On Tue, Dec 07, 2021 at 09:14:46AM -0800, David E. Box wrote:
Intel Software Defined Silicon (SDSi) is a post manufacturing mechanism for activating additional silicon features. Features are enabled through a license activation process. The SDSi driver provides a per socket, sysfs attribute interface for applications to perform 3 main provisioning functions:
Provision an Authentication Key Certificate (AKC), a key written to internal NVRAM that is used to authenticate a capability specific activation payload.
Provision a Capability Activation Payload (CAP), a token authenticated using the AKC and applied to the CPU configuration to activate a new feature.
Read the SDSi State Certificate, containing the CPU configuration state.
The operations perform function specific mailbox commands that forward the requests to SDSi hardware to perform authentication of the payloads and enable the silicon configuration (to be made available after power cycling).
The SDSi device itself is enumerated as an auxiliary device from the intel_vsec driver and as such has a build dependency on CONFIG_INTEL_VSEC.
Link: https://github.com/intel/intel-sdsi Signed-off-by: David E. Box david.e.box@linux.intel.com Reviewed-by: Mark Gross markgross@kernel.org
V2
- Use sysfs_emit() in guid_show()
- Fix language in ABI, suggested by Bjorn
- Fix wrong directory name in ABI doc
<...>
@@ -0,0 +1,77 @@ +What: /sys/bus/auxiliary/devices/intel_vsec.sdsi.X
<...>
+static const struct auxiliary_device_id sdsi_aux_id_table[] = {
- { .name = "intel_vsec.sdsi" },
Are you sure that this sysfs is correct?
Auxiliary bus set device name as a combination of module name plus suffix.
172 int __auxiliary_device_add(struct auxiliary_device *auxdev, const char *modname) 173 { 174 struct device *dev = &auxdev->dev; 175 int ret; .... 181 182 ret = dev_set_name(dev, "%s.%s.%d", modname, auxdev->name, auxdev->id);
Thanks