1/* SPDX-License-Identifier: GPL-2.0 */
2#ifndef __TSM_H
3#define __TSM_H
4
5#include <linux/sizes.h>
6#include <linux/types.h>
7
8#define TSM_INBLOB_MAX 64
9#define TSM_OUTBLOB_MAX SZ_32K
10
11/*
12 * Privilege level is a nested permission concept to allow confidential
13 * guests to partition address space, 4-levels are supported.
14 */
15#define TSM_PRIVLEVEL_MAX 3
16
17/**
18 * struct tsm_desc - option descriptor for generating tsm report blobs
19 * @privlevel: optional privilege level to associate with @outblob
20 * @inblob_len: sizeof @inblob
21 * @inblob: arbitrary input data
22 */
23struct tsm_desc {
24	unsigned int privlevel;
25	size_t inblob_len;
26	u8 inblob[TSM_INBLOB_MAX];
27};
28
29/**
30 * struct tsm_report - track state of report generation relative to options
31 * @desc: input parameters to @report_new()
32 * @outblob_len: sizeof(@outblob)
33 * @outblob: generated evidence to provider to the attestation agent
34 * @auxblob_len: sizeof(@auxblob)
35 * @auxblob: (optional) auxiliary data to the report (e.g. certificate data)
36 */
37struct tsm_report {
38	struct tsm_desc desc;
39	size_t outblob_len;
40	u8 *outblob;
41	size_t auxblob_len;
42	u8 *auxblob;
43};
44
45/**
46 * struct tsm_ops - attributes and operations for tsm instances
47 * @name: tsm id reflected in /sys/kernel/config/tsm/report/$report/provider
48 * @privlevel_floor: convey base privlevel for nested scenarios
49 * @report_new: Populate @report with the report blob and auxblob
50 * (optional), return 0 on successful population, or -errno otherwise
51 *
52 * Implementation specific ops, only one is expected to be registered at
53 * a time i.e. only one of "sev-guest", "tdx-guest", etc.
54 */
55struct tsm_ops {
56	const char *name;
57	const unsigned int privlevel_floor;
58	int (*report_new)(struct tsm_report *report, void *data);
59};
60
61extern const struct config_item_type tsm_report_default_type;
62
63/* publish @privlevel, @privlevel_floor, and @auxblob attributes */
64extern const struct config_item_type tsm_report_extra_type;
65
66int tsm_register(const struct tsm_ops *ops, void *priv,
67		 const struct config_item_type *type);
68int tsm_unregister(const struct tsm_ops *ops);
69#endif /* __TSM_H */
70