Download raw body.
[EXT] make psp attach to ccp
Hi,
I like the diff. And with it SEV/psp/ccp are still working for me.
One issue with dmesg and a minor comment inline.
On my machine with ccp and SEV I get this output with your diff:
...
vendor "AMD", unknown product 0x1485 (class instrumentation unknown subclass 0x00, rev 0x00) at pci19 dev 0 function 0 not configured
ccp0 at pci19 dev 0 function 1 "AMD 17h Crypto" rev 0x00: msixpsp0 at ccp0: SEV, SEV-ES
vendor "AMD", unknown product 0x1498 (class crypto subclass miscellaneous, rev 0x00) at pci19 dev 0 function 2 not configured
...
ccp0 and psp0 are printed on the same line. And we have an extra "\n".
That one is the printf in ccp_attach().
On a machine without psp (but two ccp) the output is sane:
...
vendor "AMD", unknown product 0x145a (class instrumentation unknown subclass 0x00, rev 0x00) at pci4 dev 0 function 0 not configured
ccp0 at pci4 dev 0 function 2 "AMD 17h Crypto" rev 0x00: msix
xhci0 at pci4 dev 0 function 3 "AMD 17h xHCI" rev 0x00: msix, xHCI 1.0
...
vendor "AMD", unknown product 0x1455 (class instrumentation unknown subclass 0x00, rev 0x00) at pci5 dev 0 function 0 not configured
ccp1 at pci5 dev 0 function 1 "AMD 17h Crypto" rev 0x00: msix
ahci0 at pci5 dev 0 function 2 "AMD FCH AHCI" rev 0x51: msi, AHCI 1.3.1
...
One fix might be, to add a "\n" in psp_pci_attach() after the conditional
printf for intrstr. And removing the "\n" ccp_attach(). However,
this would require an printf("\n") in psp_pci_attach() when NPSP == 0.
Maybe there is a better way to solve this.
Otherwise, the diff is fine with me.
Take care,
HJ.
On Tue, Sep 03, 2024 at 02:09:28PM +1000, Jonathan Gray wrote:
> make psp attach to ccp
>
> this allows it to be excluded from ramdisks
>
> tested on
> cpu0: AMD Ryzen 7 PRO 3700U w/ Radeon Vega Mobile Gfx, 2300.00 MHz, 17-18-01, patch 08108109
> ccp0 at pci6 dev 0 function 2 "AMD 17h/1xh Crypto" rev 0x00: msix
>
> smbios0: AMD Seattle
> cpu0 at mainbus0 mpidr 0: ARM Cortex-A57 r1p2
> ccp0 at simplebus0
>
> don't have a machine with SEV
>
> removes duplicate include/prototypes from conf.c (already in machine/conf.h)
>
> diff --git sys/arch/amd64/amd64/conf.c sys/arch/amd64/amd64/conf.c
> index ddcb29aac0e..f87643b8eb3 100644
> --- sys/arch/amd64/amd64/conf.c
> +++ sys/arch/amd64/amd64/conf.c
> @@ -152,8 +152,6 @@ cdev_decl(nvram);
> #include "drm.h"
> #include "viocon.h"
> cdev_decl(viocon);
> -#include "ccp.h"
> -cdev_decl(psp);
>
> #include "wsdisplay.h"
> #include "wskbd.h"
> @@ -292,7 +290,7 @@ struct cdevsw cdevsw[] =
> cdev_fido_init(NFIDO,fido), /* 98: FIDO/U2F security keys */
> cdev_pppx_init(NPPPX,pppac), /* 99: PPP Access Concentrator */
> cdev_ujoy_init(NUJOY,ujoy), /* 100: USB joystick/gamecontroller */
> - cdev_psp_init(NCCP,psp), /* 101: PSP */
> + cdev_psp_init(NPSP,psp), /* 101: PSP */
> };
> int nchrdev = nitems(cdevsw);
>
> diff --git sys/arch/amd64/conf/GENERIC sys/arch/amd64/conf/GENERIC
