1 /* SPDX-License-Identifier: GPL-2.0-only */ 2 /* 3 * AMD Secure Encrypted Virtualization (SEV) driver interface 4 * 5 * Copyright (C) 2016-2017 Advanced Micro Devices, Inc. 6 * 7 * Author: Brijesh Singh <brijesh.singh@amd.com> 8 * 9 * SEV API spec is available at https://developer.amd.com/sev 10 */ 11 12 #ifndef __PSP_SEV_H__ 13 #define __PSP_SEV_H__ 14 15 #include <uapi/linux/psp-sev.h> 16 17 #ifdef CONFIG_X86 18 #include <linux/mem_encrypt.h> 19 20 #define __psp_pa(x) __sme_pa(x) 21 #else 22 #define __psp_pa(x) __pa(x) 23 #endif 24 25 #define SEV_FW_BLOB_MAX_SIZE 0x4000 /* 16KB */ 26 27 /** 28 * SEV platform state 29 */ 30 enum sev_state { 31 SEV_STATE_UNINIT = 0x0, 32 SEV_STATE_INIT = 0x1, 33 SEV_STATE_WORKING = 0x2, 34 35 SEV_STATE_MAX 36 }; 37 38 /** 39 * SEV platform and guest management commands 40 */ 41 enum sev_cmd { 42 /* platform commands */ 43 SEV_CMD_INIT = 0x001, 44 SEV_CMD_SHUTDOWN = 0x002, 45 SEV_CMD_FACTORY_RESET = 0x003, 46 SEV_CMD_PLATFORM_STATUS = 0x004, 47 SEV_CMD_PEK_GEN = 0x005, 48 SEV_CMD_PEK_CSR = 0x006, 49 SEV_CMD_PEK_CERT_IMPORT = 0x007, 50 SEV_CMD_PDH_CERT_EXPORT = 0x008, 51 SEV_CMD_PDH_GEN = 0x009, 52 SEV_CMD_DF_FLUSH = 0x00A, 53 SEV_CMD_DOWNLOAD_FIRMWARE = 0x00B, 54 SEV_CMD_GET_ID = 0x00C, 55 56 /* Guest commands */ 57 SEV_CMD_DECOMMISSION = 0x020, 58 SEV_CMD_ACTIVATE = 0x021, 59 SEV_CMD_DEACTIVATE = 0x022, 60 SEV_CMD_GUEST_STATUS = 0x023, 61 62 /* Guest launch commands */ 63 SEV_CMD_LAUNCH_START = 0x030, 64 SEV_CMD_LAUNCH_UPDATE_DATA = 0x031, 65 SEV_CMD_LAUNCH_UPDATE_VMSA = 0x032, 66 SEV_CMD_LAUNCH_MEASURE = 0x033, 67 SEV_CMD_LAUNCH_UPDATE_SECRET = 0x034, 68 SEV_CMD_LAUNCH_FINISH = 0x035, 69 SEV_CMD_ATTESTATION_REPORT = 0x036, 70 71 /* Guest migration commands (outgoing) */ 72 SEV_CMD_SEND_START = 0x040, 73 SEV_CMD_SEND_UPDATE_DATA = 0x041, 74 SEV_CMD_SEND_UPDATE_VMSA = 0x042, 75 SEV_CMD_SEND_FINISH = 0x043, 76 77 /* Guest migration commands (incoming) */ 78 SEV_CMD_RECEIVE_START = 0x050, 79 SEV_CMD_RECEIVE_UPDATE_DATA = 0x051, 80 SEV_CMD_RECEIVE_UPDATE_VMSA = 0x052, 81 SEV_CMD_RECEIVE_FINISH = 0x053, 82 83 /* Guest debug commands */ 84 SEV_CMD_DBG_DECRYPT = 0x060, 85 SEV_CMD_DBG_ENCRYPT = 0x061, 86 87 SEV_CMD_MAX, 88 }; 89 90 /** 91 * struct sev_data_init - INIT command parameters 92 * 93 * @flags: processing flags 94 * @tmr_address: system physical address used for SEV-ES 95 * @tmr_len: len of tmr_address 96 */ 97 struct sev_data_init { 98 u32 flags; /* In */ 99 u32 reserved; /* In */ 100 u64 tmr_address; /* In */ 101 u32 tmr_len; /* In */ 102 } __packed; 103 104 #define SEV_INIT_FLAGS_SEV_ES 0x01 105 106 /** 107 * struct sev_data_pek_csr - PEK_CSR command parameters 108 * 109 * @address: PEK certificate chain 110 * @len: len of certificate 111 */ 112 struct sev_data_pek_csr { 113 u64 address; /* In */ 114 u32 len; /* In/Out */ 115 } __packed; 116 117 /** 118 * struct sev_data_cert_import - PEK_CERT_IMPORT command parameters 119 * 120 * @pek_address: PEK certificate chain 121 * @pek_len: len of PEK certificate 122 * @oca_address: OCA certificate chain 123 * @oca_len: len of OCA certificate 124 */ 125 struct sev_data_pek_cert_import { 126 u64 pek_cert_address; /* In */ 127 u32 pek_cert_len; /* In */ 128 u32 reserved; /* In */ 129 u64 oca_cert_address; /* In */ 130 