Commit a8041a89 authored by David E. Box's avatar David E. Box Committed by Hans de Goede
Browse files

tools/arch/x86: intel_sdsi: Read more On Demand registers 

Add decoding of the following On Demand register fields:

1. NVRAM content authorization error status
2. Enabled features: telemetry and attestation
3. Key provisioning status
4. NVRAM update limit
5. PCU_CR3_CAPID_CFG

Link: https://github.com/intel/intel-sdsi/blob/master/state-certificate-encoding.rst


Signed-off-by: default avatarDavid E. Box <david.e.box@linux.intel.com>
Reviewed-by: default avatarHans de Goede <hdegoede@redhat.com>
Link: https://lore.kernel.org/r/20221119002343.1281885-8-david.e.box@linux.intel.com


Signed-off-by: default avatarHans de Goede <hdegoede@redhat.com>
parent 334599bc

tools/arch/x86/intel_sdsi/intel_sdsi.c

+45 −5
Original line number Diff line number Diff line
@@ -44,10 +44,28 @@ 
#define __round_mask(x, y) ((__typeof__(x))((y) - 1))

#define round_up(x, y) ((((x) - 1) | __round_mask(x, y)) + 1)



struct nvram_content_auth_err_sts {

	uint64_t reserved:3;

	uint64_t sdsi_content_auth_err:1;

	uint64_t reserved1:1;

	uint64_t sdsi_metering_auth_err:1;

	uint64_t reserved2:58;

};



struct enabled_features {

	uint64_t reserved:3;

	uint64_t sdsi:1;

	uint64_t reserved1:60;

	uint64_t reserved1:8;

	uint64_t attestation:1;

	uint64_t reserved2:13;

	uint64_t metering:1;

	uint64_t reserved3:37;

};



struct key_provision_status {

	uint64_t reserved:1;

	uint64_t license_key_provisioned:1;

	uint64_t reserved2:62;

};



struct auth_fail_count {
@@ -65,15 +83,23 @@ struct availability { 
	uint64_t reserved2:10;

};



struct nvram_update_limit {

	uint64_t reserved:12;

	uint64_t sdsi_50_pct:1;

	uint64_t sdsi_75_pct:1;

	uint64_t sdsi_90_pct:1;

	uint64_t reserved2:49;

};



struct sdsi_regs {

	uint64_t ppin;

	uint64_t reserved;

	struct nvram_content_auth_err_sts auth_err_sts;

	struct enabled_features en_features;

	uint64_t reserved1;

	struct key_provision_status key_prov_sts;

	struct auth_fail_count auth_fail_count;

	struct availability prov_avail;

	uint64_t reserved2;

	uint64_t reserved3;

	struct nvram_update_limit limits;

	uint64_t pcu_cr3_capid_cfg;

	uint64_t socket_id;

};
@@ -205,8 +231,18 @@ static int sdsi_read_reg(struct sdsi_dev *s) 
	printf("Socket information for device %s\n", s->dev_name);

	printf("\n");

	printf("PPIN:                           0x%lx\n", s->regs.ppin);

	printf("NVRAM Content Authorization Error Status\n");

	printf("    SDSi Auth Err Sts:          %s\n", !!s->regs.auth_err_sts.sdsi_content_auth_err ? "Error" : "Okay");



	if (!!s->regs.en_features.metering)

		printf("    Metering Auth Err Sts:      %s\n", !!s->regs.auth_err_sts.sdsi_metering_auth_err ? "Error" : "Okay");



	printf("Enabled Features\n");

	printf("    On Demand:                  %s\n", !!s->regs.en_features.sdsi ? "Enabled" : "Disabled");

	printf("    Attestation:                %s\n", !!s->regs.en_features.attestation ? "Enabled" : "Disabled");

	printf("    On Demand:                  %s\n", !!s->regs.en_features.sdsi ? "Enabled" : "Disabled");

	printf("    Metering:                   %s\n", !!s->regs.en_features.metering ? "Enabled" : "Disabled");

	printf("License Key (AKC) Provisioned:  %s\n", !!s->regs.key_prov_sts.license_key_provisioned ? "Yes" : "No");

	printf("Authorization Failure Count\n");

	printf("    AKC Failure Count:          %d\n", s->regs.auth_fail_count.key_failure_count);

	printf("    AKC Failure Threshold:      %d\n", s->regs.auth_fail_count.key_failure_threshold);
@@ -215,6 +251,10 @@ static int sdsi_read_reg(struct sdsi_dev *s) 
	printf("Provisioning Availability\n");

	printf("    Updates Available:          %d\n", s->regs.prov_avail.available);

	printf("    Updates Threshold:          %d\n", s->regs.prov_avail.threshold);

	printf("NVRAM Udate Limit\n");

	printf("    50%% Limit Reached:         %s\n", !!s->regs.limits.sdsi_50_pct ? "Yes" : "No");

	printf("    75%% Limit Reached:         %s\n", !!s->regs.limits.sdsi_75_pct ? "Yes" : "No");

	printf("    90%% Limit Reached:         %s\n", !!s->regs.limits.sdsi_90_pct ? "Yes" : "No");

	printf("Socket ID:                      %ld\n", s->regs.socket_id & 0xF);



	return 0;