From patchwork Tue Dec 5 01:04:10 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 10091929 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 5840E60327 for ; Tue, 5 Dec 2017 01:13:49 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4C032294DE for ; Tue, 5 Dec 2017 01:13:49 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 40474294F8; Tue, 5 Dec 2017 01:13:49 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 98E55294DE for ; Tue, 5 Dec 2017 01:13:48 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752317AbdLEBFg (ORCPT ); Mon, 4 Dec 2017 20:05:36 -0500 Received: from mail-by2nam03on0057.outbound.protection.outlook.com ([104.47.42.57]:42880 "EHLO NAM03-BY2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1752342AbdLEBFV (ORCPT ); Mon, 4 Dec 2017 20:05:21 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=Zps+miDTuz/49glK9ItLKl8ryyD96LTifBdUmuWYv2s=; b=Q5qMkqnPWHT1xjrj/yZbUTlup3k1NqRHQDx0SL1JAY9w3K4Mhm/F8EDtbSUJuYeF/+v1xS7xSLTnG8VuV5yBLP6Qi2pFPknN6QVbsRzG+tbH9LRrPYvADjid33uQbgOJ1nEPYw4X1efxd+8Nmtm69zzNzGoW72CnJxE07Zh/t+M= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from wsp141597wss.amd.com (165.204.78.1) by CY1PR12MB0149.namprd12.prod.outlook.com (10.161.173.19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.282.5; Tue, 5 Dec 2017 01:05:03 +0000 From: Brijesh Singh To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org Cc: bp@alien8.de, Brijesh Singh , Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Borislav Petkov , Herbert Xu , Gary Hook , Tom Lendacky , linux-crypto@vger.kernel.org Subject: [Part2 PATCH v9 10/38] crypto: ccp: Define SEV userspace ioctl and command id Date: Mon, 4 Dec 2017 19:04:10 -0600 Message-Id: <20171205010438.5773-11-brijesh.singh@amd.com> X-Mailer: git-send-email 2.9.5 In-Reply-To: <20171205010438.5773-1-brijesh.singh@amd.com> References: <20171205010438.5773-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: CY4PR0601CA0087.namprd06.prod.outlook.com (52.132.96.156) To CY1PR12MB0149.namprd12.prod.outlook.com (10.161.173.19) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 0bf0a694-5111-44de-f548-08d53b7c3784 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(5600026)(4604075)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(48565401081)(2017052603286); SRVR:CY1PR12MB0149; X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0149; 3:rOQqhz1dD9Qry9Tl/XLr5TGYckPYZVJUJIxh26kaVHU3c+chUvZdP/RfIMYVhLUcQRYUMjF+93MrM3J/7c8YQkL/ymmrM7bnmwQ4QVYwY32AVwDQ45npw3HPKCThPEMeH9z4f0hAf0S4dP9+s7d6GJtxFv9mmW4UOQJD/WYw80N5cRkvsIhRhhVw5tg15aWvjjyRzYPiJCeo6u8YofuZPklEu4Vny3uS0U2gIfL8QLptqfl6TK599yg4NurKoJ0c; 