Commit | Line | Data |
---|---|---|
d2912cb1 | 1 | /* SPDX-License-Identifier: GPL-2.0-only */ |
592d5e74 BS |
2 | /* |
3 | * AMD Secure Encrypted Virtualization (SEV) driver interface | |
4 | * | |
5 | * Copyright (C) 2016-2017 Advanced Micro Devices, Inc. | |
6 | * | |
7 | * Author: Brijesh Singh <brijesh.singh@amd.com> | |
8 | * | |
d6112ea0 | 9 | * SEV API spec is available at https://developer.amd.com/sev |
592d5e74 BS |
10 | */ |
11 | ||
12 | #ifndef __PSP_SEV_H__ | |
13 | #define __PSP_SEV_H__ | |
14 | ||
15 | #include <uapi/linux/psp-sev.h> | |
16 | ||
17 | #ifdef CONFIG_X86 | |
18 | #include <linux/mem_encrypt.h> | |
19 | ||
20 | #define __psp_pa(x) __sme_pa(x) | |
21 | #else | |
22 | #define __psp_pa(x) __pa(x) | |
23 | #endif | |
24 | ||
25 | #define SEV_FW_BLOB_MAX_SIZE 0x4000 /* 16KB */ | |
26 | ||
27 | /** | |
28 | * SEV platform state | |
29 | */ | |
30 | enum sev_state { | |
31 | SEV_STATE_UNINIT = 0x0, | |
32 | SEV_STATE_INIT = 0x1, | |
33 | SEV_STATE_WORKING = 0x2, | |
34 | ||
35 | SEV_STATE_MAX | |
36 | }; | |
37 | ||
38 | /** | |
39 | * SEV platform and guest management commands | |
40 | */ | |
41 | enum sev_cmd { | |
42 | /* platform commands */ | |
43 | SEV_CMD_INIT = 0x001, | |
44 | SEV_CMD_SHUTDOWN = 0x002, | |
45 | SEV_CMD_FACTORY_RESET = 0x003, | |
46 | SEV_CMD_PLATFORM_STATUS = 0x004, | |
47 | SEV_CMD_PEK_GEN = 0x005, | |
48 | SEV_CMD_PEK_CSR = 0x006, | |
49 | SEV_CMD_PEK_CERT_IMPORT = 0x007, | |
50 | SEV_CMD_PDH_CERT_EXPORT = 0x008, | |
51 | SEV_CMD_PDH_GEN = 0x009, | |
52 | SEV_CMD_DF_FLUSH = 0x00A, | |
edd303ff | 53 | SEV_CMD_DOWNLOAD_FIRMWARE = 0x00B, |
0b3a830b | 54 | SEV_CMD_GET_ID = 0x00C, |
3d725965 | 55 | SEV_CMD_INIT_EX = 0x00D, |
592d5e74 BS |
56 | |
57 | /* Guest commands */ | |
58 | SEV_CMD_DECOMMISSION = 0x020, | |
59 | SEV_CMD_ACTIVATE = 0x021, | |
60 | SEV_CMD_DEACTIVATE = 0x022, | |
61 | SEV_CMD_GUEST_STATUS = 0x023, | |
62 | ||
63 | /* Guest launch commands */ | |
64 | SEV_CMD_LAUNCH_START = 0x030, | |
65 | SEV_CMD_LAUNCH_UPDATE_DATA = 0x031, | |
66 | SEV_CMD_LAUNCH_UPDATE_VMSA = 0x032, | |
67 | SEV_CMD_LAUNCH_MEASURE = 0x033, | |
68 | SEV_CMD_LAUNCH_UPDATE_SECRET = 0x034, | |
69 | SEV_CMD_LAUNCH_FINISH = 0x035, | |
2c07ded0 | 70 | SEV_CMD_ATTESTATION_REPORT = 0x036, |
592d5e74 BS |
71 | |
72 | /* Guest migration commands (outgoing) */ | |
73 | SEV_CMD_SEND_START = 0x040, | |
74 | SEV_CMD_SEND_UPDATE_DATA = 0x041, | |
75 | SEV_CMD_SEND_UPDATE_VMSA = 0x042, | |
76 | SEV_CMD_SEND_FINISH = 0x043, | |
5569e2e7 | 77 | SEV_CMD_SEND_CANCEL = 0x044, |
592d5e74 BS |
78 | |
79 | /* Guest migration commands (incoming) */ | |
80 | SEV_CMD_RECEIVE_START = 0x050, | |
81 | SEV_CMD_RECEIVE_UPDATE_DATA = 0x051, | |
82 | SEV_CMD_RECEIVE_UPDATE_VMSA = 0x052, | |
83 | SEV_CMD_RECEIVE_FINISH = 0x053, | |
84 | ||
85 | /* Guest debug commands */ | |
86 | SEV_CMD_DBG_DECRYPT = 0x060, | |
87 | SEV_CMD_DBG_ENCRYPT = 0x061, | |
88 | ||
89 | SEV_CMD_MAX, | |
90 | }; | |
91 | ||
92 | /** | |
93 | * struct sev_data_init - INIT command parameters | |
94 | * | |
95 | * @flags: processing flags | |
96 | * @tmr_address: system physical address used for SEV-ES | |
97 | * @tmr_len: len of tmr_address | |
98 | */ | |
99 | struct sev_data_init { | |
100 | u32 flags; /* In */ | |
101 | u32 reserved; /* In */ | |
102 | u64 tmr_address; /* In */ | |
103 | u32 tmr_len; /* In */ | |
104 | } __packed; | |
105 | ||
3d725965 DR |
106 | /** |
107 | * struct sev_data_init_ex - INIT_EX command parameters | |
108 | * | |
109 | * @length: len of the command buffer read by the PSP | |
