From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751864AbdJXSk6 (ORCPT ); Tue, 24 Oct 2017 14:40:58 -0400 Received: from mail-by2nam01on0065.outbound.protection.outlook.com ([104.47.34.65]:47189 "EHLO NAM01-BY2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751755AbdJXSkt (ORCPT ); Tue, 24 Oct 2017 14:40:49 -0400 Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Gary.Hook@amd.com; Subject: Re: [Part2 PATCH v6 11/38] crypto: ccp: Define SEV key management command id To: Brijesh Singh , kvm@vger.kernel.org Cc: bp@alien8.de, Paolo Bonzini , =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= , Borislav Petkov , Herbert Xu , Tom Lendacky , linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org References: <20171020023413.122280-1-brijesh.singh@amd.com> <20171020023413.122280-12-brijesh.singh@amd.com> From: Gary R Hook Message-ID: <2392aa35-9027-cbe0-b263-e96f78db42d8@amd.com> Date: Tue, 24 Oct 2017 13:40:43 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 MIME-Version: 1.0 In-Reply-To: <20171020023413.122280-12-brijesh.singh@amd.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: BN6PR08CA0049.namprd08.prod.outlook.com (10.172.144.11) To BN6PR12MB1314.namprd12.prod.outlook.com (10.168.228.8) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 476ee7a5-6a05-4fd1-bb16-08d51b0ebdf2 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001)(48565401081)(4534020)(4602075)(4627075)(201703031133081)(201702281549075)(2017052603199);SRVR:BN6PR12MB1314; X-Microsoft-Exchange-Diagnostics: 1;BN6PR12MB1314;3:d5QRKOGHO8UOK3NAQQ9IgFImoXCD7PKa+VlP6tS+hMzu8IctZ3vAZTochEvWTG5gtWGnAfWltmL3cyn89Spw3x5vqLEoT35YEf9tFquiAn37ivWgUppuCarq3d4I5FAAFFFDeSUW8xTPjrDG375pgzvofOQmwa5lVAgRMqCWOoO6tMcExxoPMl5nyNGl4E//xhu+shHHXV3SE2AVChdMg5CGpDWM3lj4CGup8a/lJwfnn9WohDPqQgFDpQMlvf1q;25:OHkvJ2LqhOz2fG31PJ84mpXZZoWaa0ZCfS9l9CQdUHdDxtKbN91mgl2Z7EJUpSw2/5AXWjLwCUSWlv9K0zprpg9kH38aHsDiZxCMnXi1PFiv6IkoLnvcDOpTFuMBxndMcB8BSRojw2h/3LYP9A/zhT1N/7h1puL3I5gyZmqjTVcjewd3NawpPaihpIVU5sXhbhD8uokdZytAHHfPC9ICUGww6iVaUlmYLnwjm+SaGeNGwFJFwP3De6csOynU8VrFxY+2ndpx/27WY1hPwEgNnshR6pbYNkQFNdjh412W8RK/6oU34F8R4sB2dARMFTS3yXh6nmZ7zmBRL6m4TUEk2A==;31:LBQU5kwGbAUcEIhBy3mG0GDtaqdEqMPZ0hHNpcBq2iTc/iYg59G1wDXI3xdOKyIbKUBSpThPqXlrPQdqEOXkqkijg/jNfLUFDP15q9LWfj7WruCTJ/gzM159IHg9/5WE5Q+oE5SFs/WeO63bdZ2uLdbtfHxDPXisjt6nKQr8csv8r0+Q+zD8ki4v2YgDTMr6BXFaGRPKN+CSpc1A1iN5dULBb1nxvQNuG6ayqsLxrwU= X-MS-TrafficTypeDiagnostic: BN6PR12MB1314: X-Microsoft-Exchange-Diagnostics: 1;BN6PR12MB1314;20:CEH46AIqBrihueXXbi6QFqtKn/OmY4BfKYu2ov4di0iBYLAmgvMrUtZXo4w8Z/vmYzuFlxVDxtAJRt9YGSCuzTp+apTNb7MqbkAl8vIGodh1ya9vAiMmRoHuokvhhEvo0u8hOjqRaDIOHFSvsrO64kb1mcqTaZX0VbPdNIOF50+zIfjGUJKVz+22Mi0VYLb+sB+elqSfAcdkA2stS26+YihkBh6FJ0SVUrbn33mxc+V8lCRRyc7wuvZef3OOL+jYOmYGyGIN1tILPhjCW9QCObY0j5ZkhzuJwBr4cigKNNAXvvYsyYMh32ulqzWYHs6PiKNXmsKyKdcuh8TShZrqVdTHHQ5OHelZNT66gobJHVjXL0VN+U9QXJDgNR3CEz3hQ4UD7C8AMMG6g4qPYNpXzEqTLv/KwdJy27JwcT5INygiLl6lfkIL4Oxnw7mV1bvuelkJiMyxZaRErv9lVHqC7aN/Ry3FwlCuo0WJSiYjPzP/YWwmBq2tEiN7vqmRXryh;4:qtfU7YvJMDMa9yF89H0qzSpfyMW1+iHYJsoEEsRZ5kxg0P27CF8PTIbvRds1o1pvM+ZQEVBgSlmHOB3aR8EXc0e1bWy6QRrVeho1SKRQzlnXsXPtSxJ+cDR9u6mKk7pyJPKy84mLYgIMKoVKUhIQVk1n9xwEljDHR55DFFvt+IWUicnMJ4ibLlLSiFQ+BfAJitLiFYNRqsVAyW6AvXC64fp7YYpVnJ3gV9bn42xDaT92C2u4s1empZjmPD3Z/CCfZeQ0cLt9Hj2oj67DKfK4zpwJeyd8fkzQyCENGOADTVc3hoRB5M9bWwSumNVN2nE39afIXAxYK20gRpj+x33zfw== X-Exchange-Antispam-Report-Test: UriScan:(9452136761055)(767451399110); X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(5005006)(8121501046)(10201501046)(3002001)(3231020)(100000703101)(100105400095)(93006095)(93001095)(6055026)(6041248)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123564025)(20161123560025)(20161123555025)(20161123562025)(20161123558100)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095);SRVR:BN6PR12MB1314;BCL:0;PCL:0;RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095);SRVR:BN6PR12MB1314; X-Forefront-PRVS: 047001DADA X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(6009001)(6049001)(376002)(39860400002)(346002)(199003)(24454002)(189002)(64126003)(8936002)(81156014)(81166006)(478600001)(72206003)(58126008)(101416001)(16576012)(966005)(33646002)(106356001)(316002)(25786009)(7736002)(8676002)(305945005)(23676002)(54906003)(6306002)(105586002)(53936002)(6246003)(36756003)(4326008)(189998001)(1720100001)(6666003)(229853002)(90366009)(68736007)(3846002)(2870700001)(77096006)(6486002)(31686004)(2906002)(6116002)(65826007)(2950100002)(5660300001)(16526018)(50466002)(65956001)(83506002)(53546010)(86362001)(65806001)(97736004)(47776003)(66066001)(76176999)(54356999)(50986999)(31696002)(2004002);DIR:OUT;SFP:1101;SCL:1;SRVR:BN6PR12MB1314;H:[10.236.19.127];FPR:;SPF:None;PTR:InfoNoRecords;A:1;MX:1;LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtCTjZQUjEyTUIxMzE0OzIzOkdydWhWbk9tb0lSS2lIOXNCTGI3RTVxSkps?= =?utf-8?B?VUdndSs4TEdjU2R5T1J3WlgyejhSZElnME5yQ3hraGxJR2FLd240aVdtdkMv?= =?utf-8?B?ZXp0T0tYemdraFBiZExxR2NQeDZtdDc2RjNPc0xYRklROGUvZTF0SFErUnB2?= =?utf-8?B?clkrSG5rQUdacXcrY3FENEpUMTY0SnZaYWdBUHNhSlVSdXRoN3FmME5RbTJi?= =?utf-8?B?cGdadVY1ejMyTEw2bHM5VVd4SVZFeWUxR0ZQRlVLU21MTTFwZkI5YTZVL1ZP?= =?utf-8?B?ZVpXOGZSSndsQWlVeXhCZWo0RU5MaTJZS0NmTFpLdlowRElyK1ZXdmtPUWlI?= =?utf-8?B?UGExVTlmZmkrR05xb2dQSmI4ZE9pb1lmclFzRDRSUGwvMjRJZ3dNeWZHOEZm?= =?utf-8?B?SjV3ODUrNU1pOW15bElrWFVtOXQ4b2FJUXJIb1ovRlgyd21GN3lMV09iK2tr?= =?utf-8?B?L3Q4bTVhaTNlNVhGYVNDUlJra3dRdnc5b0RjYmxxbzBwS01OakVuVVlnbHIx?= =?utf-8?B?RFZWOFdNTVhCV1pUVFE3bW4vLzlhaDFiQjNaZmRqbkFkY0xrcFY1Tk1ZYkhy?= =?utf-8?B?L051dFBCa0Q0YmEvcDZPd2F2N1VyandHQ1FDZEhzVnNnVU41NXRScGFHZUlQ?= =?utf-8?B?RitVRGVrSGgvK1dwVEh2UWM0OEVBTi9scUFoYnRMVkJWOFIzNS9ENkN4UnlQ?= =?utf-8?B?bVUzOWEramo0NE1ybUpMOHQzVHdhSzB2clpaSFlwN0lSRmN2aUR3MGFGUWtY?= =?utf-8?B?UWoyU2k2Ymd6L1Q5b0VKSWU1dElielNUK1BnZlZCU3RERERTVFExckhtN09R?= =?utf-8?B?MmhpOWZ3T0R3MWU0djZwYmlFMk4wRDhteVNoUnR2QnpGRjFzNytaUWpQU2ds?= =?utf-8?B?bDd0NU44amt6NTF1WjdNUTdWWVpoSndVcHl0VE1uazVPUmU2M29SSFZ6Z2VF?= =?utf-8?B?YTE2WEEralBsTE42ZHZqYStFWnhGdjVZWmNDWStqR2dVMkJtTTNYc0lFTDdr?