탐색 도움말
가입하기 로그인
FangSoftSoft
/
qemu
의 미러 https://github.com/utmapp/qemu.git
2
0
포크 0
파일 이슈 0 위키
트리: dc6f8d458a
브랜치 태그
qemu
/
linux-headers
/
linux
/
psp-sev.h

psp-sev.h 4.0 KB
히스토리 Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164 
  1. /* SPDX-License-Identifier: GPL-2.0-only WITH Linux-syscall-note */
    2. 

  2. /*
    3. 

  3.  * Userspace interface for AMD Secure Encrypted Virtualization (SEV)
    4. 

  4.  * platform management commands.
    5. 

  5.  *
    6. 

  6.  * Copyright (C) 2016-2017 Advanced Micro Devices, Inc.
    7. 

  7.  *
    8. 

  8.  * Author: Brijesh Singh <brijesh.singh@amd.com>
    9. 

  9.  *
    10. 

  10.  * SEV API specification is available at: https://developer.amd.com/sev/
    11. 

  11.  */
    12. 

  12. 

  13. #ifndef __PSP_SEV_USER_H__
    14. 

  14. #define __PSP_SEV_USER_H__
    15. 

  15. 

  16. #include <linux/types.h>
    17. 

  17. 

  18. /**
    19. 

  19.  * SEV platform commands
    20. 

  20.  */
    21. 

  21. enum {
    22. 

  22. 	SEV_FACTORY_RESET = 0,
    23. 

  23. 	SEV_PLATFORM_STATUS,
    24. 

  24. 	SEV_PEK_GEN,
    25. 

  25. 	SEV_PEK_CSR,
    26. 

  26. 	SEV_PDH_GEN,
    27. 

  27. 	SEV_PDH_CERT_EXPORT,
    28. 

  28. 	SEV_PEK_CERT_IMPORT,
    29. 

  29. 	SEV_GET_ID,	/* This command is deprecated, use SEV_GET_ID2 */
    30. 

  30. 	SEV_GET_ID2,
    31. 

  31. 

  32. 	SEV_MAX,
    33. 

  33. };
    34. 

  34. 

  35. /**
    36. 

  36.  * SEV Firmware status code
    37. 

  37.  */
    38. 

  38. typedef enum {
    39. 

  39. 	SEV_RET_SUCCESS = 0,
    40. 

  40. 	SEV_RET_INVALID_PLATFORM_STATE,
    41. 

  41. 	SEV_RET_INVALID_GUEST_STATE,
    42. 

  42. 	SEV_RET_INAVLID_CONFIG,
    43. 

  43. 	SEV_RET_INVALID_LEN,
    44. 

  44. 	SEV_RET_ALREADY_OWNED,
    45. 

  45. 	SEV_RET_INVALID_CERTIFICATE,
    46. 

  46. 	SEV_RET_POLICY_FAILURE,
    47. 

  47. 	SEV_RET_INACTIVE,
    48. 

  48. 	SEV_RET_INVALID_ADDRESS,
    49. 

  49. 	SEV_RET_BAD_SIGNATURE,
    50. 

  50. 	SEV_RET_BAD_MEASUREMENT,
    51. 

  51. 	SEV_RET_ASID_OWNED,
    52. 

  52. 	SEV_RET_INVALID_ASID,
    53. 

  53. 	SEV_RET_WBINVD_REQUIRED,
    54. 

  54. 	SEV_RET_DFFLUSH_REQUIRED,
    55. 

  55. 	SEV_RET_INVALID_GUEST,
    56. 

  56. 	SEV_RET_INVALID_COMMAND,
    57. 

  57. 	SEV_RET_ACTIVE,
    58. 

  58. 	SEV_RET_HWSEV_RET_PLATFORM,
    59. 

  59. 	SEV_RET_HWSEV_RET_UNSAFE,
    60. 

  60. 	SEV_RET_UNSUPPORTED,
    61. 

  61. 	SEV_RET_INVALID_PARAM,
    62. 

  62. 	SEV_RET_RESOURCE_LIMIT,
    63. 

  63. 	SEV_RET_SECURE_DATA_INVALID,
    64. 

  64. 	SEV_RET_MAX,
    65. 

  65. } sev_ret_code;
    66. 

  66. 

  67. /**
    68. 

  68.  * struct sev_user_data_status - PLATFORM_STATUS command parameters
    69. 

  69.  *
    70. 

  70.  * @major: major API version
    71. 

  71.  * @minor: minor API version
    72. 

  72.  * @state: platform state
    73. 

  73.  * @flags: platform config flags
    74. 

  74.  * @build: firmware build id for API version
    75. 

  75.  * @guest_count: number of active guests
    76. 

  76.  */
    77. 

  77. struct sev_user_data_status {
    78. 

