From patchwork Mon Nov 6 18:11:03 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 10044121 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 5E4DC60247 for ; Mon, 6 Nov 2017 18:23:50 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5410429E00 for ; Mon, 6 Nov 2017 18:23:50 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 48ED929F0C; Mon, 6 Nov 2017 18:23:50 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3F2C829E00 for ; Mon, 6 Nov 2017 18:23:49 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753966AbdKFSXr (ORCPT ); Mon, 6 Nov 2017 13:23:47 -0500 Received: from mail-by2nam03on0078.outbound.protection.outlook.com ([104.47.42.78]:49424 "EHLO NAM03-BY2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S932610AbdKFSMV (ORCPT ); Mon, 6 Nov 2017 13:12:21 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=SziRIsVfcr64Of232kn2bW4hZDLcW6410PfhX2fBIaM=; b=Sy/c+aulADV0grh5o4cginLgg+Xkj9jvQtPPeo7nvcUeaEwDcYP0BWHpYXDHdB+RgigC9EaB6+yz1nyVgOoRaho2FYgLc2SwnyikSiXQ0n6Dss2qYxr8QmU/v7RMVGiLKQvfqyBH1hddm8BmDl6l7xVLQBHcw3CQ4HqAelzRdZU= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from wsp141597wss.amd.com (165.204.78.1) by SN1PR12MB0159.namprd12.prod.outlook.com (10.162.3.146) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.197.13; Mon, 6 Nov 2017 18:12:08 +0000 From: Brijesh Singh To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: bp@alien8.de, Brijesh Singh , Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Borislav Petkov , Herbert Xu , Gary Hook , Tom Lendacky , linux-crypto@vger.kernel.org Subject: [Part2 PATCH v8 11/38] crypto: ccp: Define SEV key management command id Date: Mon, 6 Nov 2017 12:11:03 -0600 Message-Id: <20171106181130.68491-12-brijesh.singh@amd.com> X-Mailer: git-send-email 2.9.5 In-Reply-To: <20171106181130.68491-1-brijesh.singh@amd.com> References: <20171106181130.68491-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: BN6PR10CA0031.namprd10.prod.outlook.com (10.175.102.145) To SN1PR12MB0159.namprd12.prod.outlook.com (10.162.3.146) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: c72eb4c2-abae-4699-0473-08d52541e591 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(48565401081)(2017052603199); SRVR:SN1PR12MB0159; X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0159; 3:AK3uGWy/rfiEXA3Hhzq/oqZv8RtAxCFR0w8juzr6+jNdP9rFtbt/rFzjUfs4COcaYeK6aPWonSKPboB1QP40L2YpOh2i5uKv4O/+LxWFSshAAs8iJKhZv6tNd+fOCCH5tgicDolBw3oYu3UVnN46lsaOyXsXksil4p37kAUcL1nGkU2qNqV83ouN/WkN6e54kioon+2fiRnx0Ia6iVCiJ0aZkodVL/2iJ8ourzyEenErVOEcwukHrbKxuqMx6UR8; 25:aMcbggrZhyCLM7EXFo+nrY1jYwbBTO+fcYQr5lZezAAODjuAlr3rXv733fQGqefcQ2zUhiQdhUzyc4/T6dPZ03EW0UrfMDVNWYhd/7AU27q1sUnq/71nFiq3vwasnkjR5j0Wgv4D4pNvpmF3sTOaw9VGdNzGBC6ZRAWMYFkTSjuwXgI6+uwUbMh3ait49bIMGg4KQ57nLdfUG6dVyc4qKWMUH50pdLKjnF3Uiq51qqjQ284MF3QREATmN598wXD496wNInhxCdDcLl1sg0zuVW2ZDg1O4oRpsg8q4BerjXk2BTw9DnhBUSPqpJKdXcfFQge6tO1StAO5woFr+0ggfg==; 31:9O6Q6BWU6nTujldW98+/dieW50ne3tLJKyeyDP+qGEsyaOb4YvZBifqdJw4Zl0T1EhCDek4BHI07x7lpR0P0xG7tAIZQIoOYDvPJFpRCQlDekhnysXlvIDFfdTWwtmd3tGml/W1DzLrez0xw7YaW1RGzEekhGq+YWGoSXilu2vnxpQUiBC2b8Y7WMxHTFGDj7yjEWxQ9bxH2N2XGshQL/oPmTYp9rLbZ0guExN788Kc= X-MS-TrafficTypeDiagnostic: