From patchwork Mon Nov 6 18:11:02 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 10044139 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id C255F60247 for ; Mon, 6 Nov 2017 18:24:50 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B9A0329D96 for ; Mon, 6 Nov 2017 18:24:50 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id AE67E29E00; Mon, 6 Nov 2017 18:24:50 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3ADD829D96 for ; Mon, 6 Nov 2017 18:24:50 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932885AbdKFSYM (ORCPT ); Mon, 6 Nov 2017 13:24:12 -0500 Received: from mail-dm3nam03on0078.outbound.protection.outlook.com ([104.47.41.78]:9872 "EHLO NAM03-DM3-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S932609AbdKFSMT (ORCPT ); Mon, 6 Nov 2017 13:12:19 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=Zps+miDTuz/49glK9ItLKl8ryyD96LTifBdUmuWYv2s=; b=akykAmYcSRNrBtB9YH+AUVJhbS927B3Dyyp3FmD2O8V7YC8WPRQG8ozysc1ey8tlZ6inIkO6/UUvSClhx7xppXE697QJxDF09gYcZdKv7yLAF0xGJ3dOkCUNPe71TkvRoBL/0MOAhfTaDfZRDs8OsMchVuu0nx6v14vg+yVT9V8= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from wsp141597wss.amd.com (165.204.78.1) by SN1PR12MB0159.namprd12.prod.outlook.com (10.162.3.146) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.197.13; Mon, 6 Nov 2017 18:12:07 +0000 From: Brijesh Singh To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: bp@alien8.de, Brijesh Singh , Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Borislav Petkov , Herbert Xu , Gary Hook , Tom Lendacky , linux-crypto@vger.kernel.org Subject: [Part2 PATCH v8 10/38] crypto: ccp: Define SEV userspace ioctl and command id Date: Mon, 6 Nov 2017 12:11:02 -0600 Message-Id: <20171106181130.68491-11-brijesh.singh@amd.com> X-Mailer: git-send-email 2.9.5 In-Reply-To: <20171106181130.68491-1-brijesh.singh@amd.com> References: <20171106181130.68491-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: BN6PR10CA0031.namprd10.prod.outlook.com (10.175.102.145) To SN1PR12MB0159.namprd12.prod.outlook.com (10.162.3.146) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 3d18d557-4d49-456f-32ea-08d52541e4de X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(48565401081)(2017052603199); SRVR:SN1PR12MB0159; X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0159; 3:tggvviB99rSzEXjdoH9WXqX1O29sNZ5ntTeuAE9c9EV2wbLK8KOUpPUKfp+MbOH3Xq93fnVXNNjisVydYaZvIYp++hlH32xlaHyZ2LQhVN3Glbng5ep1hRqbIxz8hbKXLTD7Yntr4no68EAJm/mcfyzcyYuNfWXXjqX1Yyfr9Nfg8e9X3aTKYsYr0mp9rSF8a92i59+Ru0jmNrcBl2JXiRV2gjVeIUcOC4uzOOssRYaAXf583MI8UnM1PkZg1XKb; 