From patchwork Mon Oct  2 20:52:28 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Brijesh Singh <brijesh.singh@amd.com>
X-Patchwork-Id: 9981257
X-Patchwork-Delegate: herbert@gondor.apana.org.au
Return-Path: <linux-crypto-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	BD46460365 for <patchwork-linux-crypto@patchwork.kernel.org>;
	Mon,  2 Oct 2017 20:53:05 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id AF65228906
	for <patchwork-linux-crypto@patchwork.kernel.org>;
	Mon,  2 Oct 2017 20:53:05 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id A3726289D8; Mon,  2 Oct 2017 20:53:05 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 775F428906
	for <patchwork-linux-crypto@patchwork.kernel.org>;
	Mon,  2 Oct 2017 20:53:04 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1751371AbdJBUws (ORCPT
	<rfc822;patchwork-linux-crypto@patchwork.kernel.org>);
	Mon, 2 Oct 2017 16:52:48 -0400
Received: from mail-sn1nam01on0082.outbound.protection.outlook.com
	([104.47.32.82]:39922
	"EHLO NAM01-SN1-obe.outbound.protection.outlook.com"
	rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
	id S1750984AbdJBUwq (ORCPT <rfc822;linux-crypto@vger.kernel.org>);
	Mon, 2 Oct 2017 16:52:46 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=amdcloud.onmicrosoft.com; s=selector1-amd-com;
	h=From:Date:Subject:Message-ID:Content-Type:MIME-Version;
	bh=2Jx9M0DdgXi9S1jap/SAgU+eoZLDLe+/qyoRy/4H9M8=;
	b=VHvRuhZq80nfmVKD4YE3jzGyWYiczBJyhevgHrVwlHWDXfUYVveWud72gSRjMHIr3f8z++EvG/qNWdV3P1SlmUVsFJDIg5ql0bTyFM+iS4rZ/W8++m9kLtWTbkDJgClwD6YKHWrzkTnLCYg2f5JrW9+QSnIKIslEOy4UFdZgBR0=
Authentication-Results: spf=none (sender IP is )
	smtp.mailfrom=brijesh.singh@amd.com;
Received: from ubuntu-010236106000.amd.com (165.204.78.1) by
	CY1PR12MB0151.namprd12.prod.outlook.com (10.161.173.21) with
	Microsoft SMTP Server (version=TLS1_2,
	cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id
	15.20.77.7; Mon, 2 Oct 2017 20:52:41 +0000
From: Brijesh Singh <brijesh.singh@amd.com>
To: bp@suse.de
Cc: Brijesh Singh <brijesh.singh@amd.com>,
	Paolo Bonzini <pbonzini@redhat.com>,
	=?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= <rkrcmar@redhat.com>,
	Herbert Xu <herbert@gondor.apana.org.au>, Gary Hook <gary.hook@amd.com>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	linux-crypto@vger.kernel.org, kvm@vger.kernel.org,
	linux-kernel@vger.kernel.org
Subject: [Part2 PATCH v4.1 06/29] crypto: ccp: Define SEV key management
	command id
Date: Mon,  2 Oct 2017 15:52:28 -0500
Message-Id: <20171002205228.6115-1-brijesh.singh@amd.com>
X-Mailer: git-send-email 2.9.5
In-Reply-To: <20170919204627.3875-7-brijesh.singh@amd.co>
References: <20170919204627.3875-7-brijesh.singh@amd.co>
MIME-Version: 1.0
X-Originating-IP: [165.204.78.1]
