Google Git
Sign in
qemu / qemu / d78b662f28ac6cdab6ad969bb23a10e0e3cf1c32 / . / target / i386 / sev.h
blob: 7b1528248a5400d0983b340a5a99d6d48edfe2e9 [file] [log] [blame]
Brijesh Singha9b49422018-03-08 06:48:41 -0600[diff] [blame]1/*
2 * QEMU Secure Encrypted Virutualization (SEV) support
3 *
4 * Copyright: Advanced Micro Devices, 2016-2018
5 *
6 * Authors:
7 * Brijesh Singh <brijesh.singh@amd.com>
8 *
9 * This work is licensed under the terms of the GNU GPL, version 2 or later.
10 * See the COPYING file in the top-level directory.
11 *
12 */
13
Markus Armbruster52581c72022-05-06 15:49:08 +0200[diff] [blame]14#ifndef I386_SEV_H
15#define I386_SEV_H
Brijesh Singha9b49422018-03-08 06:48:41 -0600[diff] [blame]16
Philippe Mathieu-Daudé02eacf32021-10-07 18:17:09 +0200[diff] [blame]17#ifndef CONFIG_USER_ONLY
18#include CONFIG_DEVICES /* CONFIG_SEV */
19#endif
20
Philippe Mathieu-Daudédeae8462021-10-07 18:17:08 +0200[diff] [blame]21#include "exec/confidential-guest-support.h"
Brijesh Singha9b49422018-03-08 06:48:41 -0600[diff] [blame]22
23#define SEV_POLICY_NODBG 0x1
24#define SEV_POLICY_NOKS 0x2
25#define SEV_POLICY_ES 0x4
26#define SEV_POLICY_NOSEND 0x8
27#define SEV_POLICY_DOMAIN 0x10
28#define SEV_POLICY_SEV 0x20
29
Dov Murikcff03142021-09-30 08:49:14 +0300[diff] [blame]30typedef struct SevKernelLoaderContext {
31 char *setup_data;
32 size_t setup_size;
33 char *kernel_data;
34 size_t kernel_size;
35 char *initrd_data;
36 size_t initrd_size;
37 char *cmdline_data;
38 size_t cmdline_size;
39} SevKernelLoaderContext;
40
Philippe Mathieu-Daudé02eacf32021-10-07 18:17:09 +0200[diff] [blame]41#ifdef CONFIG_SEV
Philippe Mathieu-Daudédeae8462021-10-07 18:17:08 +0200[diff] [blame]42bool sev_enabled(void);
Philippe Mathieu-Daudé02eacf32021-10-07 18:17:09 +0200[diff] [blame]43bool sev_es_enabled(void);
44#else
45#define sev_enabled() 0
46#define sev_es_enabled() 0
47#endif
48
Brijesh Singhd8575c62018-03-08 06:48:44 -0600[diff] [blame]49extern uint32_t sev_get_cbit_position(void);
50extern uint32_t sev_get_reduced_phys_bits(void);
Dov Murikcff03142021-09-30 08:49:14 +0300[diff] [blame]51extern bool sev_add_kernel_loader_hashes(SevKernelLoaderContext *ctx, Error **errp);
Brijesh Singhd8575c62018-03-08 06:48:44 -0600[diff] [blame]52
Philippe Mathieu-Daudédeae8462021-10-07 18:17:08 +0200[diff] [blame]53int sev_encrypt_flash(uint8_t *ptr, uint64_t len, Error **errp);
54int sev_inject_launch_secret(const char *hdr, const char *secret,
55 uint64_t gpa, Error **errp);
56
57int sev_es_save_reset_vector(void *flash_ptr, uint64_t flash_size);
58void sev_es_set_reset_vector(CPUState *cpu);
59
60int sev_kvm_init(ConfidentialGuestSupport *cgs, Error **errp);
61
Brijesh Singha9b49422018-03-08 06:48:41 -0600[diff] [blame]62#endif