From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752643AbdLEBGF (ORCPT ); Mon, 4 Dec 2017 20:06:05 -0500 Received: from mail-bn3nam01on0083.outbound.protection.outlook.com ([104.47.33.83]:27456 "EHLO NAM01-BN3-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1752386AbdLEBF2 (ORCPT ); Mon, 4 Dec 2017 20:05:28 -0500 Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; From: Brijesh Singh To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org Cc: bp@alien8.de, Brijesh Singh , Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Borislav Petkov , Herbert Xu , Gary Hook , Tom Lendacky , linux-crypto@vger.kernel.org Subject: [Part2 PATCH v9 11/38] crypto: ccp: Define SEV key management command id Date: Mon, 4 Dec 2017 19:04:11 -0600 Message-Id: <20171205010438.5773-12-brijesh.singh@amd.com> X-Mailer: git-send-email 2.9.5 In-Reply-To: <20171205010438.5773-1-brijesh.singh@amd.com> References: <20171205010438.5773-1-brijesh.singh@amd.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: CY4PR0601CA0087.namprd06.prod.outlook.com (52.132.96.156) To CY1PR12MB0149.namprd12.prod.outlook.com (10.161.173.19) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 785d1e8b-33b4-410b-6350-08d53b7c3816 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(5600026)(4604075)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(48565401081)(2017052603286);SRVR:CY1PR12MB0149; X-Microsoft-Exchange-Diagnostics: 1;CY1PR12MB0149;3:UW5fVxsxa39Xyz7h3YTsfIDTe5zf42DtVoEwwL2eo2EhAunHkamidyyMQg2SbFHvGeBHbMkrWEzU327JLsitVI4SPCOcGGARMOP7LZX3BYpO862uZSfvmVhV2OqJDxM4t5/t2e+XxMCIvSJZcjPYdmM24kyBeYXyHkirSBAtNB+V4HcdHtm/S2ETiDtXCxIn2BHj6HhHQ2ATu+uXMSQGmiQl29MmAKeNPyCUOVRYglUEeyHEuU0WRR6e3BRYdJSq;25:isx1JgH4fsNRe1AS/cHna3fPeL/a31iD5T5dNThAefHDA/qhQdrrvpjDITWgMFrA5vDGknp7g3ActEPY5sGNgZKVHAhEe8G7mMqmGCTpebr2QfZ5hyceJnGxNCA3ENk8ca8r1mcbG9CWXfLjcS+DmnUXwh9JSL2JbMCaC+dv5qFIiDAHnz/BFuCGXPQNasbayML49dqgfvd5sIEX11/n0o4TIzG1dzyIib+3pq4rOlnb+rr+ke+lWJDro5Ij7PXlHk8jZ5jWa/mfpsn+7mtIhttFhYqVVPKYfAX1l9RfGfE/IZkTNB5ET+ze837d+oaUwwoSuPp6y1qp18zlXPUWUw==;31:gEacnGuiuzDxwCZYwhWrKImscYHbYtMs1N7VPgugTdsX5NmWB0g7wtRUuu/xSJYCtOZz3wO2QCgDOduCAd+mFwS+kV47uTGhMHO1ch9VfgdbfkqSDonOB/ew9XiAMHabcdC1PnDtTItwRFd6pAGMEq1lG5Dwsv8z4wbJuIsmhzldzgMNc3PTTCur6HYaGuqFI3gPlcToGTTbcCPPS01uARmCpEmFlqu2MW4GlrAlPtY= X-MS-TrafficTypeDiagnostic: CY1PR12MB0149: X-Microsoft-Exchange-Diagnostics: 1;CY1PR12MB0149;20:TD0qifH4+wLnvM/NPytjEGvAZOt2UAt2zSWG9UBvA1rRV/3rU2+AR3w3TcGEufgwgjVhCJ3/xC7EhFXjwCoGEfRFP8ztkazDmRq3WMbSIe6D+PsoaD8fXvKfs66/pW7g8DF0oOqtLFRpBVb15e/ST7CihexwOdtQtlgr0KqNtLIUTsnlgpkkDIDX6idGsBYCcwG8TYvd//E++s5tFwQOcKpRIdElDFhkSmi34ySeu0X+pIK91E38fHDVCnRPu9Y7Prs8Qj0YU9n019i9yT6X+Zo6TkGq/2gW45gKzbtQI2Y4w4xtf+bIyos+/D89/BE4Z4nWArshENixR/SvMqt3Q4tkxxt1MGjJ9+pfNgY41MIXd+VQWKAzQB3b6a3bwyOUdz6DeV4FwcC1JxYmuuF9Rlw0nHV45IJIamGATWGnW2qnvCm0tgIt4PcyOU/XZIYolG/Bw9+jCGH4Fp2Z9lk6LXfN/NnAjvg8nByDiwpuVGX8hmXzUC+DNhBFvG1PUnhH;4:K1TisKbxNMa6Vl1JxOEu4iVLOJ364rbqZJKpI6ZCo2fNQM3lribjeuDqN+0xzeIz/0YyJlUhffKFQbkhrceWm+QTfHResshbASpu75MTXY9aGBhw1/hO6b4DIwRTuE6ra2WhbyBQzKngx1SEhdlUFbwCW4Kh9J10B1iAaQ4PWc/zK1Dd5Lm4ZhsyrwjSkJwpFxdv5hnINYF6gNJVvYn8cpahVJQrxguR2uacmljSJAd4vIAIr9S0roR+9ieaBmlS+DX31eJsH4LdAhkTdMcAaoomAEThHaPPhgQp4aQvjfI17PTDjB63+LrJXIYevWrhfEd02rVsFi8pKGG/NOWLlg== X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(9452136761055)(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040450)(2401047)(5005006)(8121501046)(93006095)(93001095)(10201501046)(3002001)(3231022)(6055026)(6041248)(20161123558100)(20161123555025)(20161123562025)(20161123564025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(6072148)(201708071742011);SRVR:CY1PR12MB0149;BCL:0;PCL:0;RULEID:(100000803101)(100110400095);SRVR:CY1PR12MB0149; X-Forefront-PRVS: 0512CC5201 X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(6009001)(366004)(39860400002)(346002)(376002)(189002)(199003)(16526018)(189998001)(106356001)(478600001)(2870700001)(101416001)(23676004)(52116002)(97736004)(966005)(86362001)(7696005)(33646002)(54906003)(25786009)(105586002)(76176011)(316002)(6306002)(2950100002)(6666003)(7736002)(1720100001)(2906002)(6486002)(50226002)(81166006)(81156014)(8936002)(53936002)(8676002)(4326008)(1076002)(305945005)(66066001)(6116002)(53416004)(5660300001)(47776003)(68736007)(3846002)(50466002)(36756003)(2004002);DIR:OUT;SFP:1101;SCL:1;SRVR:CY1PR12MB0149;H:wsp141597wss.amd.com;FPR:;SPF:None;PTR:InfoNoRecords;MX:1;A:1;LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtDWTFQUjEyTUIwMTQ5OzIzOlVpUUVCMmZlUVcxMXNVUkJDRWY4OE5nNFVv?= =?utf-8?B?bnY4eHRpejkyUUUxeEd2S3kxRm1wYk9WQzZRdy96SGdReFZLaUZnQTJpOFBp?= =?utf-8?B?YitpUlpzdXRLalllVmt4WHdYUFhISHg1YlBCeEp5QWZkUldZMmhyMHB3OGtj?= =?utf-8?B?V1JaNmlRL0MxVWp0SzdFcFoyaVhGZGRwaGJENXppWTZZTlNYS2JCOE0zalo3?= =?utf-8?B?R05DWU5kbDVBSC9UQ1pVSUwwMzJYN3dvaXFVWUFVRkJ2OG5BeWQya2ZmL2Vp?= =?utf-8?B?SXNRV1Q2eXFueUpGenhIWkVucXNkSHFvQ0l0amZoczR3ZzBuem9XTDJxTWRY?= =?utf-8?B?WGR0eTYwdzhvZk83VkZqcWU0ckZhaDkvdWV3WWx6bGdFcFpzeWlrUE11OGo0?= =?utf-8?B?MTJvMWRXNU9EbWtIVmRIMW16TE1XU3NtRWZsWFdpMld3ckZValViMWYwTnNJ?= =?utf-8?B?UmZmTGR3MDY5d2RkNnZQTythMmcwaEtRVVQzNTdzY1NtcVEvRitwQTNpa3dr?= =?utf-8?B?eEp5SlhMWlBjTzRZWlB4eUJwWkZ0WFhjSk4rMUFMcHNqa0pNZnB3SHd6Zkcr?= =?utf-8?B?QitmaVkvWmlXbXBDaWh2L2tWN2FEZzVic09wbmpqNTQ4bkFvTGRYenFlK0Nl?= =?utf-8?B?alFnaW5PdXFOS2Jtc0U3VlFwMXA4SFM4M3NOTTA3Z1RUT2tVNFhTdXc0RzZ4?= =?utf-8?B?bDMzUzlKS2FQK0o0aGkxNEdjZVRvQW1DYmF1THZadEtlZG80RnllN3ZVWHZy?= =?utf-8?B?aHRlMEJLeDRIYlV2VU1VcXRnSElFZDc0SlY5MGJQcStrN3Ftbjhvem9OYW50?= =?utf-8?B?UXFzckdBc3YvQVYvY0wvbkNwbzZBSmZkSTNFdjRyRmxqaGE3amxpYXpWR0I5?= =?utf-8?B?eEdwbzJNeVAxNkg3a0w2bThkWEtWcU50b3E0cS9TaUpMS2QxeTQrMFAzMEpZ?= =?utf-8?B?c3ZwVkZlZTROMndSUHdWNlhyUUFNQ2NVVWNWNDNsMWNpMVZVZXZhYllaNkhv?= =?utf-8?B?ZC8rdnFOZkZLR1Fkb0FrUEJIL1c1bjlOT0s5RGhrV1huSXdlS3RpRlpWMUJG?= =?utf-8?B?VXNTRnVZSG5HU2FZUFhZZmtlMlM5dWk0enZ4RGR2bkhYYk0xaGwxcThZRkVu?= =?utf-8?B?SFlHYlRtRVZtZk5ETWxrTTVGZ2JmQjRQUndrZWJIbFlxdWtSd2sxcFkzdFMx?= =?utf-8?B?MFI0UUVLR0l2ZnY0VjBuMXAyaGpNaTd5Zjhtek03ajRVZWxERjJEU1F0aFl4?= =?utf-8?B?NytiU05GUEFYUXdFbVJvZGdYQ1FqaTlRQU4vWkxHck1KNEY3YXJPMW5ZemY2?