X-ClientProxiedBy: BN6PR14CA0044.namprd14.prod.outlook.com (10.171.172.158)
	To CY1PR12MB0151.namprd12.prod.outlook.com (10.161.173.21)
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: d45d123f-0ce3-4aff-2340-08d509d786fd
X-MS-Office365-Filtering-HT: Tenant
X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0;
	RULEID:(22001)(2017030254152)(48565401081)(2017052603199)(201703131423075)(201703031133081)(201702281549075);
	SRVR:CY1PR12MB0151;
X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0151;
	3:NVXnRMsZN/ZSjpH25SU6OCgQL6wHUE0OrKKu/IqJw9JQj3l00LOIkFNRY/ZqqQ0Bc0IeVS+j2UkN1hf6vUitUhvM/QISmwKpai6EkJTfPGcQg+UmWSAKMOcCWuvkp/6ONjmduiDx3GARJU1RNhDdV1bSgXHoi2YG0FszVV5cE24pS1xna7Ijb/g1DcVbLM4rRbOq6EVOZmshV/kHs0jLWq15OhRA4Ic9nbo+8sPqUN9a18k67zrnK+LAjTzpLPqk;
	25:4/4m5v88xtaVtjWVLLZbOsLumKWKp4YYjNT36xsmUsVmtdGUcXYN4WPKStvV96/3ZT8SGzVn5rReKP4y6x7AK37AYxtD1xsOX/DwtdjlmWaX8M9X2WXgmG4gUyLMwe+kd92azuFFonRRrl6vSx5gui6XwPRzECpLLwxGt0UKWA+65/zSoye61dbrICjk+VCvc09XPPj+7tpRJtdh2SdvrtF24i9G/kbBOJGTH8XKCieXBoa0gCfqOyU53O+2IXMHzsJXmbo2SHlRTs13NdzxohkjAm1ULjjhgThzD36KWe1SlBPDfxDyls51KUWdQi1dgNWmIRBXXNQ/8V09wC1vXg==;
	31:TheISkaE8kCI++48hygNMLOeCv4pne2kElqpqLa9pp1PXVpW4rcmpCFvo1j9LIkJigmaPvcamIA66KKTdHbkcJui2mXUkm6vREaYn6v+I+c6nEwRcwLjPKwGJ696rL+wsydvyXYoLgPbUfgU0fhkYeVizepdhCxSQCGsngspxIfj28Rk3CksE8/UJQL9wOj8C5B+Y+phFinCByDdXid42Vy9jF/iYL5xVyTgK3g955g=
X-MS-TrafficTypeDiagnostic: CY1PR12MB0151:
X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0151;
	20:+4Ojjev7JwAepTa4zkjbuep6+YSYCm45X8kIdYmbDk4hIP8vWijbHi8oGnluS395UfbO0mQbuLBPY11j0RFv8ETTr9bPsN74Ykg0elZgt7jSf4S5903mukHibOIwllCGYJzCXelvtASvo0S0xy5ckmTG7B2MkFpUdUfr+Oqb2IbFaoQEG2ihWX6GUT6E2s4AAH4bi6pkuVgdMiZDYeDU5YvTNWDWqOuCYTfG0YkIBhpZyRm5woLc+uVYgVELXLSBiF13NEFjth6X3r8pYl3cFbnlJex/ewpq2hn14fjAS17S4QLS/M2qS4MsPm4uLbtvh5rDba+WIQbyNFhKCgIOgvFLFz4xCi5rvx+SJs1fHjYojfcFJjTBRfKSCNKeO7aT1rGorNZNC2lv1KRudHpf4ERflWMCqUBbjue7DibBJYPeOvRjAse5dR3xZT7jG6UbnpSlY/if3LGg8AQUs3nWg/FEtesysAzbv7oLs1F23sX8qM9FgJMewq9oSEAhu2DW;
	4:j5BLtbLeNt6p0WuFS1QqL8ouybm54E7dGqIuwZ5BDa/EtJRb9a0YI89OHQGgpwFA27jSXxK3k3mWOi5mUoa1mJDnig7x/X8p+Opx8LtZyYgdLzC4zt/OI0UaWkYr0RV3JrgRQVny4/rQIHaZscNmOhbVemx5ITCRhVhT3TIW3LdST9l4ry10W+jQjB5JXfvSct86ug06mv6x4oMswjWTsZfp6klwDdLkNU1zeVJeJ/0wjwkmOWwJwo1m/TRWesE4jl9eAg9dpD5TdqeO4lQLPcBkzW48z86V3Egnd5p7XR2kNVQOVS2mPO3rqJjvlpnr7S6eTCKIqUXgw3CGp9L/cQ==
X-Exchange-Antispam-Report-Test: UriScan:(9452136761055)(767451399110);
X-Microsoft-Antispam-PRVS: 
 <CY1PR12MB0151E286BFF3AA20AD0C5D28E57D0@CY1PR12MB0151.namprd12.prod.outlook.com>
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0;
	RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(100000703101)(100105400095)(10201501046)(93006095)(93001095)(3002001)(6055026)(6041248)(20161123558100)(20161123564025)(20161123562025)(20161123560025)(20161123555025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095);
