Edit file File name : psp-sev.h Content :/* SPDX-License-Identifier: GPL-2.0-only WITH Linux-syscall-note */ /* * Userspace interface for AMD Secure Encrypted Virtualization (SEV) * platform management commands. * * Copyright (C) 2016-2017 Advanced Micro Devices, Inc. * * Author: Brijesh Singh <brijesh.singh@amd.com> * * SEV API specification is available at: https://developer.amd.com/sev/ */ #ifndef __PSP_SEV_USER_H__ #define __PSP_SEV_USER_H__ #include <linux/types.h> /** * SEV platform commands */ enum { SEV_FACTORY_RESET = 0, SEV_PLATFORM_STATUS, SEV_PEK_GEN, SEV_PEK_CSR, SEV_PDH_GEN, SEV_PDH_CERT_EXPORT, SEV_PEK_CERT_IMPORT, SEV_GET_ID, /* This command is deprecated, use SEV_GET_ID2 */ SEV_GET_ID2, SEV_MAX, }; /** * SEV Firmware status code */ typedef enum { SEV_RET_SUCCESS = 0, SEV_RET_INVALID_PLATFORM_STATE, SEV_RET_INVALID_GUEST_STATE, SEV_RET_INAVLID_CONFIG, SEV_RET_INVALID_LEN, SEV_RET_ALREADY_OWNED, SEV_RET_INVALID_CERTIFICATE, SEV_RET_POLICY_FAILURE, SEV_RET_INACTIVE, SEV_RET_INVALID_ADDRESS, SEV_RET_BAD_SIGNATURE, SEV_RET_BAD_MEASUREMENT, SEV_RET_ASID_OWNED, SEV_RET_INVALID_ASID, SEV_RET_WBINVD_REQUIRED, SEV_RET_DFFLUSH_REQUIRED, SEV_RET_INVALID_GUEST, SEV_RET_INVALID_COMMAND, SEV_RET_ACTIVE, SEV_RET_HWSEV_RET_PLATFORM, SEV_RET_HWSEV_RET_UNSAFE, SEV_RET_UNSUPPORTED, SEV_RET_MAX, } sev_ret_code; /** * struct sev_user_data_status - PLATFORM_STATUS command parameters * * @major: major API version * @minor: minor API version * @state: platform state * @flags: platform config flags * @build: firmware build id for API version * @guest_count: number of active guests */ struct sev_user_data_status { __u8 api_major; /* Out */ __u8 api_minor; /* Out */ __u8 state; /* Out */ __u32 flags; /* Out */ __u8 build; /* Out */ __u32 guest_count; /* Out */ } __attribute__((packed)); /** * struct sev_user_data_pek_csr - PEK_CSR command parameters * * @address: PEK certificate chain * @length: length of certificate */ struct sev_user_data_pek_csr { __u64 address; /* In */ __u32 length; /* In/Out */ } __attribute__((packed)); /** * struct sev_user_data_cert_import - PEK_CERT_IMPORT command parameters * * @pek_address: PEK certificate chain * @pek_len: length of PEK certificate * @oca_address: OCA certificate chain * @oca_len: length of OCA certificate */ struct sev_user_data_pek_cert_import { __u64 pek_cert_address; /* In */ __u32 pek_cert_len; /* In */ __u64 oca_cert_address; /* In */ __u32 oca_cert_len; /* In */ } __attribute__((packed)); /** * struct sev_user_data_pdh_cert_export - PDH_CERT_EXPORT command parameters * * @pdh_address: PDH certificate address * @pdh_len: length of PDH certificate * @cert_chain_address: PDH certificate chain * @cert_chain_len: length of PDH certificate chain */ struct sev_user_data_pdh_cert_export { __u64 pdh_cert_address; /* In */ __u32 pdh_cert_len; /* In/Out */ __u64 cert_chain_address; /* In */ __u32 cert_chain_len; /* In/Out */ } __attribute__((packed)); /** * struct sev_user_data_get_id - GET_ID command parameters (deprecated) * * @socket1: Buffer to pass unique ID of first socket * @socket2: Buffer to pass unique ID of second socket */ struct sev_user_data_get_id { __u8 socket1[64]; /* Out */ __u8 socket2[64]; /* Out */ } __attribute__((packed)); /** * struct sev_user_data_get_id2 - GET_ID command parameters * @address: Buffer to store unique ID * @length: length of the unique ID */ struct sev_user_data_get_id2 { __u64 address; /* In */ __u32 length; /* In/Out */ } __attribute__((packed)); /** * struct sev_issue_cmd - SEV ioctl parameters * * @cmd: SEV commands to execute * @opaque: pointer to the command structure * @error: SEV FW return code on failure */ struct sev_issue_cmd { __u32 cmd; /* In */ __u64 data; /* In */ __u32 error; /* Out */ } __attribute__((packed)); #define SEV_IOC_TYPE 'S' #define SEV_ISSUE_CMD _IOWR(SEV_IOC_TYPE, 0x0, struct sev_issue_cmd) #endif /* __PSP_USER_SEV_H */ Save