.1668821698699; Fri, 18 Nov 2022 17:34:58 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668821698; cv=none; d=google.com; s=arc-20160816; b=gmXx9FVhIFLgwmUQQ+SJ2T5t9JCQ2w9Ta1PxLmQ8eH90TXp9L+kL93LsTw/pmfQ2I1 pDg998Zg60YUaOngPQ1/wCPjvUKXNhNo97y+vpG4G8rkcJuxuSaE7U/3V8SaY//07e+i l2k2cb47zSH0t2PJ1VDFk7CNi/9ZDJM8aGpu208lEZu6/3vxk4JMeRu3EbO9tVaou7A/ n8FjjYHhPc8Vd5tYCSAoKzZY0FO7/c5ySmE4JCqT+kKzi+K5hMNGpEb+sBYb8gT9AiIc V3VE+h/TctFDbSIB7J26v7bmMTF/7XwskxzQoofXdS1gYHCl65nqq++sEfZf1vOH8Bdb afnA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=wfhAA+JdJ4tTLHsXMwMg/luQ9wVi65+KbBKsJAYYxC8=; b=q3vaZtm74zbkvetw5+iXpy33DZGvCmir92oltB5C1xfjIlqYucGCLIpNQOLfhnG/3h 3C7LvlyVnsZmeQwH1iiS2JvsCdor1vp926B5CDt+RoFAs/PnWN77YrrDY5OJbblnQCAe 7ppBact+IxKN4FtxWtSgDznZay3YGWuFlmJttD9mQFjOdnNXCcPGHHuXOMqszElAmHQs GnxnXsaPoJioPfk69qy3NoWiCxd2sTa81ZdCrAFGlRLZ3ZyUqRoRYzNFk6nnFS2dWpEH WnZGhotdBG5imeyFn2CDGDDYFO3RW5u4UHumODIhL/uaKMip6sjHjAnrQGujfIX6++Sb kdkQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=gw+omeOJ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id e12-20020a63ee0c000000b00476cc73fd87si4919892pgi.512.2022.11.18.17.34.45; Fri, 18 Nov 2022 17:34:58 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=gw+omeOJ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231877AbiKSBYD (ORCPT + 99 others); Fri, 18 Nov 2022 20:24:03 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51734 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233142AbiKSBW4 (ORCPT ); Fri, 18 Nov 2022 20:22:56 -0500 Received: from mga17.intel.com (mga17.intel.com [192.55.52.151]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1E5F75216B; Fri, 18 Nov 2022 16:23:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1668817434; x=1700353434; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=tbSKuur703p3F6JcNLmKqmZ6yxfEnKlj8/e3vCGHE9k=; b=gw+omeOJp35Ralu/raIgZbSyWh9P6xhArH/dukBZpd06zhaJxWVaLXFz QdAgBPwvX34NXqgLwKRa+W2KiEf0bMBDuYP+EjwrCoTMiANMgG1dKtbIj ++k9xhCPAOIzee+2OS8eIekNu0kRpqmdwp/UKnFcvdI1swQfz8F49xgMj vLHSj8B46p5BMbhb9LQNAviBfWuENjYigEKI2yKT+mFqU+mCl4PC4L3b1 Y+Ivqz78eYE2sRWN4GDJNSUjoGxKbhvpksz0MhrJLtEOmXXzRhB6M6Q1Y lt8FrAnDRcsGgwbCqUlJgmHLVx40TCpP3ui+Ta3wINHAI6NYxRJXNYX+1 g==; X-IronPort-AV: E=McAfee;i="6500,9779,10535"; a="293656149" X-IronPort-AV: E=Sophos;i="5.96,175,1665471600"; d="scan'208";a="293656149" Received: from orsmga002.jf.intel.com ([10.7.209.21]) by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 18 Nov 2022 16:23:46 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10535"; a="640401527" X-IronPort-AV: E=Sophos;i="5.96,175,1665471600"; d="scan'208";a="640401527" Received: from linux.intel.com ([10.54.29.200]) by orsmga002.jf.intel.com with ESMTP; 18 Nov 2022 16:23:46 -0800 Received: from debox1-desk4.lan (unknown [10.252.138.169]) by linux.intel.com (Postfix) with ESMTP id 1E87A580DDF; Fri, 18 Nov 2022 16:23:46 -0800 (PST) From: "David E. Box" To: david.e.box@linux.intel.com, hdegoede@redhat.com, markgross@kernel.org, andriy.shevchenko@linux.intel.com Cc: platform-driver-x86@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH V2 4/9] platform/x86/intel/sdsi: Add meter certificate support Date: Fri, 18 Nov 2022 16:23:38 -0800 Message-Id: <20221119002343.1281885-5-david.e.box@linux.intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20221119002343.1281885-1-david.e.box@linux.intel.com> References: <20221119002343.1281885-1-david.e.box@linux.intel.com> MIME-Version: 1.0 X-Spam-Status: No, score=-4.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1749886381727820759?= X-GMAIL-MSGID: =?utf-8?q?1749886381727820759?= Add support for reading the meter certificate from Intel On Demand hardware. The meter certificate [1] is used to access the utilization metrics of enabled features in support of the Intel On Demand consumption model. Similar to the state certificate, the meter certificate is read by mailbox command. While making similar changes also use the BIN_ATTR_ADMIN_RO helper to create the 'registers' sysfs file. Link: https://github.com/intel-sandbox/debox1.intel_sdsi/blob/gnr-review/meter-certificate.rst [1] Signed-off-by: David E. Box --- V2 - Add Link tag in commit message - Use BIN_ATTR_ADMIN_RO helper for certificate files and also for existing 'registers' file - Allow default On Demand attributes to show without explicit checks .../ABI/testing/sysfs-driver-intel_sdsi | 10 ++++ drivers/platform/x86/intel/sdsi.c | 49 ++++++++++++++----- 2 files changed, 48 insertions(+), 11 deletions(-) diff --git a/Documentation/ABI/testing/sysfs-driver-intel_sdsi b/Documentation/ABI/testing/sysfs-driver-intel_sdsi index 9d77f30d9b9a..f8afed127107 100644 --- a/Documentation/ABI/testing/sysfs-driver-intel_sdsi +++ b/Documentation/ABI/testing/sysfs-driver-intel_sdsi @@ -69,6 +69,16 @@ Description: the CPU configuration is updated. A cold reboot is required to fully activate the feature. Mailbox command. +What: /sys/bus/auxiliary/devices/intel_vsec.sdsi.X/meter_certificate +Date: Nov 2022 +KernelVersion: 6.2 +Contact: "David E. Box" +Description: + (RO) Used to read back the current meter certificate for the CPU + from Intel On Demand hardware. The meter certificate contains + utilization metrics of On Demand enabled features. Mailbox + command. + What: /sys/bus/auxiliary/devices/intel_vsec.sdsi.X/state_certificate Date: Feb 2022 KernelVersion: 5.18 diff --git a/drivers/platform/x86/intel/sdsi.c b/drivers/platform/x86/intel/sdsi.c index 9cd4339a7370..9e0ea2cdd704 100644 --- a/drivers/platform/x86/intel/sdsi.c +++ b/drivers/platform/x86/intel/sdsi.c @@ -41,6 +41,7 @@ #define SDSI_ENABLED_FEATURES_OFFSET 16 #define SDSI_FEATURE_SDSI BIT(3) +#define SDSI_FEATURE_METERING BIT(26) #define SDSI_SOCKET_ID_OFFSET 64 #define SDSI_SOCKET_ID GENMASK(3, 0) @@ -83,9 +84,10 @@ #define GUID_V2_REGS_SIZE 80 enum sdsi_command { - SDSI_CMD_PROVISION_AKC = 0x04, - SDSI_CMD_PROVISION_CAP = 0x08, - SDSI_CMD_READ_STATE = 0x10, + SDSI_CMD_PROVISION_AKC = 0x0004, + SDSI_CMD_PROVISION_CAP = 0x0008, + SDSI_CMD_READ_STATE = 0x0010, + SDSI_CMD_READ_METER = 0x0014, }; struct sdsi_mbox_info { @@ -401,13 +403,10 @@ static ssize_t provision_cap_write(struct file *filp, struct kobject *kobj, } static BIN_ATTR_WO(provision_cap, SDSI_SIZE_WRITE_MSG); -static long state_certificate_read(struct file *filp, struct kobject *kobj, - struct bin_attribute *attr, char *buf, loff_t off, - size_t count) +static ssize_t +certificate_read(u64 command, struct sdsi_priv *priv, char *buf, loff_t off, + size_t count) { - struct device *dev = kobj_to_dev(kobj); - struct sdsi_priv *priv = dev_get_drvdata(dev); - u64 command = SDSI_CMD_READ_STATE; struct sdsi_mbox_info info; size_t size; int ret; @@ -444,7 +443,30 @@ static long state_certificate_read(struct file *filp, struct kobject *kobj, return