	SRVR:CY1PR12MB0151; BCL:0; PCL:0;
	RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095);
	SRVR:CY1PR12MB0151;
X-Forefront-PRVS: 0448A97BF2
X-Forefront-Antispam-Report: SFV:NSPM;
	SFS:(10009020)(6009001)(346002)(376002)(189002)(199003)(2950100002)(36756003)(2906002)(53416004)(316002)(97736004)(16526017)(6306002)(6916009)(106356001)(105586002)(2870700001)(189998001)(6116002)(68736007)(23676002)(101416001)(1720100001)(2351001)(2361001)(86362001)(575784001)(50226002)(54906003)(1076002)(3846002)(53936002)(8936002)(50466002)(7736002)(4326008)(305945005)(33646002)(81166006)(81156014)(6666003)(8676002)(6486002)(66066001)(25786009)(50986999)(966005)(47776003)(5660300001)(478600001)(76176999)(2004002);
	DIR:OUT; SFP:1101; SCL:1; SRVR:CY1PR12MB0151;
	H:ubuntu-010236106000.amd.com; FPR:; SPF:None;
	PTR:InfoNoRecords; MX:1; A:1; LANG:en;
Received-SPF: None (protection.outlook.com: amd.com does not designate
	permitted sender hosts)
X-Microsoft-Exchange-Diagnostics: 
 =?utf-8?B?MTtDWTFQUjEyTUIwMTUxOzIzOld6OUpucFlTTTR2a0daVlV1T3BLT0grK2M1?=
	=?utf-8?B?dTgxQzZ1UVVUNTNqeDU4V1pLVTRzZlNFZ3VyUWt6NnZ5akYzUWp4ZUcrV0tY?=
	=?utf-8?B?ZExtSDdlRklCQzBIdW42YkFmeis3Z09SUmkzdTlpdXZzN0tGam9qMW5hRWJU?=
	=?utf-8?B?TmV1TWsrSWRPS0diV0NLVE5mbld5OWtXS0dabEJDUFZTTWtzYm13UTZlbFBE?=
	=?utf-8?B?V2poRFVPcXVUQWRNeUYxNjc4UnZJZ2RKWVU3T2grYTI1NHBKTm5GZ0NJWVNj?=
	=?utf-8?B?T05rcStnT1FMclZqM3BkUU5ZUHFkQVo4a1ZuWjRlbWtEeThER0Z6bG41OW1L?=
	=?utf-8?B?UGtaVEN2UmdMTEMzNzRFSENCK0E4LzRyNlBTNTk4cGFHbDdqaUYybmFmOFZS?=
	=?utf-8?B?TnR0M2M5dnAxM2xhY1Q4dVJrd01wRlk1bGxvN0FyRTFySVM3alJVNEJWdy9I?=
	=?utf-8?B?ZVIzREd2eGljQjBGZUsxMWtlckN1L0swN1dyY2RqRnphTTFETFVIb1EydUx2?=
	=?utf-8?B?ZzE2b1VnZmN5c0tKeTJkS2hKczhMbUc4ZFkxY0cyRDdPQXQ3T0pzQWpiR3E0?=
	=?utf-8?B?d0t1RHEzeDNDQjRxSCtJc1UxWXdyc093NHo2UHQwOE9EN0xlQXNVbExBc2c0?=
	=?utf-8?B?T01zTEs1eEw3cm9pcitndHhoNUpMcTFWTzd5K0lJVkI3UnRkMFJ5QnppSFhm?=
	=?utf-8?B?QitXUHFPUFE2c1RucUExQ3ZQMmQzQWhiT2thMmVBVGdocTBHTmRLc1pJYU1D?=
	=?utf-8?B?Tkd2U3I5WWhBLzNJRE9rejkvalpDUmVTeElyVTl5SjN3RDhyQllGVi9za3dv?=
	=?utf-8?B?NVRUYmtjcG51SDkyZ1pNWFd3YlNsaU4zN2NxZjhlSXZxbFZGa0VINmFnUmpr?=
	=?utf-8?B?SGE4dDAzVTNPL283UUh4YWU3enVtb3FmK0krVjh5RndOazRrVlpmdk1oUXF1?=
	=?utf-8?B?eWM0bUdZNjRESXJLVXdNamFuMi96NjdrMEl0dlg5dmxucjZmcG1CY3BTTTVQ?=
	=?utf-8?B?cm1WNDBzemplZXRPamFDRkdFM1dZa2NEbktFa3JsSTcrM29Xa1BqSkxYTjhX?=
	=?utf-8?B?NFhUZkFadlptamJyNDNSaCttcXBnSjVFVkdRVWNHU1V3MDgrcGtxZkRVb0o3?=
	=?utf-8?B?dGFmVzBlN3NIQ1l0QVAyRUxkWE1WcTByajdSNlR1TURzdXU4cXd6WnBjQjRS?=
	=?utf-8?B?cVhIckJQR2tEYW1XZjkyT2I2N3VNRzNheHZXYlRGZm9ETVBqa1h4RVNaQWdM?=
	=?utf-8?B?bG8xemlmTjhkUlJxeHFIWGNWZERzdnk5dHFZOGFSSlhIRlYxYVA0ZUcvTXNW?=
	=?utf-8?B?QjhUZmNhUWpWd2toTWxZYks4UEFIV1F5clVhL2xOOHc2YzUrNWFJMzZpdVdp?=
