crypto: ccp - Add GET_ID SEV command

The GET_ID command, added as of SEV API v0.16, allows the SEV firmware to be queried about a unique CPU ID. This unique ID can then be used to obtain the public certificate containing the Chip Endorsement Key (CEK) public key signed by the AMD SEV Signing Key (ASK). For more information please refer to "Section 5.12 GET_ID" of https://support.amd.com/TechDocs/55766_SEV-KM%20API_Specification.pdf Signed-off-by: Janakarajan Natarajan <Janakarajan.Natarajan@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2025-07-23 07:12:09 +00:00 · 2018-05-25 15:23:30 -05:00 · 2018-05-25 15:23:30 -05:00 · 0b3a830bb4
commit 0b3a830bb4
parent edd303ff0e
3 changed files with 67 additions and 0 deletions
--- a/include/linux/psp-sev.h
+++ b/include/linux/psp-sev.h
@ -55,6 +55,7 @@ enum sev_cmd {
 	SEV_CMD_PDH_GEN			= 0x009,
 	SEV_CMD_DF_FLUSH		= 0x00A,
 	SEV_CMD_DOWNLOAD_FIRMWARE	= 0x00B,
+	SEV_CMD_GET_ID			= 0x00C,

 	/* Guest commands */
 	SEV_CMD_DECOMMISSION		= 0x020,
@ -141,6 +142,16 @@ struct sev_data_download_firmware {
 	u32 len;				/* In */
 } __packed;

+/**
+ * struct sev_data_get_id - GET_ID command parameters
+ *
+ * @address: physical address of region to place unique CPU ID(s)
+ * @len: len of the region
+ */
+struct sev_data_get_id {
+	u64 address;				/* In */
+	u32 len;				/* In/Out */
+} __packed;
 /**
 * struct sev_data_pdh_cert_export - PDH_CERT_EXPORT command parameters
 *