> index 80e71a9febf..08937774c3f 100644
> --- sys/arch/amd64/conf/GENERIC
> +++ sys/arch/amd64/conf/GENERIC
> @@ -120,6 +120,7 @@ ksmn* at pci? # AMD K17 temperature sensor
> amas* at pci? disable # AMD memory configuration
> pchtemp* at pci? # Intel C610 temperature sensor
> ccp* at pci? # AMD Cryptographic Co-processor
> +psp* at ccp? # AMD Platform Security Processor
>
> # National Semiconductor LM7[89] and compatible hardware monitors
> lm0 at isa? port 0x290
> diff --git sys/arch/amd64/conf/files.amd64 sys/arch/amd64/conf/files.amd64
> index 011c21dc917..a3452d9729c 100644
> --- sys/arch/amd64/conf/files.amd64
> +++ sys/arch/amd64/conf/files.amd64
> @@ -65,8 +65,6 @@ file arch/amd64/amd64/powernow-k8.c !small_kernel
> file arch/amd64/amd64/est.c !small_kernel
> file arch/amd64/amd64/k1x-pstate.c !small_kernel
>
> -file dev/ic/psp.c ccp
> -
> include "dev/rasops/files.rasops"
> include "dev/wsfont/files.wsfont"
>
> diff --git sys/arch/amd64/include/conf.h sys/arch/amd64/include/conf.h
> index 730a5b2c249..96d8473d0d2 100644
> --- sys/arch/amd64/include/conf.h
> +++ sys/arch/amd64/include/conf.h
> @@ -55,5 +55,5 @@ cdev_decl(pctr);
> #include "vmm.h"
> cdev_decl(vmm);
>
> -#include "ccp.h"
> +#include "psp.h"
> cdev_decl(psp);
> diff --git sys/conf/files sys/conf/files
> index f6efcb0d736..77167c77180 100644
> --- sys/conf/files
> +++ sys/conf/files
> @@ -470,9 +470,14 @@ device xhci: usbus
> file dev/usb/xhci.c xhci needs-flag
>
> # AMD Cryptographic Co-processor
> -device ccp
> +device ccp {}
> file dev/ic/ccp.c ccp needs-flag
>
> +# AMD Platform Security Processor
> +device psp
> +attach psp at ccp
> +file dev/ic/psp.c psp needs-flag
> +
> # SDHC SD/MMC controller
> define sdhc
> device sdhc: sdmmcbus
> diff --git sys/dev/ic/ccp.c sys/dev/ic/ccp.c
> index 3256ca11eae..5d7cd384c18 100644
> --- sys/dev/ic/ccp.c
> +++ sys/dev/ic/ccp.c
> @@ -41,10 +41,7 @@ ccp_attach(struct ccp_softc *sc)
> timeout_set(&sc->sc_tick, ccp_rng, sc);
> ccp_rng(sc);
>
> - if (sc->sc_psp_attached != 0)
> - printf(", RNG\n");
> - else
> - printf(": RNG\n");
> + printf("\n");
> }
>
> static void
> diff --git sys/dev/ic/ccpvar.h sys/dev/ic/ccpvar.h
> index c5c59663880..665ad863755 100644
> --- sys/dev/ic/ccpvar.h
> +++ sys/dev/ic/ccpvar.h
> @@ -2,7 +2,6 @@
>
> /*
> * Copyright (c) 2018 David Gwynne <dlg@openbsd.org>
> - * Copyright (c) 2023, 2024 Hans-Joerg Hoexer <hshoexer@genua.de>
> *
> * Permission to use, copy, modify, and distribute this software for any
> * purpose with or without fee is hereby granted, provided that the above
> @@ -18,7 +17,6 @@
> */
>
> #include <sys/timeout.h>
> -#include <sys/rwlock.h>
>
> struct ccp_softc {
> struct device sc_dev;
> @@ -26,25 +24,7 @@ struct ccp_softc {
> bus_space_handle_t sc_ioh;
>
> struct timeout sc_tick;
> -
> - int sc_psp_attached;
> -
> - bus_dma_tag_t sc_dmat;
> - uint32_t sc_capabilities;