= =?utf-8?B?bnd6QjQyVEdCOGZuOEJuQTYrU0NRL3FmbXp6alEyT1A4ZEU2aS9ZekVtZGdT?= =?utf-8?B?eTFMMjVOelV2N2xKSVdJM3Z5Mkwwdm0wVUc2aStjZUxlNFVqR0JvNUhINWpJ?= =?utf-8?B?dzdpRWpyRE91WTFkRzYxYTJDTHZHN1F1V1ZUYkVuR1N4aTdnd0hCa092bC9Q?= =?utf-8?B?OFFsbDJWVzQ5MFp6bzk4UW1rcnhvYVJlV3F0dEdZSVlydStQakNiZkZvMTJo?= =?utf-8?Q?rWWWAN0l36sGN4QovglGuOABGWL0GTcQyDQl9wBbUoIU=3D?= X-Microsoft-Exchange-Diagnostics: 1;CY1PR12MB0149;6:YS2638zkyNoK98RdnrGkOhhwHjKRGH1orGdIM/pZ7UT7TkUI3TdX8TxxfBbDDDtj6GpzXC5v9AkmvpFAxb1asUMjnMOfsNsJAJKQR2kuPaeJmQ5pNvbssDCVKP+ngkrhZxqeAZxjLDVxqi1f+TfsJ08bHmyF6snNh+lRaJYHXFytaQ6dU/JbTkHE4SZU5z+wAcYlogzwbt8QVXyPxTAzsf51NYET8XhjiNW60VXBoiQXXCL+6HsiFtV5KdfCtIq+9/RtUYRJwJSiIpxc9gl3vCPYyw9rOf+E/c+s6JoSY1Nz5CGiqSPlS7HXc0+TfCx7M4ZuUXLXLplG5hCWMeRPmorseyCz6W1Lj8GmfVNDzkg=;5:SnStvyrKVXMYJY5h6PMDlfj0m7YtBHfzIRVRtB3stA8ZtBp57q3BXs0a274X11E5CM3O3VXkok3lrbf9wCsbqe6iUAPEeORT7/k00Qe6/OmZ3t28wgMlPAC/zw3WWV3yacEvPVBmWOznCrs179Og3TZ/kzrCafMyefGIVQGEBZM=;24:qtkLURjJRqwSXy3IwGzCMOd3TjjDY6UxuMMGVhcRCMxMlmAdvUuYsOdjGXmqtENcvLlhmZNoUQarbsmxAx1y4jqGm+OWD1m8KvRiaZ7kCUw=;7:Nhy1caHImL8IQtZJPUb6b9KBfHj2jD+J5zfUX+TUtch3OQ8QUq6cl2G05RqqyoLPQcXbMqRxw9vizr6qotcb1sqeLVWW3G0B29gfb5l3H8YlixZ6x+RWWN2rmjJ/pUIv4Czi7LgHQRM3GH9CM53GaY2lmtk6Gtu6SeBhf5aHzuoeXBVh1Utytr8t5gsqR5eDghTrS8JVGuAIQkCXyI8psAgXD2m/ATqI3h7O/NGks6EUnTY52TAh0Ce2HYKJvMcu SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;CY1PR12MB0149;20:/3MtDO7tUIcUaA8MvQK8Vq9s19WdyQooSuWqIPISX8Vq85XV6S9nnHKqtHvWlmYh5THfIdy+gj9m/eTTiN+83yAS1vvcRClfU8skWq6Un6gWDEHbhaGVWYa3Ry5JeuA8FsE7KQpgNg+fhxXMJXJ7XoOABzFEhMeIn+4wX9GJAUUXjsK9jYNdK5tz5/71R3atgKD5vbEjT0nB2/WIRfaC0cBEwG1BInSBAfPd53LBJ3cozW0vDTP4GFEan+g4VAe5 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Dec 2017 01:05:04.0143 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 785d1e8b-33b4-410b-6350-08d53b7c3816 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR12MB0149 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Define Secure Encrypted Virtualization (SEV) key management command id and structure. The command definition is available in SEV KM spec 0.14 (http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf) Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu Cc: Gary Hook Cc: Tom Lendacky Cc: linux-crypto@vger.kernel.org Cc: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org Improvements-by: Borislav Petkov Signed-off-by: Brijesh Singh Reviewed-by: Borislav Petkov Acked-by: Gary R Hook --- include/linux/psp-sev.h | 465 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 465 insertions(+) create mode 100644 include/linux/psp-sev.h diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h new file mode 100644 index 000000000000..4a150d17d537 --- /dev/null +++ b/include/linux/psp-sev.h @@ -0,0 +1,465 @@ +/* + * AMD Secure Encrypted Virtualization (SEV) driver interface + * + * Copyright (C) 2016-2017 Advanced Micro Devices, Inc. + * + * Author: Brijesh Singh + * + * SEV spec 0.14 is available at: + * http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + */ + +#ifndef __PSP_SEV_H__ +#define __PSP_SEV_H__ + +#include + +#ifdef CONFIG_X86 +#include + +#define __psp_pa(x) __sme_pa(x) +#else +#define __psp_pa(x) __pa(x) +#endif + +#define SEV_FW_BLOB_MAX_SIZE 0x4000 /* 16KB */ + +/** + * SEV platform state + */ +enum sev_state { + SEV_STATE_UNINIT = 0x0, + SEV_STATE_INIT = 0x1, + SEV_STATE_WORKING = 0x2, + + SEV_STATE_MAX +}; + +/** + * SEV platform and guest management commands + */ +enum sev_cmd { + /* platform commands */ + SEV_CMD_INIT = 0x001, + SEV_CMD_SHUTDOWN = 0x002, + SEV_CMD_FACTORY_RESET = 0x003, + SEV_CMD_PLATFORM_STATUS = 0x004, + SEV_CMD_PEK_GEN = 0x005, + SEV_CMD_PEK_CSR = 0x006, + SEV_CMD_PEK_CERT_IMPORT = 0x007, + SEV_CMD_PDH_CERT_EXPORT = 0x008, + SEV_CMD_PDH_GEN = 0x009, + SEV_CMD_DF_FLUSH = 0x00A, + + /* Guest commands */ + SEV_CMD_DECOMMISSION = 0x020, + SEV_CMD_ACTIVATE = 0x021, + SEV_CMD_DEACTIVATE = 0x022, + SEV_CMD_GUEST_STATUS = 0x023, + + /* Guest launch commands */ + SEV_CMD_LAUNCH_START = 0x030, + SEV_CMD_LAUNCH_UPDATE_DATA = 0x031, + SEV_CMD_LAUNCH_UPDATE_VMSA = 0x032, + SEV_CMD_LAUNCH_MEASURE = 0x033, + SEV_CMD_LAUNCH_UPDATE_SECRET = 0x034, + SEV_CMD_LAUNCH_FINISH = 0x035, + + /* Guest migration commands (outgoing) */ + SEV_CMD_SEND_START = 0x040, + SEV_CMD_SEND_UPDATE_DATA = 0x041, + SEV_CMD_SEND_UPDATE_VMSA = 0x042, + SEV_CMD_SEND_FINISH = 0x043, + + /* Guest migration commands (incoming) */ + SEV_CMD_RECEIVE_START = 0x050, + SEV_CMD_RECEIVE_UPDATE_DATA = 0x051, + SEV_CMD_RECEIVE_UPDATE_VMSA = 0x052, + SEV_CMD_RECEIVE_FINISH = 0x053, + + /* Guest debug commands */ + SEV_CMD_DBG_DECRYPT = 0x060, + SEV_CMD_DBG_ENCRYPT = 0x061, + + SEV_CMD_MAX, +}; + +/** + * struct sev_data_init - INIT command parameters + * + * @flags: processing flags + * @tmr_address: system physical address used for SEV-ES + * @tmr_len: len of tmr_address + */ +struct sev_data_init { + u32 flags; /* In */ + u32 reserved; /* In */ + u64 tmr_address; /* In */ + u32 tmr_len; /* In */ +} __packed; + +/** + * struct sev_data_pek_csr - PEK_CSR command parameters + * + * @address: PEK certificate chain + * @len: len of certificate + */ +struct sev_data_pek_csr { + u64 address; /* In */ + u32 len; /* In/Out */ +} __packed; + +/** + * struct sev_data_cert_import - PEK_CERT_IMPORT command parameters + * + * @pek_address: PEK certificate chain + * @pek_len: len of PEK certificate + * @oca_address: OCA certificate chain + * @oca_len: len of OCA certificate + */ +struct sev_data_pek_cert_import { + u64 pek_cert_address; /* In */ + u32 pek_cert_len; /* In */ + u32 reserved; /* In */ + u64 oca_cert_address; /* In */ + u32 oca_cert_len; /* In */ +} __packed; + +/** + * struct sev_data_pdh_cert_export - PDH_CERT_EXPORT command parameters + * + * @pdh_address: PDH certificate address + * @pdh_len: len of PDH certificate + * @cert_chain_address: PDH certificate chain + * @cert_chain_len: len of PDH certificate chain + */ +struct sev_data_pdh_cert_export { + u64 pdh_cert_address; /* In */ + u32 pdh_cert_len; /* In/Out */ + u32 reserved; /* In */ + u64 