110 | * @flags: processing flags | |
111 | * @tmr_address: system physical address used for SEV-ES | |
112 | * @tmr_len: len of tmr_address | |
113 | * @nv_address: system physical address used for PSP NV storage | |
114 | * @nv_len: len of nv_address | |
115 | */ | |
116 | struct sev_data_init_ex { | |
117 | u32 length; /* In */ | |
118 | u32 flags; /* In */ | |
119 | u64 tmr_address; /* In */ | |
120 | u32 tmr_len; /* In */ | |
121 | u32 reserved; /* In */ | |
122 | u64 nv_address; /* In/Out */ | |
123 | u32 nv_len; /* In */ | |
124 | } __packed; | |
125 | ||
97f9ac3d TL |
126 | #define SEV_INIT_FLAGS_SEV_ES 0x01 |
127 | ||
592d5e74 BS |
128 | /** |
129 | * struct sev_data_pek_csr - PEK_CSR command parameters | |
130 | * | |
131 | * @address: PEK certificate chain | |
132 | * @len: len of certificate | |
133 | */ | |
134 | struct sev_data_pek_csr { | |
135 | u64 address; /* In */ | |
136 | u32 len; /* In/Out */ | |
137 | } __packed; | |
138 | ||
139 | /** | |
140 | * struct sev_data_cert_import - PEK_CERT_IMPORT command parameters | |
141 | * | |
142 | * @pek_address: PEK certificate chain | |
143 | * @pek_len: len of PEK certificate | |
144 | * @oca_address: OCA certificate chain | |
145 | * @oca_len: len of OCA certificate | |
146 | */ | |
147 | struct sev_data_pek_cert_import { | |
148 | u64 pek_cert_address; /* In */ | |
149 | u32 pek_cert_len; /* In */ | |
150 | u32 reserved; /* In */ | |
151 | u64 oca_cert_address; /* In */ | |
152 | u32 oca_cert_len; /* In */ | |
153 | } __packed; | |
154 | ||
edd303ff JN |
155 | /** |
156 | * struct sev_data_download_firmware - DOWNLOAD_FIRMWARE command parameters | |
157 | * | |
158 | * @address: physical address of firmware image | |
159 | * @len: len of the firmware image | |
160 | */ | |
161 | struct sev_data_download_firmware { | |
162 | u64 address; /* In */ | |
163 | u32 len; /* In */ | |
164 | } __packed; | |
165 | ||
0b3a830b JN |
166 | /** |
167 | * struct sev_data_get_id - GET_ID command parameters | |
168 | * | |
169 | * @address: physical address of region to place unique CPU ID(s) | |
170 | * @len: len of the region | |
171 | */ | |
172 | struct sev_data_get_id { | |
173 | u64 address; /* In */ | |
174 | u32 len; /* In/Out */ | |
175 | } __packed; | |
592d5e74 BS |
176 | /** |
177 | * struct sev_data_pdh_cert_export - PDH_CERT_EXPORT command parameters | |
178 | * | |
179 | * @pdh_address: PDH certificate address | |
180 | * @pdh_len: len of PDH certificate | |
181 | * @cert_chain_address: PDH certificate chain | |
182 | * @cert_chain_len: len of PDH certificate chain | |
183 | */ | |
184 | struct sev_data_pdh_cert_export { | |
185 | u64 pdh_cert_address; /* In */ | |
186 | u32 pdh_cert_len; /* In/Out */ | |
187 | u32 reserved; /* In */ | |
188 | u64 cert_chain_address; /* In */ | |
189 | u32 cert_chain_len; /* In/Out */ | |
190 | } __packed; | |
191 | ||
192 | /** | |
193 | * struct sev_data_decommission - DECOMMISSION command parameters | |
194 | * | |
195 | * @handle: handle of the VM to decommission | |
196 | */ | |
197 | struct sev_data_decommission { | |
198 | u32 handle; /* In */ | |
199 | } __packed; | |
200 | ||
201 | /** | |
202 | * struct sev_data_activate - ACTIVATE command parameters | |
203 | * | |
204 | * @handle: handle of the VM to activate | |
205 | * @asid: asid assigned to the VM | |
206 | */ | |
207 | struct sev_data_activate { | |
208 | u32 handle; /* In */ | |
209 | u32 asid; /* In */ | |
210 | } __packed; | |
211 | ||
212 | /** | |
213 | * struct sev_data_deactivate - DEACTIVATE command parameters | |
