xref: /linux/include/uapi/linux/sev-guest.h (revision ab1c247094e323177a578b38f0325bf79f0317ac) 
1 /* SPDX-License-Identifier: GPL-2.0-only WITH Linux-syscall-note */
2 /*
3  * Userspace interface for AMD SEV and SNP guest driver.
4  *
5  * Copyright (C) 2021 Advanced Micro Devices, Inc.
6  *
7  * Author: Brijesh Singh <brijesh.singh@amd.com>
8  *
9  * SEV API specification is available at: https://developer.amd.com/sev/
10  */
11 
12 #ifndef __UAPI_LINUX_SEV_GUEST_H_
13 #define __UAPI_LINUX_SEV_GUEST_H_
14 
15 #include <linux/types.h>
16 
17 #define SNP_REPORT_USER_DATA_SIZE 64
18 
19 struct snp_report_req {
20 	/* user data that should be included in the report */
21 	__u8 user_data[SNP_REPORT_USER_DATA_SIZE];
22 
23 	/* The vmpl level to be included in the report */
24 	__u32 vmpl;
25 
26 	/* Must be zero filled */
27 	__u8 rsvd[28];
28 };
29 
30 struct snp_report_resp {
31 	/* response data, see SEV-SNP spec for the format */
32 	__u8 data[4000];
33 };
34 
35 struct snp_derived_key_req {
36 	__u32 root_key_select;
37 	__u32 rsvd;
38 	__u64 guest_field_select;
39 	__u32 vmpl;
40 	__u32 guest_svn;
41 	__u64 tcb_version;
42 };
43 
44 struct snp_derived_key_resp {
45 	/* response data, see SEV-SNP spec for the format */
46 	__u8 data[64];
47 };
48 
49 struct snp_guest_request_ioctl {
50 	/* message version number (must be non-zero) */
51 	__u8 msg_version;
52 
53 	/* Request and response structure address */
54 	__u64 req_data;
55 	__u64 resp_data;
56 
57 	/* bits[63:32]: VMM error code, bits[31:0] firmware error code (see psp-sev.h) */
58 	union {
59 		__u64 exitinfo2;
60 		struct {
61 			__u32 fw_error;
62 			__u32 vmm_error;
63 		};
64 	};
65 };
66 
67 struct snp_ext_report_req {
68 	struct snp_report_req data;
69 
70 	/* where to copy the certificate blob */
71 	__u64 certs_address;
72 
73 	/* length of the certificate blob */
74 	__u32 certs_len;
75 };
76 
77 #define SNP_GUEST_REQ_IOC_TYPE	'S'
78 
79 /* Get SNP attestation report */
80 #define SNP_GET_REPORT _IOWR(SNP_GUEST_REQ_IOC_TYPE, 0x0, struct snp_guest_request_ioctl)
81 
82 /* Get a derived key from the root */
83 #define SNP_GET_DERIVED_KEY _IOWR(SNP_GUEST_REQ_IOC_TYPE, 0x1, struct snp_guest_request_ioctl)
84 
85 /* Get SNP extended report as defined in the GHCB specification version 2. */
86 #define SNP_GET_EXT_REPORT _IOWR(SNP_GUEST_REQ_IOC_TYPE, 0x2, struct snp_guest_request_ioctl)
87 
88 /* Guest message request EXIT_INFO_2 constants */
89 #define SNP_GUEST_FW_ERR_MASK		GENMASK_ULL(31, 0)
90 #define SNP_GUEST_VMM_ERR_SHIFT		32
91 #define SNP_GUEST_VMM_ERR(x)		(((u64)x) << SNP_GUEST_VMM_ERR_SHIFT)
92 
93 #define SNP_GUEST_VMM_ERR_INVALID_LEN	1
94 #define SNP_GUEST_VMM_ERR_BUSY		2
95 
96 #endif /* __UAPI_LINUX_SEV_GUEST_H_ */
97