diff mbox series

[4/4] crypto: ccp: When TSME and SME both detected notify user

Message ID 20220329031553.798-4-mario.limonciello@amd.com
State New
Headers show
Series [1/4] crypto: ccp: cache capability into psp device | expand

Commit Message

Mario Limonciello March 29, 2022, 3:15 a.m. UTC 
The SME flag is used to relay that memory encryption has been activated by
the kernel.

As it's technically possible to enable both SME and TSME at the same time,
detect this scenario and notify the user that enabling TSME and SME at the
same time is unnecessary.

Signed-off-by: Mario Limonciello <mario.limonciello@amd.com>
---
 drivers/crypto/ccp/psp-dev.c | 7 +++++++
 1 file changed, 7 insertions(+)
diff mbox series

Patch

diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c
index 3f47b2d81e3c..0e3f1a332d61 100644
--- a/drivers/crypto/ccp/psp-dev.c
+++ b/drivers/crypto/ccp/psp-dev.c
@@ -74,6 +74,13 @@  static unsigned int psp_get_capability(struct psp_device *psp)
 	}
 	psp->capability = val;
 
+
+	/* Detect TSME / SME both enabled */
+	if (psp->capability & PSP_CAPABILITY_PSP_SECURITY_REPORTING &&
+	    psp->capability & (PSP_SECURITY_TSME_STATUS << PSP_CAPABILITY_PSP_SECURITY_OFFSET) &&
+	    boot_cpu_has(X86_FEATURE_SME))
+		dev_notice(psp->dev, "psp: TSME was enabled by the BIOS and SME was enabled by the kernel, this is unnecessary.\n");
+
 	return 0;
 }