cert_chain_address; /* In */ + u32 cert_chain_len; /* In/Out */ +} __packed; + +/** + * struct sev_data_decommission - DECOMMISSION command parameters + * + * @handle: handle of the VM to decommission + */ +struct sev_data_decommission { + u32 handle; /* In */ +} __packed; + +/** + * struct sev_data_activate - ACTIVATE command parameters + * + * @handle: handle of the VM to activate + * @asid: asid assigned to the VM + */ +struct sev_data_activate { + u32 handle; /* In */ + u32 asid; /* In */ +} __packed; + +/** + * struct sev_data_deactivate - DEACTIVATE command parameters + * + * @handle: handle of the VM to deactivate + */ +struct sev_data_deactivate { + u32 handle; /* In */ +} __packed; + +/** + * struct sev_data_guest_status - SEV GUEST_STATUS command parameters + * + * @handle: handle of the VM to retrieve status + * @policy: policy information for the VM + * @asid: current ASID of the VM + * @state: current state of the VM + */ +struct sev_data_guest_status { + u32 handle; /* In */ + u32 policy; /* Out */ + u32 asid; /* Out */ + u8 state; /* Out */ +} __packed; + +/** + * struct sev_data_launch_start - LAUNCH_START command parameters + * + * @handle: handle assigned to the VM + * @policy: guest launch policy + * @dh_cert_address: physical address of DH certificate blob + * @dh_cert_len: len of DH certificate blob + * @session_address: physical address of session parameters + * @session_len: len of session parameters + */ +struct sev_data_launch_start { + u32 handle; /* In/Out */ + u32 policy; /* In */ + u64 dh_cert_address; /* In */ + u32 dh_cert_len; /* In */ + u32 reserved; /* In */ + u64 session_address; /* In */ + u32 session_len; /* In */ +} __packed; + +/** + * struct sev_data_launch_update_data - LAUNCH_UPDATE_DATA command parameter + * + * @handle: handle of the VM to update + * @len: len of memory to be encrypted + * @address: physical address of memory region to encrypt + */ +struct sev_data_launch_update_data { + u32 handle; /* In */ + u32 reserved; + u64 address; /* In */ + u32 len; /* In */ +} __packed; + +/** + * struct sev_data_launch_update_vmsa - LAUNCH_UPDATE_VMSA command + * + * @handle: handle of the VM + * @address: physical address of memory region to encrypt + * @len: len of memory region to encrypt + */ +struct sev_data_launch_update_vmsa { + u32 handle; /* In */ + u32 reserved; + u64 address; /* In */ + u32 len; /* In */ +} __packed; + +/** + * struct sev_data_launch_measure - LAUNCH_MEASURE command parameters + * + * @handle: handle of the VM to process + * @address: physical address containing the measurement blob + * @len: len of measurement blob + */ +struct sev_data_launch_measure { + u32 handle; /* In */ + u32 reserved; + u64 address; /* In */ + u32 len; /* In/Out */ +} __packed; + +/** + * struct sev_data_launch_secret - LAUNCH_SECRET command parameters + * + * @handle: handle of the VM to process + * @hdr_address: physical address containing the packet header + * @hdr_len: len of packet header + * @guest_address: system physical