> - int (*sc_sev_intr)(struct ccp_softc *, uint32_t);
> - void * sc_ih;
> -
> - bus_dmamap_t sc_cmd_map;
> - bus_dma_segment_t sc_cmd_seg;
> - size_t sc_cmd_size;
> - caddr_t sc_cmd_kva;
> -
> - bus_dmamap_t sc_tmr_map;
> - bus_dma_segment_t sc_tmr_seg;
> - size_t sc_tmr_size;
> - caddr_t sc_tmr_kva;
> -
> - struct rwlock sc_lock;
> + struct device *sc_psp;
> };
>
> void ccp_attach(struct ccp_softc *);
> diff --git sys/dev/ic/psp.c sys/dev/ic/psp.c
> index 134c82d68e9..8cf5f41fa84 100644
> --- sys/dev/ic/psp.c
> +++ sys/dev/ic/psp.c
> @@ -21,6 +21,7 @@
> #include <sys/device.h>
> #include <sys/timeout.h>
> #include <sys/pledge.h>
> +#include <sys/rwlock.h>
>
> #include <machine/bus.h>
>
> @@ -31,14 +32,54 @@
> #include <dev/ic/ccpvar.h>
> #include <dev/ic/pspvar.h>
>
> -struct ccp_softc *ccp_softc;
> +struct psp_softc {
> + struct device sc_dev;
> + bus_space_tag_t sc_iot;
> + bus_space_handle_t sc_ioh;
>
> -int psp_get_pstatus(struct psp_platform_status *);
> -int psp_init(struct psp_init *);
> + struct timeout sc_tick;
> +
> + bus_dma_tag_t sc_dmat;
> + uint32_t sc_capabilities;
> +
> + bus_dmamap_t sc_cmd_map;
> + bus_dma_segment_t sc_cmd_seg;
> + size_t sc_cmd_size;
> + caddr_t sc_cmd_kva;
> +
> + bus_dmamap_t sc_tmr_map;
> + bus_dma_segment_t sc_tmr_seg;
> + size_t sc_tmr_size;
> + caddr_t sc_tmr_kva;
> +
> + struct rwlock sc_lock;
> +};
> +
> +int psp_get_pstatus(struct psp_softc *, struct psp_platform_status *);
> +int psp_init(struct psp_softc *, struct psp_init *);
> +int psp_match(struct device *, void *, void *);
> +void psp_attach(struct device *, struct device *, void *);
> +
> +struct cfdriver psp_cd = {
> + NULL, "psp", DV_DULL
> +};
> +
> +const struct cfattach psp_ca = {
> + sizeof(struct psp_softc),
> + psp_match,
> + psp_attach
> +};
>
> int
> -psp_sev_intr(struct ccp_softc *sc, uint32_t status)
> +psp_sev_intr(void *arg)
> {
> + struct ccp_softc *csc = arg;
> + struct psp_softc *sc = (struct psp_softc *)csc->sc_psp;
> + uint32_t status;
> +
> + status = bus_space_read_4(sc->sc_iot, sc->sc_ioh, PSP_REG_INTSTS);
> + bus_space_write_4(sc->sc_iot, sc->sc_ioh, PSP_REG_INTSTS, status);
> +
> if (!(status & PSP_CMDRESP_COMPLETE))
> return (0);
>
> @@ -48,15 +89,25 @@ psp_sev_intr(struct ccp_softc *sc, uint32_t status)
> }
>
> int
> -psp_attach(struct ccp_softc *sc)
> +psp_match(struct device *parent, void *match, void *aux)
> {
> + return (1);
> +}
> +
> +void
> +psp_attach(struct device *parent, struct device *self, void *aux)
> +{
> + struct psp_softc *sc = (struct psp_softc *)self;
> + struct psp_attach_args *arg = aux;
> struct psp_platform_status pst;
> struct psp_init init;
> size_t size;
> int nsegs;
>
> - if (!(sc->sc_capabilities & PSP_CAP_SEV))
> - return (0);
> + sc->sc_iot = arg->iot;
> + sc->sc_ioh = arg->ioh;
> + sc->sc_dmat = arg->dmat;
> + sc->sc_capabilities = arg->capabilities;
>
> rw_init(&sc->sc_lock, "ccp_lock");
maybe use "psp_lock" now.