25:W2k6+AEdXMzG3bhC47EZbWWX9Q8SIETBWnxmH+VmuKmmLhTDvHr/6M4ThpBtJdbx60/XmH0yoQQHTwLpvK8+Vk0l1vG8oJkg6x59r9K9FLKVdL/D69Twi9aPqvLcgAK8fDbw+ipXqQlcn0X/zSZ66glGzPMUaR9D97hxKO7F6dJ5VP50T6KKZtcXnnEoWVGips7n6Tm54GhqXanscAMiYccjKeEXxLn77YvHv55xTI+ZSlTZ+ZuHBctR7FwlXluDj80XJQZ2zkeBLfIlnoHJhualzF/cfSdkFA9SABsQSJQO/sqqgEcJfLoM9U1j1/em/SN2JxN/z33cJRgGOyTynw==; 31:CgezSGm0PEhNjeF73cHNt2Df/uDW8v+K1rvlRByBh7Tnk9waxYqWwCKgnbRQWVv6ZSKhdhqZTPrfBd9nzBaRRgEqUn5I9NA72Edn5CWD8KckOnpjoPGuY37upBD3kkXzCTwrPz9Df5xvgjYpraE60foG3AmhIld6EdTYYXv5wmp/bihexbQL+9Zeqe8ODQJYW1h/WgGFZ0nm1p7we3pjAPazpR/7zHdqepKycUztGXg= X-MS-TrafficTypeDiagnostic: SN1PR12MB0159: X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0159; 20:RTY9es7rBvZ7EHhXgoDwkabMaSJNL0ih+Zl1vl8HmykjAsWwzC2dz+CDop4bqVjTOZH+jtaKm+YgzW0+cEglZ1XQv9e16w4QUGQ8XM6Ci3pF89b0icvNXIuHCWpQNg6qXF5rupD3kA8KYsgkMB2t4CV9Xvvb7PYXjJuBcH0wZ5Q0ajIZ/T5OxlGcRsq7jqZoze/OWKyBW2mf6h4bld+wAWHvgEbfgvJMMRfDDl+mDBSxSmco+/WBuPUVUyYnxShsyB3NCF9IkdpzCmPAcEa07iI2OzLpMGKyHG1cz8pE6kHh7+am3L04kZrR3gYzHDem5J3QbFNQEhxM/RmKC7yWf3GxsMtp/kTGJG3ZoWUHAcfdytBFhleCGzeTMDp4LKsdcW7I57TrlW2hWMKMCJBKAucSvg9EQC0DI5JEhugo7NvYnz6iS0Xs3+4paRHV8z//T1b9ZhxXEwr+EBdhOn55y8lcORhHpeKvuDoyU1bnjfRIPs8dO/eOpqioB8MHMkqk; 4:CD1pRTECnTx+Xkk+y476nKD0aYoJi1Pu/yhE1Mj95HT7on4JWl/sT2HQ99ZDPk+xQix1L83Pl1kqH18cA7EuuBTVoJ/aRedueKfxAqrt+wusLEk0qehq3/Ll/KoCptuuqXT3IIIr2g5AgpSPeFCjcbSfmIvmIb4w55+yLo7RZ2uTsqAKlfp2vuYKDgC56Ka0JFYnaDCqRGJl9NGcOgzjuwk4gyvlUo5SK151dCsHQnKYpdfsHtH6dFos8/kfQrHZiSyrlp5wW0ncxyV5ZJfRr91hCGQ1kyLI6eVyDNjEztS/LcGI+kQSIuxjogkL/reQZhjujh5WP4sYxUbZ2MRNpg== X-Exchange-Antispam-Report-Test: UriScan:(9452136761055)(767451399110); X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(3231021)(100000703101)(100105400095)(3002001)(93006095)(93001095)(10201501046)(6055026)(6041248)(20161123564025)(20161123562025)(20161123555025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(20161123558100)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:SN1PR12MB0159; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:SN1PR12MB0159; X-Forefront-PRVS: 048396AFA0 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(6009001)(346002)(376002)(39860400002)(189002)(199003)(68736007)(97736004)(4326008)(316002)(16526018)(54906003)(7736002)(8936002)(2906002)(81166006)(81156014)(25786009)(53936002)(8676002)(2870700001)(1076002)(6116002)(23676003)(50226002)(189998001)(305945005)(86362001)(3846002)(50466002)(33646002)(66066001)(36756003)(53416004)(47776003)(5660300001)(76176999)(6306002)(478600001)(966005)(6486002)(105586002)(50986999)(2950100002)(101416001)(106356001)(6666003)(2004002); DIR:OUT; SFP:1101; SCL:1; SRVR:SN1PR12MB0159; H:wsp141597wss.