1 | /* SPDX-License-Identifier: GPL-2.0-only */ |
2 | /* |
3 | * Confidential Computing Platform Capability checks |
4 | * |
5 | * Copyright (C) 2021 Advanced Micro Devices, Inc. |
6 | * |
7 | * Author: Tom Lendacky <thomas.lendacky@amd.com> |
8 | */ |
9 | |
10 | #ifndef _LINUX_CC_PLATFORM_H |
11 | #define _LINUX_CC_PLATFORM_H |
12 | |
13 | #include <linux/types.h> |
14 | #include <linux/stddef.h> |
15 | |
16 | /** |
17 | * enum cc_attr - Confidential computing attributes |
18 | * |
19 | * These attributes represent confidential computing features that are |
20 | * currently active. |
21 | */ |
22 | enum cc_attr { |
23 | /** |
24 | * @CC_ATTR_MEM_ENCRYPT: Memory encryption is active |
25 | * |
26 | * The platform/OS is running with active memory encryption. This |
27 | * includes running either as a bare-metal system or a hypervisor |
28 | * and actively using memory encryption or as a guest/virtual machine |
29 | * and actively using memory encryption. |
30 | * |
31 | * Examples include SME, SEV and SEV-ES. |
32 | */ |
33 | CC_ATTR_MEM_ENCRYPT, |
34 | |
35 | /** |
36 | * @CC_ATTR_HOST_MEM_ENCRYPT: Host memory encryption is active |
37 | * |
38 | * The platform/OS is running as a bare-metal system or a hypervisor |
39 | * and actively using memory encryption. |
40 | * |
41 | * Examples include SME. |
42 | */ |
43 | CC_ATTR_HOST_MEM_ENCRYPT, |
44 | |
45 | /** |
46 | * @CC_ATTR_GUEST_MEM_ENCRYPT: Guest memory encryption is active |
47 | * |
48 | * The platform/OS is running as a guest/virtual machine and actively |
49 | * using memory encryption. |
50 | * |
51 | * Examples include SEV and SEV-ES. |
52 | */ |
53 | CC_ATTR_GUEST_MEM_ENCRYPT, |
54 | |
55 | /** |
56 | * @CC_ATTR_GUEST_STATE_ENCRYPT: Guest state encryption is active |
57 | * |
58 | * The platform/OS is running as a guest/virtual machine and actively |
59 | * using memory encryption and register state encryption. |
60 | * |
61 | * Examples include SEV-ES. |
62 | */ |
63 | CC_ATTR_GUEST_STATE_ENCRYPT, |
64 | |
65 | /** |
66 | * @CC_ATTR_GUEST_UNROLL_STRING_IO: String I/O is implemented with |
67 | * IN/OUT instructions |
68 | * |
69 | * The platform/OS is running as a guest/virtual machine and uses |
70 | * IN/OUT instructions in place of string I/O. |
71 | * |
72 | * Examples include TDX guest & SEV. |
73 | */ |
74 | CC_ATTR_GUEST_UNROLL_STRING_IO, |
75 | |
76 | /** |
77 | * @CC_ATTR_SEV_SNP: Guest SNP is active. |
78 | * |
79 | * The platform/OS is running as a guest/virtual machine and actively |
80 | * using AMD SEV-SNP features. |
81 | */ |
82 | CC_ATTR_GUEST_SEV_SNP, |
83 | |
84 | /** |
85 | * @CC_ATTR_HOTPLUG_DISABLED: Hotplug is not supported or disabled. |
86 | * |
87 | * The platform/OS is running as a guest/virtual machine does not |
88 | * support CPU hotplug feature. |
89 | * |
90 | * Examples include TDX Guest. |
91 | */ |
92 | CC_ATTR_HOTPLUG_DISABLED, |
93 | }; |
94 | |
95 | #ifdef CONFIG_ARCH_HAS_CC_PLATFORM |
96 | |
97 | /** |
98 | * cc_platform_has() - Checks if the specified cc_attr attribute is active |
99 | * @attr: Confidential computing attribute to check |
100 | * |
101 | * The cc_platform_has() function will return an indicator as to whether the |
102 | * specified Confidential Computing attribute is currently active. |
103 | * |
104 | * Context: Any context |
105 | * Return: |
106 | * * TRUE - Specified Confidential Computing attribute is active |
107 | * * FALSE - Specified Confidential Computing attribute is not active |
108 | */ |
109 | bool cc_platform_has(enum cc_attr attr); |
110 | |
111 | #else /* !CONFIG_ARCH_HAS_CC_PLATFORM */ |
112 | |
113 | static inline bool cc_platform_has(enum cc_attr attr) { return false; } |
114 | |
115 | #endif /* CONFIG_ARCH_HAS_CC_PLATFORM */ |
116 | |
117 | #endif /* _LINUX_CC_PLATFORM_H */ |
118 | |