size; } -static BIN_ATTR(state_certificate, 0400, state_certificate_read, NULL, SDSI_SIZE_READ_MSG); + +static ssize_t +state_certificate_read(struct file *filp, struct kobject *kobj, + struct bin_attribute *attr, char *buf, loff_t off, + size_t count) +{ + struct device *dev = kobj_to_dev(kobj); + struct sdsi_priv *priv = dev_get_drvdata(dev); + + return certificate_read(SDSI_CMD_READ_STATE, priv, buf, off, count); +} +static BIN_ATTR_ADMIN_RO(state_certificate, SDSI_SIZE_READ_MSG); + +static ssize_t +meter_certificate_read(struct file *filp, struct kobject *kobj, + struct bin_attribute *attr, char *buf, loff_t off, + size_t count) +{ + struct device *dev = kobj_to_dev(kobj); + struct sdsi_priv *priv = dev_get_drvdata(dev); + + return certificate_read(SDSI_CMD_READ_METER, priv, buf, off, count); +} +static BIN_ATTR_ADMIN_RO(meter_certificate, SDSI_SIZE_READ_MSG); static ssize_t registers_read(struct file *filp, struct kobject *kobj, struct bin_attribute *attr, char *buf, loff_t off, @@ -470,11 +492,12 @@ static ssize_t registers_read(struct file *filp, struct kobject *kobj, return count; } -static BIN_ATTR(registers, 0400, registers_read, NULL, SDSI_SIZE_REGS); +static BIN_ATTR_ADMIN_RO(registers, SDSI_SIZE_REGS); static struct bin_attribute *sdsi_bin_attrs[] = { &bin_attr_registers, &bin_attr_state_certificate, + &bin_attr_meter_certificate, &bin_attr_provision_akc, &bin_attr_provision_cap, NULL @@ -494,6 +517,10 @@ sdsi_battr_is_visible(struct kobject *kobj, struct bin_attribute *attr, int n) if (!(priv->features & SDSI_FEATURE_SDSI)) return 0; + if (attr == &bin_attr_meter_certificate) + return (priv->features & SDSI_FEATURE_METERING) ? + attr->attr.mode : 0; + return attr->attr.mode; } From patchwork Sat Nov 19 00:23:39 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "David E. Box" X-Patchwork-Id: 23163 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp502518wrr; Fri, 18 Nov 2022 17:27:25 -0800 (PST) X-Google-Smtp-Source: AA0mqf6P6QprJI9hNxlSojJMZz+GFya75wc7MZwrQ6nJ1dqIQSBzVY5r5XjRKPmEh3d/9Z5htlfP X-Received: by 2002:a17:90a:294f:b0:213:d04:7529 with SMTP id x15-20020a17090a294f00b002130d047529mr15993425pjf.181.1668821244949; Fri, 18 Nov 2022 17:27:24 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668821244; cv=none; d=google.com; s=arc-20160816; b=aPK8KPiotF6TFvPNZNAG8YQFxRBgJWtzmY8syIn5Zuzqc/yjFYr049oZ/CFNald4Wc vW6l7hrBKJh4Qvw2pBfeY+yvLnbntMH2yGyrBMxPSq67Uo/ZuUoZ9AFq1NS5IBFWfjVM Qy+MfWJe5Td6FIr5ZebYG4+yEqn65dYD0D/LJqBH+Di8uZ93xdj3CGjVg4zshzF++omo /ByzST5SikE5QkY8gHr//8PmUycVP6kbE5AV4ndGIeWaehzRHXjLopvekK/f4hmu9D2P vfTa/ssNSV9YyNpvtX5V1ODVFgr7V0mUCJEEr4ZroqM6nh84+9OKDrEUIdZ+93ygvamV 9ywA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=bVDwxqxcehySuqDNjE4iJrXFYgxo9rHolojM+21yrbE=; b=L5GBmQ6hZfPsBmOKXJ2ssxSXukqW/NNWgDVZz6t+vtJ0nWYoKb/I5Ak+Utx3ywmWsV xVwCMHTLP6TBBwhbOMfrsXzizzSAx3m+ExHot8kORkQ73BIX+S9kDmAKpqyZ41cErcUe OsSomejWh+RfyGxTQENeeeVEkd3k4piBXlA3ybVLUZJ/XAZsOoSVTY4zAggrSkNtNE4+ G5ib3Xr8KaGMsUyJrHYojGsv1zFoun02cSfsSHXJgd66W9xzeJh4vQ4aCDZxmhL9Ns/b G2I11mzskzOoddwm7HRCmgDi+I2R7KSHfjsGbP6O+99VjpiCRimnf0KYUl0Ptfc7qo72 ml6A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=BS3SBTMY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id l63-20020a639142000000b004772afcec3asi3303852pge.263.2022.11.18.17.27.09; Fri, 18 Nov 2022 17:27:24 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=BS3SBTMY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232062AbiKSBYO (ORCPT + 99 others); Fri, 18 Nov 2022 20:24:14 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51680 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233050AbiKSBWy (ORCPT ); Fri, 18 Nov 2022 20:22:54 -0500 Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5A8F7326EE; Fri, 18 Nov 2022 16:23:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1668817431; x=1700353431; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=A2X5HrMnBxH5VEdXlxVxqcsyXqJupgjh5T+Jen11JC8=; b=BS3SBTMYdngXaNxIg8gA5crk8uxQmRBECzwWOFRLTOWZ91IVZFTDi1Ee HQP1yWcp6KJUCnPaHHgsWYNzmY0GnEzrFBt495Bur/5VaGhQQeEtu0/IW aty8Vaz+xXSHcYUh/E8700YmQARHDL72bCA/gbzspNU4CKDcmDSPuWDmq o36R9tisdvNJwOe613+pFy7Zimvq4i69oTT1XBQIk7VFYLW+rutubmWKC wJxe0DzCGpQM0XG8GAoC642yjkaVmVNv+sx8JHZRQMGQp337xerzWLMC9 SLM1BWd2r3WLSd7kl3r6dA2fhnYBRAK8HKbA1rXb+Z0wC1wtGnfZqSIIq g==; X-IronPort-AV: E=McAfee;i="6500,9779,10535"; a="314418971" X-IronPort-AV: E=Sophos;i="5.96,175,1665471600"; d="scan'208";a="314418971" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 18 Nov 2022 16:23:46 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10535"; a="765349179" X-IronPort-AV: E=Sophos;i="5.96,175,1665471600"; d="scan'208";a="765349179" Received: from linux.intel.com ([10.54.29.200]) by orsmga004.jf.intel.com with ESMTP; 18 Nov 2022 16:23:46 -0800 Received: from debox1-desk4.lan (unknown [10.252.138.169]) by linux.intel.com (Postfix) with ESMTP id 4B128580A6C; Fri, 18 Nov 2022 16:23:46 -0800 (PST) From: "David E. Box" To: david.e.box@linux.intel.com, hdegoede@redhat.com, markgross@kernel.org, andriy.shevchenko@linux.intel.com Cc: platform-driver-x86@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH V2 5/9] tools/arch/x86: intel_sdsi: Add support for reading state certificates Date: Fri, 18 Nov 2022 16:23:39 -0800 Message-Id: <20221119002343.1281885-6-david.e.box@linux.intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20221119002343.1281885-1-david.e.box@linux.intel.com> References: <20221119002343.1281885-1-david.e.box@linux.intel.com> MIME-Version: 1.0 X-Spam-Status: No, score=-4.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1749885906221937017?= X-GMAIL-MSGID: =?utf-8?q?1749885906221937017?= Add option to read and decode On Demand state certificates. Link: https://github.com/intel/intel-sdsi/blob/master/state-certificate-encoding.rst Signed-off-by: David E. Box Reviewed-by: Hans de Goede --- V2 - No change tools/arch/x86/intel_sdsi/intel_sdsi.c | 268 ++++++++++++++++++------- 1 file changed, 198 insertions(+), 70 deletions(-) diff --git a/tools/arch/x86/intel_sdsi/intel_sdsi.c b/tools/arch/x86/intel_sdsi/intel_sdsi.c index c0e2f2349db4..9dd94014a672 100644 --- a/tools/arch/x86/intel_sdsi/intel_sdsi.c +++ b/tools/arch/x86/intel_sdsi/intel_sdsi.c @@ -22,11 +22,24 @@ #include +#ifndef __packed +#define __packed __attribute__((packed)) +#endif + +#define min(x, y) ({ \ + typeof(x) _min1 = (x); \ + typeof(y) _min2 = (y); \ + (void) (&_min1 == &_min2); \ + _min1 < _min2 ? _min1 : _min2; }) + #define SDSI_DEV "intel_vsec.sdsi" #define AUX_DEV_PATH "/sys/bus/auxiliary/devices/" #define SDSI_PATH (AUX_DEV_DIR SDSI_DEV) #define GUID 0x6dd191 #define REGISTERS_MIN_SIZE 72 +#define STATE_CERT_MAX_SIZE 4096 +#define STATE_MAX_NUM_LICENSES 16 +#define STATE_MAX_NUM_IN_BUNDLE (uint32_t)8 #define __round_mask(x, y) ((__typeof__(x))((y) - 1)) #define round_up(x, y) ((((x) - 1) | __round_mask(x, y)) + 1) @@ -49,6 +62,7 @@ struct availability { uint64_t reserved:48; uint64_t available:3; uint64_t threshold:3; + uint64_t reserved2:10; }; struct sdsi_regs { @@ -63,17 +77,55 @@ struct sdsi_regs { uint64_t socket_id; }; +#define CONTENT_TYPE_LK_ENC 0xD +#define CONTENT_TYPE_LK_BLOB_ENC 0xE + +struct state_certificate { + uint32_t content_type; + uint32_t region_rev_id; + uint32_t header_size; + uint32_t total_size; + uint32_t key_size; + uint32_t num_licenses; +}; + +struct license_key_info { + uint32_t key_rev_id; + uint64_t key_image_content[6]; +} __packed; + +#define LICENSE_BLOB_SIZE(l) (((l) & 0x7fffffff) * 4) +#define LICENSE_VALID(l) (!!