Documentation
¶
Overview ¶
Package linuxabi describes the /dev/sev-guest ioctl command ABI.
Index ¶
Constants ¶
const ( // IocSnpGetReport is the ioctl command for getting an attestation report IocSnpGetReport = iocSnpWithoutNr | (0x0 << iocNrshift) // IocSnpGetReport is the ioctl command for getting an extended attestation report that includes // certificate information. IocSnpGetExtendedReport = iocSnpWithoutNr | (0x2 << iocNrshift) )
ioctl bits for x86-64
Variables ¶
This section is empty.
Functions ¶
Types ¶
type EsResult ¶
type EsResult int
EsResult is the status code type for Linux's GHCB communication results.
const ( // EsOk denotes success. EsOk EsResult = iota // EsUnsupported denotes that the requested operation is not supported. EsUnsupported // EsVmmError denotes that the virtual machine monitor was in an unexpected state. EsVmmError // EsDecodeFailed denotes that instruction decoding failed. EsDecodeFailed // EsException denotes that the GHCB communication caused an exception. EsException // EsRetry is the code for a retry instruction emulation EsRetry )
type SevEsErr ¶
type SevEsErr struct {
Result EsResult
// contains filtered or unexported fields
}
SevEsErr is an error that interprets SEV-ES guest-host communication results.
type SnpExtendedReportReq ¶
type SnpExtendedReportReq struct {
Data SnpReportReq
// Where to copy the certificate blob.
CertsAddress uint64
// length of the certificate blob
CertsLength uint32
}
SnpExtendedReportReq is Linux's sev-guest ioctl abi for sending a GET_EXTENDED_REPORT request.
type SnpExtendedReportReqSafe ¶
type SnpExtendedReportReqSafe struct {
Data SnpReportReq
// Where to copy the certificate blob.
Certs []byte
// length of the certificate blob
CertsLength uint32
}
SnpExtendedReportReqSafe is close to Linux's sev-guest ioctl abi for sending a GET_EXTENDED_REPORT request, but uses safer types for the Ioctl interface.
type SnpReportReq ¶
type SnpReportReq struct {
// UserData to be included in the report
UserData [64]uint8
// Vmpl is the SEV-SNP VMPL level to be included in the report.
// The kernel must have access to the corresponding VMPCK.
Vmpl uint32
// contains filtered or unexported fields
}
SnpReportReq is Linux's sev-guest ioctl abi for sending a GET_REPORT request. See include/uapi/linux/sev-guest.h
type SnpReportResp ¶
type SnpReportResp struct {
// Data is the response data, see SEV-SNP spec for the format
Data [abi.ReportSize]uint8
}
SnpReportResp is Linux's sev-guest ioctl abi for receiving a GET_REPORT response.
type SnpUserGuestRequest ¶
type SnpUserGuestRequest struct {
// Request and response structure address.
ReqData uint64
RespData uint64
// firmware error code on failure (see psp-sev.h in Linux kernel)
FwErr uint64
}
SnpUserGuestRequest is Linux's sev-guest ioctl abi for issuing a guest message.
type SnpUserGuestRequestSafe ¶
type SnpUserGuestRequestSafe struct {
// Request and response structure address.
ReqData interface{}
RespData interface{}
// firmware error code on failure (see psp-sev.h in Linux kernel)
FwErr uint64
}
SnpUserGuestRequestSafe is Linux's sev-guest ioctl interface for issuing a guest message. The types here enhance runtime safety when using Ioctl as an interface.
Source Files