/* SPDX-License-Identifier: GPL-2.0-only WITH Linux-syscall-note */ /* * Userspace interface for AMD Secure Encrypted Virtualization (SEV) * platform management commands. * * Copyright (C) 2016-2017 Advanced Micro Devices, Inc. * * Author: Brijesh Singh <[email protected]> * * SEV API specification is available at: https://developer.amd.com/sev/ */ #ifndef __PSP_SEV_USER_H__ #define __PSP_SEV_USER_H__ #include <linux/types.h> /** * SEV platform commands */ enum { … }; /** * SEV Firmware status code */ sev_ret_code; /** * struct sev_user_data_status - PLATFORM_STATUS command parameters * * @major: major API version * @minor: minor API version * @state: platform state * @flags: platform config flags * @build: firmware build id for API version * @guest_count: number of active guests */ struct sev_user_data_status { … } __packed; #define SEV_STATUS_FLAGS_CONFIG_ES … /** * struct sev_user_data_pek_csr - PEK_CSR command parameters * * @address: PEK certificate chain * @length: length of certificate */ struct sev_user_data_pek_csr { … } __packed; /** * struct sev_user_data_cert_import - PEK_CERT_IMPORT command parameters * * @pek_address: PEK certificate chain * @pek_len: length of PEK certificate * @oca_address: OCA certificate chain * @oca_len: length of OCA certificate */ struct sev_user_data_pek_cert_import { … } __packed; /** * struct sev_user_data_pdh_cert_export - PDH_CERT_EXPORT command parameters * * @pdh_address: PDH certificate address * @pdh_len: length of PDH certificate * @cert_chain_address: PDH certificate chain * @cert_chain_len: length of PDH certificate chain */ struct sev_user_data_pdh_cert_export { … } __packed; /** * struct sev_user_data_get_id - GET_ID command parameters (deprecated) * * @socket1: Buffer to pass unique ID of first socket * @socket2: Buffer to pass unique ID of second socket */ struct sev_user_data_get_id { … } __packed; /** * struct sev_user_data_get_id2 - GET_ID command parameters * @address: Buffer to store unique ID * @length: length of the unique ID */ struct sev_user_data_get_id2 { … } __packed; /** * struct sev_user_data_snp_status - SNP status * * @api_major: API major version * @api_minor: API minor version * @state: current platform state * @is_rmp_initialized: whether RMP is initialized or not * @rsvd: reserved * @build_id: firmware build id for the API version * @mask_chip_id: whether chip id is present in attestation reports or not * @mask_chip_key: whether attestation reports are signed or not * @vlek_en: VLEK (Version Loaded Endorsement Key) hashstick is loaded * @rsvd1: reserved * @guest_count: the number of guest currently managed by the firmware * @current_tcb_version: current TCB version * @reported_tcb_version: reported TCB version */ struct sev_user_data_snp_status { … } __packed; /** * struct sev_user_data_snp_config - system wide configuration value for SNP. * * @reported_tcb: the TCB version to report in the guest attestation report. * @mask_chip_id: whether chip id is present in attestation reports or not * @mask_chip_key: whether attestation reports are signed or not * @rsvd: reserved * @rsvd1: reserved */ struct sev_user_data_snp_config { … } __packed; /** * struct sev_data_snp_vlek_load - SNP_VLEK_LOAD structure * * @len: length of the command buffer read by the PSP * @vlek_wrapped_version: version of wrapped VLEK hashstick (Must be 0h) * @rsvd: reserved * @vlek_wrapped_address: address of a wrapped VLEK hashstick * (struct sev_user_data_snp_wrapped_vlek_hashstick) */ struct sev_user_data_snp_vlek_load { … } __packed; /** * struct sev_user_data_snp_vlek_wrapped_vlek_hashstick - Wrapped VLEK data * * @data: Opaque data provided by AMD KDS (as described in SEV-SNP Firmware ABI * 1.54, SNP_VLEK_LOAD) */ struct sev_user_data_snp_wrapped_vlek_hashstick { … } __packed; /** * struct sev_issue_cmd - SEV ioctl parameters * * @cmd: SEV commands to execute * @opaque: pointer to the command structure * @error: SEV FW return code on failure */ struct sev_issue_cmd { … } __packed; #define SEV_IOC_TYPE … #define SEV_ISSUE_CMD … #endif /* __PSP_USER_SEV_H */
Codebase Browser
linux