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtTTjFQUjEyTUIwMTU5OzIzOjAwZUd2NE5ENlh4aFBaNVJ6YzVPRDJydVpP?= =?utf-8?B?UnlmeDVXeGNmeDk0Q2wyYUFVdnQzY1NSbDJRMVVJaHpmb21iRGJFTkJGOTc0?= =?utf-8?B?TlRWcytON2VDRlRvbWRaMy91MHN5RDJkWUxZQzlkeFEvN09laEY4NnhtUGYx?= =?utf-8?B?cGQwQktTVHBVbXhTRXpsYTA1K2VoN25aVHYvSU01ekFsbFVySWx5eE1nUHQw?= =?utf-8?B?UWRnb3hxcTdMQTdHV3Q1WE9XUzdmclB2RXpTSFlDWUV2aEFseC9IOGFrQWdD?= =?utf-8?B?R0xrSXVkNytqRHJjRjF5WTdQQjRVQjVmRWNMRHJDTkFNRzA4bzU4YmV3Umhl?= =?utf-8?B?U2p2NjBuZGRSRE1ETEtpNFBScjBxSnFpRnpHRWQ4UXdUVkdldmc1V0ZiZXlu?= =?utf-8?B?SkYvOE9ZdzUwMjFmR3NlRnFTQ3N0aTArcFkzMUVEZUphejJUelJYRWZUVGFs?= =?utf-8?B?K3h6ZE5rNkhnWGhvRXlYWGh3enZVbW41TUxhandJREpPVGJQbG4wM09XYnZt?= =?utf-8?B?enFlZVBmMVBVNFVmellCQ3I2bFFtVE9mRFpJdGRLQzAzM2pYaWtuOElEa2pC?= =?utf-8?B?RWZKNGNDei9nc252b0l0Y3hMdi9rR1hNOGYzMTFoV0JxaGUxTGk2Yi9mdU1J?= =?utf-8?B?aUNLNWZvdzdjV2RSbldvYnRUaHRYK0JpUnd2czdVckd4MjZKME9odHZTN2tX?= =?utf-8?B?VXFNMW9sQlNFaTNWc2QyUG9HOFZUckF0cTRWcEV1dm8ybHh1bXlNazlmU2VG?= =?utf-8?B?aHRQbmpjZEJUWmZKcUVjY0JaS1FZZVZCMk9QaG5TblNmYytTL0pvMDdNNExy?= =?utf-8?B?V0hlWnVGMTFUVHZBbUc3ZWo1ME8yRlhKZFN0NThSbStDaWZ6dUxVd2RiZXdm?= =?utf-8?B?WWJZT042a1lKS2NGTkxUbm9MeDlqRklGVTdiK0FRRS9ReGNWK2EvWXFiMW4y?= =?utf-8?B?K29mSzhacnF6YkpOUHVya2lNQTZlRHBHR3hzSGtXRk9uaXJnbkcvMVBUelhL?= =?utf-8?B?dTB0aFdaN0IyVCtYSFpYU2g3SHRsejA4a0RSKzhMeFBlVGdyMFRGcE9NMjRE?= =?utf-8?B?TG1QU0ljK1VwT2p4YUJYYkxydmlUQStWZCtXRnhYMU5QdFhBVjFpbGl2RnR1?= =?utf-8?B?TDAzSVRVUGxZNG4rZXQwQUVOODNad1cwMHFhUHF5cEp5cU9aQW5sMWE4RHBa?= =?utf-8?B?d1hRTnoyT0ZLWE16TUNxVnkvbVpFaG9rMkREeWlhWFE5OUdSeE1uRXFIdnZV?= =?utf-8?B?OCtWeEtFd0xMd0lSelVXajVlaTZuWFpUWDIxQ0VKZVpBYm5aZ0dLeFRnRWc5?= =?utf-8?B?ZlV3RTczSUxGNnRiSGZYSE9FK0RKUmlLcWlpWUQ4bVBBRmNxSnpuS0hhVVNx?= =?utf-8?B?NXFqd2w3RStQLzFoa051VzdtZVpQWFVYOWswN0RlbEJFZ1p6TlJqWkIzVFJN?= =?utf-8?B?SWYzd3Z1eVJKODIzNHRnOFlrRWtsWVE2MVc2cFRHcFpFQ28rZHFBU2ZlUElz?= =?utf-8?Q?YnbrugPTvno+ps8/s31iJXXZY=3D?= X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0159; 6:U5pmoLXh7xJfavmQ3ssC9dSjHrjpw1rixlo8VTrzrSulcGuPxs30ZLBVfwsJXxdrW9knopKwFv2DRvznor1B2FYbu5P1A1PI4f6w2WxJcJOeBA8gvCedSp1hAEsDrRO9CEvhzfuNZDb+3sXcsMH4AwwO41oAAONi9ZNzKVN6eNPTPg6fLoXuSm5Tnm+mIAl6PVsd2nHgaIWbPrkFCQ4ihaPPS+bVXAq+XinKPAkOd8jBx/hoZ8I3qezeIBQI7VwFQjNi8HbLeVbrrOAjco0Hsh3f3jiTyfMxVnnNVozMkMcRlvXwx2fDIZNqy9M/OBXiyMhk2BKRxlrIjCvqMxdIOl51Zxlk7wwvIe5/Y8e89b8=; 5:qwpOuWXKGdVg4PSsIuZzEWKME1LukUV7vCKq5Ou2xlsHa40lw47fnM0rUc+RitfdxVoIv4B7EP/0uZzJPlIfULMnxGx4Q1lxqthmTTXmIY+4ZvH2oXip36oVthPcqU5ULfHfXdSQKvXyO97zBmfKpvE37oUgGF5KybIoiXHr6g8=; 