25:CV9if1hv6mnbENMm2mjidbRbIXeuhBpG1R26y1zGJE2vMjzbkQKMnI3iEuKnFQZzmKzzfTnN/k3NXCRqtiMU6Dgeo30aW/kCCSlfPBcd27hPffqHNM/1MfezBWSmaHmIkkpiWF4QNa0sjnaJtdz7tBenxYZuvoDd1yTM45xS7VpQEPsLRjrdM4Gq4m7E9cVREwKDOtsj0fcL43Fiy1w50UpsuvO4VuadRRHePsULvIHI7kxCA9cgeXi7K64oRFUioYgSeqLSK9N8naTlPUxEXPoKPTjBeicbvbvGdy7EDXtZlSQptlEhj3tjSNuqqmhM+WbCaUJSXP4nXwsP1rcCEA==; 31:vBAHB8v8YeL6wW/2e/sxJUZ4MuOsTxSPoYGlX6SZ3V2100xYMMj4i5OW1EN24V0VRQJLywHDvqRe8RrCjUWYQGeuvnU7rSJz/mMCnhU8pbebkPJcO6FpIAIn/hYjgG4yIb060h6bMbO7IVSZe5hON8S1/uasMTGTEfwi1V6ahvpBUwrviTqOKJXlo0I7RX7wCFCRciyp1pdc3XL9SygLMwPS8IzEe32f2jXx0Tn3qZw= X-MS-TrafficTypeDiagnostic: CY1PR12MB0149: X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0149; 20:0oTvMzKoo7HtmWdLINNE3liXdyQGhoKyur7FttATpzKnlMx4Har9DqJdkBJPI+ZnKYPieH50t2T1EiKW2vK5mHcQry1EyhhLMHEh8uksN/bdu24FBSbzf8FNCQfznixcRZNeY+hVffJ8rV4T5JrQUqsWAp4Xj2Y41x65ypMDr1NxofyoeXpkDRSXAqK3Oshwz4afO+oSw2gtj0nnkSMIo6brV0veWxh2VfVKJ0CV3ZltW1OYs8b3tTtanZJvG/WCGkbjxUdsehWgrq3qQ+R9n0fnWndcw1k39Ot2/kx+f6YvEv4izPkg0L9ch99V99lb0ZX6QwpYg+xMZ2XZUKFnMrpS8huKH828j1qZJqFkBPa7sWm/IIzVCGT6KFmEm9CRe6dHcSXcNAitSJ9KN0PWdIpGoQqKen0Cw+mQCCTv/01ZLDOTdeLX0NgtIQ6VjB/ssOEyBWqi8+O9q8mJ2FVDmJBb/orzv8y7cO9FsVUVtLtbZhA33E4F0d0emBYK+7GH; 4:aPuH2VGIitkXe3OBM+wEpH7KB197hGPBiZdlOkgLY9G9VdPXHYRRVDZZWOz24PhSPsJzVqXpM3UU2ZfmUcIsg36OMbV7/fs7IqnqBAweghvkZv+Idbk3qnuKuBcCWeBu45mchtudP0NhHRmc4ygFacAjxSn0M+3lpz+D1HoOH9ChvmaHa++hYXojppjmB+21Iy2aVv7S8t9V8BJIENRelQ4PtvbdsR35Qj3HZFQYTJejdjWk6fBJVf6r6GRhLt7VSyA/dKogIm1GvMjgArdFvofnSaYSMPWiHUMlmXU/3C78fvami6ekNUEf7IVkSc/YpkhMo4VR+NzCDVbXYDrWGw== X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(9452136761055)(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040450)(2401047)(5005006)(8121501046)(93006095)(93001095)(10201501046)(3002001)(3231022)(6055026)(6041248)(20161123558100)(20161123555025)(20161123562025)(20161123564025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(6072148)(201708071742011); SRVR:CY1PR12MB0149; BCL:0; PCL:0; RULEID:(100000803101)(100110400095); SRVR:CY1PR12MB0149; X-Forefront-PRVS: 0512CC5201 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(6009001)(366004)(39860400002)(346002)(376002)(189002)(199003)(16526018)(189998001)(106356001)(478600001)(2870700001)(101416001)(23676004)(52116002)(97736004)(966005)(86362001)(7696005)(33646002)(54906003)(25786009)(105586002)(76176011)(316002)(6306002)(2950100002)(6666003)(7736002)(2906002)(6486002)(50226002)(81166006)(81156014)(8936002)(53936002)(8676002)(4326008)(1076002)(305945005)(66066001)(6116002)(53416004)(5660300001)(47776003)(68736007)(3846002)(50466002)(36756003)(2004002); DIR:OUT; SFP:1101; SCL:1; SRVR:CY1PR12MB0149; H:wsp141597wss.