u32 oca_cert_len; /* In */ 131 } __packed; 132 133 /** 134 * struct sev_data_download_firmware - DOWNLOAD_FIRMWARE command parameters 135 * 136 * @address: physical address of firmware image 137 * @len: len of the firmware image 138 */ 139 struct sev_data_download_firmware { 140 u64 address; /* In */ 141 u32 len; /* In */ 142 } __packed; 143 144 /** 145 * struct sev_data_get_id - GET_ID command parameters 146 * 147 * @address: physical address of region to place unique CPU ID(s) 148 * @len: len of the region 149 */ 150 struct sev_data_get_id { 151 u64 address; /* In */ 152 u32 len; /* In/Out */ 153 } __packed; 154 /** 155 * struct sev_data_pdh_cert_export - PDH_CERT_EXPORT command parameters 156 * 157 * @pdh_address: PDH certificate address 158 * @pdh_len: len of PDH certificate 159 * @cert_chain_address: PDH certificate chain 160 * @cert_chain_len: len of PDH certificate chain 161 */ 162 struct sev_data_pdh_cert_export { 163 u64 pdh_cert_address; /* In */ 164 u32 pdh_cert_len; /* In/Out */ 165 u32 reserved; /* In */ 166 u64 cert_chain_address; /* In */ 167 u32 cert_chain_len; /* In/Out */ 168 } __packed; 169 170 /** 171 * struct sev_data_decommission - DECOMMISSION command parameters 172 * 173 * @handle: handle of the VM to decommission 174 */ 175 struct sev_data_decommission { 176 u32 handle; /* In */ 177 } __packed; 178 179 /** 180 * struct sev_data_activate - ACTIVATE command parameters 181 * 182 * @handle: handle of the VM to activate 183 * @asid: asid assigned to the VM 184 */ 185 struct sev_data_activate { 186 u32 handle; /* In */ 187 u32 asid; /* In */ 188 } __packed; 189 190 /** 191 * struct sev_data_deactivate - DEACTIVATE command parameters 192 * 193 * @handle: handle of the VM to deactivate 194 */ 195 struct sev_data_deactivate { 196 u32 handle; /* In */ 197 } __packed; 198 199 /** 200 * struct sev_data_guest_status - SEV GUEST_STATUS command parameters 201 * 202 * @handle: handle of the VM to retrieve status 203 * @policy: policy information for the VM 204 * @asid: current ASID of the VM 205 * @state: current state of the VM 206 */ 207 struct sev_data_guest_status { 208 u32 handle; /* In */ 209 u32 policy; /* Out */ 210 u32 asid; /* Out */ 211 u8 state; /* Out */ 212 } __packed; 213 214 /** 215 * struct sev_data_launch_start - LAUNCH_START command parameters 216 * 217 * @handle: handle assigned to the VM 218 * @policy: guest launch policy 219 * @dh_cert_address: physical address of DH certificate blob 220 * @dh_cert_len: len of DH certificate blob 221 * @session_address: physical address of session parameters 222 * @session_len: len of session parameters 223 */ 224 struct sev_data_launch_start { 225 u32 handle; /* In/Out */ 226 u32 policy; /* In */ 227 u64 dh_cert_address; /* In */ 228 u32 dh_cert_len; /* In */ 229 u32 reserved; /* In */ 230 u64 session_address; /* In */ 231 u32 session_len; /* In */ 232 } __packed; 233 234 /** 235 * struct sev_data_launch_update_data - LAUNCH_UPDATE_DATA command parameter 236 * 237 * @handle: handle of the VM to update 238 * @len: len of memory to be encrypted 239 * @address: physical address of memory region to encrypt 240 */ 241 struct sev_data_launch_update_data { 242 u32 handle; /* In */ 243 u32 reserved; 244 u64 address; /* In */ 245 u32 len; /* In */ 246 } __packed; 247 248 /** 249 * struct sev_data_launch_update_vmsa - LAUNCH_UPDATE_VMSA command 250 * 251 * @handle: handle of the VM 252 * @address: physical address of memory region to encrypt 253 * @len: len of memory region to encrypt 254 */ 255 struct sev_data_launch_update_vmsa { 256 u32 handle; /* In */ 257 u32 reserved; 258 u64 address; /* In */ 259 u32 len; /* In */ 260 } __packed; 261 262 /** 263 * struct sev_data_launch_measure - LAUNCH_MEASURE command parameters 264 * 265 * @handle: handle of the VM to process 266 * @address: physical address containing the measurement blob 267 * @len: len of measurement blob 268 */ 269 struct sev_data_launch_measure { 270 u32 handle; /* In */ 271 u32 reserved; 272 u64 address; /* In */ 273 u32 len; /* In/Out */ 274 } __packed; 275 276 /** 277 * struct sev_data_launch_secret - LAUNCH_SECRET command parameters 278 * 279 * @handle: handle of the VM to process 280 * @hdr_address: physical address containing the packet header 281 * @hdr_len: len of packet header 282 * @guest_address: system physical address of guest memory region 283 * @guest_len: len of guest_paddr 284 * @trans_address: physical address of transport memory buffer 285 * @trans_len: len of transport memory buffer 286 */ 287 struct sev_data_launch_secret { 288 u32 handle; /* In */ 289 u32 reserved1; 290 u64 hdr_address; /* In */ 291 u32 hdr_len; /* In */ 292 u32 reserved2; 293 u64 guest_address; /* In */ 294 u32 guest_len; /* In */ 295 u32 reserved3; 296 u64 trans_address; /* In */ 297 u32 trans_len; /* In */ 298 } __packed; 299 300 /** 301 * struct sev_data_launch_finish - LAUNCH_FINISH command parameters 302 * 303 * @handle: handle of the VM to process 304 */ 305 struct sev_data_launch_finish { 306 u32 handle; /* In */ 307 } __packed; 308 309 /** 310 * struct sev_data_send_start - SEND_START command parameters 311 * 312 * @handle: handle of the VM to process 313 * @policy: policy information for the VM 314 * @pdh_cert_address: physical address containing PDH certificate 315 * @pdh_cert_len: len of PDH certificate 316 * @plat_certs_address: physical address containing platform certificate 317 * @plat_certs_len: len of platform certificate 318 * @amd_certs_address: physical address containing AMD certificate 319 * @amd_certs_len: len of AMD certificate 320 * @session_address: physical address containing Session data 321 * @session_len: len of session data 322 */ 323 struct sev_data_send_start { 324 u32 handle; /* In */ 325 u32 policy; /* Out */ 326 u64 pdh_cert_address; /* In */ 327 u32 pdh_cert_len; /* In */ 328 u32 reserved1; 329 u64 plat_cert_address; /* In */ 330 u32 plat_cert_len; /* In */ 331 u32 reserved2; 332 u64 amd_cert_address; /* In */ 333 u32 amd_cert_len; /* In */ 334 u32 reserved3; 335 u64 session_address; /* In */ 336 u32 session_len; /* In/Out */ 337 } __packed; 338 339 /** 340 * struct sev_data_send_update - SEND_UPDATE_DATA command 341 * 342 * @handle: handle of the VM to process 343 * @hdr_address: physical address containing packet header 344 * @hdr_len: len of packet header 345 * @guest_address: physical address of guest memory region to send 346 * @guest_len: len of guest memory region to send 347 * @trans_address: physical address of host memory region 348 * @trans_len: len of host memory region 349 */ 350 struct sev_data_send_update_data { 351 u32 handle; /* In */ 352 u32 reserved1; 353 u64 hdr_address; /* In */ 354 u32 hdr_len; /* In/Out */ 355 u32 reserved2; 356 u64 guest_address; /* In */ 357 u32 guest_len; /* In */ 358 u32 reserved3; 359 u64 trans_address; /* In */ 360 u32 trans_len; /* In */ 361 } __packed; 362 363 /** 364 * struct sev_data_send_update - SEND_UPDATE_VMSA command 365 * 366 * @handle: handle of the VM to process 367 * @hdr_address: physical address containing packet header 368 * @hdr_len: len of packet header 369 * @guest_address: physical address of guest memory region to send 370 * @guest_len: len of guest memory region to send 371 * @trans_address: physical address of host memory region 372 * @trans_len: len of host memory region 373 */ 374 struct sev_data_send_update_vmsa { 375 u32 handle; /* In */ 376 u64 hdr_address; /* In */ 377 u32 hdr_len; /* In/Out */ 378 u32 reserved2; 379 u64 guest_address; /* In */ 380 u32 guest_len; /* In */ 381 u32 reserved3; 382 u64 trans_address; /* In */ 383 u32 trans_len; /* In */ 384 } __packed; 385 386 /** 387 * struct sev_data_send_finish - SEND_FINISH command parameters 388 * 389 * @handle: handle of the VM to process 390 */ 391 struct sev_data_send_finish { 392 u32 handle; /* In */ 393 } __packed; 394 395 /** 396 * struct sev_data_receive_start - RECEIVE_START command parameters 397 * 398 * @handle: handle of the VM to perform receive operation 399 * @pdh_cert_address: system physical address containing PDH certificate blob 400 * @pdh_cert_len: len of PDH certificate blob 401 * @session_address: system physical address containing session blob 402 * @session_len: len of session blob 403 */ 404 struct sev_data_receive_start { 405 u32 handle; /* In/Out */ 406 u32 policy; /* In */ 407 u64 pdh_cert_address; /* In */ 408 u32 pdh_cert_len; /* In */ 409 u32 reserved1; 410 u64 session_address; /* In */ 411 u32 session_len; /* In */ 412 } __packed; 413 414 /** 415 * struct sev_data_receive_update_data - RECEIVE_UPDATE_DATA command parameters 416 * 417 * @handle: handle of the VM to update 418 * @hdr_address: physical address containing packet header blob 419 * @hdr_len: len of packet header 420 * @guest_address: system physical address of guest memory region 421 * @guest_len: len of guest memory region 422 * @trans_address: system physical address of transport buffer 423 * @trans_len: len of transport buffer 424 */ 425 struct sev_data_receive_update_data { 426 u32 handle; /* In */ 427 u32 reserved1; 428 u64 hdr_address; /* In */ 429 u32 hdr_len; /* In */ 430 u32 reserved2; 431 u64 guest_address; /* In */ 432 u32 guest_len; /* In */ 433 u32 reserved3; 434 u64 trans_address; /* In */ 435 u32 trans_len; /* In */ 436 } __packed; 437 438 /** 439 * struct sev_data_receive_update_vmsa - RECEIVE_UPDATE_VMSA command parameters 440 * 441 * @handle: handle of the VM to update 442 * @hdr_address: physical address containing packet header blob 443 * @hdr_len: len of packet header 444 * @guest_address: system physical address of guest memory region 445 * @guest_len: len of guest memory region 446 * @trans_address: system physical address of transport buffer 447 * @trans_len: len of transport buffer 448 */ 449 struct