crypto: ccp: Add the SNP_COMMIT command

The SNP_COMMIT command is used to commit the currently installed version of the SEV firmware. Once committed, the firmware cannot be replaced with a previous firmware version (cannot be rolled back). This command will also update the reported TCB to match that of the currently installed firmware. [ mdr: Note the reported TCB update in the documentation/commit. ] Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Michael Roth <michael.roth@amd.com> Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de> Link: https://lore.kernel.org/r/20240126041126.1927228-25-michael.roth@amd.com
author: Tom Lendacky <thomas.lendacky@amd.com> 2024-01-25 22:11:24 -0600
committer: Borislav Petkov (AMD) <bp@alien8.de> 2024-01-29 20:34:19 +0100
commit: fad133c79afa02344d05001324a0474e20f3e055 (patch)
tree: 82f47bcb71f1569a256cb412f956cfbf0bf6b521 /include/linux/psp-sev.h
parent: f5db8841ebe59dbdf07fda797c88ccb51e0c893d (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h
index 84eabbfbbc08..3705c2044fc0 100644
--- a/include/linux/psp-sev.h
+++ b/include/linux/psp-sev.h
@@ -801,6 +801,15 @@ struct sev_platform_init_args {
 	bool probe;
 };
 
+/**
+ * struct sev_data_snp_commit - SNP_COMMIT structure
+ *
+ * @len: length of the command buffer read by the PSP
+ */
+struct sev_data_snp_commit {
+	u32 len;
+} __packed;
+
 #ifdef CONFIG_CRYPTO_DEV_SP_PSP
 
 /**
author	Tom Lendacky <thomas.lendacky@amd.com>	2024-01-25 22:11:24 -0600
committer	Borislav Petkov (AMD) <bp@alien8.de>	2024-01-29 20:34:19 +0100
commit	fad133c79afa02344d05001324a0474e20f3e055 (patch)
tree	82f47bcb71f1569a256cb412f956cfbf0bf6b521 /include/linux/psp-sev.h
parent	f5db8841ebe59dbdf07fda797c88ccb51e0c893d (diff)