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtDWTFQUjEyTUIwMTQ5OzIzOnhJZmUxaUFwQVRzNllzSTRnUWd5bFF4dlNm?= =?utf-8?B?aXBOQ3U4WG1Bd2pWQk9Gbm9qQ3QxNTBnd2hVS05DMHlZVnlZQlhZTmlqOWRu?= =?utf-8?B?TWxHQzJCelRBRWwzYWdpY0twSGFmZ3B4bEtxTnp2bmJWTDBOS0JFZXE2Rysx?= =?utf-8?B?Y1M5QkF6K3o2N1lIWlZuNUJUUkx1UXlwM3I4enF3bzNRb2J1dk56ckhWSU4r?= =?utf-8?B?ZmNLNjBSeG5PQXppUVVqTHEraUhzLzM3aE5JeVc0WDdGZ1dDbjBPWWgzN21B?= =?utf-8?B?ODZ6TlB6TVMwUW5Sc2tMV0pGRlBpYlA2cjdKNEQzemtkVzJGblB5Z09SUmpP?= =?utf-8?B?cXhnTHA4RHRCMjgvNTgvVklKcndoZzB3RVRCNG1lWmNaVUp1TVB6RTZEVWVB?= =?utf-8?B?cE0xT29YdHp4bkdFV3NwTjQxRm90S0pFTHIvTDFheUp0TldpMlpmc0lXV0to?= =?utf-8?B?TzZaYW9wRTZKS0lLWDVmVFlnKy9PNzFLSWh6UERxd1JCaHNDSTJidnlBMGc2?= =?utf-8?B?YlpjZ3JYLzlZU2o3eGlhdjFJRjVkSU85ZUZwZFJwSW44UDJPd1VaVUY3VktN?= =?utf-8?B?c0FuTEgrMk5ETWxvRE1OTHJHWUJCdTRNTWtvRmNkcWNNQXNHVUFXQjl6MExw?= =?utf-8?B?a01iRm93SGUyaEIzb2krcnNiSlVzYzBCdVR2UW1zQ0doYUp3NFdaVTQ0TVlv?= =?utf-8?B?MjdTeW4ybVFFTFkzYkRTbzVYdEpYMEM1d1VnYlA0TmxtZnR3Q3BVTkdWWkRF?= =?utf-8?B?bWk0ZVQ1MXNKdDYraFFoSkZqVllyeVp1dW53VkxXVTY5TEEyelVIRzZWcXhj?= =?utf-8?B?WWkzelF4dVM0c1R0aXNrdDEwTE5ROHJ4T3I1SFFXUklYbkVuSDZMelphRTk3?= =?utf-8?B?TlJncGcrWENhWGhVd0gyZ0ZYWkVweldIMFFCRjIwRS9CV1F0bllPSXVmMUQ3?= =?utf-8?B?MWxiYXlWWTA5TGFTOVpuNHdNZ083akh5N0grQlVKRVZPbFpqK29yenFqZGZy?= =?utf-8?B?ZXVJT3l0NmVGMEg0TFdZb3l4RXQzdTRQNVRrL3lSQVpSdVJ4bXZHcGVKaS9D?= =?utf-8?B?eGFWNDZOa1hpaDN3dnFyTGRXOW93cE9ZSmdKazJIaWtqSDZYVDg1dEdITnZr?= =?utf-8?B?YyswZHNNYklVdlA1RXduNjRSUUszOWxpTGdFSlE1S3lMVlZTbHk2QTZ3Tzdq?= =?utf-8?B?RWpSdjFBeDFuQ0pTWnA2MVBhZDVVNlNzTWVHTmFiWnJqR2JFWU9wNW92OExi?= =?utf-8?B?T2V6aHFUM2ZJK1kwdnQvTm5hQXFYOUFCSlNBS0Jzb2N3TFFzb3Jsdmc3NnZp?= =?utf-8?B?bmFnc3l2NTh4VnZXYUV2ZGNhK0lGa21RcGp3NytFcmsrbnJtRExldTl0WFUr?= =?utf-8?B?QTR4eUN1SVJ2YkVZbU41b3ZaNUJKWGxXTmRTc3ZBYnZNNUM1eUFCcndlTW1h?= =?utf-8?B?ejdEeVJaWjlMR0RtZHpnelJXVWZXNWs3SUhWeC9OTm1XZkpDY0VXRFVsOEJz?= =?utf-8?B?UGpzakNxYWxXeXZ4Q3ZXanR3blBaWUI2a2pwZ3JrVkU5bTMrVGljNzRNZE9L?= =?utf-8?B?U2lKeUF1TjUrOWNVdFQwVmhaM1BBRFE9PQ==?= X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0149; 6:+PTJns7r7kILeSCUEJ5cEEGZJ3vR3BsaF7ZbaTNviIX6KdJv7tfnp04cIHLw8rs4rk0cgfqLw2WKviQKwkYlktrPu15lYYeCyauxPIPmwntQ3Qi5u/X6jvxyvAjRJgdbNmqCVA9/jtpruuQrvyDUABQKlJ+D/jThSR3nNR9AKA01t3pS4VUA8Hdz32aJ4Oy8ImbhNJk0UCanFzk62J4TlueACjznjRu9pLg6OMQYZftpxmX2Df8C7BiAg/oLySohGFEntvfj8BVHu1QOPWYMNXeFFDrj/EEEOuWyE7Er3XntcpQip864vdNZ/OyQck+05UUmUpoc8FO63JjIg5LbWmQe9R7hBwzWLo1Oztmr9fE=; 5:T+x6xGEFCqNetAedLHRhzLZWbA6w0WmB4jyciqOn4yJwxUplys/bQXEgQTZknF0mYbB+PGYnVL/Y2FGk6ekOVHYAZhLRG4VpO26I6/XgpYtNstHYfa30bvM0ApOoIRtdaB8AiJdjbaDdUfYYu5f3OtcAYpNFc0sjExQ3ovW5Nh4=; 