>
> @@ -65,7 +116,7 @@ psp_attach(struct ccp_softc *sc)
> if (bus_dmamap_create(sc->sc_dmat, size, 1, size, 0,
> BUS_DMA_WAITOK | BUS_DMA_ALLOCNOW | BUS_DMA_64BIT,
> &sc->sc_cmd_map) != 0)
> - return (0);
> + return;
>
> if (bus_dmamem_alloc(sc->sc_dmat, size, 0, 0, &sc->sc_cmd_seg, 1,
> &nsegs, BUS_DMA_WAITOK | BUS_DMA_ZERO) != 0)
> @@ -79,10 +130,7 @@ psp_attach(struct ccp_softc *sc)
> size, NULL, BUS_DMA_WAITOK) != 0)
> goto fail_2;
>
> - sc->sc_sev_intr = psp_sev_intr;
> - ccp_softc = sc;
> -
> - if (psp_get_pstatus(&pst) || pst.state != 0)
> + if (psp_get_pstatus(sc, &pst) || pst.state != 0)
> goto fail_3;
>
> /*
> @@ -111,18 +159,18 @@ psp_attach(struct ccp_softc *sc)
> init.enable_es = 1;
> init.tmr_length = PSP_TMR_SIZE;
> init.tmr_paddr = sc->sc_tmr_map->dm_segs[0].ds_addr;
> - if (psp_init(&init))
> + if (psp_init(sc, &init))
> goto fail_7;
>
> - printf(", SEV");
> + printf(": SEV");
>
> - psp_get_pstatus(&pst);
> + psp_get_pstatus(sc, &pst);
> if ((pst.state == 1) && (pst.cfges_build & 0x1))
> printf(", SEV-ES");
>
> - sc->sc_psp_attached = 1;
> + printf("\n");
>
> - return (1);
> + return;
>
> fail_7:
> bus_dmamap_unload(sc->sc_dmat, sc->sc_tmr_map);
> @@ -141,14 +189,11 @@ fail_1:
> fail_0:
> bus_dmamap_destroy(sc->sc_dmat, sc->sc_cmd_map);
>
> - ccp_softc = NULL;
> - sc->sc_psp_attached = -1;
> -
> - return (0);
> + return;
> }
>
> static int
> -ccp_wait(struct ccp_softc *sc, uint32_t *status, int poll)
> +ccp_wait(struct psp_softc *sc, uint32_t *status, int poll)
> {
> uint32_t cmdword;
> int count;
> @@ -180,7 +225,7 @@ done:
> }
>
> static int
> -ccp_docmd(struct ccp_softc *sc, int cmd, uint64_t paddr)
> +ccp_docmd(struct psp_softc *sc, int cmd, uint64_t paddr)
> {
> uint32_t plo, phi, cmdword, status;
>
> @@ -207,9 +252,8 @@ ccp_docmd(struct ccp_softc *sc, int cmd, uint64_t paddr)
> }
>
> int
> -psp_init(struct psp_init *uinit)
> +psp_init(struct psp_softc *sc, struct psp_init *uinit)
> {
> - struct ccp_softc *sc = ccp_softc;
> struct psp_init *init;
> int ret;
>
> @@ -230,9 +274,8 @@ psp_init(struct psp_init *uinit)
> }
>
> int
> -psp_get_pstatus(struct psp_platform_status *ustatus)
> +psp_get_pstatus(struct psp_softc *sc, struct psp_platform_status *ustatus)
> {
> - struct ccp_softc *sc = ccp_softc;
> struct psp_platform_status *status;
> int ret;
>
> @@ -251,9 +294,8 @@ psp_get_pstatus(struct psp_platform_status *ustatus)
> }
>
> int
> -psp_df_flush(void)
> +psp_df_flush(struct psp_softc *sc)
> {
> - struct ccp_softc *sc = ccp_softc;
> int ret;
>
> wbinvd_on_all_cpus();
> @@ -267,9 +309,8 @@ psp_df_flush(void)
> }
>
> int
> -psp_decommission(struct psp_decommission *udecom)
> +psp_decommission(struct psp_softc *sc, struct psp_decommission *udecom)
> {
> - struct ccp_softc *sc = ccp_softc;
