sed-opal.h (3777B)
1/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ 2/* 3 * Copyright © 2016 Intel Corporation 4 * 5 * Authors: 6 * Rafael Antognolli <rafael.antognolli@intel.com> 7 * Scott Bauer <scott.bauer@intel.com> 8 */ 9 10#ifndef _UAPI_SED_OPAL_H 11#define _UAPI_SED_OPAL_H 12 13#include <linux/types.h> 14 15#define OPAL_KEY_MAX 256 16#define OPAL_MAX_LRS 9 17 18enum opal_mbr { 19 OPAL_MBR_ENABLE = 0x0, 20 OPAL_MBR_DISABLE = 0x01, 21}; 22 23enum opal_mbr_done_flag { 24 OPAL_MBR_NOT_DONE = 0x0, 25 OPAL_MBR_DONE = 0x01 26}; 27 28enum opal_user { 29 OPAL_ADMIN1 = 0x0, 30 OPAL_USER1 = 0x01, 31 OPAL_USER2 = 0x02, 32 OPAL_USER3 = 0x03, 33 OPAL_USER4 = 0x04, 34 OPAL_USER5 = 0x05, 35 OPAL_USER6 = 0x06, 36 OPAL_USER7 = 0x07, 37 OPAL_USER8 = 0x08, 38 OPAL_USER9 = 0x09, 39}; 40 41enum opal_lock_state { 42 OPAL_RO = 0x01, /* 0001 */ 43 OPAL_RW = 0x02, /* 0010 */ 44 OPAL_LK = 0x04, /* 0100 */ 45}; 46 47struct opal_key { 48 __u8 lr; 49 __u8 key_len; 50 __u8 __align[6]; 51 __u8 key[OPAL_KEY_MAX]; 52}; 53 54struct opal_lr_act { 55 struct opal_key key; 56 __u32 sum; 57 __u8 num_lrs; 58 __u8 lr[OPAL_MAX_LRS]; 59 __u8 align[2]; /* Align to 8 byte boundary */ 60}; 61 62struct opal_session_info { 63 __u32 sum; 64 __u32 who; 65 struct opal_key opal_key; 66}; 67 68struct opal_user_lr_setup { 69 __u64 range_start; 70 __u64 range_length; 71 __u32 RLE; /* Read Lock enabled */ 72 __u32 WLE; /* Write Lock Enabled */ 73 struct opal_session_info session; 74}; 75 76struct opal_lock_unlock { 77 struct opal_session_info session; 78 __u32 l_state; 79 __u8 __align[4]; 80}; 81 82struct opal_new_pw { 83 struct opal_session_info session; 84 85 /* When we're not operating in sum, and we first set 86 * passwords we need to set them via ADMIN authority. 87 * After passwords are changed, we can set them via, 88 * User authorities. 89 * Because of this restriction we need to know about 90 * Two different users. One in 'session' which we will use 91 * to start the session and new_userr_pw as the user we're 92 * chaning the pw for. 93 */ 94 struct opal_session_info new_user_pw; 95}; 96 97struct opal_mbr_data { 98 struct opal_key key; 99 __u8 enable_disable; 100 __u8 __align[7]; 101}; 102 103struct opal_mbr_done { 104 struct opal_key key; 105 __u8 done_flag; 106 __u8 __align[7]; 107}; 108 109struct opal_shadow_mbr { 110 struct opal_key key; 111 const __u64 data; 112 __u64 offset; 113 __u64 size; 114}; 115 116/* Opal table operations */ 117enum opal_table_ops { 118 OPAL_READ_TABLE, 119 OPAL_WRITE_TABLE, 120}; 121 122#define OPAL_UID_LENGTH 8 123struct opal_read_write_table { 124 struct opal_key key; 125 const __u64 data; 126 const __u8 table_uid[OPAL_UID_LENGTH]; 127 __u64 offset; 128 __u64 size; 129#define OPAL_TABLE_READ (1 << OPAL_READ_TABLE) 130#define OPAL_TABLE_WRITE (1 << OPAL_WRITE_TABLE) 131 __u64 flags; 132 __u64 priv; 133}; 134 135#define IOC_OPAL_SAVE _IOW('p', 220, struct opal_lock_unlock) 136#define IOC_OPAL_LOCK_UNLOCK _IOW('p', 221, struct opal_lock_unlock) 137#define IOC_OPAL_TAKE_OWNERSHIP _IOW('p', 222, struct opal_key) 138#define IOC_OPAL_ACTIVATE_LSP _IOW('p', 223, struct opal_lr_act) 139#define IOC_OPAL_SET_PW _IOW('p', 224, struct opal_new_pw) 140#define IOC_OPAL_ACTIVATE_USR _IOW('p', 225, struct opal_session_info) 141#define IOC_OPAL_REVERT_TPR _IOW('p', 226, struct opal_key) 142#define IOC_OPAL_LR_SETUP _IOW('p', 227, struct opal_user_lr_setup) 143#define IOC_OPAL_ADD_USR_TO_LR _IOW('p', 228, struct opal_lock_unlock) 144#define IOC_OPAL_ENABLE_DISABLE_MBR _IOW('p', 229, struct opal_mbr_data) 145#define IOC_OPAL_ERASE_LR _IOW('p', 230, struct opal_session_info) 146#define IOC_OPAL_SECURE_ERASE_LR _IOW('p', 231, struct opal_session_info) 147#define IOC_OPAL_PSID_REVERT_TPR _IOW('p', 232, struct opal_key) 148#define IOC_OPAL_MBR_DONE _IOW('p', 233, struct opal_mbr_done) 149#define IOC_OPAL_WRITE_SHADOW_MBR _IOW('p', 234, struct opal_shadow_mbr) 150#define IOC_OPAL_GENERIC_TABLE_RW _IOW('p', 235, struct opal_read_write_table) 151 152#endif /* _UAPI_SED_OPAL_H */