((l) & 0x80000000)) + +// License Group Types +#define LBT_ONE_TIME_UPGRADE 1 +#define LBT_METERED_UPGRADE 2 + +struct license_blob_content { + uint32_t type; + uint64_t id; + uint64_t ppin; + uint64_t previous_ppin; + uint32_t rev_id; + uint32_t num_bundles; +} __packed; + +struct bundle_encoding { + uint32_t encoding; + uint32_t encoding_rsvd[7]; +}; + struct sdsi_dev { struct sdsi_regs regs; + struct state_certificate sc; char *dev_name; char *dev_path; int guid; }; enum command { - CMD_NONE, CMD_SOCKET_INFO, - CMD_DUMP_CERT, + CMD_STATE_CERT, CMD_PROV_AKC, CMD_PROV_CAP, }; @@ -168,20 +220,56 @@ static int sdsi_read_reg(struct sdsi_dev *s) return 0; } -static int sdsi_certificate_dump(struct sdsi_dev *s) +static char *license_blob_type(uint32_t type) +{ + switch (type) { + case LBT_ONE_TIME_UPGRADE: + return "One time upgrade"; + case LBT_METERED_UPGRADE: + return "Metered upgrade"; + default: + return "Unknown license blob type"; + } +} + +static char *content_type(uint32_t type) +{ + switch (type) { + case CONTENT_TYPE_LK_ENC: + return "Licencse key encoding"; + case CONTENT_TYPE_LK_BLOB_ENC: + return "License key + Blob encoding"; + default: + return "Unknown content type"; + } +} + +static void get_feature(uint32_t encoding, char *feature) +{ + char *name = (char *)&encoding; + + feature[3] = name[0]; + feature[2] = name[1]; + feature[1] = name[2]; + feature[0] = name[3]; +} + +static int sdsi_state_cert_show(struct sdsi_dev *s) { - uint64_t state_certificate[512] = {0}; - bool first_instance; - uint64_t previous; + char buf[STATE_CERT_MAX_SIZE] = {0}; + struct state_certificate *sc; + struct license_key_info *lki; + uint32_t offset = 0; + uint32_t count = 0; FILE *cert_ptr; - int i, ret, size; + int ret, size; ret = sdsi_update_registers(s); if (ret) return ret; if (!s->regs.en_features.sdsi) { - fprintf(stderr, "SDSi feature is present but not enabled."); + fprintf(stderr, "On Demand feature is present but not enabled."); fprintf(stderr, " Unable to read state certificate"); return -1; } @@ -198,32 +286,74 @@ static int sdsi_certificate_dump(struct sdsi_dev *s) return -1; } - size = fread(state_certificate, 1, sizeof(state_certificate), cert_ptr); + size = fread(buf, 1, sizeof(buf), cert_ptr); if (!size) { fprintf(stderr, "Could not read 'state_certificate' file\n"); fclose(cert_ptr); return -1; } + fclose(cert_ptr); - printf("%3d: 0x%lx\n", 0, state_certificate[0]); - previous = state_certificate[0]; - first_instance = true; + sc = (struct state_certificate *)buf; - for (i = 1; i < (int)(round_up(size, sizeof(uint64_t))/sizeof(uint64_t)); i++) { - if (state_certificate[i] == previous) { - if (first_instance) { - puts("*"); - first_instance = false; - } - continue; + /* Print register info for this guid */ + printf("\n"); + printf("State certificate for device %s\n", s->dev_name); + printf("\n"); + printf("Content Type: %s\n", content_type(sc->content_type)); + printf("Region Revision ID: %d\n", sc->region_rev_id); + printf("Header Size: %d\n", sc->header_size * 4); + printf("Total Size: %d\n", sc->total_size); + printf("OEM Key Size: %d\n", sc->key_size * 4); + printf("Number of Licenses: %d\n", sc->num_licenses); + + /* Skip over the license sizes 4 bytes per license) to get the license key info */ + lki = (void *)sc + sizeof(*sc) + (4 * sc->num_licenses); + + printf("License blob Info:\n"); + printf(" License Key Revision ID: 0x%x\n", lki->key_rev_id); + printf(" License Key Image Content: 0x%lx%lx%lx%lx%lx%lx\n", + lki->key_image_content[5], lki->key_image_content[4], + lki->key_image_content[3], lki->key_image_content[2], + lki->key_image_content[1], lki->key_image_content[0]); + + while (count++ < sc->num_licenses) { + uint32_t blob_size_field = *(uint32_t *)(buf + 0x14 + count * 4); + uint32_t blob_size = LICENSE_BLOB_SIZE(blob_size_field); + bool license_valid = LICENSE_VALID(blob_size_field); + struct license_blob_content *lbc = + (void *)(sc) + // start of the state certificate + sizeof(*sc) + // size of the state certificate + (4 * sc->num_licenses) + // total size of the blob size blocks + sizeof(*lki) + // size of the license key info + offset; // offset to this blob content + struct bundle_encoding *bundle = (void *)(lbc) + sizeof(*lbc); + char feature[5]; + uint32_t i; + + printf(" Blob %d:\n", count - 1); + printf(" License blob size: %u\n", blob_size); + printf(" License is valid: %s\n", license_valid ? "Yes" : "No"); + printf(" License blob type: %s\n", license_blob_type(lbc->type)); + printf(" License blob ID: 0x%lx\n", lbc->id); + printf(" PPIN: 0x%lx\n", lbc->ppin); + printf(" Previous PPIN: 0x%lx\n", lbc->previous_ppin); + printf(" Blob revision ID: %u\n", lbc->rev_id); + printf(" Number of Features: %u\n", lbc->num_bundles); + + feature[4] = '\0'; + + for (i = 0; i < min(lbc->num_bundles, STATE_MAX_NUM_IN_BUNDLE); i++) { + get_feature(bundle[i].encoding, feature); + printf(" Feature %d: %s\n", i, feature); } - printf("%3d: 0x%lx\n", i, state_certificate[i]); - previous = state_certificate[i]; - first_instance = true; - } - printf("%3d\n", i); - fclose(cert_ptr); + if (lbc->num_bundles > STATE_MAX_NUM_IN_BUNDLE) + fprintf(stderr, " Warning: %d > %d licenses in bundle reported.