> struct psp_decommission *decom;
> int ret;
>
> @@ -288,9 +329,8 @@ psp_decommission(struct psp_decommission *udecom)
> }
>
> int
> -psp_get_gstatus(struct psp_guest_status *ustatus)
> +psp_get_gstatus(struct psp_softc *sc, struct psp_guest_status *ustatus)
> {
> - struct ccp_softc *sc = ccp_softc;
> struct psp_guest_status *status;
> int ret;
>
> @@ -313,9 +353,8 @@ psp_get_gstatus(struct psp_guest_status *ustatus)
> }
>
> int
> -psp_launch_start(struct psp_launch_start *ustart)
> +psp_launch_start(struct psp_softc *sc, struct psp_launch_start *ustart)
> {
> - struct ccp_softc *sc = ccp_softc;
> struct psp_launch_start *start;
> int ret;
>
> @@ -339,9 +378,8 @@ psp_launch_start(struct psp_launch_start *ustart)
> }
>
> int
> -psp_launch_update_data(struct psp_launch_update_data *ulud, struct proc *p)
> +psp_launch_update_data(struct psp_softc *sc, struct psp_launch_update_data *ulud, struct proc *p)
> {
> - struct ccp_softc *sc = ccp_softc;
> struct psp_launch_update_data *ludata;
> pmap_t pmap;
> vaddr_t v, next, end;
> @@ -397,10 +435,9 @@ psp_launch_update_data(struct psp_launch_update_data *ulud, struct proc *p)
> }
>
> int
> -psp_launch_measure(struct psp_launch_measure *ulm)
> +psp_launch_measure(struct psp_softc *sc, struct psp_launch_measure *ulm)
> {
> struct psp_launch_measure *lm;
> - struct ccp_softc *sc = ccp_softc;
> int ret;
> uint64_t paddr;
>
> @@ -427,9 +464,8 @@ psp_launch_measure(struct psp_launch_measure *ulm)
> }
>
> int
> -psp_launch_finish(struct psp_launch_finish *ulf)
> +psp_launch_finish(struct psp_softc *sc, struct psp_launch_finish *ulf)
> {
> - struct ccp_softc *sc = ccp_softc;
> struct psp_launch_finish *lf;
> int ret;
>
> @@ -448,9 +484,8 @@ psp_launch_finish(struct psp_launch_finish *ulf)
> }
>
> int
> -psp_attestation(struct psp_attestation *uat)
> +psp_attestation(struct psp_softc *sc, struct psp_attestation *uat)
> {
> - struct ccp_softc *sc = ccp_softc;
> struct psp_attestation *at;
> int ret;
> uint64_t paddr;
> @@ -479,9 +514,8 @@ psp_attestation(struct psp_attestation *uat)
> }
>
> int
> -psp_activate(struct psp_activate *uact)
> +psp_activate(struct psp_softc *sc, struct psp_activate *uact)
> {
> - struct ccp_softc *sc = ccp_softc;
> struct psp_activate *act;
> int ret;
>
> @@ -501,9 +535,8 @@ psp_activate(struct psp_activate *uact)
> }
>
> int
> -psp_deactivate(struct psp_deactivate *udeact)
> +psp_deactivate(struct psp_softc *sc, struct psp_deactivate *udeact)
> {
> - struct ccp_softc *sc = ccp_softc;
> struct psp_deactivate *deact;
> int ret;
>
> @@ -522,7 +555,7 @@ psp_deactivate(struct psp_deactivate *udeact)
> }
>
> int
> -psp_guest_shutdown(struct psp_guest_shutdown *ugshutdown)
> +psp_guest_shutdown(struct psp_softc *sc, struct psp_guest_shutdown *ugshutdown)
> {
