forked from torvalds/linux
-
Notifications
You must be signed in to change notification settings - Fork 14
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
arch/cc: Introduce a function to check for confidential computing fea…
…tures In preparation for other confidential computing technologies, introduce a generic helper function, cc_platform_has(), that can be used to check for specific active confidential computing attributes, like memory encryption. This is intended to eliminate having to add multiple technology-specific checks to the code (e.g. if (sev_active() || tdx_active() || ... ). [ bp: s/_CC_PLATFORM_H/_LINUX_CC_PLATFORM_H/g ] Co-developed-by: Andi Kleen <[email protected]> Signed-off-by: Andi Kleen <[email protected]> Co-developed-by: Kuppuswamy Sathyanarayanan <[email protected]> Signed-off-by: Kuppuswamy Sathyanarayanan <[email protected]> Signed-off-by: Tom Lendacky <[email protected]> Signed-off-by: Borislav Petkov <[email protected]> Link: https://lkml.kernel.org/r/[email protected]
- Loading branch information
1 parent
402fe0c
commit 46b49b1
Showing
2 changed files
with
91 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,88 @@ | ||
/* SPDX-License-Identifier: GPL-2.0-only */ | ||
/* | ||
* Confidential Computing Platform Capability checks | ||
* | ||
* Copyright (C) 2021 Advanced Micro Devices, Inc. | ||
* | ||
* Author: Tom Lendacky <[email protected]> | ||
*/ | ||
|
||
#ifndef _LINUX_CC_PLATFORM_H | ||
#define _LINUX_CC_PLATFORM_H | ||
|
||
#include <linux/types.h> | ||
#include <linux/stddef.h> | ||
|
||
/** | ||
* enum cc_attr - Confidential computing attributes | ||
* | ||
* These attributes represent confidential computing features that are | ||
* currently active. | ||
*/ | ||
enum cc_attr { | ||
/** | ||
* @CC_ATTR_MEM_ENCRYPT: Memory encryption is active | ||
* | ||
* The platform/OS is running with active memory encryption. This | ||
* includes running either as a bare-metal system or a hypervisor | ||
* and actively using memory encryption or as a guest/virtual machine | ||
* and actively using memory encryption. | ||
* | ||
* Examples include SME, SEV and SEV-ES. | ||
*/ | ||
CC_ATTR_MEM_ENCRYPT, | ||
|
||
/** | ||
* @CC_ATTR_HOST_MEM_ENCRYPT: Host memory encryption is active | ||
* | ||
* The platform/OS is running as a bare-metal system or a hypervisor | ||
* and actively using memory encryption. | ||
* | ||
* Examples include SME. | ||
*/ | ||
CC_ATTR_HOST_MEM_ENCRYPT, | ||
|
||
/** | ||
* @CC_ATTR_GUEST_MEM_ENCRYPT: Guest memory encryption is active | ||
* | ||
* The platform/OS is running as a guest/virtual machine and actively | ||
* using memory encryption. | ||
* | ||
* Examples include SEV and SEV-ES. | ||
*/ | ||
CC_ATTR_GUEST_MEM_ENCRYPT, | ||
|
||
/** | ||
* @CC_ATTR_GUEST_STATE_ENCRYPT: Guest state encryption is active | ||
* | ||
* The platform/OS is running as a guest/virtual machine and actively | ||
* using memory encryption and register state encryption. | ||
* | ||
* Examples include SEV-ES. | ||
*/ | ||
CC_ATTR_GUEST_STATE_ENCRYPT, | ||
}; | ||
|
||
#ifdef CONFIG_ARCH_HAS_CC_PLATFORM | ||
|
||
/** | ||
* cc_platform_has() - Checks if the specified cc_attr attribute is active | ||
* @attr: Confidential computing attribute to check | ||
* | ||
* The cc_platform_has() function will return an indicator as to whether the | ||
* specified Confidential Computing attribute is currently active. | ||
* | ||
* Context: Any context | ||
* Return: | ||
* * TRUE - Specified Confidential Computing attribute is active | ||
* * FALSE - Specified Confidential Computing attribute is not active | ||
*/ | ||
bool cc_platform_has(enum cc_attr attr); | ||
|
||
#else /* !CONFIG_ARCH_HAS_CC_PLATFORM */ | ||
|
||
static inline bool cc_platform_has(enum cc_attr attr) { return false; } | ||
|
||
#endif /* CONFIG_ARCH_HAS_CC_PLATFORM */ | ||
|
||
#endif /* _LINUX_CC_PLATFORM_H */ |