[PATCH 2/5] crypto: ccp: Move security attributes to their own file

From: Mario Limonciello
Date: Mon May 27 2024 - 11:30:38 EST


To prepare for other code that will manipulate security attributes
move the handling code out of sp-pci.c. No intended functional changes.

Signed-off-by: Mario Limonciello <mario.limonciello@xxxxxxx>
---
MAINTAINERS | 6 ++++
drivers/crypto/ccp/Makefile | 3 +-
drivers/crypto/ccp/hsti.c | 68 ++++++++++++++++++++++++++++++++++++
drivers/crypto/ccp/hsti.h | 15 ++++++++
drivers/crypto/ccp/psp-dev.c | 1 +
drivers/crypto/ccp/sp-pci.c | 56 +----------------------------
6 files changed, 93 insertions(+), 56 deletions(-)
create mode 100644 drivers/crypto/ccp/hsti.c
create mode 100644 drivers/crypto/ccp/hsti.h

diff --git a/MAINTAINERS b/MAINTAINERS
index d6c90161c7bf..883fb3b246b6 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -991,6 +991,12 @@ F: include/uapi/linux/psp-dbc.h
F: tools/crypto/ccp/*.c
F: tools/crypto/ccp/*.py

+AMD CRYPTOGRAPHIC COPROCESSOR (CCP) DRIVER - HSTI SUPPORT
+M: Mario Limonciello <mario.limonciello@xxxxxxx>
+L: linux-crypto@xxxxxxxxxxxxxxx
+S: Supported
+F: drivers/crypto/ccp/hsti.*
+
AMD DISPLAY CORE
M: Harry Wentland <harry.wentland@xxxxxxx>
M: Leo Li <sunpeng.li@xxxxxxx>
diff --git a/drivers/crypto/ccp/Makefile b/drivers/crypto/ccp/Makefile
index aa0ba2d17e1e..394484929dae 100644
--- a/drivers/crypto/ccp/Makefile
+++ b/drivers/crypto/ccp/Makefile
@@ -12,7 +12,8 @@ ccp-$(CONFIG_CRYPTO_DEV_SP_PSP) += psp-dev.o \
sev-dev.o \
tee-dev.o \
platform-access.o \
- dbc.o
+ dbc.o \
+ hsti.o

obj-$(CONFIG_CRYPTO_DEV_CCP_CRYPTO) += ccp-crypto.o
ccp-crypto-objs := ccp-crypto-main.o \
diff --git a/drivers/crypto/ccp/hsti.c b/drivers/crypto/ccp/hsti.c
new file mode 100644
index 000000000000..076c1d175b2b
--- /dev/null
+++ b/drivers/crypto/ccp/hsti.c
@@ -0,0 +1,68 @@
+// SPDX-License-Identifier: GPL-2.0-only
+/*
+ * AMD Secure Processor device driver, security attributes
+ *
+ * Copyright (C) 2023-2024 Advanced Micro Devices, Inc.
+ *
+ * Author: Mario Limonciello <mario.limonciello@xxxxxxx>
+ */
+
+#include <linux/device.h>
+
+#include "psp-dev.h"
+#include "hsti.h"
+
+#define security_attribute_show(name) \
+static ssize_t name##_show(struct device *d, struct device_attribute *attr, \
+ char *buf) \
+{ \
+ struct sp_device *sp = dev_get_drvdata(d); \
+ struct psp_device *psp = sp->psp_data; \
+ return sysfs_emit(buf, "%d\n", psp->capability.name); \
+}
+
+security_attribute_show(fused_part)
+static DEVICE_ATTR_RO(fused_part);
+security_attribute_show(debug_lock_on)
+static DEVICE_ATTR_RO(debug_lock_on);
+security_attribute_show(tsme_status)
+static DEVICE_ATTR_RO(tsme_status);
+security_attribute_show(anti_rollback_status)
+static DEVICE_ATTR_RO(anti_rollback_status);
+security_attribute_show(rpmc_production_enabled)
+static DEVICE_ATTR_RO(rpmc_production_enabled);
+security_attribute_show(rpmc_spirom_available)
+static DEVICE_ATTR_RO(rpmc_spirom_available);
+security_attribute_show(hsp_tpm_available)
+static DEVICE_ATTR_RO(hsp_tpm_available);
+security_attribute_show(rom_armor_enforced)
+static DEVICE_ATTR_RO(rom_armor_enforced);
+
+static struct attribute *psp_security_attrs[] = {
+ &dev_attr_fused_part.attr,
+ &dev_attr_debug_lock_on.attr,
+ &dev_attr_tsme_status.attr,
+ &dev_attr_anti_rollback_status.attr,
+ &dev_attr_rpmc_production_enabled.attr,
+ &dev_attr_rpmc_spirom_available.attr,
+ &dev_attr_hsp_tpm_available.attr,
+ &dev_attr_rom_armor_enforced.attr,
+ NULL
+};
+
+static umode_t psp_security_is_visible(struct kobject *kobj, struct attribute *attr, int idx)
+{
+ struct device *dev = kobj_to_dev(kobj);
+ struct sp_device *sp = dev_get_drvdata(dev);
+ struct psp_device *psp = sp->psp_data;
+
+ if (psp && psp->capability.security_reporting)
+ return 0444;
+
+ return 0;
+}
+
+struct attribute_group psp_security_attr_group = {
+ .attrs = psp_security_attrs,
+ .is_visible = psp_security_is_visible,
+};
diff --git a/drivers/crypto/ccp/hsti.h b/drivers/crypto/ccp/hsti.h
new file mode 100644
index 000000000000..e5c5ceab9973
--- /dev/null
+++ b/drivers/crypto/ccp/hsti.h
@@ -0,0 +1,15 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+/*
+ * AMD Secure Processor device driver, security attributes
+ *
+ * Copyright (C) 2023-2024 Advanced Micro Devices, Inc.
+ *
+ * Author: Mario Limonciello <mario.limonciello@xxxxxxx>
+ */
+
+#ifndef __HSTI_H
+#define __HSTI_H
+
+extern struct attribute_group psp_security_attr_group;
+
+#endif /* __HSTI_H */
diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c
index 7d9d2042be35..1a7b991c27f7 100644
--- a/drivers/crypto/ccp/psp-dev.c
+++ b/drivers/crypto/ccp/psp-dev.c
@@ -19,6 +19,7 @@
#include "tee-dev.h"
#include "platform-access.h"
#include "dbc.h"
+#include "hsti.h"