address of guest memory region + * @guest_len: len of guest_paddr + * @trans_address: physical address of transport memory buffer + * @trans_len: len of transport memory buffer + */ +struct sev_data_launch_secret { + u32 handle; /* In */ + u32 reserved1; + u64 hdr_address; /* In */ + u32 hdr_len; /* In */ + u32 reserved2; + u64 guest_address; /* In */ + u32 guest_len; /* In */ + u32 reserved3; + u64 trans_address; /* In */ + u32 trans_len; /* In */ +} __packed; + +/** + * struct sev_data_launch_finish - LAUNCH_FINISH command parameters + * + * @handle: handle of the VM to process + */ +struct sev_data_launch_finish { + u32 handle; /* In */ +} __packed; + +/** + * struct sev_data_send_start - SEND_START command parameters + * + * @handle: handle of the VM to process + * @policy: policy information for the VM + * @pdh_cert_address: physical address containing PDH certificate + * @pdh_cert_len: len of PDH certificate + * @plat_certs_address: physical address containing platform certificate + * @plat_certs_len: len of platform certificate + * @amd_certs_address: physical address containing AMD certificate + * @amd_certs_len: len of AMD certificate + * @session_address: physical address containing Session data + * @session_len: len of session data + */ +struct sev_data_send_start { + u32 handle; /* In */ + u32 policy; /* Out */ + u64 pdh_cert_address; /* In */ + u32 pdh_cert_len; /* In */ + u32 reserved1; + u64 plat_cert_address; /* In */ + u32 plat_cert_len; /* In */ + u32 reserved2; + u64 amd_cert_address; /* In */ + u32 amd_cert_len; /* In */ + u32 reserved3; + u64 session_address; /* In */ + u32 session_len; /* In/Out */ +} __packed; + +/** + * struct sev_data_send_update - SEND_UPDATE_DATA command + * + * @handle: handle of the VM to process + * @hdr_address: physical address containing packet header + * @hdr_len: len of packet header + * @guest_address: physical address of guest memory region to send + * @guest_len: len of guest memory region to send + * @trans_address: physical address of host memory region + * @trans_len: len of host memory region + */ +struct sev_data_send_update_data { + u32 handle; /* In */ + u32 reserved1; + u64 hdr_address; /* In */ + u32 hdr_len; /* In/Out */ + u32 reserved2; + u64 guest_address; /* In */ + u32 guest_len; /* In */ + u32 reserved3; + u64 trans_address; /* In */ + u32 trans_len; /* In */ +} __packed; + +/** + * struct sev_data_send_update - SEND_UPDATE_VMSA command + * + * @handle: handle of the VM to process + * @hdr_address: physical address containing packet header + * @hdr_len: len of packet header + * @guest_address: physical address of guest memory region to send + * @guest_len: len of guest memory region to send + * @trans_address: physical address of host memory region + * @trans_len: len of host memory region + */ +struct sev_data_send_update_vmsa { + u32 handle; /* In */ + u64 hdr_address; /* In */ + u32 hdr_len; /* In/Out */ + u32 reserved2; + u64 guest_address; /* In */ + u32 guest_len; /* In */ + u32 reserved3; + u64 