	=?utf-8?B?VkJGUU1QcysyanJtdEFDcEd5ZllIWFZmaEw3VnA2Y0Z1aDVscjRJdFY2ZjVw?=
	=?utf-8?B?WDVSanhQZ1Y1UEhVblQrL2Rwb0lMdjJKV0FMR3liU0ZRcGFQb1lEN0k3eks4?=
	=?utf-8?B?c3dWdGtVZFpOd0lFSjFpSk9sWU5SNTF1aEFhZTJOZllJRE9SU080azI3Q25I?=
	=?utf-8?B?cDFMTUtjQ3prUW8zSk1Malc1Y1pwczJIZ1MyUXJUNjJncWJmS2F6ZDhWMnZ3?=
	=?utf-8?Q?wypxQH30Y5pTbFxf45QR?=
X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0151;
	6:3QBCp0VSJy3Es7RXXmzyRZzvMPVxAgkArzV0aFeeX+HzjJAu9vYJRHOTG5WoDVIj1NE/jlpKaw0gwdmDkdiotOAfiiKqiB3i9ZcyJir714BDR96oTHIOb4bECX7RtOgD+v8/a/WFg2zwTOGA61sOM6WO4GeT60yJyYZPrqrrvxecPuC+EBRtTpKe8tkAzwhFXL0g9rdWvjaqn8Tm/L5zXru73T4acqNpvCLlUII6/SGY0QhIvNzp4ZjqOpd19yUrbEMXhOh812MOi4UBjU8y68o+Hb7QAtwOIlIqKYrJjalBCy1eqy5zuxB/XbyT4e8Ax+5ehOQl27Pr8h+6LvZwBg==;
	5:IB4VQMYCWSPIAd89SnWKzi1gKcExA+xUjdBAh7NQSMSjW4g89R1p37zZYwaOg0eVvmqbW+QhenxsQLqpbl079jFFtfYNbAYmU1FmfUgGVUa9rU2p5ormWXlmUlWLmxxxlni80vVQTItFJjKnlAKOXQ==;
	24:/5YF0XN5caWEg4VVk2bDLguI+oZUNJP/qaG9aCupUIN1BDvGSLkkvo3VdmncUnC6x0UJ2X5jR+XjLNTc03T9rnhlHAdno9UaXOzheTOmaFY=;
	7:uhBvG4vXX3Vs8XC7yeed/4Rdhs/PfpguB7yRvJhsOh4aYhSuJ4vTPsx0ZeKGUaOSmxhqlYS1wh8sJOmboFFWbBKv/9L+7zAEfrFhY6SyZfWLt57eShGP03yCoJQdo5RvkN3ocKypna14JJYnGa2un2dDATMcrwmOlZLCWzfVB3JEUd9OF87b7+ayx4JEt5UMyrmtsy2Z/R6kbnJZMLM4THjMnOgUSPEfAGZiXs1Dk5w=
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0151;
	20:B6KhCzUo5qLS/HDJ8CysGchYu7eUXNLblfUnG5xx1iuqUNLHr/JPPFxxWIotwemSxIVH1yEPbRD3OAWDiEI/cnb5c9NOJbgn6R5oembRA5Zopyc9EgUvWdgqTJ2/YgRJ5QKbKo1ihKkOZUjuHx32LMdHEoiv4aNXfahcrExSvpAAYpD0we0B9DxRWnI2eSN1pK6FDzCHDIEsI2GnSeODwOQO16yCb/300d9xBxw4wUHu7QGiZA/VFJ0IoT+XluyQ
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Oct 2017 20:52:41.9368
	(UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR12MB0151
Sender: linux-crypto-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

Define Secure Encrypted Virtualization (SEV) key management command id
and structure. The command definition is available in SEV KM [1] spec
0.14.

[1] http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: "Radim Krčmář" <rkrcmar@redhat.com>
Cc: Borislav Petkov <bp@suse.de>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Gary Hook <gary.hook@amd.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: linux-crypto@vger.kernel.org
Cc: kvm@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---

Changes since v4:
 * add spec reference

 include/linux/psp-sev.h | 515 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 515 insertions(+)
 create mode 100644 include/linux/psp-sev.h

diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h
new file mode 100644
index 000000000000..f01d0e3b09b8
--- /dev/null
+++ b/include/linux/psp-sev.h
@@ -0,0 +1,515 @@
+/*
+ * AMD Secure Encrypted Virtualization (SEV) driver interface
+ *
+ * Copyright (C) 2016-2017 Advanced Micro Devices, Inc.