\n", + lbc->num_bundles, STATE_MAX_NUM_IN_BUNDLE); + + offset += blob_size; + }; return 0; } @@ -231,7 +361,7 @@ static int sdsi_certificate_dump(struct sdsi_dev *s) static int sdsi_provision(struct sdsi_dev *s, char *bin_file, enum command command) { int bin_fd, prov_fd, size, ret; - char buf[4096] = { 0 }; + char buf[STATE_CERT_MAX_SIZE] = { 0 }; char cap[] = "provision_cap"; char akc[] = "provision_akc"; char *prov_file; @@ -266,7 +396,7 @@ static int sdsi_provision(struct sdsi_dev *s, char *bin_file, enum command comma } /* Read the binary file into the buffer */ - size = read(bin_fd, buf, 4096); + size = read(bin_fd, buf, STATE_CERT_MAX_SIZE); if (size == -1) { close(bin_fd); close(prov_fd); @@ -443,25 +573,26 @@ static void sdsi_free_dev(struct sdsi_dev *s) static void usage(char *prog) { - printf("Usage: %s [-l] [-d DEVNO [-iD] [-a FILE] [-c FILE]]\n", prog); + printf("Usage: %s [-l] [-d DEVNO [-i] [-s] [-a FILE] [-c FILE]]\n", prog); } static void show_help(void) { printf("Commands:\n"); - printf(" %-18s\t%s\n", "-l, --list", "list available sdsi devices"); - printf(" %-18s\t%s\n", "-d, --devno DEVNO", "sdsi device number"); - printf(" %-18s\t%s\n", "-i --info", "show socket information"); - printf(" %-18s\t%s\n", "-D --dump", "dump state certificate data"); - printf(" %-18s\t%s\n", "-a --akc FILE", "provision socket with AKC FILE"); - printf(" %-18s\t%s\n", "-c --cap FILE>", "provision socket with CAP FILE"); + printf(" %-18s\t%s\n", "-l, --list", "list available On Demand devices"); + printf(" %-18s\t%s\n", "-d, --devno DEVNO", "On Demand device number"); + printf(" %-18s\t%s\n", "-i, --info", "show socket information"); + printf(" %-18s\t%s\n", "-s, --state", "show state certificate"); + printf(" %-18s\t%s\n", "-a, --akc FILE", "provision socket with AKC FILE"); + printf(" %-18s\t%s\n", "-c, --cap FILE>", "provision socket with CAP FILE"); } int main(int argc, char *argv[]) { char bin_file[PATH_MAX], *dev_no = NULL; + bool device_selected = false; char *progname; - enum command command = CMD_NONE; + enum command command = -1; struct sdsi_dev *s; int ret = 0, opt; int option_index = 0; @@ -470,21 +601,22 @@ int main(int argc, char *argv[]) {"akc", required_argument, 0, 'a'}, {"cap", required_argument, 0, 'c'}, {"devno", required_argument, 0, 'd'}, - {"dump", no_argument, 0, 'D'}, {"help", no_argument, 0, 'h'}, {"info", no_argument, 0, 'i'}, {"list", no_argument, 0, 'l'}, + {"state", no_argument, 0, 's'}, {0, 0, 0, 0 } }; progname = argv[0]; - while ((opt = getopt_long_only(argc, argv, "+a:c:d:Da:c:h", long_options, + while ((opt = getopt_long_only(argc, argv, "+a:c:d:hils", long_options, &option_index)) != -1) { switch (opt) { case 'd': dev_no = optarg; + device_selected = true; break; case 'l': sdsi_list_devices(); @@ -492,8 +624,8 @@ int main(int argc, char *argv[]) case 'i': command = CMD_SOCKET_INFO; break; - case 'D': - command = CMD_DUMP_CERT; + case 's': + command = CMD_STATE_CERT; break; case 'a': case 'c': @@ -520,39 +652,35 @@ int main(int argc, char *argv[]) } } - if (!dev_no) { - if (command != CMD_NONE) - fprintf(stderr, "Missing device number, DEVNO, for this command\n"); - usage(progname); - return -1; - } + if (device_selected) { + s = sdsi_create_dev(dev_no); + if (!s) + return -1; - s = sdsi_create_dev(dev_no); - if (!s) - return -1; + switch (command) { + case CMD_SOCKET_INFO: + ret = sdsi_read_reg(s); + break; + case CMD_STATE_CERT: + ret = sdsi_state_cert_show(s); + break; + case CMD_PROV_AKC: + ret = sdsi_provision_akc(s, bin_file); + break; + case CMD_PROV_CAP: + ret = sdsi_provision_cap(s, bin_file); + break; + default: + fprintf(stderr, "No command specified\n"); + return -1; + } + + sdsi_free_dev(s); - /* Run the command */ - switch (command) { - case CMD_NONE: - fprintf(stderr, "Missing command for device %s\n", dev_no); - usage(progname); - break; - case CMD_SOCKET_INFO: - ret = sdsi_read_reg(s); - break; - case CMD_DUMP_CERT: - ret = sdsi_certificate_dump(s); - break; - case CMD_PROV_AKC: - ret = sdsi_provision_akc(s, bin_file); - break; - case CMD_PROV_CAP: - ret = sdsi_provision_cap(s, bin_file); - break; - } - - - sdsi_free_dev(s); + } else { + fprintf(stderr, "No device specified\n"); + return -1; + } return ret; } From patchwork Sat Nov 19 00:23:40 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "David E. Box" X-Patchwork-Id: 23160 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp501814wrr; Fri, 18 Nov 2022 17:25:02 -0800 (PST) X-Google-Smtp-Source: AA0mqf6C75BoYcl+Lr5Jb+tXDy6D+ZZRa0XMrttiKPcaVBowScfS6Xao/TlJZTYSfSyy/fJvZr2L X-Received: by 2002:a17:902:d051:b0:189:f86:f0f with SMTP id l17-20020a170902d05100b001890f860f0fmr172741pll.129.1668821102028; Fri, 18 Nov 2022 17:25:02 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668821102; cv=none; d=google.com; s=arc-20160816; b=RTEGRnAsjCjsfIC4n+plpA228Mcn8KFoG8en8V4g37Nir+F13hJC2w2h/Do2jXhi8K 5iCpZro/RpFBmQYN3di67CjJOY7F850pBMXN/lRvURRMp+gONKfdrqWKLuHMj0s2GruA J4+avdOWHSnLHqDFCvtPwOXm4z+My2u+FU/29e6zSKJl0VrBXc9kHco/btsg5RCPy001 xvXq8mXNK9+bZbSwvP/n3KwT54+pKThUrUvxj5pBhBLHpkytZwYX9jetcXjoS36mWlPu CsujI2+DjbKbqslJBzBwtLzMBmdUbq9c4Efqa/MblxxvccRo0T0BffVfy9mPmLn8XJ1n HjKg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=faj1SkW+K0PI5czGxB01LfG19KQGRxaiPWX4xK5nVKc=; b=nvI79a7K8LniWCtfyEMEVJyJ5PfTsOFxoTe9hlnla7NkF9a/YzO/2mMA+FwBf0MTw3 T2qgnEpK4oGdNNyICE4fxCKo6KIykCC0UO+r48aQ3EezGx6U7wouD3CVl+9sKhsRtYBU xQI1qIb77fsN3TcnePph95NQoGt2TSujrGitRGislZMnVyxIHcKi4zniX2Fu6cBge6Zi BGMBhGEkP5PaqnB+yTpVVIMbws2oHTKhp+njHtmPEiYu/iY1E59HmnmLBWM2fwpD0VMm 9wJdjOOpZt9x53HZPlCZGbAOl0JpF1SeJu/Qp6xALgLA/aehgh5UxrOuCcLpp6beeqbc ENTg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=APrjwxj4; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id d26-20020a630e1a000000b0046edec119f6si5121037pgl.227.2022.11.18.17.24.48; Fri, 18 Nov 2022 17:25:01 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=APrjwxj4; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229803AbiKSBXc (ORCPT + 99 others); Fri, 18 Nov 2022 20:23:32 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54716 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230058AbiKSBW5 (ORCPT ); Fri, 18 Nov 2022 20:22:57 -0500 Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0973E53ECC; Fri, 18 Nov 2022 16:23:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1668817435; x=1700353435; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=gLAOje8+qf/k9AwPKuFwEIgMMpE2A7PEtqaQD09hAq8=; b=APrjwxj43tL5ikMNH92H5XKs3StcsNvAYrc7CrSlV6OTC3odjksVgw0y BBCKiL0hgnLbeOY184Yb7+EGeqQfcMy1xtwM4Xfbm646dLitMgrxp8lde 3f2yt3FhqpB6PLZza5e28jKgydKh7lmftWzlU2drSKXN0/sOWyO4vFmwk dbmtbf+cU+5U5KGJV+loK74d50QQ7yk+q5Crw2J1wt8JKAS9IMx/QPl2I h2Zt/t1PB9KTz4GVKvdAlWuGlpP1qqqTMS0uKzXGpgD+6J2EkNZ+TgK9s GZ2U5jehy8ruNVkH11WBvhWNY0/b1kw3SE70Te2TQz5QUGr9PQzfEuUWt Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10535"; a="314418973" X-IronPort-AV: E=Sophos;i="5.96,175,1665471600"; d="scan'208";a="314418973" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 18 Nov 2022 16:23:46 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10535"; a="765349181" X-IronPort-AV: E=Sophos;i="5.96,175,1665471600"; d="scan'208";a="765349181" Received: from linux.intel.com ([10.54.29.200]) by orsmga004.jf.intel.com with ESMTP; 18 Nov 2022 16:23:46 -0800 Received: from debox1-desk4.lan (unknown [10.252.138.169]) by linux.intel.com (Postfix) with ESMTP id 758BA580DFA; Fri, 18 Nov 2022 16:23:46 -0800 (PST) From: "David E. Box" To: david.e.box@linux.intel.com, hdegoede@redhat.com, markgross@kernel.org, andriy.shevchenko@linux.intel.com Cc: platform-driver-x86@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH V2 6/9] tools/arch/x86: intel_sdsi: Add Intel On Demand text Date: Fri, 18 Nov 2022 16:23:40 -0800 Message-Id: <20221119002343.1281885-7-david.e.box@linux.intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20221119002343.1281885-1-david.e.box@linux.intel.com> References: <20221119002343.1281885-1-david.e.box@linux.intel.com> MIME-Version: 1.0 X-Spam-Status: No, score=-4.