SN1PR12MB0159: X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0159; 20:w2h80YRGOJzB8Zg2ae/g2kmyYuN6kljbFfZeI8EIWvRs3anF1Z5/eWKWoY4moWtYKR+aInrxh+EF7MZaf7HNAYESv2YMnWs8gZrc4u3/j3O39aPl07eEES1vTCDlZ4zaT60GeYpyMJY50GaMOpxudqXk9uveoVqynNINza+HkHHxnHH5xxi5mHM4JyzXaXCZLLTKSlxIni/PZUW3olV3L4ACuZBOTa6dwAMZXipxKdSkdbr8U87dKNqJLGitlbQ7vAvJWnK/m4ziMjvNHw3yDgPWxOxia7DGJ5EMoKWyWTPOUkrrTzZs9K1RazTdSPz1Bsf9UIxQeT/xkjZ+bbccnt8fq/OAYQ3aMi1xTfEvO6D87K75sfdG3IA0S5a7YqcMAmUhgTdtfBl85Npc68k/F8k/tI+Fe0sIqJnt6+ydmKlolGZnZMeNbP3XaPZbwQlIcxxiohoxXBhCaVqPMLc86am6iBEM/bVvBGb/2J2nv28lpuW6qibeb3kZH4YeC0lT; 4:EZgI0SP4F0lCcAmWlZo99dozWmwy5/TuY1WAhSsTgdbd4oJiWN1lhMHD/h2i/MYQOlzyqq5R8bGEfbWgXAFO81iifMpglvAfnMH7qo1Is16EvIAKV0z2PDUQe7ph5/Nq4kkj8W3JfXlaZ+Ny2FjFtiTG0qznHwtT9BoLkTVdNvmEn1Vj6sTTNk8doYng+G+E7Ss3uKhwxrMR2XBNPhsNlrc8qAn1Dj5cRngrG1cGTOzIugOSiDzbcLH1zrZ+RdJ+Ai32PX31UxXBi4GaI/GI4hZ/iqXAPg5NQTcmgs95m85B5HM6VDcZOCZH1MYWT2uL63oSaazMuEI5bzRNptTcng== X-Exchange-Antispam-Report-Test: UriScan:(9452136761055)(767451399110); X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(3231021)(100000703101)(100105400095)(3002001)(93006095)(93001095)(10201501046)(6055026)(6041248)(20161123564025)(20161123562025)(20161123555025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(20161123558100)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:SN1PR12MB0159; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:SN1PR12MB0159; X-Forefront-PRVS: 048396AFA0 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(6009001)(346002)(376002)(39860400002)(189002)(199003)(68736007)(97736004)(4326008)(316002)(16526018)(54906003)(7736002)(8936002)(2906002)(81166006)(81156014)(25786009)(53936002)(8676002)(2870700001)(1076002)(6116002)(23676003)(50226002)(189998001)(305945005)(86362001)(3846002)(50466002)(33646002)(66066001)(36756003)(53416004)(47776003)(5660300001)(76176999)(1720100001)(6306002)(478600001)(966005)(6486002)(105586002)(50986999)(2950100002)(101416001)(106356001)(6666003)(2004002); DIR:OUT; SFP:1101; SCL:1; SRVR:SN1PR12MB0159; H:wsp141597wss.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtTTjFQUjEyTUIwMTU5OzIzOmxoSUM3K1k3NjVFUnNqbUM0RG4wNDdJNk9w?= =?utf-8?B?Zi91cWZTdzhFWVJrNS9WVzBydTZnbGZ6ZXFTNkJ2UmpGTTUrak9KVk5QRFlF?= =?utf-8?B?OVRqQ1FldUM5cWEvdDdVQTJEcXFzL0VmRndWbWg5ZTkzdlU2enJzU29hTlVT?= =?utf-8?B?SEtKTHFQVFRZTWtmeXZoUHBrcTdDL3NrMVVab082L1V5anVwRkJDOVozZmpC?= =?utf-8?B?djNxVjR5bnZJM2YxOXZDNS8waTZCMTZKOWJnWXlBamJSa2Vvb2RiVHVmNWox?= =?utf-8?B?b3kzRmd0YTVwUHREeGMxNU9zSXhvVzVEWkJTMGlBalVJQVZvbFlxZkJhdmVJ?= =?utf-8?B?ajlvM21pWC81ajU5Sm4yQnJvUVpGMHI0akREWjFCRFp3V09oMlkrdm9oOEpw?= =?utf-8?B?amtOZS9oUW1QR29YdWtubEZxQm4vRHRjVy81MFdEQ2lKdU5WVGZsWEVzc1A0?= =?utf-8?B?RDkvY2JWSHZtbUhhcnVHRDlBVVl5eTEzY3M4eTUzeW1Oa1FMRTN2VWJSa08v?= =?utf-8?B?Z1NrMzRJUW1CV0M3VmZETGNZNWtSUXFDQ1FuYjFkcXVXNGFrNmQxQ1V6c1Rv?= =?utf-8?B?U3JyS0x2bURSZ0lXVEo0TXRFSFJKd29YY0RSaTZQazEvbHRycmZMVFQ5OUZC?= =?utf-8?B?SGJnb29lY1ZlRnJGU3BEWnJESU0vV1FCTlJpQlgycUVLcXpzWlZwZTJDNE93?= =?utf-8?B?aDczV1gxU3lScWIzdnUxRDhIeUxIeFdHSGlzdlpqTVJDNEpWTzl1TTArTGpD?= =?utf-8?B?YUxMcXdwelcxanl5WXdTTVNBeWpTMXVCZ0crbEpWWWoxQ0F3QzJjMVFHSFU1?