24:vYXbTVzrv8N/lnyNzXVi5NPTEId/YiUzSwfUF2KyZVS0j68MCTGv28FrkNAgcqTIOVpA/hxYyQ+GbUyw3oZygMH/GYLzDW1ByBFjDex23W0=; 7:H6hZ7HtUK1JAaZhWOTmLy+nyNB9zVtgIMFaOZVAtYzLv3s+4t6mqvQ8Bs9bOIUFeHhqoGmqGXh1Fo+lXuOGqphoL7o1x9Udqr0SgqW8Od9NmxxhoSVKjvLx2g3CVdUEn+MYqvmmIFXoyRMCF76h34iuKyIPc0oTuMM65qrV/xMjNsDGHeRabofV+PaPfuK8+x3V48sCovpXkVJPcZqAzqZSpw1/m//TcMQEChVK4s40X3dmUHbAQ1vwrCw00ukXv SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0159; 20:Yvco5tyQjxnDa99Nhlv9J7wLpAMnWY1wBYX+KAECc5/kaJnUhn+RNstWYyUy0+gOkAPTt95UsQjqgqwwRM0F0Umc5EdmIHCMUeflNzttNhalMCadsPVbTBapOpNdLTFpfu+/VpTyPiOAI4ZzOBDLqnXt7n+sqdfJIFw8pQnDwqG6Y+ngUDh7o0mrR8Bt1EKyPbFaVpV6VAu4su+kZGagyLGFmxqoVUeDcqa+hwsN1dSgp1xyA3/E6BF0Uu/vhGp6 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Nov 2017 18:12:07.6912 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 3d18d557-4d49-456f-32ea-08d52541e4de X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB0159 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Add a include file which defines the ioctl and command id used for issuing SEV platform management specific commands. Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu Cc: Gary Hook Cc: Tom Lendacky Cc: linux-crypto@vger.kernel.org Cc: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org Improvements-by: Borislav Petkov Signed-off-by: Brijesh Singh Reviewed-by: Borislav Petkov Acked-by: Gary R Hook --- include/uapi/linux/psp-sev.h | 142 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 142 insertions(+) create mode 100644 include/uapi/linux/psp-sev.h diff --git a/include/uapi/linux/psp-sev.h b/include/uapi/linux/psp-sev.h new file mode 100644 index 000000000000..3d77fe91239a --- /dev/null +++ b/include/uapi/linux/psp-sev.h @@ -0,0 +1,142 @@ +/* + * Userspace interface for AMD Secure Encrypted Virtualization (SEV) + * platform management commands. + * + * Copyright (C) 2016-2017 Advanced Micro Devices, Inc. + * + * Author: Brijesh Singh + * + * SEV spec 0.14 is available at: + * http://support.amd.com/TechDocs/55766_SEV-KM%20API_Specification.pdf + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + */ + +#ifndef __PSP_SEV_USER_H__ +#define __PSP_SEV_USER_H__ + +#include + +/** + * SEV platform commands + */ +enum { + SEV_FACTORY_RESET = 0, + SEV_PLATFORM_STATUS, + SEV_PEK_GEN, + SEV_PEK_CSR, + SEV_PDH_GEN, + SEV_PDH_CERT_EXPORT, + SEV_PEK_CERT_IMPORT, + + SEV_MAX, +}; + +/** + * SEV Firmware status code + */ +typedef enum { + SEV_RET_SUCCESS = 