  78. 	__u8 api_major;				/* Out */
    79. 

  79. 	__u8 api_minor;				/* Out */
    80. 

  80. 	__u8 state;				/* Out */
    81. 

  81. 	__u32 flags;				/* Out */
    82. 

  82. 	__u8 build;				/* Out */
    83. 

  83. 	__u32 guest_count;			/* Out */
    84. 

  84. } __attribute__((packed));
    85. 

  85. 

  86. /**
    87. 

  87.  * struct sev_user_data_pek_csr - PEK_CSR command parameters
    88. 

  88.  *
    89. 

  89.  * @address: PEK certificate chain
    90. 

  90.  * @length: length of certificate
    91. 

  91.  */
    92. 

  92. struct sev_user_data_pek_csr {
    93. 

  93. 	__u64 address;				/* In */
    94. 

  94. 	__u32 length;				/* In/Out */
    95. 

  95. } __attribute__((packed));
    96. 

  96. 

  97. /**
    98. 

  98.  * struct sev_user_data_cert_import - PEK_CERT_IMPORT command parameters
    99. 

  99.  *
    100. 

  100.  * @pek_address: PEK certificate chain
    101. 

  101.  * @pek_len: length of PEK certificate
    102. 

  102.  * @oca_address: OCA certificate chain
    103. 

  103.  * @oca_len: length of OCA certificate
    104. 

  104.  */
    105. 

  105. struct sev_user_data_pek_cert_import {
    106. 

  106. 	__u64 pek_cert_address;			/* In */
    107. 

  107. 	__u32 pek_cert_len;			/* In */
    108. 

  108. 	__u64 oca_cert_address;			/* In */
    109. 

  109. 	__u32 oca_cert_len;			/* In */
    110. 

  110. } __attribute__((packed));
    111. 

  111. 

  112. /**
    113. 

  113.  * struct sev_user_data_pdh_cert_export - PDH_CERT_EXPORT command parameters
    114. 

  114.  *
    115. 

  115.  * @pdh_address: PDH certificate address
    116. 

  116.  * @pdh_len: length of PDH certificate
    117. 

  117.  * @cert_chain_address: PDH certificate chain
    118. 

  118.  * @cert_chain_len: length of PDH certificate chain
    119. 

  119.  */
    120. 

  120. struct sev_user_data_pdh_cert_export {
    121. 

  121. 	__u64 pdh_cert_address;			/* In */
    122. 

  122. 	__u32 pdh_cert_len;			/* In/Out */
    123. 

  123. 	__u64 cert_chain_address;		/* In */
    124. 

  124. 	__u32 cert_chain_len;			/* In/Out */
    125. 

  125. } __attribute__((packed));
    126. 

  126. 

  127. /**
    128. 

  128.  * struct sev_user_data_get_id - GET_ID command parameters (deprecated)
    129. 

  129.  *
    130. 

  130.  * @socket1: Buffer to pass unique ID of first socket
    131. 

  131.  * @socket2: Buffer to pass unique ID of second socket
    132. 

  132.  */
    133. 

  133. struct sev_user_data_get_id {
    134. 

  134. 	__u8 socket1[64];			/* Out */
    135. 

  135. 	__u8 socket2[64];			/* Out */
    136. 

  136. } __attribute__((packed));
    137. 

  137. 

  138. /**
    139. 

  139.  * struct sev_user_data_get_id2 - GET_ID command parameters
    140. 

  140.  * @address: Buffer to store unique ID
    141. 

  141.  * @length: length of the unique ID
    142. 

  142.  */
    143. 

  143. struct sev_user_data_get_id2 {
    144. 

  144. 	__u64 address;				/* In */
    145. 

  145. 	__u32 length;				/* In/Out */
    146. 

  146. } __attribute__((packed));
    147. 

  147. 

  148. /**
    149. 

  149.  * struct sev_issue_cmd - SEV ioctl parameters
    150. 

  150.  *
    151. 

  151.  * @cmd: SEV commands to execute
    152. 

  152.  * @opaque: pointer to the command structure
    153. 

  153.  * @error: SEV FW return code on failure
    154. 

  154.  */
    155. 

  155. struct sev_issue_cmd {
    156. 

  156. 	__u32 cmd;				/* In */
    157. 

  157. 	__u64 data;				/* In */
    158. 

  158. 	__u32 error;				/* Out */
    159. 

  159. } __attribute__((packed));
    160. 

  160. 

  161. #define SEV_IOC_TYPE		'S'
    162. 

  162. #define SEV_ISSUE_CMD	_IOWR(SEV_IOC_TYPE, 0x0, struct sev_issue_cmd)
    163. 

  163. 

  164. #endif /* __PSP_USER_SEV_H */
    165.