24:ALKUNfIEf64SJjG7HZ0Luyf4mnPSE/zhRWXLRzeEn4VlhiRhPYs5WrbNs/wynsnEQtmWdj9ptCBh2zrps5kQH/Y88TFB9A6wS2bBnX3eRqk=; 7:r9YZ70cwgKjY3qI46kp0Mqj1wUPsZbxjSaIA2vzBDnCqUKw8LWVQGkwwYbrkuaEQTd81tE6S57Oa0rCwMmJW1aRJUqPgDZ/n6ar2hiYygIttJlbd6xSoZX+msxMCb/F2toT/fX9UpX99cS6N+c8HzOj10tokpoyt04CuQS3cFXZ4PjsXHvY70UsM0z0z65uOcvwKLLse7YQt7xvqM9nVEpVrwhMlbffjUhQq5M7obkRVamFgq6Ea+mviIdmqQf1p SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0149; 20:xGP6dBj4PzTX/lovKtzWtgPG8KDx/lSCTVbMKfFLI5BNx/NzdNVKocoka7yx2X/oB6jEb8BEr/LbG8SVLT8JiELJK7oGcIZaZjkL+qVo1bFatvCXwhtgjAm0vWRi3c+iZLDI7ohUhGPv9hVcTmTgonxXsXsUZtF8NJ50hdKk1LofoG5P2vW45z9FZGkTHchbgsUND2IXdxZkqZ3NPe/5MUC3ixjqUiQb1UhQW8Gdu7RCqqvrecgALKuhzhq8bPl1 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Dec 2017 01:05:03.0612 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 0bf0a694-5111-44de-f548-08d53b7c3784 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR12MB0149 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Add a include file which defines the ioctl and command id used for issuing SEV platform management specific commands. Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu Cc: Gary Hook Cc: Tom Lendacky Cc: linux-crypto@vger.kernel.org Cc: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org Improvements-by: Borislav Petkov Signed-off-by: Brijesh Singh Reviewed-by: Borislav Petkov Acked-by: Gary R Hook --- include/uapi/linux/psp-sev.h | 142 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 142 insertions(+) create mode 100644 include/uapi/linux/psp-sev.h diff --git a/include/uapi/linux/psp-sev.h b/include/uapi/linux/psp-sev.h new file mode 100644 index 000000000000..3d77fe91239a --- /dev/null +++ b/include/uapi/linux/psp-sev.h @@ -0,0 +1,142 @@ +/* + * Userspace interface for AMD Secure Encrypted Virtualization (SEV) + * platform management commands. + * + * Copyright (C) 2016-2017 Advanced Micro Devices, Inc. + * + * Author: Brijesh Singh + * + * SEV spec 0.14 is available at: + * http://support.amd.com/TechDocs/55766_SEV-KM%20API_Specification.pdf + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + */ + +#ifndef __PSP_SEV_USER_H__ +#define __PSP_SEV_USER_H__ + +#include + +/** + * SEV platform commands + */ +enum { + SEV_FACTORY_RESET = 0, + SEV_PLATFORM_STATUS, + SEV_PEK_GEN, + SEV_PEK_CSR, + SEV_PDH_GEN, + SEV_PDH_CERT_EXPORT, + SEV_PEK_CERT_IMPORT, + + SEV_MAX, +}; + +/** + * SEV Firmware status code + */ +typedef enum { + SEV_RET_SUCCESS = 