[SRU][N:linux-gcp][PATCH 19/23] x86/sev: Add SVSM vTPM probe/send_command functions

Ian Whitfield ian.whitfield at canonical.com
Mon Jun 16 23:05:03 UTC 2025 

From: Stefano Garzarella <sgarzare at redhat.com>

BugLink: https://bugs.launchpad.net/bugs/2111956

Add two new functions to probe and send commands to the SVSM vTPM. They
leverage the two calls defined by the AMD SVSM specification [1] for the vTPM
protocol: SVSM_VTPM_QUERY and SVSM_VTPM_CMD.

Expose snp_svsm_vtpm_send_command() to be used by a TPM driver.

  [1] "Secure VM Service Module for SEV-SNP Guests"
      Publication # 58019 Revision: 1.00

  [ bp: Some doc touchups. ]

Co-developed-by: James Bottomley <James.Bottomley at HansenPartnership.com>
Signed-off-by: James Bottomley <James.Bottomley at HansenPartnership.com>
Co-developed-by: Claudio Carvalho <cclaudio at linux.ibm.com>
Signed-off-by: Claudio Carvalho <cclaudio at linux.ibm.com>
Signed-off-by: Stefano Garzarella <sgarzare at redhat.com>
Signed-off-by: Borislav Petkov (AMD) <bp at alien8.de>
Reviewed-by: Tom Lendacky <thomas.lendacky at amd.com>
Reviewed-by: Jarkko Sakkinen <jarkko at kernel.org>
Link: https://lore.kernel.org/r/20250403100943.120738-2-sgarzare@redhat.com
(backported from commit 770de678bc281f6b0be339c29c1ad74dfb0e9325)
[ijwhitfield: Adjusted context due to missing commits:
2a783066b6f5 ("x86/mm: Refactor __set_clr_pte_enc()")
3074152e56c9 ("x86/sev: Convert shared memory back to private on kexec")
eb65f96cb332 ("virt: sev-guest: Choose the VMPCK key based on executing VMPL")
c5529418d050 ("x86/sev: Carve out and export SNP guest messaging init routines")
1e0b23b5d2d1 ("x86/sev: Relocate SNP guest messaging routines to common code")
85b60ca9ad2c ("x86/sev: Add Secure TSC support for SNP guests")
73bbf3b0fbba ("x86/tsc: Init the TSC for Secure TSC guests")]
Signed-off-by: Ian Whitfield <ian.whitfield at canonical.com>
---
 arch/x86/coco/sev/core.c   | 58 ++++++++++++++++++++++++++++++++++++++
 arch/x86/include/asm/sev.h |  7 +++++
 2 files changed, 65 insertions(+)

diff --git a/arch/x86/coco/sev/core.c b/arch/x86/coco/sev/core.c
index 7bc9f4f6adc5..df049b1fdccd 100644
--- a/arch/x86/coco/sev/core.c
+++ b/arch/x86/coco/sev/core.c
@@ -2486,6 +2486,64 @@ int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, struct sn
 }
 EXPORT_SYMBOL_GPL(snp_issue_guest_request);
 
+/**
+ * snp_svsm_vtpm_probe() - Probe if SVSM provides a vTPM device
+ *
+ * Check that there is SVSM and that it supports at least TPM_SEND_COMMAND
+ * which is the only request used so far.
+ *
+ * Return: true if the platform provides a vTPM SVSM device, false otherwise.
+ */
+static bool snp_svsm_vtpm_probe(void)
+{
+	struct svsm_call call = {};
+
+	/* The vTPM device is available only if a SVSM is present */
+	if (!snp_vmpl)
+		return false;
+
+	call.caa = svsm_get_caa();
+	call.rax = SVSM_VTPM_CALL(SVSM_VTPM_QUERY);
+
+	if (svsm_perform_call_protocol(&call))
+		return false;
+
+	/* Check platform commands contains TPM_SEND_COMMAND - platform command 8 */
+	return call.rcx_out & BIT_ULL(8);
+}
+
+/**
+ * snp_svsm_vtpm_send_command() - Execute a vTPM operation on SVSM
+ * @buffer: A buffer used to both send the command and receive the response.
+ *
+ * Execute a SVSM_VTPM_CMD call as defined by
+ * "Secure VM Service Module for SEV-SNP Guests" Publication # 58019 Revision: 1.00
+ *
+ * All command request/response buffers have a common structure as specified by
+ * the following table:
+ *     Byte      Size       In/Out    Description
+ *     Offset    (Bytes)
+ *     0x000     4          In        Platform command
+ *                          Out       Platform command response size
+ *
+ * Each command can build upon this common request/response structure to create
+ * a structure specific to the command. See include/linux/tpm_svsm.h for more
+ * details.
+ *
+ * Return: 0 on success, -errno on failure
+ */
+int snp_svsm_vtpm_send_command(u8 *buffer)
+{
+	struct svsm_call call = {};
+
+	call.caa = svsm_get_caa();
+	call.rax = SVSM_VTPM_CALL(SVSM_VTPM_CMD);
+	call.rcx = __pa(buffer);
+
+	return svsm_perform_call_protocol(&call);
+}
+EXPORT_SYMBOL_GPL(snp_svsm_vtpm_send_command);
+
 static struct platform_device sev_guest_device = {
 	.name		= "sev-guest",
 	.id		= -1,
diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h
index 3620f739f196..4733a42e9343 100644
--- a/arch/x86/include/asm/sev.h
+++ b/arch/x86/include/asm/sev.h
@@ -246,6 +246,10 @@ struct svsm_call {
 #define SVSM_ATTEST_SERVICES		0
 #define SVSM_ATTEST_SINGLE_SERVICE	1
 
+#define SVSM_VTPM_CALL(x)		((2ULL << 32) | (x))
+#define SVSM_VTPM_QUERY			0
+#define SVSM_VTPM_CMD			1
+
 #ifdef CONFIG_AMD_MEM_ENCRYPT
 
 extern u8 snp_vmpl;
@@ -333,6 +337,8 @@ u64 snp_get_unsupported_features(u64 status);
 u64 sev_get_status(void);
 void snp_update_svsm_ca(void);
 
+int snp_svsm_vtpm_send_command(u8 *buffer);
+
 #else	/* !CONFIG_AMD_MEM_ENCRYPT */
 
 #define snp_vmpl 0
@@ -367,6 +373,7 @@ static inline void snp_accept_memory(phys_addr_t start, phys_addr_t end) { }
 static inline u64 snp_get_unsupported_features(u64 status) { return 0; }
 static inline u64 sev_get_status(void) { return 0; }
 static inline void snp_update_svsm_ca(void) { }
+static inline int snp_svsm_vtpm_send_command(u8 *buffer) { return -ENODEV; }
 
 #endif	/* CONFIG_AMD_MEM_ENCRYPT */
 
-- 
2.43.0

More information about the kernel-team mailing list