+ *
+ * Author: Brijesh Singh <brijesh.singh@amd.com>
+ *
+ * SEV spec 0.14 is available at:
+ * http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#ifndef __PSP_SEV_H__
+#define __PSP_SEV_H__
+
+#ifdef CONFIG_X86
+#include <linux/mem_encrypt.h>
+
+#define __psp_pa(x)	__sme_pa(x)
+#else
+#define __psp_pa(x)	__pa(x)
+#endif
+
+#define SEV_FW_BLOB_MAX_SIZE	0x4000	/* 16KB */
+
+/**
+ * SEV platform state
+ */
+enum sev_state {
+	SEV_STATE_UNINIT		= 0x0,
+	SEV_STATE_INIT			= 0x1,
+	SEV_STATE_WORKING		= 0x2,
+
+	SEV_STATE_MAX
+};
+
+/**
+ * SEV platform and guest management commands
+ */
+enum sev_cmd {
+	/* platform commands */
+	SEV_CMD_INIT			= 0x001,
+	SEV_CMD_SHUTDOWN		= 0x002,
+	SEV_CMD_FACTORY_RESET		= 0x003,
+	SEV_CMD_PLATFORM_STATUS		= 0x004,
+	SEV_CMD_PEK_GEN			= 0x005,
+	SEV_CMD_PEK_CSR			= 0x006,
+	SEV_CMD_PEK_CERT_IMPORT		= 0x007,
+	SEV_CMD_PDH_CERT_EXPORT		= 0x008,
+	SEV_CMD_PDH_GEN			= 0x009,
+	SEV_CMD_DF_FLUSH		= 0x00A,
+
+	/* Guest commands */
+	SEV_CMD_DECOMMISSION		= 0x020,
+	SEV_CMD_ACTIVATE		= 0x021,
+	SEV_CMD_DEACTIVATE		= 0x022,
+	SEV_CMD_GUEST_STATUS		= 0x023,
+
+	/* Guest launch commands */
+	SEV_CMD_LAUNCH_START		= 0x030,
+	SEV_CMD_LAUNCH_UPDATE_DATA	= 0x031,
+	SEV_CMD_LAUNCH_UPDATE_VMSA	= 0x032,
+	SEV_CMD_LAUNCH_MEASURE		= 0x033,
+	SEV_CMD_LAUNCH_UPDATE_SECRET	= 0x034,
+	SEV_CMD_LAUNCH_FINISH		= 0x035,
+
+	/* Guest migration commands (outgoing) */
+	SEV_CMD_SEND_START		= 0x040,
+	SEV_CMD_SEND_UPDATE_DATA	= 0x041,
+	SEV_CMD_SEND_UPDATE_VMSA	= 0x042,
+	SEV_CMD_SEND_FINISH		= 0x043,
+
+	/* Guest migration commands (incoming) */
+	SEV_CMD_RECEIVE_START		= 0x050,
+	SEV_CMD_RECEIVE_UPDATE_DATA	= 0x051,
+	SEV_CMD_RECEIVE_UPDATE_VMSA	= 0x052,
+	SEV_CMD_RECEIVE_FINISH		= 0x053,
+
+	/* Guest debug commands */
+	SEV_CMD_DBG_DECRYPT		= 0x060,
+	SEV_CMD_DBG_ENCRYPT		= 0x061,
+
+	SEV_CMD_MAX,
+};
+
+/**
+ * status code returned by the commands
+ */
+enum psp_ret_code {
+	SEV_RET_SUCCESS = 0,
+	SEV_RET_INVALID_PLATFORM_STATE,
+	SEV_RET_INVALID_GUEST_STATE,
+	SEV_RET_INAVLID_CONFIG,
+	SEV_RET_INVALID_len,
+	SEV_RET_ALREADY_OWNED,
+	SEV_RET_INVALID_CERTIFICATE,
+	SEV_RET_POLICY_FAILURE,
+	SEV_RET_INACTIVE,
+	SEV_RET_INVALID_ADDRESS,
+	SEV_RET_BAD_SIGNATURE,
+	SEV_RET_BAD_MEASUREMENT,
+	SEV_RET_ASID_OWNED,
+	SEV_RET_INVALID_ASID,
+	SEV_RET_WBINVD_REQUIRED,
+	SEV_RET_DFFLUSH_REQUIRED,
+	SEV_RET_INVALID_GUEST,
+	SEV_RET_INVALID_COMMAND,
+	SEV_RET_ACTIVE,
+	SEV_RET_HWSEV_RET_PLATFORM,
+	SEV_RET_HWSEV_RET_UNSAFE,
+	SEV_RET_UNSUPPORTED,
+	SEV_RET_MAX,
+};
+
+/**
+ * struct sev_data_init - INIT command parameters
+ *
+ * @flags: processing flags
+ * @tmr_address: system physical address used for SEV-ES
+ * @tmr_len: len of tmr_address
+ */
+struct __attribute__((__packed__)) sev_data_init {
+	u32 flags;			/* In */
+	u32 reserved;			/* In */
+	u64 tmr_address;		/* In */
+	u32 tmr_len;			/* In */
+};
+
+/**
+ * struct sev_data_status - PLATFORM_STATUS command parameters
+ *
+ * @major: major API version
+ * @minor: minor API version
+ * @state: platform state
+ * @owner: self-owned or externally owned
+ * @config: platform config flags
+ * @build: firmware build id for API version
+ * @guest_count: number of active guests
+ */
+struct __attribute__((__packed__)) sev_data_status {
+	u8 api_major;				/* Out */
+	u8 api_minor;				/* Out */
+	u8 state;				/* Out */
+	u8 owner : 1;				/* Out */
+	u8 reserved1 : 7;
+	u32 config : 1;				/* Out */
+	u32 reserved2 : 23;
+	u32 build : 8;				/* Out */
+	u32 guest_count;			/* Out */
+};
+
+/**
+ * struct sev_data_pek_csr - PEK_CSR command parameters
+ *