> struct psp_deactivate deact;
> struct psp_decommission decom;
> @@ -530,24 +563,23 @@ psp_guest_shutdown(struct psp_guest_shutdown *ugshutdown)
>
> bzero(&deact, sizeof(deact));
> deact.handle = ugshutdown->handle;
> - if ((ret = psp_deactivate(&deact)) != 0)
> + if ((ret = psp_deactivate(sc, &deact)) != 0)
> return (ret);
>
> - if ((ret = psp_df_flush()) != 0)
> + if ((ret = psp_df_flush(sc)) != 0)
> return (ret);
>
> bzero(&decom, sizeof(decom));
> decom.handle = ugshutdown->handle;
> - if ((ret = psp_decommission(&decom)) != 0)
> + if ((ret = psp_decommission(sc, &decom)) != 0)
> return (ret);
>
> return (0);
> }
>
> int
> -psp_snp_get_pstatus(struct psp_snp_platform_status *ustatus)
> +psp_snp_get_pstatus(struct psp_softc *sc, struct psp_snp_platform_status *ustatus)
> {
> - struct ccp_softc *sc = ccp_softc;
> struct psp_snp_platform_status *status;
> int ret;
>
> @@ -568,8 +600,11 @@ psp_snp_get_pstatus(struct psp_snp_platform_status *ustatus)
> int
> pspopen(dev_t dev, int flag, int mode, struct proc *p)
> {
> - if (ccp_softc == NULL)
> - return (ENODEV);
> + struct psp_softc *sc;
> +
> + sc = (struct psp_softc *)device_lookup(&psp_cd, minor(dev));
> + if (sc == NULL)
> + return (ENXIO);
>
> return (0);
> }
> @@ -577,64 +612,75 @@ pspopen(dev_t dev, int flag, int mode, struct proc *p)
> int
> pspclose(dev_t dev, int flag, int mode, struct proc *p)
> {
> + struct psp_softc *sc;
> +
> + sc = (struct psp_softc *)device_lookup(&psp_cd, minor(dev));
> + if (sc == NULL)
> + return (ENXIO);
> +
> return (0);
> }
>
> int
> pspioctl(dev_t dev, u_long cmd, caddr_t data, int flag, struct proc *p)
> {
> - int ret;
> + struct psp_softc *sc;
> + int ret;
> +
> + sc = (struct psp_softc *)device_lookup(&psp_cd, minor(dev));
> + if (sc == NULL)
> + return (ENXIO);
>
> - rw_enter_write(&ccp_softc->sc_lock);
> + rw_enter_write(&sc->sc_lock);
>
> switch (cmd) {
> case PSP_IOC_GET_PSTATUS:
> - ret = psp_get_pstatus((struct psp_platform_status *)data);
> + ret = psp_get_pstatus(sc, (struct psp_platform_status *)data);
> break;
> case PSP_IOC_DF_FLUSH:
> - ret = psp_df_flush();
> + ret = psp_df_flush(sc);
> break;
> case PSP_IOC_DECOMMISSION:
> - ret = psp_decommission((struct psp_decommission *)data);
> + ret = psp_decommission(sc, (struct psp_decommission *)data);
> break;
> case PSP_IOC_GET_GSTATUS:
> - ret = psp_get_gstatus((struct psp_guest_status *)data);
> + ret = psp_get_gstatus(sc, (struct psp_guest_status *)data);
> break;
> case PSP_IOC_LAUNCH_START:
> - ret = psp_launch_start((struct psp_launch_start *)data);
> + ret = psp_launch_start(sc, (struct psp_launch_start *)data);
> break;
> case PSP_IOC_LAUNCH_UPDATE_DATA:
> - ret = psp_launch_update_data(
> + ret = psp_launch_update_data(sc,
> (struct psp_launch_update_data *)data, p);
> break;
