linux/drivers/crypto/ccp
Brijesh Singh 2c07ded064 KVM/SVM: add support for SEV attestation command
The SEV FW version >= 0.23 added a new command that can be used to query
the attestation report containing the SHA-256 digest of the guest memory
encrypted through the KVM_SEV_LAUNCH_UPDATE_{DATA, VMSA} commands and
sign the report with the Platform Endorsement Key (PEK).

See the SEV FW API spec section 6.8 for more details.

Note there already exist a command (KVM_SEV_LAUNCH_MEASURE) that can be
used to get the SHA-256 digest. The main difference between the
KVM_SEV_LAUNCH_MEASURE and KVM_SEV_ATTESTATION_REPORT is that the latter
can be called while the guest is running and the measurement value is
signed with PEK.

Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Tom Lendacky <Thomas.Lendacky@amd.com>
Cc: David Rientjes <rientjes@google.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Sean Christopherson <seanjc@google.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: John Allen <john.allen@amd.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: linux-crypto@vger.kernel.org
Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
Acked-by: David Rientjes <rientjes@google.com>
Tested-by: James Bottomley <jejb@linux.ibm.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Message-Id: <20210104151749.30248-1-brijesh.singh@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-02-04 05:27:20 -05:00
..
Kconfig crypto: ccp -- don't "select" CONFIG_DMADEVICES 2020-04-16 16:49:22 +10:00
Makefile crypto: ccp - add TEE support for Raven Ridge 2019-12-20 14:58:32 +08:00
ccp-crypto-aes-cmac.c crypto: drivers - set the flag CRYPTO_ALG_ALLOCATES_MEMORY 2020-07-16 21:49:10 +10:00
ccp-crypto-aes-galois.c crypto: drivers - set the flag CRYPTO_ALG_ALLOCATES_MEMORY 2020-07-16 21:49:10 +10:00
ccp-crypto-aes-xts.c crypto: drivers - set the flag CRYPTO_ALG_ALLOCATES_MEMORY 2020-07-16 21:49:10 +10:00
ccp-crypto-aes.c crypto: drivers - set the flag CRYPTO_ALG_ALLOCATES_MEMORY 2020-07-16 21:49:10 +10:00
ccp-crypto-des3.c crypto: drivers - set the flag CRYPTO_ALG_ALLOCATES_MEMORY 2020-07-16 21:49:10 +10:00
ccp-crypto-main.c crypto: ccp - switch from ablkcipher to skcipher 2019-11-17 09:02:45 +08:00
ccp-crypto-rsa.c mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07 11:33:22 -07:00
ccp-crypto-sha.c crypto: sha - split sha.h into sha1.h and sha2.h 2020-11-20 14:45:33 +11:00
ccp-crypto.h crypto: sha - split sha.h into sha1.h and sha2.h 2020-11-20 14:45:33 +11:00
ccp-debugfs.c crypto: ccp - Switch to SPDX license identifiers 2019-07-03 22:13:12 +08:00
ccp-dev-v3.c crypto: ccp - set max RSA modulus size for v3 platform devices as well 2019-12-11 16:36:55 +08:00
ccp-dev-v5.c crypto: ccp - Fix sparse warnings 2020-07-09 18:25:22 +10:00
ccp-dev.c crypto: ccp - use generic power management 2020-07-31 18:25:26 +10:00
ccp-dev.h crypto: ccp - Fix sparse warnings 2020-07-09 18:25:22 +10:00
ccp-dmaengine.c crypto: ccp - fix uninitialized list head 2019-10-26 02:10:00 +11:00
ccp-ops.c crypto: ccp - fix error handling 2020-10-02 18:02:10 +10:00
psp-dev.c crypto: ccp - Cleanup sp_dev_master in psp_dev_destroy() 2020-03-12 23:00:12 +11:00
psp-dev.h crypto: ccp - add TEE support for Raven Ridge 2019-12-20 14:58:32 +08:00
sev-dev.c KVM/SVM: add support for SEV attestation command 2021-02-04 05:27:20 -05:00
sev-dev.h crypto: ccp - move SEV vdata to a dedicated data structure 2019-12-20 14:58:32 +08:00
sp-dev.c crypto: ccp - use generic power management 2020-07-31 18:25:26 +10:00
sp-dev.h crypto: ccp - use generic power management 2020-07-31 18:25:26 +10:00
sp-pci.c crypto: ccp - use generic power management 2020-07-31 18:25:26 +10:00
sp-platform.c crypto: ccp - use generic power management 2020-07-31 18:25:26 +10:00
tee-dev.c tee: amdtee: check TEE status during driver initialization 2020-01-04 13:49:51 +08:00
tee-dev.h crypto: ccp - provide in-kernel API to submit TEE commands 2019-12-20 14:58:32 +08:00