Lines Matching +full:s +full:-
1 // SPDX-License-Identifier: GPL-2.0
6 * See https://github.com/intel/intel-sdsi/blob/master/os-interface.rst
48 #define __round_mask(x, y) ((__typeof__(x))((y) - 1))
49 #define round_up(x, y) ((((x) - 1) | __round_mask(x, y)) + 1)
174 ((METER_CERT_MAX_SIZE - sizeof(struct meter_certificate)) / \
202 fprintf(stderr, "Cannot open directory %s\n", AUX_DEV_PATH); in sdsi_list_devices()
207 if (!strncmp(SDSI_DEV, entry->d_name, strlen(SDSI_DEV))) { in sdsi_list_devices()
209 printf("%s\n", entry->d_name); in sdsi_list_devices()
217 static int sdsi_update_registers(struct sdsi_dev *s) in sdsi_update_registers() argument
222 memset(&s->regs, 0, sizeof(s->regs)); in sdsi_update_registers()
225 ret = chdir(s->dev_path); in sdsi_update_registers()
226 if (ret == -1) { in sdsi_update_registers()
234 return -1; in sdsi_update_registers()
237 if (s->guid != GUID_V1 && s->guid != GUID_V2) { in sdsi_update_registers()
238 fprintf(stderr, "Unrecognized guid, 0x%x\n", s->guid); in sdsi_update_registers()
240 return -1; in sdsi_update_registers()
244 ret = fread(&s->regs, sizeof(uint8_t), sizeof(s->regs), regs_ptr); in sdsi_update_registers()
245 if ((s->guid == GUID_V1 && ret != REGS_SIZE_GUID_V1) || in sdsi_update_registers()
246 (s->guid == GUID_V2 && ret != REGS_SIZE_GUID_V2)) { in sdsi_update_registers()
249 return -1; in sdsi_update_registers()
257 static int sdsi_read_reg(struct sdsi_dev *s) in sdsi_read_reg() argument
261 ret = sdsi_update_registers(s); in sdsi_read_reg()
267 printf("Socket information for device %s\n", s->dev_name); in sdsi_read_reg()
269 printf("PPIN: 0x%lx\n", s->regs.ppin); in sdsi_read_reg()
271 …printf(" SDSi Auth Err Sts: %s\n", !!s->regs.auth_err_sts.sdsi_content_auth_err ? "Err… in sdsi_read_reg()
273 if (!!s->regs.en_features.metering) in sdsi_read_reg()
274 …printf(" Metering Auth Err Sts: %s\n", !!s->regs.auth_err_sts.sdsi_metering_auth_err ? "Er… in sdsi_read_reg()
277 …printf(" On Demand: %s\n", !!s->regs.en_features.sdsi ? "Enabled" : "Disabled"… in sdsi_read_reg()
278 …printf(" Attestation: %s\n", !!s->regs.en_features.attestation ? "Enabled" : "Di… in sdsi_read_reg()
279 …printf(" On Demand: %s\n", !!s->regs.en_features.sdsi ? "Enabled" : "Disabled"… in sdsi_read_reg()
280 …printf(" Metering: %s\n", !!s->regs.en_features.metering ? "Enabled" : "Disab… in sdsi_read_reg()
281 …printf("License Key (AKC) Provisioned: %s\n", !!s->regs.key_prov_sts.license_key_provisioned ? "Y… in sdsi_read_reg()
283 printf(" AKC Failure Count: %d\n", s->regs.auth_fail_count.key_failure_count); in sdsi_read_reg()
284 printf(" AKC Failure Threshold: %d\n", s->regs.auth_fail_count.key_failure_threshold); in sdsi_read_reg()
285 printf(" CAP Failure Count: %d\n", s->regs.auth_fail_count.auth_failure_count); in sdsi_read_reg()
286 printf(" CAP Failure Threshold: %d\n", s->regs.auth_fail_count.auth_failure_threshold); in sdsi_read_reg()
288 printf(" Updates Available: %d\n", s->regs.prov_avail.available); in sdsi_read_reg()
289 printf(" Updates Threshold: %d\n", s->regs.prov_avail.threshold); in sdsi_read_reg()
291 printf(" 50%% Limit Reached: %s\n", !!s->regs.limits.sdsi_50_pct ? "Yes" : "No"); in sdsi_read_reg()
292 printf(" 75%% Limit Reached: %s\n", !!s->regs.limits.sdsi_75_pct ? "Yes" : "No"); in sdsi_read_reg()
293 printf(" 90%% Limit Reached: %s\n", !!s->regs.limits.sdsi_90_pct ? "Yes" : "No"); in sdsi_read_reg()
294 if (s->guid == GUID_V1) in sdsi_read_reg()
295 printf("Socket ID: %ld\n", s->regs.extra.v1.socket_id & 0xF); in sdsi_read_reg()