0, + SEV_RET_INVALID_PLATFORM_STATE, + SEV_RET_INVALID_GUEST_STATE, + SEV_RET_INAVLID_CONFIG, + SEV_RET_INVALID_len, + SEV_RET_ALREADY_OWNED, + SEV_RET_INVALID_CERTIFICATE, + SEV_RET_POLICY_FAILURE, + SEV_RET_INACTIVE, + SEV_RET_INVALID_ADDRESS, + SEV_RET_BAD_SIGNATURE, + SEV_RET_BAD_MEASUREMENT, + SEV_RET_ASID_OWNED, + SEV_RET_INVALID_ASID, + SEV_RET_WBINVD_REQUIRED, + SEV_RET_DFFLUSH_REQUIRED, + SEV_RET_INVALID_GUEST, + SEV_RET_INVALID_COMMAND, + SEV_RET_ACTIVE, + SEV_RET_HWSEV_RET_PLATFORM, + SEV_RET_HWSEV_RET_UNSAFE, + SEV_RET_UNSUPPORTED, + SEV_RET_MAX, +} sev_ret_code; + +/** + * struct sev_user_data_status - PLATFORM_STATUS command parameters + * + * @major: major API version + * @minor: minor API version + * @state: platform state + * @flags: platform config flags + * @build: firmware build id for API version + * @guest_count: number of active guests + */ +struct sev_user_data_status { + __u8 api_major; /* Out */ + __u8 api_minor; /* Out */ + __u8 state; /* Out */ + __u32 flags; /* Out */ + __u8 build; /* Out */ + __u32 guest_count; /* Out */ +} __packed; + +/** + * struct sev_user_data_pek_csr - PEK_CSR command parameters + * + * @address: PEK certificate chain + * @length: length of certificate + */ +struct sev_user_data_pek_csr { + __u64 address; /* In */ + __u32 length; /* In/Out */ +} __packed; + +/** + * struct sev_user_data_cert_import - PEK_CERT_IMPORT command parameters + * + * @pek_address: PEK certificate chain + * @pek_len: length of PEK certificate + * @oca_address: OCA certificate chain + * @oca_len: length of OCA certificate + */ +struct sev_user_data_pek_cert_import { + __u64 pek_cert_address; /* In */ + __u32 pek_cert_len; /* In */ + __u64 oca_cert_address; /* In */ + __u32 oca_cert_len; /* In */ +} __packed; + +/** + * struct sev_user_data_pdh_cert_export - PDH_CERT_EXPORT command parameters + * + * @pdh_address: PDH certificate address + * @pdh_len: length of PDH certificate + * @cert_chain_address: PDH certificate chain + * @cert_chain_len: length of PDH certificate chain + */ +struct sev_user_data_pdh_cert_export { + __u64 pdh_cert_address; /* In */ + __u32 pdh_cert_len; /* In/Out */ + __u64 cert_chain_address; /* In */ + __u32 cert_chain_len; /* In/Out */ +} __packed; + +/** + * struct sev_issue_cmd - SEV ioctl parameters + * + * @cmd: SEV commands to execute + * @opaque: pointer to the command structure + * @error: SEV FW return code on failure + */ +struct sev_issue_cmd { + __u32 cmd; /* In */ + __u64 data; /* In */ + __u32 error; /* Out */ +} __packed; + +#define SEV_IOC_TYPE 'S' +#define SEV_ISSUE_CMD _IOWR(SEV_IOC_TYPE, 0x0, struct sev_issue_cmd) + +#endif /* __PSP_USER_SEV_H */