162306a36Sopenharmony_ci/* SPDX-License-Identifier: GPL-2.0 */ 262306a36Sopenharmony_ci/* 362306a36Sopenharmony_ci * Copyright (C) 2022 IBM Corporation 462306a36Sopenharmony_ci * Author: Nayna Jain <nayna@linux.ibm.com> 562306a36Sopenharmony_ci * 662306a36Sopenharmony_ci * Platform keystore for pseries LPAR(PLPKS). 762306a36Sopenharmony_ci */ 862306a36Sopenharmony_ci 962306a36Sopenharmony_ci#ifndef _ASM_POWERPC_PLPKS_H 1062306a36Sopenharmony_ci#define _ASM_POWERPC_PLPKS_H 1162306a36Sopenharmony_ci 1262306a36Sopenharmony_ci#ifdef CONFIG_PSERIES_PLPKS 1362306a36Sopenharmony_ci 1462306a36Sopenharmony_ci#include <linux/types.h> 1562306a36Sopenharmony_ci#include <linux/list.h> 1662306a36Sopenharmony_ci 1762306a36Sopenharmony_ci// Object policy flags from supported_policies 1862306a36Sopenharmony_ci#define PLPKS_OSSECBOOTAUDIT PPC_BIT32(1) // OS secure boot must be audit/enforce 1962306a36Sopenharmony_ci#define PLPKS_OSSECBOOTENFORCE PPC_BIT32(2) // OS secure boot must be enforce 2062306a36Sopenharmony_ci#define PLPKS_PWSET PPC_BIT32(3) // No access without password set 2162306a36Sopenharmony_ci#define PLPKS_WORLDREADABLE PPC_BIT32(4) // Readable without authentication 2262306a36Sopenharmony_ci#define PLPKS_IMMUTABLE PPC_BIT32(5) // Once written, object cannot be removed 2362306a36Sopenharmony_ci#define PLPKS_TRANSIENT PPC_BIT32(6) // Object does not persist through reboot 2462306a36Sopenharmony_ci#define PLPKS_SIGNEDUPDATE PPC_BIT32(7) // Object can only be modified by signed updates 2562306a36Sopenharmony_ci#define PLPKS_HVPROVISIONED PPC_BIT32(28) // Hypervisor has provisioned this object 2662306a36Sopenharmony_ci 2762306a36Sopenharmony_ci// Signature algorithm flags from signed_update_algorithms 2862306a36Sopenharmony_ci#define PLPKS_ALG_RSA2048 PPC_BIT(0) 2962306a36Sopenharmony_ci#define PLPKS_ALG_RSA4096 PPC_BIT(1) 3062306a36Sopenharmony_ci 3162306a36Sopenharmony_ci// Object label OS metadata flags 3262306a36Sopenharmony_ci#define PLPKS_VAR_LINUX 0x02 3362306a36Sopenharmony_ci#define PLPKS_VAR_COMMON 0x04 3462306a36Sopenharmony_ci 3562306a36Sopenharmony_ci// Flags for which consumer owns an object is owned by 3662306a36Sopenharmony_ci#define PLPKS_FW_OWNER 0x1 3762306a36Sopenharmony_ci#define PLPKS_BOOTLOADER_OWNER 0x2 3862306a36Sopenharmony_ci#define PLPKS_OS_OWNER 0x3 3962306a36Sopenharmony_ci 4062306a36Sopenharmony_ci// Flags for label metadata fields 4162306a36Sopenharmony_ci#define PLPKS_LABEL_VERSION 0 4262306a36Sopenharmony_ci#define PLPKS_MAX_LABEL_ATTR_SIZE 16 4362306a36Sopenharmony_ci#define PLPKS_MAX_NAME_SIZE 239 4462306a36Sopenharmony_ci#define PLPKS_MAX_DATA_SIZE 4000 4562306a36Sopenharmony_ci 4662306a36Sopenharmony_ci// Timeouts for PLPKS operations 4762306a36Sopenharmony_ci#define PLPKS_MAX_TIMEOUT 5000 // msec 4862306a36Sopenharmony_ci#define PLPKS_FLUSH_SLEEP 10 // msec 4962306a36Sopenharmony_ci#define PLPKS_FLUSH_SLEEP_RANGE 400 5062306a36Sopenharmony_ci 5162306a36Sopenharmony_cistruct plpks_var { 5262306a36Sopenharmony_ci char *component; 5362306a36Sopenharmony_ci u8 *name; 5462306a36Sopenharmony_ci u8 *data; 5562306a36Sopenharmony_ci u32 policy; 5662306a36Sopenharmony_ci u16 namelen; 5762306a36Sopenharmony_ci u16 datalen; 5862306a36Sopenharmony_ci u8 os; 5962306a36Sopenharmony_ci}; 6062306a36Sopenharmony_ci 6162306a36Sopenharmony_cistruct plpks_var_name { 6262306a36Sopenharmony_ci u8 *name; 6362306a36Sopenharmony_ci u16 namelen; 6462306a36Sopenharmony_ci}; 6562306a36Sopenharmony_ci 6662306a36Sopenharmony_cistruct plpks_var_name_list { 6762306a36Sopenharmony_ci u32 varcount; 6862306a36Sopenharmony_ci struct plpks_var_name varlist[]; 6962306a36Sopenharmony_ci}; 7062306a36Sopenharmony_ci 7162306a36Sopenharmony_ci/** 7262306a36Sopenharmony_ci * Updates the authenticated variable. It expects NULL as the component. 