~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/include/linux/tsm.h

Version: ~ [ linux-6.11-rc3 ] ~ [ linux-6.10.4 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.45 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.104 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.164 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.223 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.281 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.319 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.9 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~ 
  1 /* SPDX-License-Identifier: GPL-2.0 */
  2 #ifndef __TSM_H
  3 #define __TSM_H
  4 
  5 #include <linux/sizes.h>
  6 #include <linux/types.h>
  7 #include <linux/uuid.h>
  8 
  9 #define TSM_INBLOB_MAX 64
 10 #define TSM_OUTBLOB_MAX SZ_32K
 11 
 12 /*
 13  * Privilege level is a nested permission concept to allow confidential
 14  * guests to partition address space, 4-levels are supported.
 15  */
 16 #define TSM_PRIVLEVEL_MAX 3
 17 
 18 /**
 19  * struct tsm_desc - option descriptor for generating tsm report blobs
 20  * @privlevel: optional privilege level to associate with @outblob
 21  * @inblob_len: sizeof @inblob
 22  * @inblob: arbitrary input data
 23  * @service_provider: optional name of where to obtain the tsm report blob
 24  * @service_guid: optional service-provider service guid to attest
 25  * @service_manifest_version: optional service-provider service manifest version requested
 26  */
 27 struct tsm_desc {
 28         unsigned int privlevel;
 29         size_t inblob_len;
 30         u8 inblob[TSM_INBLOB_MAX];
 31         char *service_provider;
 32         guid_t service_guid;
 33         unsigned int service_manifest_version;
 34 };
 35 
 36 /**
 37  * struct tsm_report - track state of report generation relative to options
 38  * @desc: input parameters to @report_new()
 39  * @outblob_len: sizeof(@outblob)
 40  * @outblob: generated evidence to provider to the attestation agent
 41  * @auxblob_len: sizeof(@auxblob)
 42  * @auxblob: (optional) auxiliary data to the report (e.g. certificate data)
 43  * @manifestblob_len: sizeof(@manifestblob)
 44  * @manifestblob: (optional) manifest data associated with the report
 45  */
 46 struct tsm_report {
 47         struct tsm_desc desc;
 48         size_t outblob_len;
 49         u8 *outblob;
 50         size_t auxblob_len;
 51         u8 *auxblob;
 52         size_t manifestblob_len;
 53         u8 *manifestblob;
 54 };
 55 
 56 /**
 57  * enum tsm_attr_index - index used to reference report attributes
 58  * @TSM_REPORT_GENERATION: index of the report generation number attribute
 59  * @TSM_REPORT_PROVIDER: index of the provider name attribute
 60  * @TSM_REPORT_PRIVLEVEL: index of the desired privilege level attribute
 61  * @TSM_REPORT_PRIVLEVEL_FLOOR: index of the minimum allowed privileg level attribute
 62  * @TSM_REPORT_SERVICE_PROVIDER: index of the service provider identifier attribute
 63  * @TSM_REPORT_SERVICE_GUID: index of the service GUID attribute
 64  * @TSM_REPORT_SERVICE_MANIFEST_VER: index of the service manifest version attribute
 65  */
 66 enum tsm_attr_index {
 67         TSM_REPORT_GENERATION,
 68         TSM_REPORT_PROVIDER,
 69         TSM_REPORT_PRIVLEVEL,
 70         TSM_REPORT_PRIVLEVEL_FLOOR,
 71         TSM_REPORT_SERVICE_PROVIDER,
 72         TSM_REPORT_SERVICE_GUID,
 73         TSM_REPORT_SERVICE_MANIFEST_VER,
 74 };
 75 
 76 /**
 77  * enum tsm_bin_attr_index - index used to reference binary report attributes
 78  * @TSM_REPORT_INBLOB: index of the binary report input attribute
 79  * @TSM_REPORT_OUTBLOB: index of the binary report output attribute
 80  * @TSM_REPORT_AUXBLOB: index of the binary auxiliary data attribute
 81  * @TSM_REPORT_MANIFESTBLOB: index of the binary manifest data attribute
 82  */
 83 enum tsm_bin_attr_index {
 84         TSM_REPORT_INBLOB,
 85         TSM_REPORT_OUTBLOB,
 86         TSM_REPORT_AUXBLOB,
 87         TSM_REPORT_MANIFESTBLOB,
 88 };
 89 
 90 /**
 91  * struct tsm_ops - attributes and operations for tsm instances
 92  * @name: tsm id reflected in /sys/kernel/config/tsm/report/$report/provider
 93  * @privlevel_floor: convey base privlevel for nested scenarios
 94  * @report_new: Populate @report with the report blob and auxblob
 95  * (optional), return 0 on successful population, or -errno otherwise
 96  * @report_attr_visible: show or hide a report attribute entry
 97  * @report_bin_attr_visible: show or hide a report binary attribute entry
 98  *
 99  * Implementation specific ops, only one is expected to be registered at
100  * a time i.e. only one of "sev-guest", "tdx-guest", etc.
101  */
102 struct tsm_ops {
103         const char *name;
104         unsigned int privlevel_floor;
105         int (*report_new)(struct tsm_report *report, void *data);
106         bool (*report_attr_visible)(int n);
107         bool (*report_bin_attr_visible)(int n);
108 };
109 
110 int tsm_register(const struct tsm_ops *ops, void *priv);
111 int tsm_unregister(const struct tsm_ops *ops);
112 #endif /* __TSM_H */
113
~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~
kernel.org | git.kernel.org | LWN.net | Project Home | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

sflogo.php