+ * @address: PEK certificate chain
+ * @len: len of certificate
+ */
+struct __attribute__((__packed__)) sev_data_pek_csr {
+	u64 address;				/* In */
+	u32 len;				/* In/Out */
+};
+
+/**
+ * struct sev_data_cert_import - PEK_CERT_IMPORT command parameters
+ *
+ * @pek_address: PEK certificate chain
+ * @pek_len: len of PEK certificate
+ * @oca_address: OCA certificate chain
+ * @oca_len: len of OCA certificate
+ */
+struct __attribute__((__packed__)) sev_data_pek_cert_import {
+	u64 pek_cert_address;			/* In */
+	u32 pek_cert_len;			/* In */
+	u32 reserved;				/* In */
+	u64 oca_cert_address;			/* In */
+	u32 oca_cert_len;			/* In */
+};
+
+/**
+ * struct sev_data_pdh_cert_export - PDH_CERT_EXPORT command parameters
+ *
+ * @pdh_address: PDH certificate address
+ * @pdh_len: len of PDH certificate
+ * @cert_chain_address: PDH certificate chain
+ * @cert_chain_len: len of PDH certificate chain
+ */
+struct __attribute__((__packed__)) sev_data_pdh_cert_export {
+	u64 pdh_cert_address;			/* In */
+	u32 pdh_cert_len;			/* In/Out */
+	u32 reserved;				/* In */
+	u64 cert_chain_address;			/* In */
+	u32 cert_chain_len;			/* In/Out */
+};
+
+/**
+ * struct sev_data_decommission - DECOMMISSION command parameters
+ *
+ * @handle: handle of the VM to decommission
+ */
+struct __attribute__((__packed__)) sev_data_decommission {
+	u32 handle;				/* In */
+};
+
+/**
+ * struct sev_data_activate - ACTIVATE command parameters
+ *
+ * @handle: handle of the VM to activate
+ * @asid: asid assigned to the VM
+ */
+struct __attribute__((__packed__)) sev_data_activate {
+	u32 handle;				/* In */
+	u32 asid;				/* In */
+};
+
+/**
+ * struct sev_data_deactivate - DEACTIVATE command parameters
+ *
+ * @handle: handle of the VM to deactivate
+ */
+struct __attribute__((__packed__)) sev_data_deactivate {
+	u32 handle;				/* In */
+};
+
+/**
+ * struct sev_data_guest_status - SEV GUEST_STATUS command parameters
+ *
+ * @handle: handle of the VM to retrieve status
+ * @policy: policy information for the VM
+ * @asid: current ASID of the VM
+ * @state: current state of the VM
+ */
+struct __attribute__((__packed__)) sev_data_guest_status {
+	u32 handle;				/* In */
+	u32 policy;				/* Out */
+	u32 asid;				/* Out */
+	u8 state;				/* Out */
+};
+
+/**
+ * struct sev_data_launch_start - LAUNCH_START command parameters
+ *
+ * @handle: handle assigned to the VM
+ * @policy: guest launch policy
+ * @dh_cert_address: physical address of DH certificate blob
+ * @dh_cert_len: len of DH certificate blob
+ * @session_address: physical address of session parameters
+ * @session_len: len of session parameters
+ */
+struct __attribute__((__packed__)) sev_data_launch_start {
+	u32 handle;				/* In/Out */
+	u32 policy;				/* In */
+	u64 dh_cert_address;			/* In */
+	u32 dh_cert_len;			/* In */
+	u32 reserved;				/* In */
+	u64 session_address;			/* In */
+	u32 session_len;			/* In */
+};
+
+/**
+ * struct sev_data_launch_update_data - LAUNCH_UPDATE_DATA command parameter
+ *
+ * @handle: handle of the VM to update
+ * @len: len of memory to be encrypted
+ * @address: physical address of memory region to encrypt
+ */
+struct __attribute__((__packed__)) sev_data_launch_update_data {
+	u32 handle;				/* In */
+	u32 reserved;
+	u64 address;				/* In */
+	u32 len;				/* In */
+};
+
+/**
+ * struct sev_data_launch_update_vmsa - LAUNCH_UPDATE_VMSA command
+ *
+ * @handle: handle of the VM
+ * @address: physical address of memory region to encrypt
+ * @len: len of memory region to encrypt
+ */
+struct __attribute__((__packed__)) sev_data_launch_update_vmsa {