7362306a36Sopenharmony_ci */ 7462306a36Sopenharmony_ciint plpks_signed_update_var(struct plpks_var *var, u64 flags); 7562306a36Sopenharmony_ci 7662306a36Sopenharmony_ci/** 7762306a36Sopenharmony_ci * Writes the specified var and its data to PKS. 7862306a36Sopenharmony_ci * Any caller of PKS driver should present a valid component type for 7962306a36Sopenharmony_ci * their variable. 8062306a36Sopenharmony_ci */ 8162306a36Sopenharmony_ciint plpks_write_var(struct plpks_var var); 8262306a36Sopenharmony_ci 8362306a36Sopenharmony_ci/** 8462306a36Sopenharmony_ci * Removes the specified var and its data from PKS. 8562306a36Sopenharmony_ci */ 8662306a36Sopenharmony_ciint plpks_remove_var(char *component, u8 varos, 8762306a36Sopenharmony_ci struct plpks_var_name vname); 8862306a36Sopenharmony_ci 8962306a36Sopenharmony_ci/** 9062306a36Sopenharmony_ci * Returns the data for the specified os variable. 9162306a36Sopenharmony_ci * 9262306a36Sopenharmony_ci * Caller must allocate a buffer in var->data with length in var->datalen. 9362306a36Sopenharmony_ci * If no buffer is provided, var->datalen will be populated with the object's 9462306a36Sopenharmony_ci * size. 9562306a36Sopenharmony_ci */ 9662306a36Sopenharmony_ciint plpks_read_os_var(struct plpks_var *var); 9762306a36Sopenharmony_ci 9862306a36Sopenharmony_ci/** 9962306a36Sopenharmony_ci * Returns the data for the specified firmware variable. 10062306a36Sopenharmony_ci * 10162306a36Sopenharmony_ci * Caller must allocate a buffer in var->data with length in var->datalen. 10262306a36Sopenharmony_ci * If no buffer is provided, var->datalen will be populated with the object's 10362306a36Sopenharmony_ci * size. 10462306a36Sopenharmony_ci */ 10562306a36Sopenharmony_ciint plpks_read_fw_var(struct plpks_var *var); 10662306a36Sopenharmony_ci 10762306a36Sopenharmony_ci/** 10862306a36Sopenharmony_ci * Returns the data for the specified bootloader variable. 10962306a36Sopenharmony_ci * 11062306a36Sopenharmony_ci * Caller must allocate a buffer in var->data with length in var->datalen. 11162306a36Sopenharmony_ci * If no buffer is provided, var->datalen will be populated with the object's 11262306a36Sopenharmony_ci * size. 11362306a36Sopenharmony_ci */ 11462306a36Sopenharmony_ciint plpks_read_bootloader_var(struct plpks_var *var); 11562306a36Sopenharmony_ci 11662306a36Sopenharmony_ci/** 11762306a36Sopenharmony_ci * Returns if PKS is available on this LPAR. 11862306a36Sopenharmony_ci */ 11962306a36Sopenharmony_cibool plpks_is_available(void); 12062306a36Sopenharmony_ci 12162306a36Sopenharmony_ci/** 12262306a36Sopenharmony_ci * Returns version of the Platform KeyStore. 