crypto: ccp - When TSME and SME both detected notify user

CC_ATTR_HOST_MEM_ENCRYPT is used to relay that memory encryption has been
activated by the kernel.

As it's technically possible to enable both SME and TSME at the same time,
detect this scenario and notify the user that enabling TSME and SME at the
same time is unnecessary.

Signed-off-by: Mario Limonciello <mario.limonciello@amd.com>
Acked-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c
index a3b7b51..c9c741a 100644 (file)
--- a/drivers/crypto/ccp/psp-dev.c
+++ b/drivers/crypto/ccp/psp-dev.c
@@ -74,6 +74,12 @@ static unsigned int psp_get_capability(struct psp_device *psp)
        }
        psp->capability = val;
 
+       /* Detect if TSME and SME are both enabled */
+       if (psp->capability & PSP_CAPABILITY_PSP_SECURITY_REPORTING &&
+           psp->capability & (PSP_SECURITY_TSME_STATUS << PSP_CAPABILITY_PSP_SECURITY_OFFSET) &&
+           cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT))
+               dev_notice(psp->dev, "psp: Both TSME and SME are active, SME is unnecessary when TSME is active.\n");
+
        return 0;
 }