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1749885755417930515?= X-GMAIL-MSGID: =?utf-8?q?1749885755417930515?= Intel Software Defined Silicon (SDSi) is now officially known as Intel On Demand. Change text in tool to indicate this. Signed-off-by: David E. Box Reviewed-by: Hans de Goede --- V2 - No change tools/arch/x86/intel_sdsi/intel_sdsi.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tools/arch/x86/intel_sdsi/intel_sdsi.c b/tools/arch/x86/intel_sdsi/intel_sdsi.c index 9dd94014a672..3718bd0c05cb 100644 --- a/tools/arch/x86/intel_sdsi/intel_sdsi.c +++ b/tools/arch/x86/intel_sdsi/intel_sdsi.c @@ -1,7 +1,7 @@ // SPDX-License-Identifier: GPL-2.0 /* - * sdsi: Intel Software Defined Silicon tool for provisioning certificates - * and activation payloads on supported cpus. + * sdsi: Intel On Demand (formerly Software Defined Silicon) tool for + * provisioning certificates and activation payloads on supported cpus. * * See https://github.com/intel/intel-sdsi/blob/master/os-interface.rst * for register descriptions. @@ -150,7 +150,7 @@ static void sdsi_list_devices(void) } if (!found) - fprintf(stderr, "No sdsi devices found.\n"); + fprintf(stderr, "No On Demand devices found.\n"); } static int sdsi_update_registers(struct sdsi_dev *s) @@ -206,7 +206,7 @@ static int sdsi_read_reg(struct sdsi_dev *s) printf("\n"); printf("PPIN: 0x%lx\n", s->regs.ppin); printf("Enabled Features\n"); - printf(" SDSi: %s\n", !!s->regs.en_features.sdsi ? "Enabled" : "Disabled"); + printf(" On Demand: %s\n", !!s->regs.en_features.sdsi ? "Enabled" : "Disabled"); printf("Authorization Failure Count\n"); printf(" AKC Failure Count: %d\n", s->regs.auth_fail_count.key_failure_count); printf(" AKC Failure Threshold: %d\n", s->regs.auth_fail_count.key_failure_threshold); @@ -428,7 +428,7 @@ static int sdsi_provision_akc(struct sdsi_dev *s, char *bin_file) return ret; if (!s->regs.en_features.sdsi) { - fprintf(stderr, "SDSi feature is present but not enabled. Unable to provision"); + fprintf(stderr, "On Demand feature is present but not enabled. Unable to provision"); return -1; } @@ -458,7 +458,7 @@ static int sdsi_provision_cap(struct sdsi_dev *s, char *bin_file) return ret; if (!s->regs.en_features.sdsi) { - fprintf(stderr, "SDSi feature is present but not enabled. Unable to provision"); + fprintf(stderr, "On Demand feature is present but not enabled. Unable to provision"); return -1; } From patchwork Sat Nov 19 00:23:41 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "David E. Box" X-Patchwork-Id: 23161 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp501964wrr; Fri, 18 Nov 2022 17:25:29 -0800 (PST) X-Google-Smtp-Source: AA0mqf5GPqrDaEdHs2DuXEsP+joMU3dGUeIKRqQTsq02ebBm60U5ri+xRaoAacbpdlMomR805yby X-Received: by 2002:a63:e09:0:b0:46b:8e9:749 with SMTP id d9-20020a630e09000000b0046b08e90749mr8658482pgl.260.1668821129518; Fri, 18 Nov 2022 17:25:29 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668821129; cv=none; d=google.com; s=arc-20160816; b=rlx8ipSlf0obo0X/cirsrFpT2ym+QzU2xHHHuG9Dln9mUVatcpD9Z9Qua5//YCnJnv OlmPBMkjioTMO7YnQucG3wv4EWNYcSiSIDw1zisUT7gide4wlRk9B6FBRD8DTX9UIk2f fOQGAquhJ2XcVoRPuGVl5J38bjW+7re/kuR82+PocomX+MWafeLpVuYTdLJhJPIOA1hp hYT2RqrHPJ231nk/CCtvAG9AJYM6RCBjH4cjb43320RtJuraYrjlkR6JVBLBg3EHb8LM MPgEdvA9PBBXsxyyrTpLHpQH52QPRJxdjtelE8ByIwhLlEhQMDgKdMxI8qgu4zOgRoKm V1Vw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=xk0lZ1tOGbybrUibfgo3I/gdXQFbDw++LrWKceoRq24=; b=mFZo5DEqaH9Vi3eVRGDihFQy9Bc4K0ubEw2xxV/lA8J8EpRlEt1dt8333nqul6zPS0 6MP21XoB3mDSUdVsKN0OSLrUtkyXgf20UU+TUvk6Gkkg64+dWTi8N9vjom9L3PxMcUNJ ofiVHwp1KIjpKJRubjaMDt5mBvqkIuTQ0xCtcBbdXaQK8u3D/WiVxiPuKa2d1QJXC79r dK1AooK7tDisc85j0uyDZpPdiaHVeWLPYZ6cUDLXMbRLGEJjn7TfIyD3D6Pd0LaqSHFn vA3tSg2ZNkHPo3Xkc/JlzahsyM6SfOpuL5P4PoQdqGeQIUW7ZEMMPlelEFlvNjrzrFda PiEQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=egtxF7m4; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id x4-20020a17090a970400b002111270cb88si4419184pjo.166.2022.11.18.17.25.16; Fri, 18 Nov 2022 17:25:29 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=egtxF7m4; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231207AbiKSBXf (ORCPT + 99 others); Fri, 18 Nov 2022 20:23:35 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51700 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233099AbiKSBWz (ORCPT ); Fri, 18 Nov 2022 20:22:55 -0500 Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5C0B54731A; Fri, 18 Nov 2022 16:23:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1668817431; x=1700353431; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=QQE4uUsKqIgvIsbsd0MdJi8Qw8o/2mzgliZV4+uAqwE=; b=egtxF7m4rNqiluZPA5ziDh7iHv9JzuXuiJC7bgtP+V0ayOtM3GsrSMbg 1zDu7rIZuqYROiD0Zp+cWMIDaBxZt/5YqKHhptuRaODtsve2RzENiJMf7 Xef0tGlFHG+qINtGAEhCSfgZJF98JxiElCORx6S1VIqDeXdDNoE29p3en BetRbp3XRWx9KOlVco4QPOI1lxvlJIUb0nAZEgfbU3hJbe2bbhSD7Mzxc 2CePvTN7aupoBtXXAgKr0Xdh+4yzi0X7pfs1cdaxOU11/5JExrmiCmwqw kVG40OlaH2uP+DKLtvQZyx1FpQwrby60u8B1rK+GWdxHRZ5de9hgiipve A==; X-IronPort-AV: E=McAfee;i="6500,9779,10535"; a="399556637" X-IronPort-AV: E=Sophos;i="5.96,175,1665471600"; d="scan'208";a="399556637" Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 18 Nov 2022 16:23:47 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10535"; a="703941561" X-IronPort-AV: E=Sophos;i="5.96,175,1665471600"; d="scan'208";a="703941561" Received: from linux.intel.com ([10.54.29.200]) by fmsmga008.fm.intel.com with ESMTP; 18 Nov 2022 16:23:46 -0800 Received: from debox1-desk4.lan (unknown [10.252.138.169]) by linux.intel.com (Postfix) with ESMTP id 9CD4F580A6C; Fri, 18 Nov 2022 16:23:46 -0800 (PST) From: "David E. Box" To: david.e.box@linux.intel.com, hdegoede@redhat.com, markgross@kernel.org, andriy.shevchenko@linux.intel.com Cc: platform-driver-x86@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH V2 7/9] tools/arch/x86: intel_sdsi: Read more On Demand registers Date: Fri, 18 Nov 2022 16:23:41 -0800 Message-Id: <20221119002343.1281885-8-david.e.box@linux.intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20221119002343.1281885-1-david.e.box@linux.intel.com> References: <20221119002343.1281885-1-david.e.box@linux.intel.com> MIME-Version: 1.0 X-Spam-Status: No, score=-4.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1749885784899387377?= X-GMAIL-MSGID: =?utf-8?q?1749885784899387377?