= =?utf-8?B?a1hQN0c5MndTa0tMVERpOC9vU1dxVzVSaFh3NC9LOE9DM1N4bitYVmpqWUZS?= =?utf-8?B?YzFGMHoxUWZaZUxzNEZqTDdHdGNTQ0svZmlpTmpZNkdtWGVvU25SRHcwRTNh?= =?utf-8?B?TitnSG5PMlc0QXpPRmFiMGlFL08xcE1PZ3ZRN3kvcnBKc1hPbjhwTjQwUE5R?= =?utf-8?B?SFdTZ2R4VHgxTUovVUsvMENXcFhvS0NJZHFrMEJtVU5WZ1BJMVhhVXgycGVU?= =?utf-8?B?eUZTMS90ZmdZanA3ZnBGdUpCTHBNSlhTUkw5MjBQcmp0bi9ab2JUUHNZeTJW?= =?utf-8?B?MEZidkIva003bDBxb2c1STBRMFh0VWpZRzdjaGYrWWNhRlhzTit2UkJvVmVw?= =?utf-8?B?QlVIZmxZWllVMzhxWFNwRWpTZXppTm5acTl2NjViSGF6aG5TbmltWE4wV1R2?= =?utf-8?B?UTRGSGhlZ2lqem93dS8rWWQrajhRbnZBS2pJZ3hEU09OSXg1aHlqSGZDNno3?= =?utf-8?B?MDNEQ1NNYlVjTmYwdkI4Yk1DZDRDTlptSzMxNUpqQnVkakF0VUI4b3lvbStI?= =?utf-8?B?OGdHVjZLaEEyZ3ZoZEFsZDZtMjhRV3hzSEM5bHpFSTQ2MnYraHhsMWJXRG1q?= =?utf-8?B?ZHRwY25ZN2t0Y2poTFJYaC9wS3N6MGd0Um9Ka0NhaUV4d1ZGdUpsSU4xbStN?= =?utf-8?B?em1WSUxxMWQwcGVVVklKUll5WUlVSVVUcjZ4T21DNnZaWG5DSVAzWkQ3TXk4?= =?utf-8?B?VDJsanY4OVcyMExreFVQL01kTC9tWEZDMU1mQ0hUQTFHbWlOMkMvcGJtNGg4?= =?utf-8?B?YzhPMUJqZk9ITFBDYSt0TUtlSEpCNDZPQWdyZVlOWlFzWlcvSDZZTTE0c3Rp?= =?utf-8?B?ci9KaFNjOWhmZlVFVzI4dFowWkh4RUM5SWdUVjNhRW9zUmNtN21xbmwrN0ZL?= =?utf-8?B?TkZPMHhZTE0xdFhEWE4xRUpmQUVQMzhpT2JJMEhQRkhITkw2Y2svOHpYQUtR?= =?utf-8?Q?L7Zp+8?= X-Microsoft-Exchange-Diagnostics: 1;BN6PR12MB1314;6:b7OZVyO3l607N3dxJ6edWFCGH4n+V8s7ZbK/gjBUC1+Mw82rzDiVVvEYpCU733oPUhMRvXZpbz5AiQhhU7V89i8Cn+Mva78GIlGVFJFVBuo9ULtbiSH+0W9MZEj+oPhiLqUIlcrzIqMXnvgm3x/PuqRQGHUP53BFkBhEvHgVBrMG0U3ln0qcEaSpBFEOYMFXfExSpehn4zko6Sip4+nK15jYiZSzf0BuoZrTMIFzqbS2wzn2+HJfIgNBmoTc8mzsH7L5BUAmyg1lz9iIuM5iuYfZJODjq6+ubkry+RcuZhTAhypz1G4SLYEjC3R+yrcKBU3PtNrQqC0lhogrpEMszg==;5:2W+BNh/bf2Io0OnwzRcAVMmfNuWd+vqfcXdG05z+StZIMKy9xFHXlWFNzzlug3MTPFc7UthVY3EaChfNIK2C8/2oR5sMlV6jZWy8PO+5TcCviWJPPRCjQETw1WJtduirJcsJfAVt+ml4uV+zk+fKXQ==;24:SNO+U52kBupM7a3ZN/WX7V7jTWXb3EoHcdBGqhWWkdK0nA/S6gA3tb7Hc98wfWsJSYEmNmGyLPDQ+lEE7DNHdua+RR9rgsvjT2y5VXR3k0E=;7:E34MunAKUPBjMo8okEO2WBXW1ZoN3DGqj0+N8PndKu4TBNZJeivyLyCKHHETQDBaAfuiY17kcNXXr9xpFhIhfnuceea2F/2l1G2Oir78GqDNHHuBXfxXdBnjd5IrWEv3BHVhk55IC1oTYkoTrMmKb6+RlJZtyl+PA5ZF9iJ8KV0EF+BAxlLl3eWQh/xNJcA0wfHzzynXlmVj4ucZ4evUaXTuscY1ubDmFZx+h7+78H8= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;BN6PR12MB1314;20:cF5dVe52DmlK06zyBfswt5aEtnboRgYAO19LvWUkc8DxiLzj7QEYhYjoevUmw84DXDArPRUTbgKbTPWIMF6ydmKnFjJoYJPGVL1TlRd8e8Db0RzMUNovP76uL0xyhr0sWGsd0/zvWAmiGuSX7uBDe46hZ9qvRUBiUTR4o5a53gB0m/6+fbLaUIz2L78h67tUZBrwRYXuJMedmXTZL/rB2qF9fIWMhszx6aqNwr6oFc7JTjTpLjESW68M87ZImGhZ X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 24 Oct 2017 18:40:46.4805 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 476ee7a5-6a05-4fd1-bb16-08d51b0ebdf2 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR12MB1314 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 10/19/2017 09:33 PM, Brijesh Singh wrote: > Define Secure Encrypted Virtualization (SEV) key management command id > and structure. The command definition is available in SEV KM [1] spec > 0.14. > > [1] http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf > > Cc: Paolo Bonzini > Cc: "Radim Krčmář" > Cc: Borislav Petkov > Cc: Herbert Xu > Cc: Gary Hook > Cc: Tom Lendacky > Cc: linux-crypto@vger.kernel.org > Cc: kvm@vger.kernel.org > Cc: linux-kernel@vger.kernel.org > Improvements-by: Borislav Petkov > Signed-off-by: Brijesh Singh > Reviewed-by: Borislav Petkov Acked-by: Gary R Hook > --- > include/linux/psp-sev.h | 494 ++++++++++++++++++++++++++++++++++++++++++++++++ > 1 file changed, 494 insertions(+) > create mode 100644 include/linux/psp-sev.h > > diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h > new file mode 100644 > index 000000000000..15bda519538e > --- /dev/null > +++ b/include/linux/psp-sev.h > @@ -0,0 +1,494 @@ > +/* > + * AMD Secure Encrypted Virtualization (SEV) driver interface > + * > + * Copyright (C) 2016-2017 Advanced Micro Devices, Inc. > + * > + * Author: Brijesh Singh > + * > + * SEV spec 0.14 is available at: > + * http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf > + * > + * This program is free software; you can redistribute it and/or modify > + * it under the terms of the GNU General Public License version 2 as > + * published by the Free Software Foundation. > + */ > + > +#ifndef __PSP_SEV_H__ > +#define __PSP_SEV_H__ > + > +#include > + > +#ifdef CONFIG_X86 > +#include > + > +#define __psp_pa(x) __sme_pa(x) > +#else > +#define __psp_pa(x) __pa(x) > +#endif > + > +#define SEV_FW_BLOB_MAX_SIZE 0x4000 /* 16KB */ > + > +/** > + * SEV platform state > + */ > +enum sev_state { > + SEV_STATE_UNINIT = 0x0, > + SEV_STATE_INIT = 0x1, > + SEV_STATE_WORKING = 0x2, > + > + SEV_STATE_MAX > +}; > + > +/** > + * SEV platform and guest management commands > + */ > +enum sev_cmd { > + /* platform commands */ > + SEV_CMD_INIT = 0x001, > + SEV_CMD_SHUTDOWN = 0x002, > + SEV_CMD_FACTORY_RESET = 0x003, > + SEV_CMD_PLATFORM_STATUS = 0x004, > + SEV_CMD_PEK_GEN = 0x005, > + SEV_CMD_PEK_CSR = 0x006, > + SEV_CMD_PEK_CERT_IMPORT = 0x007, > + SEV_CMD_PDH_CERT_EXPORT = 0x008, > + SEV_CMD_PDH_GEN = 0x009, > + SEV_CMD_DF_FLUSH = 0x00A, > + > + /* Guest commands */ > + SEV_CMD_DECOMMISSION = 0x020, > + SEV_CMD_ACTIVATE = 0x021, > + SEV_CMD_DEACTIVATE = 0x022, > + SEV_CMD_GUEST_STATUS = 0x023, > + > + /* Guest launch commands */ > + SEV_CMD_LAUNCH_START = 0x030, > + SEV_CMD_LAUNCH_UPDATE_DATA = 0x031, > + SEV_CMD_LAUNCH_UPDATE_VMSA = 0x032, > + SEV_CMD_LAUNCH_MEASURE = 0x033, > + SEV_CMD_LAUNCH_UPDATE_SECRET = 0x034, > + SEV_CMD_LAUNCH_FINISH = 0x035, > + > + /* Guest migration commands (outgoing) */ > + SEV_CMD_SEND_START = 0x040, > + SEV_CMD_SEND_UPDATE_DATA = 0x041, > + SEV_CMD_SEND_UPDATE_VMSA = 0x042, > + SEV_CMD_SEND_FINISH = 0x043, > + > + /* Guest migration commands (incoming) */ > + SEV_CMD_RECEIVE_START = 0x050, > + SEV_CMD_RECEIVE_UPDATE_DATA = 0x051, > + SEV_CMD_RECEIVE_UPDATE_VMSA = 0x052, > + SEV_CMD_RECEIVE_FINISH = 0x053, > + > + /* Guest debug commands */ > + SEV_CMD_DBG_DECRYPT = 0x060, > + SEV_CMD_DBG_ENCRYPT = 