logo

oasis-root

Compiled tree of Oasis Linux based on own branch at <https://hacktivis.me/git/oasis/> git clone https://anongit.hacktivis.me/git/oasis-root.git

sev-guest.h (2526B)

    

  1. /* SPDX-License-Identifier: GPL-2.0-only WITH Linux-syscall-note */
  2. /*
  3.  * Userspace interface for AMD SEV and SNP guest driver.
  4.  *
  5.  * Copyright (C) 2021 Advanced Micro Devices, Inc.
  6.  *
  7.  * Author: Brijesh Singh <brijesh.singh@amd.com>
  8.  *
  9.  * SEV API specification is available at: https://developer.amd.com/sev/
  10.  */
  12. #ifndef __UAPI_LINUX_SEV_GUEST_H_
  13. #define __UAPI_LINUX_SEV_GUEST_H_
  15. #include <linux/types.h>
  17. #define SNP_REPORT_USER_DATA_SIZE 64
  19. struct snp_report_req {
  20. 	/* user data that should be included in the report */
  21. 	__u8 user_data[SNP_REPORT_USER_DATA_SIZE];
  23. 	/* The vmpl level to be included in the report */
  24. 	__u32 vmpl;
  26. 	/* Must be zero filled */
  27. 	__u8 rsvd[28];
  28. };
  30. struct snp_report_resp {
  31. 	/* response data, see SEV-SNP spec for the format */
  32. 	__u8 data[4000];
  33. };
  35. struct snp_derived_key_req {
  36. 	__u32 root_key_select;
  37. 	__u32 rsvd;
  38. 	__u64 guest_field_select;
  39. 	__u32 vmpl;
  40. 	__u32 guest_svn;
  41. 	__u64 tcb_version;
  42. };
  44. struct snp_derived_key_resp {
  45. 	/* response data, see SEV-SNP spec for the format */
  46. 	__u8 data[64];
  47. };
  49. struct snp_guest_request_ioctl {
  50. 	/* message version number (must be non-zero) */
  51. 	__u8 msg_version;
  53. 	/* Request and response structure address */
  54. 	__u64 req_data;
  55. 	__u64 resp_data;
  57. 	/* bits[63:32]: VMM error code, bits[31:0] firmware error code (see psp-sev.h) */
  58. 	union {
  59. 		__u64 exitinfo2;
  60. 		struct {
  61. 			__u32 fw_error;
  62. 			__u32 vmm_error;
  63. 		};
  64. 	};
  65. };
  67. struct snp_ext_report_req {
  68. 	struct snp_report_req data;
  70. 	/* where to copy the certificate blob */
  71. 	__u64 certs_address;
  73. 	/* length of the certificate blob */
  74. 	__u32 certs_len;
  75. };
  77. #define SNP_GUEST_REQ_IOC_TYPE	'S'
  79. /* Get SNP attestation report */
  80. #define SNP_GET_REPORT _IOWR(SNP_GUEST_REQ_IOC_TYPE, 0x0, struct snp_guest_request_ioctl)
  82. /* Get a derived key from the root */
  83. #define SNP_GET_DERIVED_KEY _IOWR(SNP_GUEST_REQ_IOC_TYPE, 0x1, struct snp_guest_request_ioctl)
  85. /* Get SNP extended report as defined in the GHCB specification version 2. */
  86. #define SNP_GET_EXT_REPORT _IOWR(SNP_GUEST_REQ_IOC_TYPE, 0x2, struct snp_guest_request_ioctl)
  88. /* Guest message request EXIT_INFO_2 constants */
  89. #define SNP_GUEST_FW_ERR_MASK		GENMASK_ULL(31, 0)
  90. #define SNP_GUEST_VMM_ERR_SHIFT		32
  91. #define SNP_GUEST_VMM_ERR(x)		(((u64)x) << SNP_GUEST_VMM_ERR_SHIFT)
  92. #define SNP_GUEST_FW_ERR(x)		((x) & SNP_GUEST_FW_ERR_MASK)
  93. #define SNP_GUEST_ERR(vmm_err, fw_err)	(SNP_GUEST_VMM_ERR(vmm_err) | \
  94. 					 SNP_GUEST_FW_ERR(fw_err))
  96. #define SNP_GUEST_VMM_ERR_INVALID_LEN	1
  97. #define SNP_GUEST_VMM_ERR_BUSY		2
  99. #endif /* __UAPI_LINUX_SEV_GUEST_H_ */