struct psp_device *psp_master;

diff --git a/drivers/crypto/ccp/sp-pci.c b/drivers/crypto/ccp/sp-pci.c
index b57392292af1..2db46736a4d7 100644
--- a/drivers/crypto/ccp/sp-pci.c
+++ b/drivers/crypto/ccp/sp-pci.c
@@ -24,6 +24,7 @@

#include "ccp-dev.h"
#include "psp-dev.h"
+#include "hsti.h"

/* used for version string AA.BB.CC.DD */
#define AA GENMASK(31, 24)
@@ -39,61 +40,6 @@ struct sp_pci {
};
static struct sp_device *sp_dev_master;

-#define security_attribute_show(name) \
-static ssize_t name##_show(struct device *d, struct device_attribute *attr, \
- char *buf) \
-{ \
- struct sp_device *sp = dev_get_drvdata(d); \
- struct psp_device *psp = sp->psp_data; \
- return sysfs_emit(buf, "%d\n", psp->capability.name); \
-}
-
-security_attribute_show(fused_part)
-static DEVICE_ATTR_RO(fused_part);
-security_attribute_show(debug_lock_on)
-static DEVICE_ATTR_RO(debug_lock_on);
-security_attribute_show(tsme_status)
-static DEVICE_ATTR_RO(tsme_status);
-security_attribute_show(anti_rollback_status)
-static DEVICE_ATTR_RO(anti_rollback_status);
-security_attribute_show(rpmc_production_enabled)
-static DEVICE_ATTR_RO(rpmc_production_enabled);
-security_attribute_show(rpmc_spirom_available)
-static DEVICE_ATTR_RO(rpmc_spirom_available);
-security_attribute_show(hsp_tpm_available)
-static DEVICE_ATTR_RO(hsp_tpm_available);
-security_attribute_show(rom_armor_enforced)
-static DEVICE_ATTR_RO(rom_armor_enforced);
-
-static struct attribute *psp_security_attrs[] = {
- &dev_attr_fused_part.attr,
- &dev_attr_debug_lock_on.attr,
- &dev_attr_tsme_status.attr,
- &dev_attr_anti_rollback_status.attr,
- &dev_attr_rpmc_production_enabled.attr,
- &dev_attr_rpmc_spirom_available.attr,
- &dev_attr_hsp_tpm_available.attr,
- &dev_attr_rom_armor_enforced.attr,
- NULL
-};
-
-static umode_t psp_security_is_visible(struct kobject *kobj, struct attribute *attr, int idx)
-{
- struct device *dev = kobj_to_dev(kobj);
- struct sp_device *sp = dev_get_drvdata(dev);
- struct psp_device *psp = sp->psp_data;
-
- if (psp && psp->capability.security_reporting)
- return 0444;
-
- return 0;
-}
-
-static struct attribute_group psp_security_attr_group = {
- .attrs = psp_security_attrs,
- .is_visible = psp_security_is_visible,
-};
-
#define version_attribute_show(name, _offset) \
static ssize_t name##_show(struct device *d, struct device_attribute *attr, \
char *buf) \
--
2.43.0