]>
Commit | Line | Data |
---|---|---|
a9b4942f BS |
1 | /* |
2 | * QEMU Secure Encrypted Virutualization (SEV) support | |
3 | * | |
4 | * Copyright: Advanced Micro Devices, 2016-2018 | |
5 | * | |
6 | * Authors: | |
7 | * Brijesh Singh <brijesh.singh@amd.com> | |
8 | * | |
9 | * This work is licensed under the terms of the GNU GPL, version 2 or later. | |
10 | * See the COPYING file in the top-level directory. | |
11 | * | |
12 | */ | |
13 | ||
52581c71 MA |
14 | #ifndef I386_SEV_H |
15 | #define I386_SEV_H | |
a9b4942f | 16 | |
02eacf31 PMD |
17 | #ifndef CONFIG_USER_ONLY |
18 | #include CONFIG_DEVICES /* CONFIG_SEV */ | |
19 | #endif | |
20 | ||
deae846f | 21 | #include "exec/confidential-guest-support.h" |
a9b4942f BS |
22 | |
23 | #define SEV_POLICY_NODBG 0x1 | |
24 | #define SEV_POLICY_NOKS 0x2 | |
25 | #define SEV_POLICY_ES 0x4 | |
26 | #define SEV_POLICY_NOSEND 0x8 | |
27 | #define SEV_POLICY_DOMAIN 0x10 | |
28 | #define SEV_POLICY_SEV 0x20 | |
29 | ||
cff03145 DM |
30 | typedef struct SevKernelLoaderContext { |
31 | char *setup_data; | |
32 | size_t setup_size; | |
33 | char *kernel_data; | |
34 | size_t kernel_size; | |
35 | char *initrd_data; | |
36 | size_t initrd_size; | |
37 | char *cmdline_data; | |
38 | size_t cmdline_size; | |
39 | } SevKernelLoaderContext; | |
40 | ||
02eacf31 | 41 | #ifdef CONFIG_SEV |
deae846f | 42 | bool sev_enabled(void); |
02eacf31 PMD |
43 | bool sev_es_enabled(void); |
44 | #else | |
45 | #define sev_enabled() 0 | |
46 | #define sev_es_enabled() 0 | |
47 | #endif | |
48 | ||
d8575c6c BS |
49 | extern uint32_t sev_get_cbit_position(void); |
50 | extern uint32_t sev_get_reduced_phys_bits(void); | |
cff03145 | 51 | extern bool sev_add_kernel_loader_hashes(SevKernelLoaderContext *ctx, Error **errp); |
d8575c6c | 52 | |
deae846f PMD |
53 | int sev_encrypt_flash(uint8_t *ptr, uint64_t len, Error **errp); |
54 | int sev_inject_launch_secret(const char *hdr, const char *secret, | |
55 | uint64_t gpa, Error **errp); | |
56 | ||
57 | int sev_es_save_reset_vector(void *flash_ptr, uint64_t flash_size); | |
58 | void sev_es_set_reset_vector(CPUState *cpu); | |
59 | ||
60 | int sev_kvm_init(ConfidentialGuestSupport *cgs, Error **errp); | |
61 | ||
a9b4942f | 62 | #endif |