297 printf("Socket ID: %ld\n", s->regs.extra.v2.socket_id & 0xF); in sdsi_read_reg()
337 static int sdsi_meter_cert_show(struct sdsi_dev *s, bool show_current) in sdsi_meter_cert_show() argument
348 ret = sdsi_update_registers(s); in sdsi_meter_cert_show()
352 if (!s->regs.en_features.sdsi) { in sdsi_meter_cert_show()
354 return -1; in sdsi_meter_cert_show()
357 if (!s->regs.en_features.metering) { in sdsi_meter_cert_show()
359 return -1; in sdsi_meter_cert_show()
362 ret = chdir(s->dev_path); in sdsi_meter_cert_show()
363 if (ret == -1) { in sdsi_meter_cert_show()
372 fprintf(stderr, "Could not open '%s' file: %s", cert_fname, strerror(errno)); in sdsi_meter_cert_show()
373 return -1; in sdsi_meter_cert_show()
378 fprintf(stderr, "Could not read '%s' file\n", cert_fname); in sdsi_meter_cert_show()
380 return -1; in sdsi_meter_cert_show()
387 printf("Meter certificate for device %s\n", s->dev_name); in sdsi_meter_cert_show()
390 get_feature(mc->signature, name); in sdsi_meter_cert_show()
391 printf("Signature: %s\n", name); in sdsi_meter_cert_show()
393 printf("Version: %d\n", mc->version); in sdsi_meter_cert_show()
394 printf("Count Unit: %dms\n", mc->counter_unit); in sdsi_meter_cert_show()
395 printf("PPIN: 0x%lx\n", mc->ppin); in sdsi_meter_cert_show()
396 printf("Feature Bundle Length: %d\n", mc->bundle_length); in sdsi_meter_cert_show()
398 get_feature(mc->mmrc_encoding, name); in sdsi_meter_cert_show()
399 printf("MMRC encoding: %s\n", name); in sdsi_meter_cert_show()
401 printf("MMRC counter: %d\n", mc->mmrc_counter); in sdsi_meter_cert_show()
402 if (mc->bundle_length % METER_BUNDLE_SIZE) { in sdsi_meter_cert_show()
404 return -1; in sdsi_meter_cert_show()
407 if (mc->bundle_length > METER_MAX_NUM_BUNDLES * METER_BUNDLE_SIZE) { in sdsi_meter_cert_show()
409 METER_MAX_NUM_BUNDLES, BUNDLE_COUNT(mc->bundle_length)); in sdsi_meter_cert_show()
410 return -1; in sdsi_meter_cert_show()
415 printf("Number of Feature Counters: %ld\n", BUNDLE_COUNT(mc->bundle_length)); in sdsi_meter_cert_show()
416 while (count < BUNDLE_COUNT(mc->bundle_length)) { in sdsi_meter_cert_show()
420 printf(" %s: %d\n", feature, bec[count].counter); in sdsi_meter_cert_show()
427 static int sdsi_state_cert_show(struct sdsi_dev *s) in sdsi_state_cert_show() argument
437 ret = sdsi_update_registers(s); in sdsi_state_cert_show()
441 if (!s->regs.en_features.sdsi) { in sdsi_state_cert_show()
444 return -1; in sdsi_state_cert_show()
447 ret = chdir(s->dev_path); in sdsi_state_cert_show()
448 if (ret == -1) { in sdsi_state_cert_show()
456 return -1; in sdsi_state_cert_show()
463 return -1; in sdsi_state_cert_show()
471 printf("State certificate for device %s\n", s->dev_name); in sdsi_state_cert_show()
473 printf("Content Type: %s\n", content_type(sc->content_type)); in sdsi_state_cert_show()
474 printf("Region Revision ID: %d\n", sc->region_rev_id); in sdsi_state_cert_show()
475 printf("Header Size: %d\n", sc->header_size * 4); in sdsi_state_cert_show()
476 printf("Total Size: %d\n", sc->total_size); in sdsi_state_cert_show()
477 printf("OEM Key Size: %d\n", sc->key_size * 4); in sdsi_state_cert_show()
478 printf("Number of Licenses: %d\n", sc->num_licenses); in sdsi_state_cert_show()
481 lki = (void *)sc + sizeof(*sc) + (4 * sc->num_licenses); in sdsi_state_cert_show()
484 printf(" License Key Revision ID: 0x%x\n", lki->key_rev_id); in sdsi_state_cert_show()
486 lki->key_image_content[5], lki->key_image_content[4], in sdsi_state_cert_show()