214 | * | |
215 | * @handle: handle of the VM to deactivate | |
216 | */ | |
217 | struct sev_data_deactivate { | |
218 | u32 handle; /* In */ | |
219 | } __packed; | |
220 | ||
221 | /** | |
222 | * struct sev_data_guest_status - SEV GUEST_STATUS command parameters | |
223 | * | |
224 | * @handle: handle of the VM to retrieve status | |
225 | * @policy: policy information for the VM | |
226 | * @asid: current ASID of the VM | |
227 | * @state: current state of the VM | |
228 | */ | |
229 | struct sev_data_guest_status { | |
230 | u32 handle; /* In */ | |
231 | u32 policy; /* Out */ | |
232 | u32 asid; /* Out */ | |
233 | u8 state; /* Out */ | |
234 | } __packed; | |
235 | ||
236 | /** | |
237 | * struct sev_data_launch_start - LAUNCH_START command parameters | |
238 | * | |
239 | * @handle: handle assigned to the VM | |
240 | * @policy: guest launch policy | |
241 | * @dh_cert_address: physical address of DH certificate blob | |
242 | * @dh_cert_len: len of DH certificate blob | |
243 | * @session_address: physical address of session parameters | |
244 | * @session_len: len of session parameters | |
245 | */ | |
246 | struct sev_data_launch_start { | |
247 | u32 handle; /* In/Out */ | |
248 | u32 policy; /* In */ | |
249 | u64 dh_cert_address; /* In */ | |
250 | u32 dh_cert_len; /* In */ | |
251 | u32 reserved; /* In */ | |
252 | u64 session_address; /* In */ | |
253 | u32 session_len; /* In */ | |
254 | } __packed; | |
255 | ||
256 | /** | |
257 | * struct sev_data_launch_update_data - LAUNCH_UPDATE_DATA command parameter | |
258 | * | |
259 | * @handle: handle of the VM to update | |
260 | * @len: len of memory to be encrypted | |
261 | * @address: physical address of memory region to encrypt | |
262 | */ | |
263 | struct sev_data_launch_update_data { | |
264 | u32 handle; /* In */ | |
265 | u32 reserved; | |
266 | u64 address; /* In */ | |
267 | u32 len; /* In */ | |
268 | } __packed; | |
269 | ||
270 | /** | |
271 | * struct sev_data_launch_update_vmsa - LAUNCH_UPDATE_VMSA command | |
272 | * | |
273 | * @handle: handle of the VM | |
274 | * @address: physical address of memory region to encrypt | |
275 | * @len: len of memory region to encrypt | |
276 | */ | |
277 | struct sev_data_launch_update_vmsa { | |
278 | u32 handle; /* In */ | |
279 | u32 reserved; | |
280 | u64 address; /* In */ | |
281 | u32 len; /* In */ | |
282 | } __packed; | |
283 | ||
284 | /** | |
285 | * struct sev_data_launch_measure - LAUNCH_MEASURE command parameters | |
286 | * | |
287 | * @handle: handle of the VM to process | |
288 | * @address: physical address containing the measurement blob | |
289 | * @len: len of measurement blob | |
290 | */ | |
291 | struct sev_data_launch_measure { | |
292 | u32 handle; /* In */ | |
293 | u32 reserved; | |
294 | u64 address; /* In */ | |
295 | u32 len; /* In/Out */ | |
296 | } __packed; | |
297 | ||
298 | /** | |
299 | * struct sev_data_launch_secret - LAUNCH_SECRET command parameters | |
300 | * | |
301 | * @handle: handle of the VM to process | |
302 | * @hdr_address: physical address containing the packet header | |
303 | * @hdr_len: len of packet header | |
304 | * @guest_address: system physical address of guest memory region | |
305 | * @guest_len: len of guest_paddr | |
306 | * @trans_address: physical address of transport memory buffer | |
307 | * @trans_len: len of transport memory buffer | |
308 | */ | |
309 | struct sev_data_launch_secret { | |
310 | u32 handle; /* In */ | |
311 | u32 reserved1; | |
312 | u64 hdr_address; /* In */ | |