trans_address; /* In */ + u32 trans_len; /* In */ +} __packed; + +/** + * struct sev_data_send_finish - SEND_FINISH command parameters + * + * @handle: handle of the VM to process + */ +struct sev_data_send_finish { + u32 handle; /* In */ +} __packed; + +/** + * struct sev_data_receive_start - RECEIVE_START command parameters + * + * @handle: handle of the VM to perform receive operation + * @pdh_cert_address: system physical address containing PDH certificate blob + * @pdh_cert_len: len of PDH certificate blob + * @session_address: system physical address containing session blob + * @session_len: len of session blob + */ +struct sev_data_receive_start { + u32 handle; /* In/Out */ + u32 policy; /* In */ + u64 pdh_cert_address; /* In */ + u32 pdh_cert_len; /* In */ + u32 reserved1; + u64 session_address; /* In */ + u32 session_len; /* In */ +} __packed; + +/** + * struct sev_data_receive_update_data - RECEIVE_UPDATE_DATA command parameters + * + * @handle: handle of the VM to update + * @hdr_address: physical address containing packet header blob + * @hdr_len: len of packet header + * @guest_address: system physical address of guest memory region + * @guest_len: len of guest memory region + * @trans_address: system physical address of transport buffer + * @trans_len: len of transport buffer + */ +struct sev_data_receive_update_data { + u32 handle; /* In */ + u32 reserved1; + u64 hdr_address; /* In */ + u32 hdr_len; /* In */ + u32 reserved2; + u64 guest_address; /* In */ + u32 guest_len; /* In */ + u32 reserved3; + u64 trans_address; /* In */ + u32 trans_len; /* In */ +} __packed; + +/** + * struct sev_data_receive_update_vmsa - RECEIVE_UPDATE_VMSA command parameters + * + * @handle: handle of the VM to update + * @hdr_address: physical address containing packet header blob + * @hdr_len: len of packet header + * @guest_address: system physical address of guest memory region + * @guest_len: len of guest memory region + * @trans_address: system physical address of transport buffer + * @trans_len: len of transport buffer + */ +struct sev_data_receive_update_vmsa { + u32 handle; /* In */ + u32 reserved1; + u64 hdr_address; /* In */ + u32 hdr_len; /* In */ + u32 reserved2; + u64 guest_address; /* In */ + u32 guest_len; /* In */ + u32 reserved3; + u64 trans_address; /* In */ + u32 trans_len; /* In */ +} __packed; + +/** + * struct sev_data_receive_finish - RECEIVE_FINISH command parameters + * + * @handle: handle of the VM to finish + */ +struct sev_data_receive_finish { + u32 handle; /* In */ +} __packed; + +/** + * struct sev_data_dbg - DBG_ENCRYPT/DBG_DECRYPT command parameters + * + * @handle: handle of the VM to perform debug operation + * @src_addr: source address of data to operate on + * @dst_addr: destination address of data to operate on + * @len: len of data to operate on + */ +struct sev_data_dbg { + u32 handle; /* In */ + u32 reserved; + u64 src_addr; /* In */ + u64 dst_addr; /* In */ + u32 len; /* In */ +} __packed; + +#endif /* __PSP_SEV_H__ */ -- 2.9.5