0x061, > + > + SEV_CMD_MAX, > +}; > + > +/** > + * status code returned by the commands > + */ > +enum psp_ret_code { > + SEV_RET_SUCCESS = 0, > + SEV_RET_INVALID_PLATFORM_STATE, > + SEV_RET_INVALID_GUEST_STATE, > + SEV_RET_INAVLID_CONFIG, > + SEV_RET_INVALID_len, > + SEV_RET_ALREADY_OWNED, > + SEV_RET_INVALID_CERTIFICATE, > + SEV_RET_POLICY_FAILURE, > + SEV_RET_INACTIVE, > + SEV_RET_INVALID_ADDRESS, > + SEV_RET_BAD_SIGNATURE, > + SEV_RET_BAD_MEASUREMENT, > + SEV_RET_ASID_OWNED, > + SEV_RET_INVALID_ASID, > + SEV_RET_WBINVD_REQUIRED, > + SEV_RET_DFFLUSH_REQUIRED, > + SEV_RET_INVALID_GUEST, > + SEV_RET_INVALID_COMMAND, > + SEV_RET_ACTIVE, > + SEV_RET_HWSEV_RET_PLATFORM, > + SEV_RET_HWSEV_RET_UNSAFE, > + SEV_RET_UNSUPPORTED, > + SEV_RET_MAX, > +}; > + > +/** > + * struct sev_data_init - INIT command parameters > + * > + * @flags: processing flags > + * @tmr_address: system physical address used for SEV-ES > + * @tmr_len: len of tmr_address > + */ > +struct sev_data_init { > + u32 flags; /* In */ > + u32 reserved; /* In */ > + u64 tmr_address; /* In */ > + u32 tmr_len; /* In */ > +} __packed; > + > +/** > + * struct sev_data_pek_csr - PEK_CSR command parameters > + * > + * @address: PEK certificate chain > + * @len: len of certificate > + */ > +struct sev_data_pek_csr { > + u64 address; /* In */ > + u32 len; /* In/Out */ > +} __packed; > + > +/** > + * struct sev_data_cert_import - PEK_CERT_IMPORT command parameters > + * > + * @pek_address: PEK certificate chain > + * @pek_len: len of PEK certificate > + * @oca_address: OCA certificate chain > + * @oca_len: len of OCA certificate > + */ > +struct sev_data_pek_cert_import { > + u64 pek_cert_address; /* In */ > + u32 pek_cert_len; /* In */ > + u32 reserved; /* In */ > + u64 oca_cert_address; /* In */ > + u32 oca_cert_len; /* In */ > +} __packed; > + > +/** > + * struct sev_data_pdh_cert_export - PDH_CERT_EXPORT command parameters > + * > + * @pdh_address: PDH certificate address > + * @pdh_len: len of PDH certificate > + * @cert_chain_address: PDH certificate chain > + * @cert_chain_len: len of PDH certificate chain > + */ > +struct sev_data_pdh_cert_export { > + u64 pdh_cert_address; /* In */ > + u32 pdh_cert_len; /* In/Out */ > + u32 reserved; /* In */ > + u64 cert_chain_address; /* In */ > + u32 cert_chain_len; /* In/Out */ > +} __packed; > + > +/** > + * struct sev_data_decommission - DECOMMISSION command parameters > + * > + * @handle: handle of the VM to decommission > + */ > +struct sev_data_decommission { > + u32 handle; /* In */ > +} __packed; > + > +/** > + * struct sev_data_activate - ACTIVATE command parameters > + * > + * @handle: handle of the VM to activate > + * @asid: asid assigned to the VM > + */ > +struct sev_data_activate { > + u32 handle; /* In */ > + u32 asid; /* In */ > +} __packed; > + > +/** > + * struct sev_data_deactivate - DEACTIVATE command parameters > + * > + * @handle: handle of the VM to deactivate > + */ > +struct sev_data_deactivate { > + u32 handle; /* In */ > +} __packed; > + > +/** > + * struct sev_data_guest_status - SEV GUEST_STATUS command parameters > + * > + * @handle: handle of the VM to retrieve status > + * @policy: policy information for the VM > + * @asid: current ASID of the VM > + * @state: current state of the VM > + */ > +struct sev_data_guest_status { > + u32 handle; /* In */ > + u32 policy; /* Out */ > + u32 asid; /* Out */ > + u8 state; /* Out */ > +} __packed; > + > +/** > + * struct sev_data_launch_start - LAUNCH_START command parameters > + * > + * @handle: handle assigned to the VM > + * @policy: guest launch policy > + * @dh_cert_address: physical address of DH certificate blob > + * @dh_cert_len: len of DH certificate blob > + * @session_address: physical address of session parameters > + * @session_len: len of session parameters > + */ > +struct sev_data_launch_start { > + u32 handle; /* In/Out */ > + u32 policy; /* In */ > + u64 dh_cert_address; /* In */ > + u32 dh_cert_len; /* In */ > + u32 reserved; /* In */ > + u64 session_address; /* In */ > + u32 session_len; /* In */ > +} __packed; > + > +/** > + * struct sev_data_launch_update_data - LAUNCH_UPDATE_DATA command parameter > + * > + * @handle: handle of the VM to update > + * @len: len of memory to be encrypted > + * @address: physical address of memory region to encrypt > + */ > +struct sev_data_launch_update_data { > + u32 handle; /* In */ > + u32 reserved; > + u64 address; /* In */ > + u32 len; /* In */ > +} __packed; > + > +/** > + * struct sev_data_launch_update_vmsa - LAUNCH_UPDATE_VMSA command > + * > + * @handle: handle of the VM > + * @address: physical address of memory region to encrypt > + * @len: len of memory region to encrypt > + */ > +struct sev_data_launch_update_vmsa { > + u32 handle; /* In */ > + u32 reserved; > + u64 address; /* In */ > + u32 len; /* In */ > +} __packed; > + > +/** > + * struct sev_data_launch_measure - LAUNCH_MEASURE command parameters > + * > + * @handle: handle of the VM to process > + * @address: physical address containing the measurement blob > + * @len: len of measurement blob > + */ > +struct sev_data_launch_measure { > + u32 handle; /* In */ > + u32 reserved; > + u64 address; /* In */ > + u32 len; /* In/Out */ > +} __packed; > + > +/** > + * struct sev_data_launch_secret - LAUNCH_SECRET command parameters > + * > + * @handle: handle of the VM to process > + * @hdr_address: physical address containing the packet header > + * @hdr_len: len of packet header > + * @guest_address: system physical address of guest memory region > + * @guest_len: len of guest_paddr > + * @trans_address: physical address of transport memory buffer > + * @trans_len: len of transport memory buffer > + */ > +struct sev_data_launch_secret { > + u32 handle; /* In */ > + u32 reserved1; > + u64 hdr_address; /* In */ > + u32 hdr_len; /* In */ > + u32 reserved2; > + u64 guest_address; /* In */ > + u32 guest_len; /* In */ > + u32 reserved3; > + u64 trans_address; /* In */ > + u32 trans_len; /* In */ > +} __packed; > + > +/** > + * struct sev_data_launch_finish - LAUNCH_FINISH command parameters > + * > + * @handle: handle of the VM to process > + */ > +struct sev_data_launch_finish { > + u32 handle; /* In */ > +} __packed; > + > +/** > + * struct sev_data_send_start - SEND_START command parameters > + * > + * @handle: handle of the VM to process > + * @policy: policy information for the VM > + * @pdh_cert_address: physical address containing PDH certificate > + * @pdh_cert_len: len of PDH certificate > + * @plat_certs_address: physical address containing platform certificate > + * @plat_certs_len: len of platform certificate > + * @amd_certs_address: physical address containing AMD certificate > + * @amd_certs_len: len of AMD certificate > + * @session_address: physical address containing Session data > + * @session_len: len of session data > + */ > +struct sev_data_send_start { > + u32 handle; /* In */ > + u32 policy; /* Out */ > + u64 pdh_cert_address; /* In */ > + u32 pdh_cert_len; /* In */ > + u32 reserved1; > + u64 plat_cert_address; /* In */ > + u32 plat_cert_len; /* In */ > + u32 reserved2; > + u64 amd_cert_address; /* In */ > + u32 amd_cert_len; /* In */ > + u32 reserved3; > + u64 session_address; /* In */ > + u32 session_len; /* In/Out */ > +} __packed; > + > +/** > + * struct sev_data_send_update - SEND_UPDATE_DATA command > + * > + * @handle: handle of the VM to process > + * @hdr_address: physical address containing packet header > + * @hdr_len: len of packet header > + * @guest_address: physical address of guest memory region to send > + * @guest_len: len of guest memory region to send > + * @trans_address: physical address of host memory region > + * @trans_len: len of host memory region > + */ > +struct sev_data_send_update_data { > + u32 handle; /* In */ > + u32 reserved1; > + u64 hdr_address; /* In */ > + u32 hdr_len; /* In/Out */ > + u32 reserved2; > + u64 guest_address; /* In */ > + u32 guest_len; /* In */ > + u32 reserved3; > + u64 trans_address; /* In */ > + u32 trans_len; /* In */ > +} __packed; > + > +/** > + * struct sev_data_send_update - SEND_UPDATE_VMSA command > + * > + * @handle: handle of the VM to process > + * @hdr_address: physical address containing packet header > + * @hdr_len: len of packet header > + * @guest_address: physical address of guest memory region to send > + * @guest_len: len of guest memory region to send > + * @trans_address: physical address of host memory region > + * @trans_len: len of host memory region > + */ > +struct sev_data_send_update_vmsa { > + u32 handle; /* In */ > + u64 hdr_address; /* In */ > + u32 hdr_len; /* In/Out */ > + u32 reserved2; > + u64 guest_address; /* In */ > + u32 guest_len; /* In */ > + u32 reserved3; > + u64 trans_address; /* In */ > + u32 trans_len; /* In */ > +} __packed; > + > +/** > + * struct sev_data_send_finish - SEND_FINISH command parameters > + * > + * @handle: handle of the VM to process > + */ > +struct sev_data_send_finish { > + u32 handle; /* In */ > +} __packed; > + > +/** > + * struct sev_data_receive_start - RECEIVE_START command parameters > + * > + * @handle: handle of the VM to perform receive operation > + * @pdh_cert_address: system physical address containing PDH certificate blob > + * @pdh_cert_len: len of PDH certificate blob > + * @session_address: system physical address containing session blob > + * @session_len: len of session blob > + */ > +struct sev_data_receive_start { > + u32 handle; /* In/Out */ > + u32 policy; /* In */ > + u64 pdh_cert_address; /* In */ > + u32 pdh_cert_len; /* In */ > + u32 reserved1; > + u64 session_address; /* In */ > + u32 session_len; /* In */ > +} __packed; > + > +/** > + * struct sev_data_receive_update_data - RECEIVE_UPDATE_DATA command parameters > + * > + * @handle: handle of the VM to update > + * @hdr_address: physical address containing packet header blob > + * @hdr_len: len of packet header > + * @guest_address: system physical address of guest memory region > + * @guest_len: len of guest memory region > + * @trans_address: system physical address of transport buffer > + * @trans_len: len of transport buffer > + */ > +struct sev_data_receive_update_data { > + u32 handle; /* In */ > + u32 reserved1; > + u64 hdr_address; /* In */ > + u32 hdr_len; /* In */ > + u32 reserved2; > + u64 guest_address; /* In */ > + u32 guest_len; /* In */ > + u32 reserved3; > + u64 trans_address; /* In */ > + u32 trans_len; /* In */ > +} __packed; > + > +/** > + * struct sev_data_receive_update_vmsa - RECEIVE_UPDATE_VMSA command parameters > + * > + * @handle: handle of the VM to update > + * @hdr_address: physical address containing packet header blob > + * @hdr_len: len of packet header > + * @guest_address: system physical address of guest memory region > + * @guest_len: len of guest memory region > + * @trans_address: system physical address of transport buffer > + * @trans_len: len of transport buffer > + */ > +struct sev_data_receive_update_vmsa { > + u32 handle; /* In */ > + u32 reserved1; > + u64 hdr_address; /* In */ > + u32 hdr_len; /* In */ > + u32 reserved2; > + u64 guest_address; /* In */ > + u32 guest_len; /* In */ > + u32 reserved3; > + u64 trans_address; /* In */ > + u32 trans_len; /* In */ > +} __packed; > + > +/** > + * struct sev_data_receive_finish - RECEIVE_FINISH command parameters > + * > + * @handle: handle of the VM to finish > + */ > +struct sev_data_receive_finish { > + u32 handle; /* In */ > +} __packed; > + > +/** > + * struct sev_data_dbg - DBG_ENCRYPT/DBG_DECRYPT command parameters > + * > + * @handle: handle of the VM to perform debug operation > + * @src_addr: source address of data to operate on > + * @dst_addr: destination address of data to operate on > + * @len: len of data to operate on > + */ > +struct sev_data_dbg { > + u32 handle; /* In */ > + u32 reserved; > + u64 src_addr; /* In */ > + u64 dst_addr; /* In */ > + u32 len; /* In */ > +} __packed; > + > +#endif /* __PSP_SEV_H__ */ >