Commit ec310caf authored by Brijesh Singh's avatar Brijesh Singh Committed by Herbert Xu
Browse files

crypto: ccp - add SEV command privilege separation 



Currently, there is no privilege separation of the SEV command; you can
run them all or none of them. This is less than ideal because it means
that a compromise of the code which launches VMs could make permanent
change to the SEV certifcate chain which will affect others.

These commands are required to attest the VM environment:
 - SEV_PDH_CERT_EXPORT
 - SEV_PLATFORM_STATUS
 - SEV_GET_{ID,ID2}

These commands manage the SEV certificate chain:
 - SEV_PEK_CERR_IMPORT
 - SEV_FACTORY_RESET
 - SEV_PEK_GEN
 - SEV_PEK_CSR
 - SEV_PDH_GEN

Lets add the CAP_SYS_ADMIN check for the group of the commands which alters
the SEV certificate chain to provide some level of privilege separation.

Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Gary Hook <gary.hook@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Tom Lendacky <Thomas.Lendacky@amd.com>
Tested-by: default avatarDavid Rientjes <rientjes@google.com>
Co-developed-by: default avatarDavid Rientjes <rientjes@google.com>
Signed-off-by: default avatarDavid Rientjes <rientjes@google.com>
Signed-off-by: default avatarBrijesh Singh <brijesh.singh@amd.com>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent c433a1a8

drivers/crypto/ccp/psp-dev.c

+22 −7
Original line number Diff line number Diff line
@@ -294,6 +294,9 @@ static int sev_ioctl_do_reset(struct sev_issue_cmd *argp) 
{

	int state, rc;



	if (!capable(CAP_SYS_ADMIN))

		return -EPERM;



	/*

	 * The SEV spec requires that FACTORY_RESET must be issued in

	 * UNINIT state. Before we go further lets check if any guest is
@@ -338,6 +341,9 @@ static int sev_ioctl_do_pek_pdh_gen(int cmd, struct sev_issue_cmd *argp) 
{

	int rc;



	if (!capable(CAP_SYS_ADMIN))

		return -EPERM;



	if (psp_master->sev_state == SEV_STATE_UNINIT) {

		rc = __sev_platform_init_locked(&argp->error);

		if (rc)
@@ -354,6 +360,9 @@ static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp) 
	void *blob = NULL;

	int ret;



	if (!capable(CAP_SYS_ADMIN))

		return -EPERM;



	if (copy_from_user(&input, (void __user *)argp->data, sizeof(input)))

		return -EFAULT;
@@ -540,6 +549,9 @@ static int sev_ioctl_do_pek_import(struct sev_issue_cmd *argp) 
	void *pek_blob, *oca_blob;

	int ret;



	if (!capable(CAP_SYS_ADMIN))

		return -EPERM;



	if (copy_from_user(&input, (void __user *)argp->data, sizeof(input)))

		return -EFAULT;
@@ -695,6 +707,16 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp) 
	struct sev_data_pdh_cert_export *data;

	int ret;



	/* If platform is not in INIT state then transition it to INIT. */

	if (psp_master->sev_state != SEV_STATE_INIT) {

		if (!capable(CAP_SYS_ADMIN))

			return -EPERM;



		ret = __sev_platform_init_locked(&argp->error);

		if (ret)

			return ret;

	}



	if (copy_from_user(&input, (void __user *)argp->data, sizeof(input)))

		return -EFAULT;
@@ -741,13 +763,6 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp) 
	data->cert_chain_len = input.cert_chain_len;



cmd:

	/* If platform is not in INIT state then transition it to INIT. */

	if (psp_master->sev_state != SEV_STATE_INIT) {

		ret = __sev_platform_init_locked(&argp->error);

		if (ret)

			goto e_free_cert;

	}



	ret = __sev_do_cmd_locked(SEV_CMD_PDH_CERT_EXPORT, data, &argp->error);



	/* If we query the length, FW responded with expected data. */

drivers/crypto/ccp/psp-dev.h

+1 −0
Original line number Diff line number Diff line
@@ -23,6 +23,7 @@ 
#include <linux/dmaengine.h>

#include <linux/psp-sev.h>

#include <linux/miscdevice.h>

#include <linux/capability.h>



#include "sp-dev.h"

CRA Git | Maintained and supported by SUSTech CRA and CCSE