= =?utf-8?B?bVRSWGY4eHVSZi94aXNEYkIzMHdlRnVoenFhWWk4RUZTcElBRjRPeUlNWUVy?= =?utf-8?B?a2hpMy9oQzFpdmFVaFN3RXRBUG9pYStTU1lGbU9tbVpWRVdhL2RsZ0VQL3dO?= =?utf-8?B?aVNWT0FibXVVNkZZZTdmRlNZR0NQdmVxWnlOam5SOXRHdmcyb0NrZTYwbUtq?= =?utf-8?B?b0t0b2NzR2djNGpMNzViQy8raGRYSk1kOEZvOGhZTlQyOE0vU1I5UVZ0Wkl6?= =?utf-8?B?eDhRQ09uU0RBVzVUWXVhSWJDeVhVRXhteHZVcjV5OUNqcU44TWpBc3N0SjV5?= =?utf-8?B?TWVXaUpXZHJqbTZndGRuVW9xcXVpRjdsaHo0L3hIR1ZJdTlwK3pjTUVwOS9B?= =?utf-8?B?a21BdU15QTlDbVlnUXIyaUY0VHZxNnFsdmVVZGw3ZXo1cWcxUy9xWGZESWpP?= =?utf-8?B?THF1STVZZmxZWWlqUGEyZ2RHTGhHalFPcWFxL29YbFVQRXdQd1RxZnNJOVJC?= =?utf-8?B?ZzhVTnQ2WTJGeFVscUxGbFRvdThLZnBIUHNvd0V5WDRJSCtKQWdCdUo2MXBF?= =?utf-8?B?RHR6SkV1VkxoeDZFT1FxNEZ2Zk9CT3V3cnlZRXo1eUVyMm5ZZTA5WndHMHNq?= =?utf-8?B?cG1Wc1VyWVM0QU1PVWx3VENZTUFnS0hOLzIxTDlpMFVXc0oxQmZ3djRxa0ZL?= =?utf-8?Q?wEMQtMKqYugGJQ/jz/e6Im6hp6eCdEKNh1FQvkVKezhcBY?= X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0159; 6:m1P5T6r6IuWU5BYDh8Ymg+TWe8P/uL1SeH3aJCxWfK2aKku6bRLCE2BCeVkbB9PjxHNtieMsK7PhLtCO5T3hO+HQz0NMjkrJHo74WH5oRwsormp4LD8bIKYFkClWepUAppDhPGjjJfJl/dWLjsHYetLo/hyCmuegudzG6LUHJ8D//LsSch1ZFTs6N5dVsTgCc+XKu4i9dJ/osJpO6tUAx+PX+OyEK/xLbge8um6NYqrx5hLntZ6sthaJeSASnS8Wpiu6D0nzhEoSKs8E6/2fUAdxrvo8w7wTDubA3WlUlvKXrp+OLdQfJBYlEQmmopW44rB51Q1PlkxIxjr2edT6q7a9iWqwYQFxwHQHZroF6Fg=; 5:VPCKwO/DEWdMjmKiYqV9djczH+GsMTxQFYxjv4ozgC0k+nraKyitKr8OHsuOKjAtHNRPMLrZN1NGuuPyX1EfCv8b2HSk+jD6N8n+EjFmpKCNCO5Ekm1lVRg0w8WhXF4dkkF4hKXsEzBTOsMeQuaTqDZcrpycWs6Jh3QkulJBHYs=; 24:YgdI3CDn4q5j9xBwpJqe1NmWl+uHusOnOKpYmApdqalmsngAJ/AEnlKLcGFDIFLlqbkskQrV9z9Cf5CKn6AZq+SdYkDJHFdRG23JPawWYuY=; 7:thdRByWVA9JeoXieqSDLCeInn3TmMsDAIqtKa9CbKydYzVgaajn5aG5KfPeWh9jopuj/M8W3EEvwSo0m2SNk+RDEb1qdQYBSFgLrR6WRjqC/Dl0UcOhvypNBseSDoH984lkeoaRJfq0oRAzVqzkC4m6uxip9XmgiUTQ8MaP2JR2y7HOJk+vTgKQPyE+SVeZVPpCJPm/JKwmFulCH6fUW//8XZGGHII5dmu3bsKvgN24ow4lZymwu6gBtQzNp63Ik SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0159; 20:Utw1NHJYRP0avqt6lDOl5pobLDmJTRIlrpuul2zFCJshuWfDm09Vy0A/dSR+aouiyR15/FPgm+DvbjNP0kJctLtvSbCXW2aAV5bdG+O6Pe1aJUYpB3U7QBbbmOfYip2XZWiM6Wuc8iW40IiHtBLN0QJkXy6KWbx8taUdybwVjMmTrk0RoPmp+95cr35v0LOn21pVB/GiJhqFnkrAanTTwurq4n3ZoGn5QZH2ojxoEArc+/EO2F8QxICUa1oDKinI X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Nov 2017 18:12:08.8631 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: c72eb4c2-abae-4699-0473-08d52541e591 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB0159 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Define Secure Encrypted Virtualization (SEV) key management command id and structure. The command definition is available in SEV KM spec 0.14 (http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf) Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu Cc: Gary Hook Cc: Tom Lendacky Cc: linux-crypto@vger.kernel.org Cc: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org Improvements-by: Borislav Petkov Signed-off-by: Brijesh Singh Reviewed-by: Borislav Petkov Acked-by: Gary R Hook --- include/linux/psp-sev.h | 465 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 465 insertions(+) create mode 100644 include/linux/psp-sev.h diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h new file mode 100644 index 000000000000..4a150d17d537 --- /dev/null +++ b/include/linux/psp-sev.h @@ -0,0 +1,465 @@ +/* + * AMD Secure Encrypted Virtualization (SEV) driver interface + * + * Copyright (C) 2016-2017 Advanced Micro Devices, Inc. + * + * Author: Brijesh Singh + * + * SEV spec 0.14 is available at: + * http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + */ + +#ifndef __PSP_SEV_H__ +#define __PSP_SEV_H__ + +#include + +#ifdef CONFIG_X86 +#include + +#define __psp_pa(x) __sme_pa(x) +#else +#define __psp_pa(x) __pa(x) +#endif + +#define SEV_FW_BLOB_MAX_SIZE 0x4000 /* 16KB */ + +/** + * SEV platform state + */ +enum sev_state { + SEV_STATE_UNINIT = 0x0, + SEV_STATE_INIT = 0x1, + SEV_STATE_WORKING = 0x2, + + SEV_STATE_MAX +}; + +/** + * SEV platform and guest management commands + */ +enum sev_cmd { + /* platform commands */ + SEV_CMD_INIT = 0x001, + SEV_CMD_SHUTDOWN = 0x002, + SEV_CMD_FACTORY_RESET = 0x003, + SEV_CMD_PLATFORM_STATUS = 0x004, + SEV_CMD_PEK_GEN = 0x005, + SEV_CMD_PEK_CSR = 0x006, + SEV_CMD_PEK_CERT_IMPORT = 0x007, + SEV_CMD_PDH_CERT_EXPORT = 0x008, + SEV_CMD_PDH_GEN = 0x009, + SEV_CMD_DF_FLUSH = 0x00A, + + /* Guest commands */ + SEV_CMD_DECOMMISSION = 0x020, + SEV_CMD_ACTIVATE = 0x021, + SEV_CMD_DEACTIVATE = 0x022, + SEV_CMD_GUEST_STATUS = 0x023, + + /* Guest launch commands */ + SEV_CMD_LAUNCH_START = 0x030, + SEV_CMD_LAUNCH_UPDATE_DATA = 0x031, + SEV_CMD_LAUNCH_UPDATE_VMSA = 0x032, + SEV_CMD_LAUNCH_MEASURE = 0x033, + SEV_CMD_LAUNCH_UPDATE_SECRET = 0x034, + SEV_CMD_LAUNCH_FINISH = 0x035, + + /* Guest migration commands (outgoing) */ + SEV_CMD_SEND_START = 0x040, + SEV_CMD_SEND_UPDATE_DATA = 0x041, + SEV_CMD_SEND_UPDATE_VMSA = 0x042, + SEV_CMD_SEND_FINISH = 0x043, + + /* Guest migration commands (incoming) */ + SEV_CMD_RECEIVE_START = 0x050, + SEV_CMD_RECEIVE_UPDATE_DATA = 0x051, + SEV_CMD_RECEIVE_UPDATE_VMSA = 0x052, + SEV_CMD_RECEIVE_FINISH = 0x053, + + /* Guest debug commands */ + SEV_CMD_DBG_DECRYPT = 0x060, + SEV_CMD_DBG_ENCRYPT = 0x061, + + SEV_CMD_MAX, +}; + +/** + * struct sev_data_init - INIT command parameters + * + * @flags: processing flags + * @tmr_address: system physical address used for SEV-ES + * @tmr_len: len of tmr_address + */ +struct sev_data_init { + u32 flags; /* In */ + u32 reserved; /* In */ + u64 tmr_address; /* In */ + u32 tmr_len; /* In */ +} __packed; + +/** + * struct sev_data_pek_csr - PEK_CSR command parameters + * + * @address: PEK certificate chain + * @len: len of certificate + */ +struct sev_data_pek_csr { + u64 address; /* In */ + u32 len; /* In/Out */ +} __packed; + +/** + * struct sev_data_cert_import - PEK_CERT_IMPORT command parameters + * + * @pek_address: PEK certificate chain + * @pek_len: len of PEK certificate + * @oca_address: OCA certificate chain + * @oca_len: len of OCA certificate + */ +struct sev_data_pek_cert_import { + u64 pek_cert_address; /* In */ + u32 pek_cert_len; /* In */ + u32 reserved; /* In */ + u64 oca_cert_address; /* In */ + u32 oca_cert_len; /* In */ +} __packed; + +/** + * struct sev_data_pdh_cert_export - PDH_CERT_EXPORT command parameters + * + * @pdh_address: PDH certificate address + * @pdh_len: len of PDH certificate + * @cert_chain_address: PDH certificate chain + * @cert_chain_len: len of PDH certificate chain + */ +struct sev_data_pdh_cert_export { + u64 pdh_cert_address; /* In */ + u32 pdh_cert_len; /* In/Out */ + u32 reserved; /* In */ + u64 cert_chain_address; /* In */ + u32 cert_chain_len; /* In/Out */ +} __packed; + +/** + * struct sev_data_decommission - DECOMMISSION command parameters + * + * @handle: handle of the VM to decommission + */ +struct sev_data_decommission { + u32 handle; /* In */ +} __packed; + +/** + * struct sev_data_activate - ACTIVATE command parameters + * + * @handle: handle of the VM to activate + * @asid: asid assigned to the VM + */ +struct sev_data_activate { + u32 handle; /* In */ + u32 asid; /* In */ +} __packed; + +/** + * struct sev_data_deactivate - DEACTIVATE command parameters + * + * @handle: handle of the VM to deactivate + */ +struct sev_data_deactivate { + u32 handle; /* In */ +} __packed; + +/** + * struct sev_data_guest_status - SEV GUEST_STATUS command parameters + * + * @handle: handle of the VM to retrieve status + * @policy: policy information for the VM + * @asid: current ASID of the VM + * @state: current state of the VM + */ +struct sev_data_guest_status { + u32 handle; /* In */ + u32 policy; /* Out */ + u32 asid; /* Out */ + u8 state; /* Out */ +} __packed; + +/** + * struct sev_data_launch_start - LAUNCH_START command parameters + * + * @handle: handle assigned to the VM + * @policy: guest launch policy + * @dh_cert_address: physical address of DH certificate blob + * @dh_cert_len: len of DH certificate blob + * @session_address: physical address of session parameters + * @session_len: len of session parameters + */ +struct sev_data_launch_start { + u32 handle; /* In/Out */ + u32 policy; /* In */ + u64 dh_cert_address; /* In */ + u32 dh_cert_len; /* In */ + u32 reserved; /* In */ + u64 session_address; /* In */ + u32 session_len; /* In */ +} __packed; + +/** + * struct sev_data_launch_update_data - LAUNCH_UPDATE_DATA command parameter + * + * @handle: handle of the VM to update + * @len: len of memory to be encrypted + * @address: physical address of memory region to encrypt + */ +struct sev_data_launch_update_data { + u32 handle; /* In */ + u32 reserved; + u64 address; /* In */ + u32 len; /* In */ +} __packed; + +/** + * struct sev_data_launch_update_vmsa - LAUNCH_UPDATE_VMSA command + * + * @handle: handle of the VM + * @address: physical address of memory region to encrypt + * @len: len of memory region to encrypt + */ +struct sev_data_launch_update_vmsa { + u32 handle; /* In */ + u32 reserved; + u64 address; /* In */ + u32 len; /* In */ +} __packed; + +/** + * struct sev_data_launch_measure - LAUNCH_MEASURE command parameters + * + * @handle: handle of the VM to process + * @address: physical address containing the measurement blob + * @len: len of measurement blob + */ +struct sev_data_launch_measure { + u32 handle; /* In */ + u32 reserved; + u64 address; /* In */ + u32 len; /* In/Out */ +} __packed; + +/** + * struct sev_data_launch_secret - LAUNCH_SECRET command parameters + * + * @handle: handle of the VM to process + * @hdr_address: physical address containing the packet header + * @hdr_len: len of packet header + * @guest_address: system physical address of guest memory region + * @guest_len: len of guest_paddr + * @trans_address: physical address of transport memory buffer + * @trans_len: len of transport memory buffer + */ +struct sev_data_launch_secret { + u32 handle; /* In */ + u32 reserved1; + u64 hdr_address; /* In */ + u32 hdr_len; /* In */ + u32 reserved2; + u64 guest_address; /* In */ + u32 guest_len; /* In */ + u32 reserved3; + u64 trans_address; /* In */ + u32 trans_len; /* In */ +} __packed; + +/** + * struct sev_data_launch_finish - LAUNCH_FINISH command parameters + * + * @handle: handle of the VM to process + */ +struct sev_data_launch_finish { + u32 handle; /* In */ +} __packed; + +/** + * struct sev_data_send_start - SEND_START command parameters + * + * @handle: handle of the VM to process + * @policy: policy information for the VM + * @pdh_cert_address: physical address containing PDH certificate + * @pdh_cert_len: len of PDH certificate + * @plat_certs_address: physical address containing platform certificate + * @plat_certs_len: len of platform certificate + * @amd_certs_address: physical address containing AMD certificate + * @amd_certs_len: len of AMD certificate + * @session_address: physical address containing Session data + * @session_len: len of session data + */ +struct sev_data_send_start { + u32 handle; /* In */ + u32 policy; /* Out */ + u64 pdh_cert_address; /* In */ + u32 pdh_cert_len; /* In */ + u32 reserved1; + u64 plat_cert_address; /* In */ + u32 plat_cert_len; /* In */ + u32 reserved2; + u64 amd_cert_address; /* In */ + u32 amd_cert_len; /* In */ + u32 reserved3; + u64 session_address; /* In */ + u32 session_len; /* In/Out */ +} __packed; + +/** + * struct sev_data_send_update - SEND_UPDATE_DATA command + * + * @handle: handle of the VM to process + * @hdr_address: physical address containing packet header + * @hdr_len: len of packet header + * @guest_address: physical address of guest memory region to send + * @guest_len: len of guest memory region to send + * @trans_address: physical address of host memory region + * @trans_len: len of host memory region + */ +struct sev_data_send_update_data { + u32 handle; /* In */ + u32 reserved1; + u64 hdr_address; /* In */ + u32 hdr_len; /* In/Out */ + u32 reserved2; + u64 guest_address; /* In */ + u32 guest_len; /* In */ + u32 reserved3; + u64 trans_address; /* In */ + u32 trans_len; /* In */ +} __packed; + +/** + * struct sev_data_send_update - SEND_UPDATE_VMSA command + * + * @handle: handle of the VM to process + * @hdr_address: physical address containing packet header + * @hdr_len: len of packet header + * @guest_address: physical address of guest memory region to send + * @guest_len: len of guest memory region to send + * @trans_address: physical address of host memory region + * @trans_len: len of host memory region + */ +struct sev_data_send_update_vmsa { + u32 handle; /* In */ + u64 hdr_address; /* In */ + u32 