0, + SEV_RET_INVALID_PLATFORM_STATE, + SEV_RET_INVALID_GUEST_STATE, + SEV_RET_INAVLID_CONFIG, + SEV_RET_INVALID_len, + SEV_RET_ALREADY_OWNED, + SEV_RET_INVALID_CERTIFICATE, + SEV_RET_POLICY_FAILURE, + SEV_RET_INACTIVE, + SEV_RET_INVALID_ADDRESS, + SEV_RET_BAD_SIGNATURE, + SEV_RET_BAD_MEASUREMENT, + SEV_RET_ASID_OWNED, + SEV_RET_INVALID_ASID, + SEV_RET_WBINVD_REQUIRED, + SEV_RET_DFFLUSH_REQUIRED, + SEV_RET_INVALID_GUEST, + SEV_RET_INVALID_COMMAND, + SEV_RET_ACTIVE, + SEV_RET_HWSEV_RET_PLATFORM, + SEV_RET_HWSEV_RET_UNSAFE, + SEV_RET_UNSUPPORTED, + SEV_RET_MAX, +} sev_ret_code; + +/** + * struct sev_user_data_status - PLATFORM_STATUS command parameters + * + * @major: major API version + * @minor: minor API version + * @state: platform state + * @flags: platform config flags + * @build: firmware build id for API version + * @guest_count: number of active guests + */ +struct sev_user_data_status { + __u8 api_major; /* Out */ + __u8 api_minor; /* Out */ + __u8 state; /* Out */ + __u32 flags; /* Out */ + __u8 build; /* Out */ + __u32 guest_count; /* Out */ +} __packed; + +/** + * struct sev_user_data_pek_csr - PEK_CSR command parameters + * + * @address: PEK certificate chain + * @length: length of certificate + */ +struct sev_user_data_pek_csr { + __u64 address; /* In */ + __u32 length; /* In/Out */ +} __packed; + +/** + * struct sev_user_data_cert_import - PEK_CERT_IMPORT command parameters + * + * @pek_address: PEK certificate chain + * @pek_len: length of PEK certificate + * @oca_address: OCA certificate chain + * @oca_len: length of OCA certificate + */ +struct sev_user_data_pek_cert_import { + __u64 pek_cert_address; /* In */ + __u32 pek_cert_len; /* In */ + __u64 oca_cert_address; /* In */ + __u32 oca_cert_len; /* In */ +} __packed; + +/** + * struct sev_user_data_pdh_cert_export - PDH_CERT_EXPORT command parameters + * + * @pdh_address: PDH certificate address + * @pdh_len: length of PDH certificate + * @cert_chain_address: PDH certificate chain + * @cert_chain_len: length of PDH certificate chain + */ +struct sev_user_data_pdh_cert_export { + __u64 pdh_cert_address; /* In */ + __u32 pdh_cert_len; /* In/Out */ + __u64 cert_chain_address; /* In */ + __u32 cert_chain_len; /* In/Out */ +} __packed; + +/** + * struct sev_issue_cmd - SEV ioctl parameters + * + * @cmd: SEV commands to execute + * @opaque: pointer to the command structure + * @error: SEV FW return code on failure + */ +struct sev_issue_cmd { + __u32 cmd; /* In */ + __u64 data; /* In */ + __u32 error; /* Out */ +} __packed; + +#define SEV_IOC_TYPE 'S' +#define SEV_ISSUE_CMD _IOWR(SEV_IOC_TYPE, 0x0, struct sev_issue_cmd) + +#endif /* __PSP_USER_SEV_H */