1 /* SPDX-License-Identifier: GPL-2.0-only */
2 /*
3  * Confidential Computing Platform Capability checks
4  *
5  * Copyright (C) 2021 Advanced Micro Devices, Inc.
6  *
7  * Author: Tom Lendacky <thomas.lendacky@amd.com>
8  */
9 
10 #ifndef _LINUX_CC_PLATFORM_H
11 #define _LINUX_CC_PLATFORM_H
12 
13 #include <linux/types.h>
14 #include <linux/stddef.h>
15 
16 /**
17  * enum cc_attr - Confidential computing attributes
18  *
19  * These attributes represent confidential computing features that are
20  * currently active.
21  */
22 enum cc_attr {
23 	/**
24 	 * @CC_ATTR_MEM_ENCRYPT: Memory encryption is active
25 	 *
26 	 * The platform/OS is running with active memory encryption. This
27 	 * includes running either as a bare-metal system or a hypervisor
28 	 * and actively using memory encryption or as a guest/virtual machine
29 	 * and actively using memory encryption.
30 	 *
31 	 * Examples include SME, SEV and SEV-ES.
32 	 */
33 	CC_ATTR_MEM_ENCRYPT,
34 
35 	/**
36 	 * @CC_ATTR_HOST_MEM_ENCRYPT: Host memory encryption is active
37 	 *
38 	 * The platform/OS is running as a bare-metal system or a hypervisor
39 	 * and actively using memory encryption.
40 	 *
41 	 * Examples include SME.
42 	 */
43 	CC_ATTR_HOST_MEM_ENCRYPT,
44 
45 	/**
46 	 * @CC_ATTR_GUEST_MEM_ENCRYPT: Guest memory encryption is active
47 	 *
48 	 * The platform/OS is running as a guest/virtual machine and actively
49 	 * using memory encryption.
50 	 *
51 	 * Examples include SEV and SEV-ES.
52 	 */
53 	CC_ATTR_GUEST_MEM_ENCRYPT,
54 
55 	/**
56 	 * @CC_ATTR_GUEST_STATE_ENCRYPT: Guest state encryption is active
57 	 *
58 	 * The platform/OS is running as a guest/virtual machine and actively
59 	 * using memory encryption and register state encryption.
60 	 *
61 	 * Examples include SEV-ES.
62 	 */
63 	CC_ATTR_GUEST_STATE_ENCRYPT,
64 
65 	/**
66 	 * @CC_ATTR_GUEST_UNROLL_STRING_IO: String I/O is implemented with
67 	 *                                  IN/OUT instructions
68 	 *
69 	 * The platform/OS is running as a guest/virtual machine and uses
70 	 * IN/OUT instructions in place of string I/O.
71 	 *
72 	 * Examples include TDX guest & SEV.
73 	 */
74 	CC_ATTR_GUEST_UNROLL_STRING_IO,
75 
76 	/**
77 	 * @CC_ATTR_SEV_SNP: Guest SNP is active.
78 	 *
79 	 * The platform/OS is running as a guest/virtual machine and actively
80 	 * using AMD SEV-SNP features.
81 	 */
82 	CC_ATTR_GUEST_SEV_SNP,
83 
84 	/**
85 	 * @CC_ATTR_HOST_SEV_SNP: AMD SNP enabled on the host.
86 	 *
87 	 * The host kernel is running with the necessary features
88 	 * enabled to run SEV-SNP guests.
89 	 */
90 	CC_ATTR_HOST_SEV_SNP,
91 };
92 
93 #ifdef CONFIG_ARCH_HAS_CC_PLATFORM
94 
95 /**
96  * cc_platform_has() - Checks if the specified cc_attr attribute is active
97  * @attr: Confidential computing attribute to check
98  *
99  * The cc_platform_has() function will return an indicator as to whether the
100  * specified Confidential Computing attribute is currently active.
101  *
102  * Context: Any context
103  * Return:
104  * * TRUE  - Specified Confidential Computing attribute is active
105  * * FALSE - Specified Confidential Computing attribute is not active
106  */
107 bool cc_platform_has(enum cc_attr attr);
108 void cc_platform_set(enum cc_attr attr);
109 void cc_platform_clear(enum cc_attr attr);
110 
111 #else	/* !CONFIG_ARCH_HAS_CC_PLATFORM */
112 
cc_platform_has(enum cc_attr attr)113 static inline bool cc_platform_has(enum cc_attr attr) { return false; }
cc_platform_set(enum cc_attr attr)114 static inline void cc_platform_set(enum cc_attr attr) { }
cc_platform_clear(enum cc_attr attr)115 static inline void cc_platform_clear(enum cc_attr attr) { }
116 
117 #endif	/* CONFIG_ARCH_HAS_CC_PLATFORM */
118 
119 #endif	/* _LINUX_CC_PLATFORM_H */
120