1 /* 2 * AWS Nitro Secure Module (NSM) device 3 * 4 * Copyright (c) 2024 Dorjoy Chowdhury <dorjoychy111@gmail.com> 5 * 6 * This work is licensed under the terms of the GNU GPL, version 2 or 7 * (at your option) any later version. See the COPYING file in the 8 * top-level directory. 9 */ 10 11 #ifndef QEMU_VIRTIO_NSM_H 12 #define QEMU_VIRTIO_NSM_H 13 14 #include "crypto/hash.h" 15 #include "hw/virtio/virtio.h" 16 #include "qom/object.h" 17 18 #define NSM_MAX_PCRS 32 19 20 #define TYPE_VIRTIO_NSM "virtio-nsm-device" 21 OBJECT_DECLARE_SIMPLE_TYPE(VirtIONSM, VIRTIO_NSM) 22 #define VIRTIO_NSM_GET_PARENT_CLASS(obj) \ 23 OBJECT_GET_PARENT_CLASS(obj, TYPE_VIRTIO_NSM) 24 25 struct PCRInfo { 26 bool locked; 27 uint8_t data[QCRYPTO_HASH_DIGEST_LEN_SHA384]; 28 }; 29 30 struct VirtIONSM { 31 VirtIODevice parent_obj; 32 33 /* Only one vq - guest puts request and response buffers on it */ 34 VirtQueue *vq; 35 36 /* NSM State */ 37 uint16_t max_pcrs; 38 struct PCRInfo pcrs[NSM_MAX_PCRS]; 39 char *digest; 40 char *module_id; 41 uint8_t version_major; 42 uint8_t version_minor; 43 uint8_t version_patch; 44 45 bool (*extend_pcr)(VirtIONSM *vnsm, int ind, uint8_t *data, uint16_t len); 46 void (*lock_pcr)(VirtIONSM *vnsm, int ind); 47 }; 48 49 #endif 50