1*bb154e3eSDorjoy Chowdhury /* 2*bb154e3eSDorjoy Chowdhury * AWS Nitro Secure Module (NSM) device 3*bb154e3eSDorjoy Chowdhury * 4*bb154e3eSDorjoy Chowdhury * Copyright (c) 2024 Dorjoy Chowdhury <dorjoychy111@gmail.com> 5*bb154e3eSDorjoy Chowdhury * 6*bb154e3eSDorjoy Chowdhury * This work is licensed under the terms of the GNU GPL, version 2 or 7*bb154e3eSDorjoy Chowdhury * (at your option) any later version. See the COPYING file in the 8*bb154e3eSDorjoy Chowdhury * top-level directory. 9*bb154e3eSDorjoy Chowdhury */ 10*bb154e3eSDorjoy Chowdhury 11*bb154e3eSDorjoy Chowdhury #ifndef QEMU_VIRTIO_NSM_H 12*bb154e3eSDorjoy Chowdhury #define QEMU_VIRTIO_NSM_H 13*bb154e3eSDorjoy Chowdhury 14*bb154e3eSDorjoy Chowdhury #include "crypto/hash.h" 15*bb154e3eSDorjoy Chowdhury #include "hw/virtio/virtio.h" 16*bb154e3eSDorjoy Chowdhury #include "qom/object.h" 17*bb154e3eSDorjoy Chowdhury 18*bb154e3eSDorjoy Chowdhury #define NSM_MAX_PCRS 32 19*bb154e3eSDorjoy Chowdhury 20*bb154e3eSDorjoy Chowdhury #define TYPE_VIRTIO_NSM "virtio-nsm-device" 21*bb154e3eSDorjoy Chowdhury OBJECT_DECLARE_SIMPLE_TYPE(VirtIONSM, VIRTIO_NSM) 22*bb154e3eSDorjoy Chowdhury #define VIRTIO_NSM_GET_PARENT_CLASS(obj) \ 23*bb154e3eSDorjoy Chowdhury OBJECT_GET_PARENT_CLASS(obj, TYPE_VIRTIO_NSM) 24*bb154e3eSDorjoy Chowdhury 25*bb154e3eSDorjoy Chowdhury struct PCRInfo { 26*bb154e3eSDorjoy Chowdhury bool locked; 27*bb154e3eSDorjoy Chowdhury uint8_t data[QCRYPTO_HASH_DIGEST_LEN_SHA384]; 28*bb154e3eSDorjoy Chowdhury }; 29*bb154e3eSDorjoy Chowdhury 30*bb154e3eSDorjoy Chowdhury struct VirtIONSM { 31*bb154e3eSDorjoy Chowdhury VirtIODevice parent_obj; 32*bb154e3eSDorjoy Chowdhury 33*bb154e3eSDorjoy Chowdhury /* Only one vq - guest puts request and response buffers on it */ 34*bb154e3eSDorjoy Chowdhury VirtQueue *vq; 35*bb154e3eSDorjoy Chowdhury 36*bb154e3eSDorjoy Chowdhury /* NSM State */ 37*bb154e3eSDorjoy Chowdhury uint16_t max_pcrs; 38*bb154e3eSDorjoy Chowdhury struct PCRInfo pcrs[NSM_MAX_PCRS]; 39*bb154e3eSDorjoy Chowdhury char *digest; 40*bb154e3eSDorjoy Chowdhury char *module_id; 41*bb154e3eSDorjoy Chowdhury uint8_t version_major; 42*bb154e3eSDorjoy Chowdhury uint8_t version_minor; 43*bb154e3eSDorjoy Chowdhury uint8_t version_patch; 44*bb154e3eSDorjoy Chowdhury 45*bb154e3eSDorjoy Chowdhury bool (*extend_pcr)(VirtIONSM *vnsm, int ind, uint8_t *data, uint16_t len); 46*bb154e3eSDorjoy Chowdhury void (*lock_pcr)(VirtIONSM *vnsm, int ind); 47*bb154e3eSDorjoy Chowdhury }; 48*bb154e3eSDorjoy Chowdhury 49*bb154e3eSDorjoy Chowdhury #endif 50