xref: /openbsd/sys/dev/ic/pspvar.h (revision b25bc4b2) 
1 /*	$OpenBSD: pspvar.h,v 1.6 2024/11/05 13:28:35 bluhm Exp $ */
2 
3 /*
4  * Copyright (c) 2023, 2024 Hans-Joerg Hoexer <hshoexer@genua.de>
5  *
6  * Permission to use, copy, modify, and distribute this software for any
7  * purpose with or without fee is hereby granted, provided that the above
8  * copyright notice and this permission notice appear in all copies.
9  *
10  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17  */
18 
19 #include <sys/ioctl.h>
20 
21 /* AMD 17h */
22 #define PSPV1_REG_INTEN		0x10610
23 #define PSPV1_REG_INTSTS	0x10614
24 #define PSPV1_REG_CMDRESP	0x10580
25 #define PSPV1_REG_ADDRLO	0x105e0
26 #define PSPV1_REG_ADDRHI	0x105e4
27 #define PSPV1_REG_CAPABILITIES	0x105fc
28 
29 #define PSP_REG_INTEN		0x10690
30 #define PSP_REG_INTSTS		0x10694
31 #define PSP_REG_CMDRESP		0x10980
32 #define PSP_REG_ADDRLO		0x109e0
33 #define PSP_REG_ADDRHI		0x109e4
34 #define PSP_REG_CAPABILITIES	0x109fc
35 
36 #define PSP_PSTATE_UNINIT	0x0
37 #define PSP_PSTATE_INIT		0x1
38 #define PSP_PSTATE_WORKING	0x2
39 
40 #define PSP_GSTATE_UNINIT	0x0
41 #define PSP_GSTATE_LUPDATE	0x1
42 #define PSP_GSTATE_LSECRET	0x2
43 #define PSP_GSTATE_RUNNING	0x3
44 #define PSP_GSTATE_SUPDATE	0x4
45 #define PSP_GSTATE_RUPDATE	0x5
46 #define PSP_GSTATE_SENT		0x6
47 
48 #define PSP_CAP_SEV					(1 << 0)
49 #define PSP_CAP_TEE					(1 << 1)
50 #define PSP_CAP_DBC_THRU_EXT				(1 << 2)
51 #define PSP_CAP_SECURITY_REPORTING			(1 << 7)
52 #define PSP_CAP_SECURITY_FUSED_PART			(1 << 8)
53 #define PSP_CAP_SECURITY_DEBUG_LOCK_ON			(1 << 10)
54 #define PSP_CAP_SECURITY_TSME_STATUS			(1 << 13)
55 #define PSP_CAP_SECURITY_ANTI_ROLLBACK_STATUS		(1 << 15)
56 #define PSP_CAP_SECURITY_RPMC_PRODUCTION_ENABLED	(1 << 16)
57 #define PSP_CAP_SECURITY_RPMC_SPIROM_AVAILABLE		(1 << 17)
58 #define PSP_CAP_SECURITY_HSP_TPM_AVAILABLE		(1 << 18)
59 #define PSP_CAP_SECURITY_ROM_ARMOR_ENFORCED		(1 << 19)
60 
61 #define PSP_CAP_BITS	"\20\001SEV\002TEE\003DBC_THRU_EXT\010REPORTING\011FUSED_PART\013DEBUG_LOCK_ON\016TSME_STATUS\020ANTI_ROLLBACK_STATUS\021RPMC_PRODUCTION_ENABLED\022RPMC_SPIROM_AVAILABLE\023HSP_TPM_AVAILABLE\024ROM_ARMOR_ENFORCED"
62 
63 #define PSP_CMDRESP_IOC		(1 << 0)
64 #define PSP_CMDRESP_COMPLETE	(1 << 1)
65 #define PSP_CMDRESP_RESPONSE	(1 << 31)
66 
67 #define PSP_STATUS_MASK				0xffff
68 #define PSP_STATUS_SUCCESS			0x0000
69 #define PSP_STATUS_INVALID_PLATFORM_STATE	0x0001
70 
71 #define PSP_TMR_SIZE		(1024*1024)	/* 1 Mb */
72 
73 #define PSP_SUCCESS		0x0000
74 #define PSP_INVALID_ADDRESS	0x0009
75 
76 /* Selection of PSP commands of the SEV API Version 0.24 */
77 
78 #define PSP_CMD_INIT			0x1
79 #define PSP_CMD_SHUTDOWN		0x2
80 #define PSP_CMD_PLATFORMSTATUS		0x4
81 #define PSP_CMD_DF_FLUSH		0xa
82 #define PSP_CMD_DOWNLOADFIRMWARE	0xb
83 #define PSP_CMD_DECOMMISSION		0x20
84 #define PSP_CMD_ACTIVATE		0x21
85 #define PSP_CMD_DEACTIVATE		0x22
86 #define PSP_CMD_GUESTSTATUS		0x23
87 #define PSP_CMD_LAUNCH_START		0x30
88 #define PSP_CMD_LAUNCH_UPDATE_DATA	0x31