hdr_len; /* In/Out */ + u32 reserved2; + u64 guest_address; /* In */ + u32 guest_len; /* In */ + u32 reserved3; + u64 trans_address; /* In */ + u32 trans_len; /* In */ +} __packed; + +/** + * struct sev_data_send_finish - SEND_FINISH command parameters + * + * @handle: handle of the VM to process + */ +struct sev_data_send_finish { + u32 handle; /* In */ +} __packed; + +/** + * struct sev_data_receive_start - RECEIVE_START command parameters + * + * @handle: handle of the VM to perform receive operation + * @pdh_cert_address: system physical address containing PDH certificate blob + * @pdh_cert_len: len of PDH certificate blob + * @session_address: system physical address containing session blob + * @session_len: len of session blob + */ +struct sev_data_receive_start { + u32 handle; /* In/Out */ + u32 policy; /* In */ + u64 pdh_cert_address; /* In */ + u32 pdh_cert_len; /* In */ + u32 reserved1; + u64 session_address; /* In */ + u32 session_len; /* In */ +} __packed; + +/** + * struct sev_data_receive_update_data - RECEIVE_UPDATE_DATA command parameters + * + * @handle: handle of the VM to update + * @hdr_address: physical address containing packet header blob + * @hdr_len: len of packet header + * @guest_address: system physical address of guest memory region + * @guest_len: len of guest memory region + * @trans_address: system physical address of transport buffer + * @trans_len: len of transport buffer + */ +struct sev_data_receive_update_data { + u32 handle; /* In */ + u32 reserved1; + u64 hdr_address; /* In */ + u32 hdr_len; /* In */ + u32 reserved2; + u64 guest_address; /* In */ + u32 guest_len; /* In */ + u32 reserved3; + u64 trans_address; /* In */ + u32 trans_len; /* In */ +} __packed; + +/** + * struct sev_data_receive_update_vmsa - RECEIVE_UPDATE_VMSA command parameters + * + * @handle: handle of the VM to update + * @hdr_address: physical address containing packet header blob + * @hdr_len: len of packet header + * @guest_address: system physical address of guest memory region + * @guest_len: len of guest memory region + * @trans_address: system physical address of transport buffer + * @trans_len: len of transport buffer + */ +struct sev_data_receive_update_vmsa { + u32 handle; /* In */ + u32 reserved1; + u64 hdr_address; /* In */ + u32 hdr_len; /* In */ + u32 reserved2; + u64 guest_address; /* In */ + u32 guest_len; /* In */ + u32 reserved3; + u64 trans_address; /* In */ + u32 trans_len; /* In */ +} __packed; + +/** + * struct sev_data_receive_finish - RECEIVE_FINISH command parameters + * + * @handle: handle of the VM to finish + */ +struct sev_data_receive_finish { + u32 handle; /* In */ +} __packed; + +/** + * struct sev_data_dbg - DBG_ENCRYPT/DBG_DECRYPT command parameters + * + * @handle: handle of the VM to perform debug operation + * @src_addr: source address of data to operate on + * @dst_addr: destination address of data to operate on + * @len: len of data to operate on + */ +struct sev_data_dbg { + u32 handle; /* In */ + u32 reserved; + u64 src_addr; /* In */ + u64 dst_addr; /* In */ + u32 len; /* In */ +} __packed; + +#endif /* __PSP_SEV_H__ */