xref: /openbmc/qemu/include/hw/virtio/virtio-nsm.h (revision d36f165d)
1 /*
2  * AWS Nitro Secure Module (NSM) device
3  *
4  * Copyright (c) 2024 Dorjoy Chowdhury <dorjoychy111@gmail.com>
5  *
6  * This work is licensed under the terms of the GNU GPL, version 2 or
7  * (at your option) any later version.  See the COPYING file in the
8  * top-level directory.
9  */
10 
11 #ifndef QEMU_VIRTIO_NSM_H
12 #define QEMU_VIRTIO_NSM_H
13 
14 #include "crypto/hash.h"
15 #include "hw/virtio/virtio.h"
16 #include "qom/object.h"
17 
18 #define NSM_MAX_PCRS 32
19 
20 #define TYPE_VIRTIO_NSM "virtio-nsm-device"
21 OBJECT_DECLARE_SIMPLE_TYPE(VirtIONSM, VIRTIO_NSM)
22 #define VIRTIO_NSM_GET_PARENT_CLASS(obj) \
23     OBJECT_GET_PARENT_CLASS(obj, TYPE_VIRTIO_NSM)
24 
25 struct PCRInfo {
26     bool locked;
27     uint8_t data[QCRYPTO_HASH_DIGEST_LEN_SHA384];
28 };
29 
30 struct VirtIONSM {
31     VirtIODevice parent_obj;
32 
33     /* Only one vq - guest puts request and response buffers on it */
34     VirtQueue *vq;
35 
36     /* NSM State */
37     uint16_t max_pcrs;
38     struct PCRInfo pcrs[NSM_MAX_PCRS];
39     char *digest;
40     char *module_id;
41     uint8_t version_major;
42     uint8_t version_minor;
43     uint8_t version_patch;
44 
45     bool (*extend_pcr)(VirtIONSM *vnsm, int ind, uint8_t *data, uint16_t len);
46     void (*lock_pcr)(VirtIONSM *vnsm, int ind);
47 };
48 
49 #endif
50