12362306a36Sopenharmony_ci */ 12462306a36Sopenharmony_ciu8 plpks_get_version(void); 12562306a36Sopenharmony_ci 12662306a36Sopenharmony_ci/** 12762306a36Sopenharmony_ci * Returns hypervisor storage overhead per object, not including the size of 12862306a36Sopenharmony_ci * the object or label. Only valid for config version >= 2 12962306a36Sopenharmony_ci */ 13062306a36Sopenharmony_ciu16 plpks_get_objoverhead(void); 13162306a36Sopenharmony_ci 13262306a36Sopenharmony_ci/** 13362306a36Sopenharmony_ci * Returns maximum password size. Must be >= 32 bytes 13462306a36Sopenharmony_ci */ 13562306a36Sopenharmony_ciu16 plpks_get_maxpwsize(void); 13662306a36Sopenharmony_ci 13762306a36Sopenharmony_ci/** 13862306a36Sopenharmony_ci * Returns maximum object size supported by Platform KeyStore. 13962306a36Sopenharmony_ci */ 14062306a36Sopenharmony_ciu16 plpks_get_maxobjectsize(void); 14162306a36Sopenharmony_ci 14262306a36Sopenharmony_ci/** 14362306a36Sopenharmony_ci * Returns maximum object label size supported by Platform KeyStore. 14462306a36Sopenharmony_ci */ 14562306a36Sopenharmony_ciu16 plpks_get_maxobjectlabelsize(void); 14662306a36Sopenharmony_ci 14762306a36Sopenharmony_ci/** 14862306a36Sopenharmony_ci * Returns total size of the configured Platform KeyStore. 14962306a36Sopenharmony_ci */ 15062306a36Sopenharmony_ciu32 plpks_get_totalsize(void); 15162306a36Sopenharmony_ci 15262306a36Sopenharmony_ci/** 15362306a36Sopenharmony_ci * Returns used space from the total size of the Platform KeyStore. 15462306a36Sopenharmony_ci */ 15562306a36Sopenharmony_ciu32 plpks_get_usedspace(void); 15662306a36Sopenharmony_ci 15762306a36Sopenharmony_ci/** 15862306a36Sopenharmony_ci * Returns bitmask of policies supported by the hypervisor. 15962306a36Sopenharmony_ci */ 16062306a36Sopenharmony_ciu32 plpks_get_supportedpolicies(void); 16162306a36Sopenharmony_ci 16262306a36Sopenharmony_ci/** 16362306a36Sopenharmony_ci * Returns maximum byte size of a single object supported by the hypervisor. 16462306a36Sopenharmony_ci * Only valid for config version >= 3 16562306a36Sopenharmony_ci */ 16662306a36Sopenharmony_ciu32 plpks_get_maxlargeobjectsize(void); 16762306a36Sopenharmony_ci 16862306a36Sopenharmony_ci/** 16962306a36Sopenharmony_ci * Returns bitmask of signature algorithms supported for signed updates. 17062306a36Sopenharmony_ci * Only valid for config version >= 3 17162306a36Sopenharmony_ci */ 17262306a36Sopenharmony_ciu64 plpks_get_signedupdatealgorithms(void); 17362306a36Sopenharmony_ci 17462306a36Sopenharmony_ci/** 17562306a36Sopenharmony_ci * Returns the length of the PLPKS password in bytes. 17662306a36Sopenharmony_ci */ 17762306a36Sopenharmony_ciu16 plpks_get_passwordlen(void); 17862306a36Sopenharmony_ci 17962306a36Sopenharmony_ci/** 18062306a36Sopenharmony_ci * Called in early init to retrieve and clear the PLPKS password from the DT. 18162306a36Sopenharmony_ci */ 18262306a36Sopenharmony_civoid plpks_early_init_devtree(void); 18362306a36Sopenharmony_ci 18462306a36Sopenharmony_ci/** 18562306a36Sopenharmony_ci * Populates the FDT with the PLPKS password to prepare for kexec. 18662306a36Sopenharmony_ci */ 18762306a36Sopenharmony_ciint plpks_populate_fdt(void *fdt); 18862306a36Sopenharmony_ci#else // CONFIG_PSERIES_PLPKS 18962306a36Sopenharmony_cistatic inline bool plpks_is_available(void) { return false; } 19062306a36Sopenharmony_cistatic inline u16 plpks_get_passwordlen(void) { BUILD_BUG(); } 19162306a36Sopenharmony_cistatic inline void plpks_early_init_devtree(void) { } 19262306a36Sopenharmony_cistatic inline int plpks_populate_fdt(void *fdt) { BUILD_BUG(); } 19362306a36Sopenharmony_ci#endif // CONFIG_PSERIES_PLPKS 19462306a36Sopenharmony_ci 19562306a36Sopenharmony_ci#endif // _ASM_POWERPC_PLPKS_H 196