313 | u32 hdr_len; /* In */ | |
314 | u32 reserved2; | |
315 | u64 guest_address; /* In */ | |
316 | u32 guest_len; /* In */ | |
317 | u32 reserved3; | |
318 | u64 trans_address; /* In */ | |
319 | u32 trans_len; /* In */ | |
320 | } __packed; | |
321 | ||
322 | /** | |
323 | * struct sev_data_launch_finish - LAUNCH_FINISH command parameters | |
324 | * | |
325 | * @handle: handle of the VM to process | |
326 | */ | |
327 | struct sev_data_launch_finish { | |
328 | u32 handle; /* In */ | |
329 | } __packed; | |
330 | ||
331 | /** | |
332 | * struct sev_data_send_start - SEND_START command parameters | |
333 | * | |
334 | * @handle: handle of the VM to process | |
335 | * @policy: policy information for the VM | |
336 | * @pdh_cert_address: physical address containing PDH certificate | |
337 | * @pdh_cert_len: len of PDH certificate | |
338 | * @plat_certs_address: physical address containing platform certificate | |
339 | * @plat_certs_len: len of platform certificate | |
340 | * @amd_certs_address: physical address containing AMD certificate | |
341 | * @amd_certs_len: len of AMD certificate | |
342 | * @session_address: physical address containing Session data | |
343 | * @session_len: len of session data | |
344 | */ | |
345 | struct sev_data_send_start { | |
346 | u32 handle; /* In */ | |
347 | u32 policy; /* Out */ | |
348 | u64 pdh_cert_address; /* In */ | |
349 | u32 pdh_cert_len; /* In */ | |
350 | u32 reserved1; | |
4cfdd47d BS |
351 | u64 plat_certs_address; /* In */ |
352 | u32 plat_certs_len; /* In */ | |
592d5e74 | 353 | u32 reserved2; |
4cfdd47d BS |
354 | u64 amd_certs_address; /* In */ |
355 | u32 amd_certs_len; /* In */ | |
592d5e74 BS |
356 | u32 reserved3; |
357 | u64 session_address; /* In */ | |
358 | u32 session_len; /* In/Out */ | |
359 | } __packed; | |
360 | ||
361 | /** | |
362 | * struct sev_data_send_update - SEND_UPDATE_DATA command | |
363 | * | |
364 | * @handle: handle of the VM to process | |
365 | * @hdr_address: physical address containing packet header | |
366 | * @hdr_len: len of packet header | |
367 | * @guest_address: physical address of guest memory region to send | |
368 | * @guest_len: len of guest memory region to send | |
369 | * @trans_address: physical address of host memory region | |
370 | * @trans_len: len of host memory region | |
371 | */ | |
372 | struct sev_data_send_update_data { | |
373 | u32 handle; /* In */ | |
374 | u32 reserved1; | |
375 | u64 hdr_address; /* In */ | |
376 | u32 hdr_len; /* In/Out */ | |
377 | u32 reserved2; | |
378 | u64 guest_address; /* In */ | |
379 | u32 guest_len; /* In */ | |
380 | u32 reserved3; | |
381 | u64 trans_address; /* In */ | |
382 | u32 trans_len; /* In */ | |
383 | } __packed; | |
384 | ||
385 | /** | |
386 | * struct sev_data_send_update - SEND_UPDATE_VMSA command | |
387 | * | |
388 | * @handle: handle of the VM to process | |
389 | * @hdr_address: physical address containing packet header | |
390 | * @hdr_len: len of packet header | |
391 | * @guest_address: physical address of guest memory region to send | |
392 | * @guest_len: len of guest memory region to send | |
393 | * @trans_address: physical address of host memory region | |
394 | * @trans_len: len of host memory region | |
395 | */ | |
396 | struct sev_data_send_update_vmsa { | |
397 | u32 handle; /* In */ | |
398 | u64 hdr_address; /* In */ | |
399 | u32 hdr_len; /* In/Out */ | |
400 | u32 reserved2; | |
401 | u64 guest_address; /* In */ | |
402 | u32 guest_len; /* In */ | |
403 | u32 reserved3; | |
404 | u64 trans_address; /* In */ | |