+	u32 handle;				/* In */
+	u32 reserved;
+	u64 address;				/* In */
+	u32 len;				/* In */
+};
+
+/**
+ * struct sev_data_launch_measure - LAUNCH_MEASURE command parameters
+ *
+ * @handle: handle of the VM to process
+ * @address: physical address containing the measurement blob
+ * @len: len of measurement blob
+ */
+struct __attribute__((__packed__)) sev_data_launch_measure {
+	u32 handle;				/* In */
+	u32 reserved;
+	u64 address;				/* In */
+	u32 len;				/* In/Out */
+};
+
+/**
+ * struct sev_data_launch_secret - LAUNCH_SECRET command parameters
+ *
+ * @handle: handle of the VM to process
+ * @hdr_address: physical address containing the packet header
+ * @hdr_len: len of packet header
+ * @guest_address: system physical address of guest memory region
+ * @guest_len: len of guest_paddr
+ * @trans_address: physical address of transport memory buffer
+ * @trans_len: len of transport memory buffer
+ */
+struct __attribute__((__packed__)) sev_data_launch_secret {
+	u32 handle;				/* In */
+	u32 reserved1;
+	u64 hdr_address;			/* In */
+	u32 hdr_len;				/* In */
+	u32 reserved2;
+	u64 guest_address;			/* In */
+	u32 guest_len;				/* In */
+	u32 reserved3;
+	u64 trans_address;			/* In */
+	u32 trans_len;				/* In */
+};
+
+/**
+ * struct sev_data_launch_finish - LAUNCH_FINISH command parameters
+ *
+ * @handle: handle of the VM to process
+ */
+struct __attribute__((__packed__)) sev_data_launch_finish {
+	u32 handle;				/* In */
+};
+
+/**
+ * struct sev_data_send_start - SEND_START command parameters
+ *
+ * @handle: handle of the VM to process
+ * @policy: policy information for the VM
+ * @pdh_cert_address: physical address containing PDH certificate
+ * @pdh_cert_len: len of PDH certificate
+ * @plat_certs_address: physical address containing platform certificate
+ * @plat_certs_len: len of platform certificate
+ * @amd_certs_address: physical address containing AMD certificate
+ * @amd_certs_len: len of AMD certificate
+ * @session_address: physical address containing Session data
+ * @session_len: len of session data
+ */
+struct __attribute__((__packed__)) sev_data_send_start {
+	u32 handle;				/* In */
+	u32 policy;				/* Out */
+	u64 pdh_cert_address;			/* In */
+	u32 pdh_cert_len;			/* In */
+	u32 reserved1;
+	u64 plat_cert_address;			/* In */
+	u32 plat_cert_len;			/* In */
+	u32 reserved2;
+	u64 amd_cert_address;			/* In */
+	u32 amd_cert_len;			/* In */
+	u32 reserved3;
+	u64 session_address;			/* In */
+	u32 session_len;			/* In/Out */
+};
+
+/**
+ * struct sev_data_send_update - SEND_UPDATE_DATA command
+ *
+ * @handle: handle of the VM to process
+ * @hdr_address: physical address containing packet header
+ * @hdr_len: len of packet header
+ * @guest_address: physical address of guest memory region to send
+ * @guest_len: len of guest memory region to send
+ * @trans_address: physical address of host memory region
+ * @trans_len: len of host memory region
+ */
+struct __attribute__((__packed__)) sev_data_send_update_data {
+	u32 handle;				/* In */
+	u32 reserved1;
+	u64 hdr_address;			/* In */
+	u32 hdr_len;				/* In/Out */
+	u32 reserved2;
+	u64 guest_address;			/* In */
+	u32 guest_len;				/* In */
+	u32 reserved3;
+	u64 trans_address;			/* In */
+	u32 trans_len;				/* In */
+};
+
+/**
+ * struct sev_data_send_update - SEND_UPDATE_VMSA command
+ *
+ * @handle: handle of the VM to process
+ * @hdr_address: physical address containing packet header
+ * @hdr_len: len of packet header
+ * @guest_address: physical address of guest memory region to send
+ * @guest_len: len of guest memory region to send