89 #define PSP_CMD_LAUNCH_MEASURE		0x33
90 #define PSP_CMD_LAUNCH_FINISH		0x35
91 #define PSP_CMD_ATTESTATION		0x36
92 
93 struct psp_platform_status {
94 	/* Output parameters from PSP_CMD_PLATFORMSTATUS */
95 	uint8_t			api_major;
96 	uint8_t			api_minor;
97 	uint8_t			state;
98 	uint8_t			owner;
99 	uint32_t		cfges_build;
100 	uint32_t		guest_count;
101 } __packed;
102 
103 struct psp_guest_status {
104 	/* Input parameter for PSP_CMD_GUESTSTATUS */
105 	uint32_t		handle;
106 
107 	/* Output parameters from PSP_CMD_GUESTSTATUS */
108 	uint32_t		policy;
109 	uint32_t		asid;
110 	uint8_t			state;
111 } __packed;
112 
113 struct psp_launch_start {
114 	/* Input/Output parameter for PSP_CMD_LAUNCH_START */
115 	uint32_t		handle;
116 
117 	/* Input parameters for PSP_CMD_LAUNCH_START */
118 	uint32_t		policy;
119 
120 	/* The following input parameters are not used yet */
121 	uint64_t		dh_cert_paddr;
122 	uint32_t		dh_cert_len;
123 	uint32_t		reserved;
124 	uint64_t		session_paddr;
125 	uint32_t		session_len;
126 } __packed;
127 
128 struct psp_launch_update_data {
129 	/* Input parameters for PSP_CMD_LAUNCH_UPDATE_DATA */
130 	uint32_t		handle;
131 	uint32_t		reserved;
132 	uint64_t		paddr;
133 	uint32_t		length;
134 } __packed;
135 
136 struct psp_measure {
137 	/* Output buffer for PSP_CMD_LAUNCH_MEASURE */
138 	uint8_t			measure[32];
139 	uint8_t			measure_nonce[16];
140 } __packed;
141 
142 struct psp_launch_measure {
143 	/* Input parameters for PSP_CMD_LAUNCH_MEASURE */
144 	uint32_t		handle;
145 	uint32_t		reserved;
146 	uint64_t		measure_paddr;
147 
148 	/* Input/output parameter for PSP_CMD_LAUNCH_MEASURE */
149 	uint32_t		measure_len;
150 	uint32_t		padding;
151 
152 	/* Output buffer from PSP_CMD_LAUNCH_MEASURE */
153 	struct psp_measure	psp_measure;	/* 64bit aligned */
154 #define measure		psp_measure.measure
155 #define measure_nonce	psp_measure.measure_nonce
156 } __packed;
157 
158 struct psp_launch_finish {
159 	/* Input parameter for PSP_CMD_LAUNCH_FINISH */
160 	uint32_t		handle;
161 } __packed;
162 
163 struct psp_report {
164 	/* Output buffer for PSP_CMD_ATTESTATION */
165 	uint8_t			report_nonce[16];
166 	uint8_t			report_launch_digest[32];
167 	uint32_t		report_policy;
168 	uint32_t		report_sig_usage;
169 	uint32_t		report_sig_algo;
170 	uint32_t		reserved2;
171 	uint8_t			report_sig1[144];
172 } __packed;
173 
174 struct psp_attestation {
175 	/* Input parameters for PSP_CMD_ATTESTATION */
176 	uint32_t		handle;
177 	uint32_t		reserved;
178 	uint64_t		attest_paddr;
179 	uint8_t			attest_nonce[16];
180 
181 	/* Input/output parameter from PSP_CMD_ATTESTATION */
182 	uint32_t		attest_len;
183 	uint32_t		padding;
184 
185 	/* Output parameter from PSP_CMD_ATTESTATION */
186 	struct psp_report	psp_report;	/* 64bit aligned */
187 #define report_nonce		psp_report.report_nonce
188 #define report_launch_digest	psp_report.report_launch_digest
189 #define report_policy		psp_report.report_policy
190 #define report_sig_usage	psp_report.report_sig_usage;