> case PSP_IOC_LAUNCH_MEASURE:
> - ret = psp_launch_measure((struct psp_launch_measure *)data);
> + ret = psp_launch_measure(sc, (struct psp_launch_measure *)data);
> break;
> case PSP_IOC_LAUNCH_FINISH:
> - ret = psp_launch_finish((struct psp_launch_finish *)data);
> + ret = psp_launch_finish(sc, (struct psp_launch_finish *)data);
> break;
> case PSP_IOC_ATTESTATION:
> - ret = psp_attestation((struct psp_attestation *)data);
> + ret = psp_attestation(sc, (struct psp_attestation *)data);
> break;
> case PSP_IOC_ACTIVATE:
> - ret = psp_activate((struct psp_activate *)data);
> + ret = psp_activate(sc, (struct psp_activate *)data);
> break;
> case PSP_IOC_DEACTIVATE:
> - ret = psp_deactivate((struct psp_deactivate *)data);
> + ret = psp_deactivate(sc, (struct psp_deactivate *)data);
> break;
> case PSP_IOC_GUEST_SHUTDOWN:
> - ret = psp_guest_shutdown((struct psp_guest_shutdown *)data);
> + ret = psp_guest_shutdown(sc, (struct psp_guest_shutdown *)data);
> break;
> case PSP_IOC_SNP_GET_PSTATUS:
> - ret =
> - psp_snp_get_pstatus((struct psp_snp_platform_status *)data);
> + ret = psp_snp_get_pstatus(sc,
> + (struct psp_snp_platform_status *)data);
> break;
> default:
> ret = ENOTTY;
> break;
> }
>
> - rw_exit_write(&ccp_softc->sc_lock);
> + rw_exit_write(&sc->sc_lock);
>
> return (ret);
> }
> @@ -657,3 +703,20 @@ pledge_ioctl_psp(struct proc *p, long com)
> return (pledge_fail(p, EPERM, PLEDGE_VMM));
> }
> }
> +
> +int
> +pspprint(void *aux, const char *pnp)
> +{
> + return QUIET;
> +}
> +
> +int
> +pspsubmatch(struct device *parent, void *match, void *aux)
> +{
> + struct psp_attach_args *arg = aux;
> + struct cfdata *cf = match;
> +
> + if (!(arg->capabilities & PSP_CAP_SEV))
> + return (0);
> + return ((*cf->cf_attach->ca_match)(parent, cf, aux));
> +}
> diff --git sys/dev/ic/pspvar.h sys/dev/ic/pspvar.h
> index 2d4a79ed664..82002345175 100644
> --- sys/dev/ic/pspvar.h
> +++ sys/dev/ic/pspvar.h
> @@ -246,10 +246,16 @@ struct psp_snp_platform_status {
>
> #ifdef _KERNEL
>
> -int psp_attach(struct ccp_softc *);
> +struct psp_attach_args {
> + bus_space_tag_t iot;
> + bus_space_handle_t ioh;
>
> -int pspclose(dev_t, int, int, struct proc *);
> -int pspopen(dev_t, int, int, struct proc *);
> -int pspioctl(dev_t, u_long, caddr_t, int, struct proc *);
> + bus_dma_tag_t dmat;
> + uint32_t capabilities;
> +};
> +
> +int pspsubmatch(struct device *, void *, void *);
> +int pspprint(void *aux, const char *pnp);
> +int psp_sev_intr(void *);
>
> #endif /* _KERNEL */
> diff --git sys/dev/pci/ccp_pci.c sys/dev/pci/ccp_pci.c
> index 5aba34b934c..4d045a6e77e 100644
> --- sys/dev/pci/ccp_pci.c
> +++ sys/dev/pci/ccp_pci.c
> @@ -29,13 +29,14 @@
> #include <dev/ic/ccpvar.h>
> #include <dev/ic/pspvar.h>
>
> +#include "psp.h"
> +