405 | u32 trans_len; /* In */ | |
406 | } __packed; | |
407 | ||
408 | /** | |
409 | * struct sev_data_send_finish - SEND_FINISH command parameters | |
410 | * | |
411 | * @handle: handle of the VM to process | |
412 | */ | |
413 | struct sev_data_send_finish { | |
414 | u32 handle; /* In */ | |
415 | } __packed; | |
416 | ||
5569e2e7 SR |
417 | /** |
418 | * struct sev_data_send_cancel - SEND_CANCEL command parameters | |
419 | * | |
420 | * @handle: handle of the VM to process | |
421 | */ | |
422 | struct sev_data_send_cancel { | |
423 | u32 handle; /* In */ | |
424 | } __packed; | |
425 | ||
592d5e74 BS |
426 | /** |
427 | * struct sev_data_receive_start - RECEIVE_START command parameters | |
428 | * | |
429 | * @handle: handle of the VM to perform receive operation | |
430 | * @pdh_cert_address: system physical address containing PDH certificate blob | |
431 | * @pdh_cert_len: len of PDH certificate blob | |
432 | * @session_address: system physical address containing session blob | |
433 | * @session_len: len of session blob | |
434 | */ | |
435 | struct sev_data_receive_start { | |
436 | u32 handle; /* In/Out */ | |
437 | u32 policy; /* In */ | |
438 | u64 pdh_cert_address; /* In */ | |
439 | u32 pdh_cert_len; /* In */ | |
440 | u32 reserved1; | |
441 | u64 session_address; /* In */ | |
442 | u32 session_len; /* In */ | |
443 | } __packed; | |
444 | ||
445 | /** | |
446 | * struct sev_data_receive_update_data - RECEIVE_UPDATE_DATA command parameters | |
447 | * | |
448 | * @handle: handle of the VM to update | |
449 | * @hdr_address: physical address containing packet header blob | |
450 | * @hdr_len: len of packet header | |
451 | * @guest_address: system physical address of guest memory region | |
452 | * @guest_len: len of guest memory region | |
453 | * @trans_address: system physical address of transport buffer | |
454 | * @trans_len: len of transport buffer | |
455 | */ | |
456 | struct sev_data_receive_update_data { | |
457 | u32 handle; /* In */ | |
458 | u32 reserved1; | |
459 | u64 hdr_address; /* In */ | |
460 | u32 hdr_len; /* In */ | |
461 | u32 reserved2; | |
462 | u64 guest_address; /* In */ | |
463 | u32 guest_len; /* In */ | |
464 | u32 reserved3; | |
465 | u64 trans_address; /* In */ | |
466 | u32 trans_len; /* In */ | |
467 | } __packed; | |
468 | ||
469 | /** | |
470 | * struct sev_data_receive_update_vmsa - RECEIVE_UPDATE_VMSA command parameters | |
471 | * | |
472 | * @handle: handle of the VM to update | |
473 | * @hdr_address: physical address containing packet header blob | |
474 | * @hdr_len: len of packet header | |
475 | * @guest_address: system physical address of guest memory region | |
476 | * @guest_len: len of guest memory region | |
477 | * @trans_address: system physical address of transport buffer | |
478 | * @trans_len: len of transport buffer | |
479 | */ | |
480 | struct sev_data_receive_update_vmsa { | |
481 | u32 handle; /* In */ | |
482 | u32 reserved1; | |
483 | u64 hdr_address; /* In */ | |
484 | u32 hdr_len; /* In */ | |
485 | u32 reserved2; | |
486 | u64 guest_address; /* In */ | |
487 | u32 guest_len; /* In */ | |
488 | u32 reserved3; | |
489 | u64 trans_address; /* In */ | |
490 | u32 trans_len; /* In */ | |
491 | } __packed; | |
492 | ||
493 | /** | |
494 | * struct sev_data_receive_finish - RECEIVE_FINISH command parameters | |
495 | * | |
496 | * @handle: handle of the VM to finish | |
497 | */ | |
498 | struct sev_data_receive_finish { | |
499 | u32 handle; /* In */ | |
500 | } __packed; | |
501 | ||
502 | /** | |