487 lki->key_image_content[3], lki->key_image_content[2], in sdsi_state_cert_show()
488 lki->key_image_content[1], lki->key_image_content[0]); in sdsi_state_cert_show()
490 while (count++ < sc->num_licenses) { in sdsi_state_cert_show()
497 (4 * sc->num_licenses) + // total size of the blob size blocks in sdsi_state_cert_show()
504 printf(" Blob %d:\n", count - 1); in sdsi_state_cert_show()
506 printf(" License is valid: %s\n", license_valid ? "Yes" : "No"); in sdsi_state_cert_show()
507 printf(" License blob type: %s\n", license_blob_type(lbc->type)); in sdsi_state_cert_show()
508 printf(" License blob ID: 0x%lx\n", lbc->id); in sdsi_state_cert_show()
509 printf(" PPIN: 0x%lx\n", lbc->ppin); in sdsi_state_cert_show()
510 printf(" Previous PPIN: 0x%lx\n", lbc->previous_ppin); in sdsi_state_cert_show()
511 printf(" Blob revision ID: %u\n", lbc->rev_id); in sdsi_state_cert_show()
512 printf(" Number of Features: %u\n", lbc->num_bundles); in sdsi_state_cert_show()
514 for (i = 0; i < min(lbc->num_bundles, STATE_MAX_NUM_IN_BUNDLE); i++) { in sdsi_state_cert_show()
516 printf(" Feature %d: %s\n", i, feature); in sdsi_state_cert_show()
519 if (lbc->num_bundles > STATE_MAX_NUM_IN_BUNDLE) in sdsi_state_cert_show()
521 lbc->num_bundles, STATE_MAX_NUM_IN_BUNDLE); in sdsi_state_cert_show()
529 static int sdsi_provision(struct sdsi_dev *s, char *bin_file, enum command command) in sdsi_provision() argument
539 return -1; in sdsi_provision()
544 if (bin_fd == -1) { in sdsi_provision()
545 fprintf(stderr, "Could not open file %s: %s\n", bin_file, strerror(errno)); in sdsi_provision()
551 ret = chdir(s->dev_path); in sdsi_provision()
552 if (ret == -1) { in sdsi_provision()
560 if (prov_fd == -1) { in sdsi_provision()
561 fprintf(stderr, "Could not open file %s: %s\n", prov_file, strerror(errno)); in sdsi_provision()
568 if (size == -1) { in sdsi_provision()
571 return -1; in sdsi_provision()
575 if (ret == -1) { in sdsi_provision()
582 printf("Provisioned %s file %s successfully\n", prov_file, bin_file); in sdsi_provision()
590 static int sdsi_provision_akc(struct sdsi_dev *s, char *bin_file) in sdsi_provision_akc() argument
594 ret = sdsi_update_registers(s); in sdsi_provision_akc()
598 if (!s->regs.en_features.sdsi) { in sdsi_provision_akc()
600 return -1; in sdsi_provision_akc()
603 if (!s->regs.prov_avail.available) { in sdsi_provision_akc()
605 s->regs.prov_avail.threshold); in sdsi_provision_akc()
606 return -1; in sdsi_provision_akc()
609 if (s->regs.auth_fail_count.key_failure_count == in sdsi_provision_akc()
610 s->regs.auth_fail_count.key_failure_threshold) { in sdsi_provision_akc()
612 s->regs.auth_fail_count.key_failure_threshold); in sdsi_provision_akc()
614 return -1; in sdsi_provision_akc()
617 return sdsi_provision(s, bin_file, CMD_PROV_AKC); in sdsi_provision_akc()
620 static int sdsi_provision_cap(struct sdsi_dev *s, char *bin_file) in sdsi_provision_cap() argument
624 ret = sdsi_update_registers(s); in sdsi_provision_cap()
628 if (!s->regs.en_features.sdsi) { in sdsi_provision_cap()
630 return -1; in sdsi_provision_cap()
633 if (!s->regs.prov_avail.available) { in sdsi_provision_cap()
635 s->regs.prov_avail.threshold); in sdsi_provision_cap()
636 return -1; in sdsi_provision_cap()
639 if (s->regs.auth_fail_count.auth_failure_count == in sdsi_provision_cap()
640 s->regs.auth_fail_count.auth_failure_threshold) { in sdsi_provision_cap()
642 s->regs.auth_fail_count.auth_failure_threshold); in sdsi_provision_cap()
