| 1 | /* SPDX-License-Identifier: GPL-2.0-only WITH Linux-syscall-note */ |
|---|
| 2 | /* |
|---|
| 3 | * Userspace interface for AMD SEV and SNP guest driver. |
|---|
| 4 | * |
|---|
| 5 | * Copyright (C) 2021 Advanced Micro Devices, Inc. |
|---|
| 6 | * |
|---|
| 7 | * Author: Brijesh Singh <brijesh.singh@amd.com> |
|---|
| 8 | * |
|---|
| 9 | * SEV API specification is available at: https://developer.amd.com/sev/ |
|---|
| 10 | */ |
|---|
| 11 | |
|---|
| 12 | #ifndef __UAPI_LINUX_SEV_GUEST_H_ |
|---|
| 13 | #define __UAPI_LINUX_SEV_GUEST_H_ |
|---|
| 14 | |
|---|
| 15 | #include <linux/types.h> |
|---|
| 16 | |
|---|
| 17 | #define SNP_REPORT_USER_DATA_SIZE 64 |
|---|
| 18 | |
|---|
| 19 | struct snp_report_req { |
|---|
| 20 | /* user data that should be included in the report */ |
|---|
| 21 | __u8 user_data[SNP_REPORT_USER_DATA_SIZE]; |
|---|
| 22 | |
|---|
| 23 | /* The vmpl level to be included in the report */ |
|---|
| 24 | __u32 vmpl; |
|---|
| 25 | |
|---|
| 26 | /* Must be zero filled */ |
|---|
| 27 | __u8 rsvd[28]; |
|---|
| 28 | }; |
|---|
| 29 | |
|---|
| 30 | struct snp_report_resp { |
|---|
| 31 | /* response data, see SEV-SNP spec for the format */ |
|---|
| 32 | __u8 data[4000]; |
|---|
| 33 | }; |
|---|
| 34 | |
|---|
| 35 | struct snp_derived_key_req { |
|---|
| 36 | __u32 root_key_select; |
|---|
| 37 | __u32 rsvd; |
|---|
| 38 | __u64 guest_field_select; |
|---|
| 39 | __u32 vmpl; |
|---|
| 40 | __u32 guest_svn; |
|---|
| 41 | __u64 tcb_version; |
|---|
| 42 | }; |
|---|
| 43 | |
|---|
| 44 | struct snp_derived_key_resp { |
|---|
| 45 | /* response data, see SEV-SNP spec for the format */ |
|---|
| 46 | __u8 data[64]; |
|---|
| 47 | }; |
|---|
| 48 | |
|---|
| 49 | struct snp_guest_request_ioctl { |
|---|
| 50 | /* message version number (must be non-zero) */ |
|---|
| 51 | __u8 msg_version; |
|---|
| 52 | |
|---|
| 53 | /* Request and response structure address */ |
|---|
| 54 | __u64 req_data; |
|---|
| 55 | __u64 resp_data; |
|---|
| 56 | |
|---|
| 57 | /* bits[63:32]: VMM error code, bits[31:0] firmware error code (see psp-sev.h) */ |
|---|
| 58 | union { |
|---|
| 59 | __u64 exitinfo2; |
|---|
| 60 | struct { |
|---|
| 61 | __u32 fw_error; |
|---|
| 62 | __u32 vmm_error; |
|---|
| 63 | }; |
|---|
| 64 | }; |
|---|
| 65 | }; |
|---|
| 66 | |
|---|
| 67 | struct snp_ext_report_req { |
|---|
| 68 | struct snp_report_req data; |
|---|
| 69 | |
|---|
| 70 | /* where to copy the certificate blob */ |
|---|
| 71 | __u64 certs_address; |
|---|
| 72 | |
|---|
| 73 | /* length of the certificate blob */ |
|---|
| 74 | __u32 certs_len; |
|---|
| 75 | }; |
|---|
| 76 | |
|---|
| 77 | #define SNP_GUEST_REQ_IOC_TYPE 'S' |
|---|
| 78 | |
|---|
| 79 | /* Get SNP attestation report */ |
|---|
| 80 | #define SNP_GET_REPORT _IOWR(SNP_GUEST_REQ_IOC_TYPE, 0x0, struct snp_guest_request_ioctl) |
|---|
| 81 | |
|---|
| 82 | /* Get a derived key from the root */ |
|---|
| 83 | #define SNP_GET_DERIVED_KEY _IOWR(SNP_GUEST_REQ_IOC_TYPE, 0x1, struct snp_guest_request_ioctl) |
|---|
| 84 | |
|---|
| 85 | /* Get SNP extended report as defined in the GHCB specification version 2. */ |
|---|
| 86 | #define SNP_GET_EXT_REPORT _IOWR(SNP_GUEST_REQ_IOC_TYPE, 0x2, struct snp_guest_request_ioctl) |
|---|
| 87 | |
|---|
| 88 | /* Guest message request EXIT_INFO_2 constants */ |
|---|
| 89 | #define SNP_GUEST_FW_ERR_MASK GENMASK_ULL(31, 0) |
|---|
| 90 | #define SNP_GUEST_VMM_ERR_SHIFT 32 |
|---|
| 91 | #define SNP_GUEST_VMM_ERR(x) (((u64)x) << SNP_GUEST_VMM_ERR_SHIFT) |
|---|
| 92 | |
|---|
| 93 | #define SNP_GUEST_VMM_ERR_INVALID_LEN 1 |
|---|
| 94 | #define SNP_GUEST_VMM_ERR_BUSY 2 |
|---|
| 95 | |
|---|
| 96 | #endif /* __UAPI_LINUX_SEV_GUEST_H_ */ |
|---|
| 97 | |
|---|