= Add decoding of the following On Demand register fields: 1. NVRAM content authorization error status 2. Enabled features: telemetry and attestation 3. Key provisioning status 4. NVRAM update limit 5. PCU_CR3_CAPID_CFG Link: https://github.com/intel/intel-sdsi/blob/master/state-certificate-encoding.rst Signed-off-by: David E. Box Reviewed-by: Hans de Goede --- V2 - No change tools/arch/x86/intel_sdsi/intel_sdsi.c | 50 +++++++++++++++++++++++--- 1 file changed, 45 insertions(+), 5 deletions(-) diff --git a/tools/arch/x86/intel_sdsi/intel_sdsi.c b/tools/arch/x86/intel_sdsi/intel_sdsi.c index 3718bd0c05cb..01b5f9994e11 100644 --- a/tools/arch/x86/intel_sdsi/intel_sdsi.c +++ b/tools/arch/x86/intel_sdsi/intel_sdsi.c @@ -44,10 +44,28 @@ #define __round_mask(x, y) ((__typeof__(x))((y) - 1)) #define round_up(x, y) ((((x) - 1) | __round_mask(x, y)) + 1) +struct nvram_content_auth_err_sts { + uint64_t reserved:3; + uint64_t sdsi_content_auth_err:1; + uint64_t reserved1:1; + uint64_t sdsi_metering_auth_err:1; + uint64_t reserved2:58; +}; + struct enabled_features { uint64_t reserved:3; uint64_t sdsi:1; - uint64_t reserved1:60; + uint64_t reserved1:8; + uint64_t attestation:1; + uint64_t reserved2:13; + uint64_t metering:1; + uint64_t reserved3:37; +}; + +struct key_provision_status { + uint64_t reserved:1; + uint64_t license_key_provisioned:1; + uint64_t reserved2:62; }; struct auth_fail_count { @@ -65,15 +83,23 @@ struct availability { uint64_t reserved2:10; }; +struct nvram_update_limit { + uint64_t reserved:12; + uint64_t sdsi_50_pct:1; + uint64_t sdsi_75_pct:1; + uint64_t sdsi_90_pct:1; + uint64_t reserved2:49; +}; + struct sdsi_regs { uint64_t ppin; - uint64_t reserved; + struct nvram_content_auth_err_sts auth_err_sts; struct enabled_features en_features; - uint64_t reserved1; + struct key_provision_status key_prov_sts; struct auth_fail_count auth_fail_count; struct availability prov_avail; - uint64_t reserved2; - uint64_t reserved3; + struct nvram_update_limit limits; + uint64_t pcu_cr3_capid_cfg; uint64_t socket_id; }; @@ -205,8 +231,18 @@ static int sdsi_read_reg(struct sdsi_dev *s) printf("Socket information for device %s\n", s->dev_name); printf("\n"); printf("PPIN: 0x%lx\n", s->regs.ppin); + printf("NVRAM Content Authorization Error Status\n"); + printf(" SDSi Auth Err Sts: %s\n", !!s->regs.auth_err_sts.sdsi_content_auth_err ? "Error" : "Okay"); + + if (!!s->regs.en_features.metering) + printf(" Metering Auth Err Sts: %s\n", !!s->regs.auth_err_sts.sdsi_metering_auth_err ? "Error" : "Okay"); + printf("Enabled Features\n"); printf(" On Demand: %s\n", !!s->regs.en_features.sdsi ? "Enabled" : "Disabled"); + printf(" Attestation: %s\n", !!s->regs.en_features.attestation ? "Enabled" : "Disabled"); + printf(" On Demand: %s\n", !!s->regs.en_features.sdsi ? "Enabled" : "Disabled"); + printf(" Metering: %s\n", !!s->regs.en_features.metering ? "Enabled" : "Disabled"); + printf("License Key (AKC) Provisioned: %s\n", !!s->regs.key_prov_sts.license_key_provisioned ? "Yes" : "No"); printf("Authorization Failure Count\n"); printf(" AKC Failure Count: %d\n", s->regs.auth_fail_count.key_failure_count); printf(" AKC Failure Threshold: %d\n", s->regs.auth_fail_count.key_failure_threshold); @@ -215,6 +251,10 @@ static int sdsi_read_reg(struct sdsi_dev *s) printf("Provisioning Availability\n"); printf(" Updates Available: %d\n", s->regs.prov_avail.available); printf(" Updates Threshold: %d\n", s->regs.prov_avail.threshold); + printf("NVRAM Udate Limit\n"); + printf(" 50%% Limit Reached: %s\n", !!s->regs.limits.sdsi_50_pct ? "Yes" : "No"); + printf(" 75%% Limit Reached: %s\n", !!s->regs.limits.sdsi_75_pct ? "Yes" : "No"); + printf(" 90%% Limit Reached: %s\n", !!s->regs.limits.sdsi_90_pct ? "Yes" : "No"); printf("Socket ID: %ld\n", s->regs.socket_id & 0xF); return 0; From patchwork Sat Nov 19 00:23:42 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "David E. Box" X-Patchwork-Id: 23165 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp504399wrr; Fri, 18 Nov 2022 17:33:14 -0800 (PST) X-Google-Smtp-Source: AA0mqf6kcFBisP33TAn2/2i8hLrwdEDfF9yUIw8RobcSeBKKQATJeubRix3MrLG7w4o+x/FNxl4x X-Received: by 2002:a17:90a:62c2:b0:20d:bc7f:4fee with SMTP id k2-20020a17090a62c200b0020dbc7f4feemr16496276pjs.168.1668821594084; Fri, 18 Nov 2022 17:33:14 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668821594; cv=none; d=google.com; s=arc-20160816; b=Jou+XENwX5s3EwaGrremDMcrqYRHEDDNEbMyiUV3K8TJqPu8PNJkU+mMT9NMp2C//4 Uqvda0ZO4bUARIA5CGdWbAOeOk2HPGhSpQTuP+0wHq476KVks8G8TKS90l7T73Wywsc1 PutfN5q9Jl9iRGMro+OmzP0BKmG6RjEQq0iBYMjBkud9P2nBv5yzo7m8nkcQBBF/6xN2 dmxStcnceNZZ9UHxa99e3ENugDjyur9Vm1wcx06XTQKwLVBkL832/ppfqlVsaZ24HwAe bjBjg2qRjdEI31iF7eStC6LBYAEKtQppz3WkHdLLnn/vLIk6Lf2xJ6h3EwkhAUPOE+rJ Fexw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=RhMPHB4xVUHa3/2rObbxhBpG/hYAQ7+HvW2VEPA5Y6A=; b=uuSfqavekCb9ainIeLZVI/pqprV05WDSiZ3MFlw6wJlNIFQnDLuTA9muV7uRTM3NLC gLYURkvZdRwKzTXV+5cUmBXODDp29Khba7HbD5wIIqnhn3ylXxOd0d3srPSLQW1KZTyM cHOzBb0MAPASLzfx0orHwxb2IXcOiDBIRYxFiKZ2x1k2l0S2pFtwS20/lc82qQe148CS PfwXORuXFGFVj1K3DPqCJVtBCiz0TdF49OvILlhZA17HYkxGOhryocDzLRfix9Yvwr6f KmjYw7SeUC743cJb90X1EugudyqVwdWbGM6rE7X04t09ZM/FoU1gd5lOy7S+AAsmGer1 qcDg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=L0pPVpkT; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id q19-20020a056a00151300b00540cbd3cb18si5076128pfu.234.2022.11.18.17.33.00; Fri, 18 Nov 2022 17:33:14 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=L0pPVpkT; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231771AbiKSBX4 (ORCPT + 99 others); Fri, 18 Nov 2022 20:23:56 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51692 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233071AbiKSBWz (ORCPT ); Fri, 18 Nov 2022 20:22:55 -0500 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5C07347315; Fri, 18 Nov 2022 16:23:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1668817431; x=1700353431; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=uBqlisKs26ATJhIPFUU6cAt5vH5D3rY9J+8CYlHIE3E=; b=L0pPVpkTLjOMpUwS0DorrF8w5Vr+8KgS3DiUYN95pdSArDNSYwq6MpIR FoYzrSMmtRypZdvqKOPXiWlc1G4lxneM36EQX5TSke5ekeOP2HywvGemR 3f5SE+6qnkzVSw0qxPFaOxyWKMUVfa2GGiKnUxtHWFxnuMJBt1/KCJPlG Wzgm22AKycQBdwHlqbKiyErmWaQ/dtrjHt4c4iBphM+ixzVAu1+N7rmlj EpE+HgY4/WraoXwgXfLKgqcpEpCeZwMKoHzmxSMJ4sjcXZNnd/UpQ7u86 gHYs9kaS75rYJemrNh94gAjfm3O2DtICrB7xe7WpXDKO3/Sq94ZVYPwia Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10535"; a="296629184" X-IronPort-AV: E=Sophos;i="5.96,175,1665471600"; d="scan'208";a="296629184" Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 18 Nov 2022 16:23:47 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10535"; a="746200849" X-IronPort-AV: E=Sophos;i="5.96,175,1665471600"; d="scan'208";a="746200849" Received: from linux.intel.com ([10.54.29.200]) by fmsmga002.fm.intel.com with ESMTP; 18 Nov 2022 16:23:47 -0800 Received: from debox1-desk4.lan (unknown [10.252.138.169]) by linux.intel.com (Postfix) with ESMTP id C798E580DFA; Fri, 18 Nov 2022 16:23:46 -0800 (PST) From: "David E. Box" To: david.e.box@linux.intel.com, hdegoede@redhat.com, markgross@kernel.org, andriy.shevchenko@linux.intel.com Cc: platform-driver-x86@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH V2 8/9] tools/arch/x86: intel_sdsi: Add support for new GUID Date: Fri, 18 Nov 2022 16:23:42 -0800 Message-Id: <20221119002343.1281885-9-david.e.box@linux.intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20221119002343.1281885-1-david.e.box@linux.intel.com> References: <20221119002343.1281885-1-david.e.box@linux.intel.