+ * @trans_address: physical address of host memory region
+ * @trans_len: len of host memory region
+ */
+struct __attribute__((__packed__)) sev_data_send_update_vmsa {
+	u32 handle;				/* In */
+	u64 hdr_address;			/* In */
+	u32 hdr_len;				/* In/Out */
+	u32 reserved2;
+	u64 guest_address;			/* In */
+	u32 guest_len;				/* In */
+	u32 reserved3;
+	u64 trans_address;			/* In */
+	u32 trans_len;				/* In */
+};
+
+/**
+ * struct sev_data_send_finish - SEND_FINISH command parameters
+ *
+ * @handle: handle of the VM to process
+ */
+struct __attribute__((__packed__)) sev_data_send_finish {
+	u32 handle;				/* In */
+};
+
+/**
+ * struct sev_data_receive_start - RECEIVE_START command parameters
+ *
+ * @handle: handle of the VM to perform receive operation
+ * @pdh_cert_address: system physical address containing PDH certificate blob
+ * @pdh_cert_len: len of PDH certificate blob
+ * @session_address: system physical address containing session blob
+ * @session_len: len of session blob
+ */
+struct __attribute__((__packed__)) sev_data_receive_start {
+	u32 handle;				/* In/Out */
+	u32 policy;				/* In */
+	u64 pdh_cert_address;			/* In */
+	u32 pdh_cert_len;			/* In */
+	u32 reserved1;
+	u64 session_address;			/* In */
+	u32 session_len;			/* In */
+};
+
+/**
+ * struct sev_data_receive_update_data - RECEIVE_UPDATE_DATA command parameters
+ *
+ * @handle: handle of the VM to update
+ * @hdr_address: physical address containing packet header blob
+ * @hdr_len: len of packet header
+ * @guest_address: system physical address of guest memory region
+ * @guest_len: len of guest memory region
+ * @trans_address: system physical address of transport buffer
+ * @trans_len: len of transport buffer
+ */
+struct __attribute__((__packed__)) sev_data_receive_update_data {
+	u32 handle;				/* In */
+	u32 reserved1;
+	u64 hdr_address;			/* In */
+	u32 hdr_len;				/* In */
+	u32 reserved2;
+	u64 guest_address;			/* In */
+	u32 guest_len;				/* In */
+	u32 reserved3;
+	u64 trans_address;			/* In */
+	u32 trans_len;				/* In */
+};
+
+/**
+ * struct sev_data_receive_update_vmsa - RECEIVE_UPDATE_VMSA command parameters
+ *
+ * @handle: handle of the VM to update
+ * @hdr_address: physical address containing packet header blob
+ * @hdr_len: len of packet header
+ * @guest_address: system physical address of guest memory region
+ * @guest_len: len of guest memory region
+ * @trans_address: system physical address of transport buffer
+ * @trans_len: len of transport buffer
+ */
+struct __attribute__((__packed__)) sev_data_receive_update_vmsa {
+	u32 handle;				/* In */
+	u32 reserved1;
+	u64 hdr_address;			/* In */
+	u32 hdr_len;				/* In */
+	u32 reserved2;
+	u64 guest_address;			/* In */
+	u32 guest_len;				/* In */
+	u32 reserved3;
+	u64 trans_address;			/* In */
+	u32 trans_len;				/* In */
+};
+
+/**
+ * struct sev_data_receive_finish - RECEIVE_FINISH command parameters
+ *
+ * @handle: handle of the VM to finish
+ */
+struct __attribute__((__packed__)) sev_data_receive_finish {
+	u32 handle;				/* In */
+};
+
+/**
+ * struct sev_data_dbg - DBG_ENCRYPT/DBG_DECRYPT command parameters
+ *
+ * @handle: handle of the VM to perform debug operation
+ * @src_addr: source address of data to operate on
+ * @dst_addr: destination address of data to operate on
+ * @len: len of data to operate on
+ */
+struct __attribute__((__packed__)) sev_data_dbg {
+	u32 handle;				/* In */
+	u32 reserved;
+	u64 src_addr;				/* In */
+	u64 dst_addr;				/* In */
+	u32 len;				/* In */
+};
+
+#endif	/* __PSP_SEV_H__ */