uapi/linux/sed-opal.h

0001 /* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
0002 /*
0003  * Copyright © 2016 Intel Corporation
0004  *
0005  * Authors:
0006  *    Rafael Antognolli <rafael.antognolli@intel.com>
0007  *    Scott  Bauer      <scott.bauer@intel.com>
0008  */
0009
0010 #ifndef _UAPI_SED_OPAL_H
0011 #define _UAPI_SED_OPAL_H
0012
0013 #include <linux/types.h>
0014
0015 #define OPAL_KEY_MAX 256
0016 #define OPAL_MAX_LRS 9
0017
0018 enum opal_mbr {
0019     OPAL_MBR_ENABLE = 0x0,
0020     OPAL_MBR_DISABLE = 0x01,
0021 };
0022
0023 enum opal_mbr_done_flag {
0024     OPAL_MBR_NOT_DONE = 0x0,
0025     OPAL_MBR_DONE = 0x01
0026 };
0027
0028 enum opal_user {
0029     OPAL_ADMIN1 = 0x0,
0030     OPAL_USER1 = 0x01,
0031     OPAL_USER2 = 0x02,
0032     OPAL_USER3 = 0x03,
0033     OPAL_USER4 = 0x04,
0034     OPAL_USER5 = 0x05,
0035     OPAL_USER6 = 0x06,
0036     OPAL_USER7 = 0x07,
0037     OPAL_USER8 = 0x08,
0038     OPAL_USER9 = 0x09,
0039 };
0040
0041 enum opal_lock_state {
0042     OPAL_RO = 0x01, /* 0001 */
0043     OPAL_RW = 0x02, /* 0010 */
0044     OPAL_LK = 0x04, /* 0100 */
0045 };
0046
0047 struct opal_key {
0048     __u8 lr;
0049     __u8 key_len;
0050     __u8 __align[6];
0051     __u8 key[OPAL_KEY_MAX];
0052 };
0053
0054 struct opal_lr_act {
0055     struct opal_key key;
0056     __u32 sum;
0057     __u8 num_lrs;
0058     __u8 lr[OPAL_MAX_LRS];
0059     __u8 align[2]; /* Align to 8 byte boundary */
0060 };
0061
0062 struct opal_session_info {
0063     __u32 sum;
0064     __u32 who;
0065     struct opal_key opal_key;
0066 };
0067
0068 struct opal_user_lr_setup {
0069     __u64 range_start;
0070     __u64 range_length;
0071     __u32 RLE; /* Read Lock enabled */
0072     __u32 WLE; /* Write Lock Enabled */
0073     struct opal_session_info session;
0074 };
0075
0076 struct opal_lock_unlock {
0077     struct opal_session_info session;
0078     __u32 l_state;
0079     __u8 __align[4];
0080 };
0081
0082 struct opal_new_pw {
0083     struct opal_session_info session;
0084
0085     /* When we're not operating in sum, and we first set
0086      * passwords we need to set them via ADMIN authority.
0087      * After passwords are changed, we can set them via,
0088      * User authorities.
0089      * Because of this restriction we need to know about
0090      * Two different users. One in 'session' which we will use
0091      * to start the session and new_userr_pw as the user we're
0092      * chaning the pw for.
0093      */
0094     struct opal_session_info new_user_pw;
0095 };
0096
0097 struct opal_mbr_data {
0098     struct opal_key key;
0099     __u8 enable_disable;
0100     __u8 __align[7];
0101 };
0102
0103 struct opal_mbr_done {
0104     struct opal_key key;
0105     __u8 done_flag;
0106     __u8 __align[7];
0107 };
0108
0109 struct opal_shadow_mbr {
0110     struct opal_key key;
0111     const __u64 data;
0112     __u64 offset;
0113     __u64 size;
0114 };
0115
0116 /* Opal table operations */
0117 enum opal_table_ops {
0118     OPAL_READ_TABLE,
0119     OPAL_WRITE_TABLE,
0120 };
0121
0122 #define OPAL_UID_LENGTH 8
0123 struct opal_read_write_table {
0124     struct opal_key key;
0125     const __u64 data;
0126     const __u8 table_uid[OPAL_UID_LENGTH];
0127     __u64 offset;
0128     __u64 size;
0129 #define OPAL_TABLE_READ (1 << OPAL_READ_TABLE)
0130 #define OPAL_TABLE_WRITE (1 << OPAL_WRITE_TABLE)
0131     __u64 flags;
0132     __u64 priv;
0133 };
0134
0135 #define IOC_OPAL_SAVE           _IOW('p', 220, struct opal_lock_unlock)
0136 #define IOC_OPAL_LOCK_UNLOCK        _IOW('p', 221, struct opal_lock_unlock)
0137 #define IOC_OPAL_TAKE_OWNERSHIP     _IOW('p', 222, struct opal_key)
0138 #define IOC_OPAL_ACTIVATE_LSP       _IOW('p', 223, struct opal_lr_act)
0139 #define IOC_OPAL_SET_PW             _IOW('p', 224, struct opal_new_pw)
0140 #define IOC_OPAL_ACTIVATE_USR       _IOW('p', 225, struct opal_session_info)
0141 #define IOC_OPAL_REVERT_TPR         _IOW('p', 226, struct opal_key)
0142 #define IOC_OPAL_LR_SETUP           _IOW('p', 227, struct opal_user_lr_setup)
0143 #define IOC_OPAL_ADD_USR_TO_LR      _IOW('p', 228, struct opal_lock_unlock)
0144 #define IOC_OPAL_ENABLE_DISABLE_MBR _IOW('p', 229, struct opal_mbr_data)
0145 #define IOC_OPAL_ERASE_LR           _IOW('p', 230, struct opal_session_info)
0146 #define IOC_OPAL_SECURE_ERASE_LR    _IOW('p', 231, struct opal_session_info)
0147 #define IOC_OPAL_PSID_REVERT_TPR    _IOW('p', 232, struct opal_key)
0148 #define IOC_OPAL_MBR_DONE           _IOW('p', 233, struct opal_mbr_done)
0149 #define IOC_OPAL_WRITE_SHADOW_MBR   _IOW('p', 234, struct opal_shadow_mbr)
0150 #define IOC_OPAL_GENERIC_TABLE_RW   _IOW('p', 235, struct opal_read_write_table)
0151
0152 #endif /* _UAPI_SED_OPAL_H */