503 | * struct sev_data_dbg - DBG_ENCRYPT/DBG_DECRYPT command parameters | |
504 | * | |
505 | * @handle: handle of the VM to perform debug operation | |
506 | * @src_addr: source address of data to operate on | |
507 | * @dst_addr: destination address of data to operate on | |
508 | * @len: len of data to operate on | |
509 | */ | |
510 | struct sev_data_dbg { | |
511 | u32 handle; /* In */ | |
512 | u32 reserved; | |
513 | u64 src_addr; /* In */ | |
514 | u64 dst_addr; /* In */ | |
515 | u32 len; /* In */ | |
516 | } __packed; | |
517 | ||
2c07ded0 BS |
518 | /** |
519 | * struct sev_data_attestation_report - SEV_ATTESTATION_REPORT command parameters | |
520 | * | |
521 | * @handle: handle of the VM | |
522 | * @mnonce: a random nonce that will be included in the report. | |
523 | * @address: physical address where the report will be copied. | |
524 | * @len: length of the physical buffer. | |
525 | */ | |
526 | struct sev_data_attestation_report { | |
527 | u32 handle; /* In */ | |
528 | u32 reserved; | |
529 | u64 address; /* In */ | |
530 | u8 mnonce[16]; /* In */ | |
531 | u32 len; /* In/Out */ | |
532 | } __packed; | |
533 | ||
200664d5 BS |
534 | #ifdef CONFIG_CRYPTO_DEV_SP_PSP |
535 | ||
536 | /** | |
537 | * sev_platform_init - perform SEV INIT command | |
538 | * | |
539 | * @error: SEV command return code | |
540 | * | |
541 | * Returns: | |
542 | * 0 if the SEV successfully processed the command | |
543 | * -%ENODEV if the SEV device is not available | |
544 | * -%ENOTSUPP if the SEV does not support SEV | |
545 | * -%ETIMEDOUT if the SEV command timed out | |
546 | * -%EIO if the SEV returned a non-zero return code | |
547 | */ | |
548 | int sev_platform_init(int *error); | |
549 | ||
550 | /** | |
551 | * sev_platform_status - perform SEV PLATFORM_STATUS command | |
552 | * | |
553 | * @status: sev_user_data_status structure to be processed | |
554 | * @error: SEV command return code | |
555 | * | |
556 | * Returns: | |
557 | * 0 if the SEV successfully processed the command | |
558 | * -%ENODEV if the SEV device is not available | |
559 | * -%ENOTSUPP if the SEV does not support SEV | |
560 | * -%ETIMEDOUT if the SEV command timed out | |
561 | * -%EIO if the SEV returned a non-zero return code | |
562 | */ | |
563 | int sev_platform_status(struct sev_user_data_status *status, int *error); | |
564 | ||
565 | /** | |
566 | * sev_issue_cmd_external_user - issue SEV command by other driver with a file | |
567 | * handle. | |
568 | * | |
569 | * This function can be used by other drivers to issue a SEV command on | |
570 | * behalf of userspace. The caller must pass a valid SEV file descriptor | |
571 | * so that we know that it has access to SEV device. | |
572 | * | |
573 | * @filep - SEV device file pointer | |
574 | * @cmd - command to issue | |
575 | * @data - command buffer | |
576 | * @error: SEV command return code | |
577 | * | |
578 | * Returns: | |
579 | * 0 if the SEV successfully processed the command | |
580 | * -%ENODEV if the SEV device is not available | |
581 | * -%ENOTSUPP if the SEV does not support SEV | |
582 | * -%ETIMEDOUT if the SEV command timed out | |
583 | * -%EIO if the SEV returned a non-zero return code | |
584 | * -%EINVAL if the SEV file descriptor is not valid | |
585 | */ | |
586 | int sev_issue_cmd_external_user(struct file *filep, unsigned int id, | |
587 | void *data, int *error); | |
588 | ||
589 | /** | |
590 | * sev_guest_deactivate - perform SEV DEACTIVATE command | |
591 | * | |
592 | * @deactivate: sev_data_deactivate structure to be processed | |