644 return -1; in sdsi_provision_cap()
647 return sdsi_provision(s, bin_file, CMD_PROV_CAP); in sdsi_provision_cap()
658 return -1; in read_sysfs_data()
662 fprintf(stderr, "Failed to read file '%s'", file); in read_sysfs_data()
664 return -1; in read_sysfs_data()
676 struct sdsi_dev *s; in sdsi_create_dev() local
680 s = (struct sdsi_dev *)malloc(sizeof(*s)); in sdsi_create_dev()
681 if (!s) { in sdsi_create_dev()
686 s->dev_name = (char *)malloc(sizeof(SDSI_DEV) + strlen(dev_no) + 1); in sdsi_create_dev()
687 if (!s->dev_name) { in sdsi_create_dev()
689 free(s); in sdsi_create_dev()
693 snprintf(s->dev_name, dev_name_len, "%s.%s", SDSI_DEV, dev_no); in sdsi_create_dev()
695 s->dev_path = (char *)malloc(sizeof(AUX_DEV_PATH) + dev_name_len); in sdsi_create_dev()
696 if (!s->dev_path) { in sdsi_create_dev()
698 free(s->dev_name); in sdsi_create_dev()
699 free(s); in sdsi_create_dev()
703 snprintf(s->dev_path, sizeof(AUX_DEV_PATH) + dev_name_len, "%s%s", AUX_DEV_PATH, in sdsi_create_dev()
704 s->dev_name); in sdsi_create_dev()
705 dir = opendir(s->dev_path); in sdsi_create_dev()
707 fprintf(stderr, "Could not open directory '%s': %s\n", s->dev_path, in sdsi_create_dev()
709 free(s->dev_path); in sdsi_create_dev()
710 free(s->dev_name); in sdsi_create_dev()
711 free(s); in sdsi_create_dev()
715 if (chdir(s->dev_path) == -1) { in sdsi_create_dev()
717 free(s->dev_path); in sdsi_create_dev()
718 free(s->dev_name); in sdsi_create_dev()
719 free(s); in sdsi_create_dev()
724 free(s->dev_path); in sdsi_create_dev()
725 free(s->dev_name); in sdsi_create_dev()
726 free(s); in sdsi_create_dev()
730 s->guid = guid; in sdsi_create_dev()
732 return s; in sdsi_create_dev()
735 static void sdsi_free_dev(struct sdsi_dev *s) in sdsi_free_dev() argument
737 free(s->dev_path); in sdsi_free_dev()
738 free(s->dev_name); in sdsi_free_dev()
739 free(s); in sdsi_free_dev()
744 printf("Usage: %s [-l] [-d DEVNO [-i] [-s] [-m | -C] [-a FILE] [-c FILE]\n", prog); in usage()
750 printf(" %-18s\t%s\n", "-l, --list", "list available On Demand devices"); in show_help()
751 printf(" %-18s\t%s\n", "-d, --devno DEVNO", "On Demand device number"); in show_help()
752 printf(" %-18s\t%s\n", "-i, --info", "show socket information"); in show_help()
753 printf(" %-18s\t%s\n", "-s, --state", "show state certificate data"); in show_help()
754 printf(" %-18s\t%s\n", "-m, --meter", "show meter certificate data"); in show_help()
755 printf(" %-18s\t%s\n", "-C, --meter_current", "show live unattested meter data"); in show_help()
756 printf(" %-18s\t%s\n", "-a, --akc FILE", "provision socket with AKC FILE"); in show_help()
757 printf(" %-18s\t%s\n", "-c, --cap FILE>", "provision socket with CAP FILE"); in show_help()
765 enum command command = -1; in main()
766 struct sdsi_dev *s; in main() local
779 {"state", no_argument, 0, 's'}, in main()
787 &option_index)) != -1) { in main()
805 case 's': in main()
811 fprintf(stderr, "Could not open file '%s': %s\n", optarg, in main()
813 return -1; in main()
818 return -1; in main()
829 return -1; in main()
834 s = sdsi_create_dev(dev_no); in main()
835 if (!s) in main()
836 return -1; in main()
840 ret = sdsi_read_reg(s); in main()
843 ret = sdsi_meter_cert_show(s, false); in main()
846 ret = sdsi_meter_cert_show(s, true); in main()
849 ret = sdsi_state_cert_show(s); in main()
852 ret = sdsi_provision_akc(s, bin_file); in main()
855 ret = sdsi_provision_cap(s, bin_file); in main()
859 return -1; in main()
862 sdsi_free_dev(s); in main()
866 return -1; in main()