191 #define report_report_sig_alg	psp_report.report_sig_algo;
192 #define report_report_sig1	psp_report.report_sig1;
193 } __packed;
194 
195 struct psp_activate {
196 	/* Input parameters for PSP_CMD_ACTIVATE */
197 	uint32_t		handle;
198 	uint32_t		asid;
199 } __packed;
200 
201 struct psp_deactivate {
202 	/* Input parameter for PSP_CMD_DEACTIVATE */
203 	uint32_t		handle;
204 } __packed;
205 
206 struct psp_decommission {
207 	/* Input parameter for PSP_CMD_DECOMMISSION */
208 	uint32_t		handle;
209 } __packed;
210 
211 struct psp_init {
212 	/* Output parameters from PSP_CMD_INIT */
213 	uint32_t		enable_es;
214 	uint32_t		reserved;
215 	uint64_t		tmr_paddr;
216 	uint32_t		tmr_length;
217 } __packed;
218 
219 struct psp_downloadfirmware {
220 	/* Input parameters for PSP_CMD_DOWNLOADFIRMWARE */
221 	uint64_t		fw_paddr;
222 	uint32_t		fw_len;
223 } __packed;
224 
225 struct psp_guest_shutdown {
226 	/* Input parameter for PSP_CMD_GUEST_SHUTDOWN */
227 	uint32_t		handle;
228 } __packed;
229 
230 /* Selection of PSP commands of the SEV-SNP ABI Version 1.55 */
231 
232 #define PSP_CMD_SNP_PLATFORMSTATUS	0x81
233 
234 struct psp_snp_platform_status {
235 	uint8_t			api_major;
236 	uint8_t			api_minor;
237 	uint8_t			state;
238 	uint8_t			is_rmp_init;
239 	uint32_t		build;
240 	uint32_t		features;
241 	uint32_t		guest_count;
242 	uint64_t		current_tcb;
243 	uint64_t		reported_tcb;
244 } __packed;
245 
246 #define PSP_IOC_GET_PSTATUS	_IOR('P', 0, struct psp_platform_status)
247 #define PSP_IOC_DF_FLUSH	_IO('P', 1)
248 #define PSP_IOC_DECOMMISSION	_IOW('P', 2, struct psp_decommission)
249 #define PSP_IOC_GET_GSTATUS	_IOWR('P', 3, struct psp_guest_status)
250 #define PSP_IOC_LAUNCH_START	_IOWR('P', 4, struct psp_launch_start)
251 #define PSP_IOC_LAUNCH_UPDATE_DATA \
252 				_IOW('P', 5, struct psp_launch_update_data)
253 #define PSP_IOC_LAUNCH_MEASURE	_IOWR('P', 6, struct psp_launch_measure)
254 #define PSP_IOC_LAUNCH_FINISH	_IOW('P', 7, struct psp_launch_finish)
255 #define PSP_IOC_ATTESTATION	_IOWR('P', 8, struct psp_attestation)
256 #define PSP_IOC_ACTIVATE	_IOW('P', 9, struct psp_activate)
257 #define PSP_IOC_DEACTIVATE	_IOW('P', 10, struct psp_deactivate)
258 #define PSP_IOC_SNP_GET_PSTATUS	_IOR('P', 11, struct psp_snp_platform_status)
259 #define PSP_IOC_INIT		_IO('P', 12)
260 #define PSP_IOC_SHUTDOWN	_IO('P', 13)
261 #define PSP_IOC_GUEST_SHUTDOWN	_IOW('P', 255, struct psp_guest_shutdown)
262 
263 #ifdef _KERNEL
264 
265 struct psp_attach_args {
266 	bus_space_tag_t		iot;
267 	bus_space_handle_t	ioh;
268 
269 	bus_dma_tag_t		dmat;
270 	uint32_t		capabilities;
271 	int			version;
272 };
273 
274 int pspsubmatch(struct device *, void *, void *);
275 int pspprint(void *aux, const char *pnp);
276 int psp_sev_intr(void *);
277 
278 struct ccp_softc;
279 struct pci_attach_args;
280 
281 int psp_pci_match(struct ccp_softc *, struct pci_attach_args *);
282 void psp_pci_intr_map(struct ccp_softc *, struct pci_attach_args *);
283 void psp_pci_attach(struct ccp_softc *, struct pci_attach_args *);
284 
285 #endif	/* _KERNEL */
286