593 | * @sev_ret: sev command return code | |
594 | * | |
595 | * Returns: | |
596 | * 0 if the sev successfully processed the command | |
597 | * -%ENODEV if the sev device is not available | |
598 | * -%ENOTSUPP if the sev does not support SEV | |
599 | * -%ETIMEDOUT if the sev command timed out | |
600 | * -%EIO if the sev returned a non-zero return code | |
601 | */ | |
602 | int sev_guest_deactivate(struct sev_data_deactivate *data, int *error); | |
603 | ||
604 | /** | |
605 | * sev_guest_activate - perform SEV ACTIVATE command | |
606 | * | |
607 | * @activate: sev_data_activate structure to be processed | |
608 | * @sev_ret: sev command return code | |
609 | * | |
610 | * Returns: | |
611 | * 0 if the sev successfully processed the command | |
612 | * -%ENODEV if the sev device is not available | |
613 | * -%ENOTSUPP if the sev does not support SEV | |
614 | * -%ETIMEDOUT if the sev command timed out | |
615 | * -%EIO if the sev returned a non-zero return code | |
616 | */ | |
617 | int sev_guest_activate(struct sev_data_activate *data, int *error); | |
618 | ||
619 | /** | |
620 | * sev_guest_df_flush - perform SEV DF_FLUSH command | |
621 | * | |
622 | * @sev_ret: sev command return code | |
623 | * | |
624 | * Returns: | |
625 | * 0 if the sev successfully processed the command | |
626 | * -%ENODEV if the sev device is not available | |
627 | * -%ENOTSUPP if the sev does not support SEV | |
628 | * -%ETIMEDOUT if the sev command timed out | |
629 | * -%EIO if the sev returned a non-zero return code | |
630 | */ | |
631 | int sev_guest_df_flush(int *error); | |
632 | ||
633 | /** | |
634 | * sev_guest_decommission - perform SEV DECOMMISSION command | |
635 | * | |
636 | * @decommission: sev_data_decommission structure to be processed | |
637 | * @sev_ret: sev command return code | |
638 | * | |
639 | * Returns: | |
640 | * 0 if the sev successfully processed the command | |
641 | * -%ENODEV if the sev device is not available | |
642 | * -%ENOTSUPP if the sev does not support SEV | |
643 | * -%ETIMEDOUT if the sev command timed out | |
644 | * -%EIO if the sev returned a non-zero return code | |
645 | */ | |
646 | int sev_guest_decommission(struct sev_data_decommission *data, int *error); | |
647 | ||
376bd28d | 648 | void *psp_copy_user_blob(u64 uaddr, u32 len); |
7360e4b1 | 649 | |
200664d5 BS |
650 | #else /* !CONFIG_CRYPTO_DEV_SP_PSP */ |
651 | ||
652 | static inline int | |
653 | sev_platform_status(struct sev_user_data_status *status, int *error) { return -ENODEV; } | |
654 | ||
655 | static inline int sev_platform_init(int *error) { return -ENODEV; } | |
656 | ||
657 | static inline int | |
658 | sev_guest_deactivate(struct sev_data_deactivate *data, int *error) { return -ENODEV; } | |
659 | ||
660 | static inline int | |
661 | sev_guest_decommission(struct sev_data_decommission *data, int *error) { return -ENODEV; } | |
662 | ||
663 | static inline int | |
664 | sev_guest_activate(struct sev_data_activate *data, int *error) { return -ENODEV; } | |
665 | ||
666 | static inline int sev_guest_df_flush(int *error) { return -ENODEV; } | |
667 | ||
668 | static inline int | |
669 | sev_issue_cmd_external_user(struct file *filep, unsigned int id, void *data, int *error) { return -ENODEV; } | |
670 | ||
7360e4b1 BS |
671 | static inline void *psp_copy_user_blob(u64 __user uaddr, u32 len) { return ERR_PTR(-EINVAL); } |
672 | ||
200664d5 BS |
673 | #endif /* CONFIG_CRYPTO_DEV_SP_PSP */ |
674 | ||
592d5e74 | 675 | #endif /* __PSP_SEV_H__ */ |