> #define CCP_PCI_BAR 0x18
>
> int ccp_pci_match(struct device *, void *, void *);
> void ccp_pci_attach(struct device *, struct device *, void *);
>
> void psp_pci_attach(struct device *, struct device *, void *);
> -int psp_pci_intr(void *);
>
> const struct cfattach ccp_pci_ca = {
> sizeof(struct ccp_softc),
> @@ -86,15 +87,13 @@ ccp_pci_attach(struct device *parent, struct device *self, void *aux)
> void
> psp_pci_attach(struct device *parent, struct device *self, void *aux)
> {
> +#if NPSP > 0
> struct ccp_softc *sc = (struct ccp_softc *)self;
> struct pci_attach_args *pa = aux;
> pci_intr_handle_t ih;
> const char *intrstr = NULL;
> -
> - sc->sc_dmat = pa->pa_dmat;
> -
> - sc->sc_capabilities = bus_space_read_4(sc->sc_iot, sc->sc_ioh,
> - PSP_REG_CAPABILITIES);
> + struct psp_attach_args arg;
> + void *irqh;
>
> /* clear and disable interrupts */
> bus_space_write_4(sc->sc_iot, sc->sc_ioh, PSP_REG_INTEN, 0);
> @@ -107,32 +106,25 @@ psp_pci_attach(struct device *parent, struct device *self, void *aux)
> }
>
> intrstr = pci_intr_string(pa->pa_pc, ih);
> - sc->sc_ih = pci_intr_establish(pa->pa_pc, ih, IPL_BIO, psp_pci_intr,
> + irqh = pci_intr_establish(pa->pa_pc, ih, IPL_BIO, psp_sev_intr,
> sc, sc->sc_dev.dv_xname);
> - if (sc->sc_ih != NULL)
> + if (irqh != NULL)
> printf(": %s", intrstr);
>
> - if (!psp_attach(sc)) {
> - pci_intr_disestablish(pa->pa_pc, sc->sc_ih);
> - sc->sc_ih = NULL;
> + memset(&arg, 0, sizeof(arg));
> + arg.iot = sc->sc_iot;
> + arg.ioh = sc->sc_ioh;
> + arg.dmat = pa->pa_dmat;
> + arg.capabilities = bus_space_read_4(sc->sc_iot, sc->sc_ioh,
> + PSP_REG_CAPABILITIES);
> +
> + sc->sc_psp = config_found_sm(self, &arg, pspprint, pspsubmatch);
> + if (sc->sc_psp == NULL) {
> + pci_intr_disestablish(pa->pa_pc, irqh);
> return;
> }
>
> /* enable interrupts */
> bus_space_write_4(sc->sc_iot, sc->sc_ioh, PSP_REG_INTEN, -1);
> -}
> -
> -int
> -psp_pci_intr(void *arg)
> -{
> - struct ccp_softc *sc = arg;
> - uint32_t status;
> -
> - status = bus_space_read_4(sc->sc_iot, sc->sc_ioh, PSP_REG_INTSTS);
> - bus_space_write_4(sc->sc_iot, sc->sc_ioh, PSP_REG_INTSTS, status);
> -
> - if (sc->sc_sev_intr)
> - return (sc->sc_sev_intr(sc, status));
> -
> - return (1);
> +#endif
> }
> diff --git sys/kern/kern_pledge.c sys/kern/kern_pledge.c
> index e1483fdbd39..f5dee46c4fb 100644
> --- sys/kern/kern_pledge.c
> +++ sys/kern/kern_pledge.c
> @@ -73,7 +73,7 @@
>
> #if defined(__amd64__)
> #include "vmm.h"
> -#include "ccp.h"
> +#include "psp.h"
> #include <machine/conf.h>
> #endif
>
> @@ -1348,7 +1348,7 @@ pledge_ioctl(struct proc *p, long com, struct file *fp)
> }
> #endif
>
> -#if NCCP > 0
> +#if NPSP > 0
> if ((pledge & PLEDGE_VMM)) {
> if ((fp->f_type == DTYPE_VNODE) &&
> (vp->v_type == VCHR) &&
[EXT] make psp attach to ccp