sev_data_receive_update_vmsa { 450 u32 handle; /* In */ 451 u32 reserved1; 452 u64 hdr_address; /* In */ 453 u32 hdr_len; /* In */ 454 u32 reserved2; 455 u64 guest_address; /* In */ 456 u32 guest_len; /* In */ 457 u32 reserved3; 458 u64 trans_address; /* In */ 459 u32 trans_len; /* In */ 460 } __packed; 461 462 /** 463 * struct sev_data_receive_finish - RECEIVE_FINISH command parameters 464 * 465 * @handle: handle of the VM to finish 466 */ 467 struct sev_data_receive_finish { 468 u32 handle; /* In */ 469 } __packed; 470 471 /** 472 * struct sev_data_dbg - DBG_ENCRYPT/DBG_DECRYPT command parameters 473 * 474 * @handle: handle of the VM to perform debug operation 475 * @src_addr: source address of data to operate on 476 * @dst_addr: destination address of data to operate on 477 * @len: len of data to operate on 478 */ 479 struct sev_data_dbg { 480 u32 handle; /* In */ 481 u32 reserved; 482 u64 src_addr; /* In */ 483 u64 dst_addr; /* In */ 484 u32 len; /* In */ 485 } __packed; 486 487 /** 488 * struct sev_data_attestation_report - SEV_ATTESTATION_REPORT command parameters 489 * 490 * @handle: handle of the VM 491 * @mnonce: a random nonce that will be included in the report. 492 * @address: physical address where the report will be copied. 493 * @len: length of the physical buffer. 494 */ 495 struct sev_data_attestation_report { 496 u32 handle; /* In */ 497 u32 reserved; 498 u64 address; /* In */ 499 u8 mnonce[16]; /* In */ 500 u32 len; /* In/Out */ 501 } __packed; 502 503 #ifdef CONFIG_CRYPTO_DEV_SP_PSP 504 505 /** 506 * sev_platform_init - perform SEV INIT command 507 * 508 * @error: SEV command return code 509 * 510 * Returns: 511 * 0 if the SEV successfully processed the command 512 * -%ENODEV if the SEV device is not available 513 * -%ENOTSUPP if the SEV does not support SEV 514 * -%ETIMEDOUT if the SEV command timed out 515 * -%EIO if the SEV returned a non-zero return code 516 */ 517 int sev_platform_init(int *error); 518 519 /** 520 * sev_platform_status - perform SEV PLATFORM_STATUS command 521 * 522 * @status: sev_user_data_status structure to be processed 523 * @error: SEV command return code 524 * 525 * Returns: 526 * 0 if the SEV successfully processed the command 527 * -%ENODEV if the SEV device is not available 528 * -%ENOTSUPP if the SEV does not support SEV 529 * -%ETIMEDOUT if the SEV command timed out 530 * -%EIO if the SEV returned a non-zero return code 531 */ 532 int sev_platform_status(struct sev_user_data_status *status, int *error); 533 534 /** 535 * sev_issue_cmd_external_user - issue SEV command by other driver with a file 536 * handle. 537 * 538 * This function can be used by other drivers to issue a SEV command on 539 * behalf of userspace. The caller must pass a valid SEV file descriptor 540 * so that we know that it has access to SEV device. 