git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Stefano Garzarella <sgarzare@redhat.com>
	Thu, 10 Apr 2025 13:51:15 +0000 (15:51 +0200)
committer	Borislav Petkov (AMD) <bp@alien8.de>
	Thu, 10 Apr 2025 14:24:29 +0000 (16:24 +0200)
commit	93b7c6b3ce918c3d24de82dcff7a87b8bd631b2e
tree	29ba3af981dd829f3e866887f54a6ecad4b9fcfd	tree
parent	b2849b0723668ae3e0739b2c9c066eafe8bc0961	commit \| diff

tpm: Add SNP SVSM vTPM driver

Add driver for the vTPM defined by the AMD SVSM spec [1].

The specification defines a protocol that a SEV-SNP guest OS can use to
discover and talk to a vTPM emulated by the Secure VM Service Module (SVSM) in
the guest context, but at a more privileged level (VMPL0).

The new tpm-svsm platform driver uses API exposed by the x86/sev core
implementation interface to a SVSM to send commands and receive responses.

The device cannot be hot-plugged/unplugged as it is emulated by the platform,
so module_platform_driver_probe() can be used. The device will be registered
by the platform only when it's available, so the probe function just needs to
setup the tpm_chip.

This device does not support interrupts and sends responses to commands
synchronously.

In order to have .recv() called just after .send() in tpm_try_transmit(), the
.status() callback is not implemented as recently supported by commit

  980a573621ea ("tpm: Make chip->{status,cancel,req_canceled} opt").

  [1] "Secure VM Service Module for SEV-SNP Guests"
      Publication # 58019 Revision: 1.00

  [ bp: Massage commit message. ]

Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Link: https://lore.kernel.org/r/20250410135118.133240-4-sgarzare@redhat.com

drivers/char/tpm/Kconfig		diff \| blob \| blame \| history
drivers/char/tpm/Makefile		diff \| blob \| blame \| history
drivers/char/tpm/tpm_svsm.c	[new file with mode: 0644]	blob