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1749886271656700186?= X-GMAIL-MSGID: =?utf-8?q?1749886271656700186?= The structure and content of the On Demand registers is based on the GUID which is read from hardware through sysfs. Add support for decoding the registers of a new GUID 0xF210D9EF. Signed-off-by: David E. Box --- V2 - Add defines for GUID based register sizes and check for the expected size after reading the file. Removes previous FIXME. tools/arch/x86/intel_sdsi/intel_sdsi.c | 36 ++++++++++++++++++-------- 1 file changed, 25 insertions(+), 11 deletions(-) diff --git a/tools/arch/x86/intel_sdsi/intel_sdsi.c b/tools/arch/x86/intel_sdsi/intel_sdsi.c index 01b5f9994e11..b42e1b6a6a1b 100644 --- a/tools/arch/x86/intel_sdsi/intel_sdsi.c +++ b/tools/arch/x86/intel_sdsi/intel_sdsi.c @@ -35,8 +35,10 @@ #define SDSI_DEV "intel_vsec.sdsi" #define AUX_DEV_PATH "/sys/bus/auxiliary/devices/" #define SDSI_PATH (AUX_DEV_DIR SDSI_DEV) -#define GUID 0x6dd191 -#define REGISTERS_MIN_SIZE 72 +#define GUID_V1 0x6dd191 +#define REGS_SIZE_GUID_V1 72 +#define GUID_V2 0xF210D9EF +#define REGS_SIZE_GUID_V2 80 #define STATE_CERT_MAX_SIZE 4096 #define STATE_MAX_NUM_LICENSES 16 #define STATE_MAX_NUM_IN_BUNDLE (uint32_t)8 @@ -100,9 +102,17 @@ struct sdsi_regs { struct availability prov_avail; struct nvram_update_limit limits; uint64_t pcu_cr3_capid_cfg; - uint64_t socket_id; + union { + struct { + uint64_t socket_id; + } v1; + struct { + uint64_t reserved; + uint64_t socket_id; + uint64_t reserved2; + } v2; + } extra; }; - #define CONTENT_TYPE_LK_ENC 0xD #define CONTENT_TYPE_LK_BLOB_ENC 0xE @@ -146,7 +156,7 @@ struct sdsi_dev { struct state_certificate sc; char *dev_name; char *dev_path; - int guid; + uint32_t guid; }; enum command { @@ -199,7 +209,7 @@ static int sdsi_update_registers(struct sdsi_dev *s) return -1; } - if (s->guid != GUID) { + if (s->guid != GUID_V1 && s->guid != GUID_V2) { fprintf(stderr, "Unrecognized guid, 0x%x\n", s->guid); fclose(regs_ptr); return -1; @@ -207,7 +217,8 @@ static int sdsi_update_registers(struct sdsi_dev *s) /* Update register info for this guid */ ret = fread(&s->regs, sizeof(uint8_t), sizeof(s->regs), regs_ptr); - if (ret != sizeof(s->regs)) { + if ((s->guid == GUID_V1 && ret != REGS_SIZE_GUID_V1) || + (s->guid == GUID_V2 && ret != REGS_SIZE_GUID_V2)) { fprintf(stderr, "Could not read 'registers' file\n"); fclose(regs_ptr); return -1; @@ -252,10 +263,13 @@ static int sdsi_read_reg(struct sdsi_dev *s) printf(" Updates Available: %d\n", s->regs.prov_avail.available); printf(" Updates Threshold: %d\n", s->regs.prov_avail.threshold); printf("NVRAM Udate Limit\n"); - printf(" 50%% Limit Reached: %s\n", !!s->regs.limits.sdsi_50_pct ? "Yes" : "No"); - printf(" 75%% Limit Reached: %s\n", !!s->regs.limits.sdsi_75_pct ? "Yes" : "No"); - printf(" 90%% Limit Reached: %s\n", !!s->regs.limits.sdsi_90_pct ? "Yes" : "No"); - printf("Socket ID: %ld\n", s->regs.socket_id & 0xF); + printf(" 50%% Limit Reached: %s\n", !!s->regs.limits.sdsi_50_pct ? "Yes" : "No"); + printf(" 75%% Limit Reached: %s\n", !!s->regs.limits.sdsi_75_pct ? "Yes" : "No"); + printf(" 90%% Limit Reached: %s\n", !!s->regs.limits.sdsi_90_pct ? "Yes" : "No"); + if (s->guid == GUID_V1) + printf("Socket ID: %ld\n", s->regs.extra.v1.socket_id & 0xF); + else + printf("Socket ID: %ld\n", s->regs.extra.v2.socket_id & 0xF); return 0; } From patchwork Sat Nov 19 00:23:43 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "David E. Box" X-Patchwork-Id: 23169 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp508393wrr; Fri, 18 Nov 2022 17:46:44 -0800 (PST) X-Google-Smtp-Source: AA0mqf6OisuRBgZB5Z3TwSqTsLcYwzJNXKWaXChu9eHDCIRHIKmdYQa13FeLNZgM6k4nRfbzc+B3 X-Received: by 2002:a17:90a:2dc3:b0:213:7f5:a972 with SMTP id q3-20020a17090a2dc300b0021307f5a972mr16707713pjm.159.1668822404644; Fri, 18 Nov 2022 17:46:44 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668822404; cv=none; d=google.com; s=arc-20160816; b=efrXDNvDTvWYQjRofpgkVifzwz3dxc3B6kBgiF/g7x2UVTM/re3Yw4iYf4xD8xu2wv pa2Gv61GxU9Lo+ILcHFrjziG0xhzw83WQ8/+uiwBPdXaC9u7WFQ42k3EXmtZFI3UvpD3 bVXp3LxfqdZG/vGw35fcbTg6E3L5dHindo2sLuIjD63zH7hfeiQi9quLpG9WYHNq8AoA IRPzXPc5iSZw6kofQAE2oKdEBKkVoZ9MzNTU9vJ72BP8SwpcHJycdP4ZlhYUL1Sfll2y NEthIO/3d67Cc1XDl7o6OslAusdGpNAzP2Qz6A/C9aTYhQ+U3TO3hgyIiL7zj1QbIiZ4 YsQQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=CpYsSZQ4qXN6F+DWnXBxfrk1/kb6tO2qp161FxADlG4=; b=G5Y1zZzkXkNzu1N2980jwY2RLZCOaNkkFkJq+hhb+Uv/OQfyzW4p36p3dS35IsLozQ 0c7vJFlAPCZjUoVynKmtSoNEChwvWMbAUKXhmILAcQvEK67j8CGc60kdOC8D6H2TNj4i U7Xios30CH1IkFd3wZtP5URpmJfs9yxpN9h+pAEk6s/kZqYe+ZBZYfQVAd0aSxyJe+94 9bwH4WMhaCblGPRJMUVzzoogt4982d7xoFCrncIVEPXrch77H+zipzZubNpZo6/uii1s QaZGy5VTY1kEIpokwHLK6rbkhYW4I2AZnSNqskXmZh2YbR3+Ly3V5wRIJogzzOIPWcyK wq3w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=iLjcAyDR; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id h17-20020a170902f55100b0018018272902si5693139plf.554.2022.11.18.17.46.32; Fri, 18 Nov 2022 17:46:44 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=iLjcAyDR; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232171AbiKSBYV (ORCPT + 99 others); Fri, 18 Nov 2022 20:24:21 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54804 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229470AbiKSBW6 (ORCPT ); Fri, 18 Nov 2022 20:22:58 -0500 Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 098C853ED0; Fri, 18 Nov 2022 16:23:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1668817435; x=1700353435; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=ELa4VyMmQa46ud+bAWUmad6+rz+mYWn3kNZACRLGq+Q=; b=iLjcAyDR8XeDWrZVfym+9vtqAjSJxuHZyJEuuoXsF8muuTk2Bi07Y39M BwwtmJ+SKknhy6V6Jojs2jbtVs5tUnm8erXHGMNw6hbCsuYe/CXSFsCnF DUpSVhOEMd8yKpUDgce4BNIslo7jZ9qXfjKW17wqGt4+66IkIuFpUUkGx 4xIc9dwxw3+7hh90Bpqr7XY0cs7tHYiYizABx46YAXd27cmMSLIFUiN9Z 0Auxv3TiBhF3sTiO5656aqZ+NCc/OZY8szlLkeZKpDuiW4llMweK8FJdu rdC5pxC9pHwrcwqOytaFa+nRAgH/ZG1BPJ7xXEvvp8wY+UXYHu7h0jaDe w==; X-IronPort-AV: E=McAfee;i="6500,9779,10535"; a="314418975" X-IronPort-AV: E=Sophos;i="5.96,175,1665471600"; d="scan'208";a="314418975" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 18 Nov 2022 16:23:47 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10535"; a="765349184" X-IronPort-AV: E=Sophos;i="5.96,175,1665471600"; d="scan'208";a="765349184" Received: from linux.intel.com ([10.54.29.200]) by orsmga004.jf.intel.com with ESMTP; 18 Nov 2022 16:23:47 -0800 Received: from debox1-desk4.lan (unknown [10.252.138.169]) by linux.intel.com (Postfix) with ESMTP id F3A20580A6C; Fri, 18 Nov 2022 16:23:46 -0800 (PST) From: "David E. Box" To: david.e.box@linux.intel.com, hdegoede@redhat.com, markgross@kernel.org, andriy.shevchenko@linux.intel.com Cc: platform-driver-x86@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH V2 9/9] tools/arch/x86: intel_sdsi: Add support for reading meter certificates Date: Fri, 18 Nov 2022 16:23:43 -0800 Message-Id: <20221119002343.1281885-10-david.e.box@linux.intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20221119002343.1281885-1-david.e.box@linux.intel.com> References: <20221119002343.1281885-1-david.e.box@linux.intel.com> MIME-Version: 1.0 X-Spam-Status: No, score=-4.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1749887122267270854?= X-GMAIL-MSGID: =?utf-8?q?1749887122267270854?= Add option to read and decode On Demand meter certificates. Link: https://github.com/intel/intel-sdsi/blob/master/meter-certificate.rst Signed-off-by: David E. Box Reviewed-by: Hans de Goede --- V2 - Use separate cases for state and meter switch options. tools/arch/x86/intel_sdsi/intel_sdsi.c | 110 ++++++++++++++++++++++++- 1 file changed, 108 insertions(+), 2 deletions(-) diff --git a/tools/arch/x86/intel_sdsi/intel_sdsi.c b/tools/arch/x86/intel_sdsi/intel_sdsi.c index b42e1b6a6a1b..2cd92761f171 100644 --- a/tools/arch/x86/intel_sdsi/intel_sdsi.c +++ b/tools/arch/x86/intel_sdsi/intel_sdsi.c @@ -40,8 +40,10 @@ #define GUID_V2 0xF210D9EF #define REGS_SIZE_GUID_V2 80 #define STATE_CERT_MAX_SIZE 4096 +#define METER_CERT_MAX_SIZE 4096 #define STATE_MAX_NUM_LICENSES 16 #define STATE_MAX_NUM_IN_BUNDLE (uint32_t)8 +#define METER_MAX_NUM_BUNDLES 8 #define __round_mask(x, y) ((__typeof__(x))((y) - 1)) #define round_up(x, y) ((((x) - 1) | __round_mask(x, y)) + 1) @@ -151,6 +153,21 @@ struct bundle_encoding { uint32_t encoding_rsvd[7]; }; +struct meter_certificate { + uint32_t block_signature; + uint32_t counter_unit; + uint64_t ppin; + uint32_t bundle_length; + uint32_t reserved; + uint32_t mmrc_encoding; + uint32_t mmrc_counter; +}; + +struct bundle_encoding_counter { + uint32_t encoding; + uint32_t counter; +}; + struct sdsi_dev { struct sdsi_regs regs; struct state_certificate sc; @@ -161,6 +178,7 @@ struct sdsi_dev { enum command { CMD_SOCKET_INFO, + CMD_METER_CERT, CMD_STATE_CERT, CMD_PROV_AKC, CMD_PROV_CAP, @@ -308,6 +326,86 @@ static void get_feature(uint32_t encoding, char *feature) feature[0] = name[3]; } +static int sdsi_meter_cert_show(struct sdsi_dev *s) +{ + char buf[METER_CERT_MAX_SIZE] = {0}; + struct bundle_encoding_counter *bec; + struct meter_certificate *mc; + uint32_t count = 0; + FILE *cert_ptr; + int ret, size; + + ret = sdsi_update_registers(s); + if (ret) + return ret; + + if (!s->regs.en_features.sdsi) { + fprintf(stderr, "SDSi feature is present but not enabled.\n"); + fprintf(stderr, " Unable to read meter certificate\n"); + return -1; + } + + if (!s->regs.en_features.metering) { + fprintf(stderr, "Metering not supporting on this socket.\n"); + return -1; + } + + ret = chdir(s->dev_path); + if (ret == -1) { + perror("chdir"); + return ret; + } + + cert_ptr = fopen("meter_certificate", "r"); + if (!cert_ptr) { + perror("Could not open 'meter_certificate' file"); + return -1; + } + + size = fread(buf, 1, sizeof(buf), cert_ptr); + if (!size) { + fprintf(stderr, "Could not read 'meter_certificate' file\n"); + fclose(cert_ptr); + return -1; + } + fclose(cert_ptr); + + mc = (struct meter_certificate *)buf; + + printf("\n"); + printf("Meter certificate for device %s\n", s->dev_name); + printf("\n"); + printf("Block Signature: 0x%x\n", mc->block_signature); + printf("Count Unit: %dms\n", mc->counter_unit); + printf("PPIN: 0x%lx\n", mc->ppin); + printf("Feature Bundle Length: %d\n", mc->bundle_length); + printf("MMRC encoding: %d\n", mc->mmrc_encoding); + printf("MMRC counter: %d\n", mc->mmrc_counter); + if (mc->bundle_length % 8) { + fprintf(stderr, "Invalid bundle length\n"); + return -1; + } + + if (mc->bundle_length > METER_MAX_NUM_BUNDLES * 8) { + fprintf(stderr, "More than %d bundles: %d\n", + METER_MAX_NUM_BUNDLES, mc->bundle_length / 8); + return -1; + } + + bec = (void *)(mc) + sizeof(mc); + + printf("Number of Feature Counters: %d\n", mc->bundle_length / 8); + while (count++ < mc->bundle_length / 8) { + char feature[5]; + + feature[4] = '\0'; + get_feature(bec[count].encoding, feature); + printf(" %s: %d\n", feature, bec[count].counter); + } + + return 0; +} + static int sdsi_state_cert_show(struct sdsi_dev *s) { char buf[STATE_CERT_MAX_SIZE] = {0}; @@ -627,7 +725,7 @@ static void sdsi_free_dev(struct sdsi_dev *s) static void usage(char *prog) { - printf("Usage: %s [-l] [-d DEVNO [-i] [-s] [-a FILE] [-c FILE]]\n", prog); + printf("Usage: %s [-l] [-d DEVNO [-i] [-s] [-m] [-a FILE] [-c FILE]]\n", prog); } static void show_help(void) @@ -637,6 +735,7 @@ static void show_help(void) printf(" %-18s\t%s\n", "-d, --devno DEVNO", "On Demand device number"); printf(" %-18s\t%s\n", "-i, --info", "show socket information"); printf(" %-18s\t%s\n", "-s, --state", "show state certificate"); + printf(" %-18s\t%s\n", "-m, --meter", "show meter certificate"); printf(" %-18s\t%s\n", "-a, --akc FILE", "provision socket with AKC FILE"); printf(" %-18s\t%s\n", "-c, --cap FILE>", "provision socket with CAP FILE"); } @@ -658,6 +757,7 @@ int main(int argc, char *argv[]) {"help", no_argument, 0, 'h'}, {"info", no_argument, 0, 'i'}, {"list", no_argument, 0, 'l'}, + {"meter", no_argument, 0, 'm'}, {"state", no_argument, 0, 's'}, {0, 0, 0, 0 } }; @@ -665,7 +765,7 @@ int main(int argc, char *argv[]) progname = argv[0]; - while ((opt = getopt_long_only(argc, argv, "+a:c:d:hils", long_options, + while ((opt = getopt_long_only(argc, argv, "+a:c:d:hilms", long_options, &option_index)) != -1) { switch (opt) { case 'd': @@ -678,6 +778,9 @@ int main(int argc, char *argv[]) case 'i': command = CMD_SOCKET_INFO; break; + case 'm': + command = CMD_METER_CERT; + break; case 's': command = CMD_STATE_CERT; break; @@ -715,6 +818,9 @@ int main(int argc, char *argv[]) case CMD_SOCKET_INFO: ret = sdsi_read_reg(s); break; + case CMD_METER_CERT: + ret = sdsi_meter_cert_show(s); + break; case CMD_STATE_CERT: ret = sdsi_state_cert_show(s); break;