541 * 542 * @filep - SEV device file pointer 543 * @cmd - command to issue 544 * @data - command buffer 545 * @error: SEV command return code 546 * 547 * Returns: 548 * 0 if the SEV successfully processed the command 549 * -%ENODEV if the SEV device is not available 550 * -%ENOTSUPP if the SEV does not support SEV 551 * -%ETIMEDOUT if the SEV command timed out 552 * -%EIO if the SEV returned a non-zero return code 553 * -%EINVAL if the SEV file descriptor is not valid 554 */ 555 int sev_issue_cmd_external_user(struct file *filep, unsigned int id, 556 void *data, int *error); 557 558 /** 559 * sev_guest_deactivate - perform SEV DEACTIVATE command 560 * 561 * @deactivate: sev_data_deactivate structure to be processed 562 * @sev_ret: sev command return code 563 * 564 * Returns: 565 * 0 if the sev successfully processed the command 566 * -%ENODEV if the sev device is not available 567 * -%ENOTSUPP if the sev does not support SEV 568 * -%ETIMEDOUT if the sev command timed out 569 * -%EIO if the sev returned a non-zero return code 570 */ 571 int sev_guest_deactivate(struct sev_data_deactivate *data, int *error); 572 573 /** 574 * sev_guest_activate - perform SEV ACTIVATE command 575 * 576 * @activate: sev_data_activate structure to be processed 577 * @sev_ret: sev command return code 578 * 579 * Returns: 580 * 0 if the sev successfully processed the command 581 * -%ENODEV if the sev device is not available 582 * -%ENOTSUPP if the sev does not support SEV 583 * -%ETIMEDOUT if the sev command timed out 584 * -%EIO if the sev returned a non-zero return code 585 */ 586 int sev_guest_activate(struct sev_data_activate *data, int *error); 587 588 /** 589 * sev_guest_df_flush - perform SEV DF_FLUSH command 590 * 591 * @sev_ret: sev command return code 592 * 593 * Returns: 594 * 0 if the sev successfully processed the command 595 * -%ENODEV if the sev device is not available 596 * -%ENOTSUPP if the sev does not support SEV 597 * -%ETIMEDOUT if the sev command timed out 598 * -%EIO if the sev returned a non-zero return code 599 */ 600 int sev_guest_df_flush(int *error); 601 602 /** 603 * sev_guest_decommission - perform SEV DECOMMISSION command 604 * 605 * @decommission: sev_data_decommission structure to be processed 606 * @sev_ret: sev command return code 607 * 608 * Returns: 609 * 0 if the sev successfully processed the command 610 * -%ENODEV if the sev device is not available 611 * -%ENOTSUPP if the sev does not support SEV 612 * -%ETIMEDOUT if the sev command timed out 613 * -%EIO if the sev returned a non-zero return code 614 */ 615 int sev_guest_decommission(struct sev_data_decommission *data, int *error); 616 617 void *psp_copy_user_blob(u64 uaddr, u32 len); 618 619 #else /* !CONFIG_CRYPTO_DEV_SP_PSP */ 620 621 static inline int 622 sev_platform_status(struct sev_user_data_status *status, int *error) { return -ENODEV; } 623 624 static inline int sev_platform_init(int *error) { return -ENODEV; } 625 626 static inline int 627 sev_guest_deactivate(struct sev_data_deactivate *data, int *error) { return -ENODEV; } 628 629 static inline int 630 sev_guest_decommission(struct sev_data_decommission *data, int *error) { return -ENODEV; } 631 632 static inline int 633 sev_guest_activate(struct sev_data_activate *data, int *error) { return -ENODEV; } 634 635 static inline int sev_guest_df_flush(int *error) { return -ENODEV; } 636 637 static inline int 638 sev_issue_cmd_external_user(struct file *filep, unsigned int id, void *data, int *error) { return -ENODEV; } 639 640 static inline void *psp_copy_user_blob(u64 __user uaddr, u32 len) { return ERR_PTR(-EINVAL); } 641 642 #endif /* CONFIG_CRYPTO_DEV_SP_PSP */ 643 644 #endif /* __PSP_SEV_H__ */ 645