[1/2] misc: Add Nitro Secure Module driver
Commit Message
When running Linux inside a Nitro Enclave, the hypervisor provides a
special virtio device called "NSM". This device has 2 main functions:
1) Provide attestation reports
2) Modify PCR state
3) Provide entropy
This patch adds the core NSM driver that exposes a /dev/nsm device node
which user space can use to request attestation documents and influence
PCR states. A follow up patch will add a hwrng driver to feed its entropy
into the kernel.
Originally-by: Petre Eftime <petre.eftime@gmail.com>
Signed-off-by: Alexander Graf <graf@amazon.com>
---
MAINTAINERS | 9 +
drivers/misc/Kconfig | 11 +
drivers/misc/Makefile | 1 +
drivers/misc/nsm.c | 470 ++++++++++++++++++++++++++++++++++++++++++
include/linux/nsm.h | 42 ++++
5 files changed, 533 insertions(+)
create mode 100644 drivers/misc/nsm.c
create mode 100644 include/linux/nsm.h
Comments
On Thu, Sep 28, 2023 at 10:46:44PM +0000, Alexander Graf wrote:
> When running Linux inside a Nitro Enclave, the hypervisor provides a
> special virtio device called "NSM". This device has 2 main functions:
>
> 1) Provide attestation reports
> 2) Modify PCR state
> 3) Provide entropy
>
> This patch adds the core NSM driver that exposes a /dev/nsm device node
> which user space can use to request attestation documents and influence
> PCR states. A follow up patch will add a hwrng driver to feed its entropy
> into the kernel.
>
> Originally-by: Petre Eftime <petre.eftime@gmail.com>
Hasn't this been submitted a long time ago? What changed from that
submission? Or am I mis-remembering things?
> --- /dev/null
> +++ b/drivers/misc/nsm.c
> @@ -0,0 +1,470 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/*
> + * Amazon Nitro Secure Module driver.
> + *
> + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
> + *
> + * This program is free software; you can redistribute it and/or modify it
> + * under the terms and conditions of the GNU General Public License,
> + * version 2, as published by the Free Software Foundation.
> + *
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> + * GNU General Public License for more details.
> + *
> + * You should have received a copy of the GNU General Public License
> + * along with this program; if not, see <http://www.gnu.org/licenses/>.
Please drop the license "boiler-plate" text, the SPDX line is
sufficient.
thanks,
greg k-h
On Thu, Sep 28, 2023 at 10:46:44PM +0000, Alexander Graf wrote:
> +/* Register this as a misc driver */
> +#define NSM_DEV_NAME "nsm"
> +#define NSM_IOCTL_MAGIC 0x0A
> +#define NSM_IO_REQUEST _IOWR(NSM_IOCTL_MAGIC, 0, struct nsm_message)
You have an ioctl for this driver, yet no include/uapi/ file for it?
How is userspace supposed to know about this and use it?
thanks,
greg k-h
Hey Greg,
On 29.09.23 07:44, Greg Kroah-Hartman wrote:
>
> On Thu, Sep 28, 2023 at 10:46:44PM +0000, Alexander Graf wrote:
>> When running Linux inside a Nitro Enclave, the hypervisor provides a
>> special virtio device called "NSM". This device has 2 main functions:
>>
>> 1) Provide attestation reports
>> 2) Modify PCR state
>> 3) Provide entropy
>>
>> This patch adds the core NSM driver that exposes a /dev/nsm device node
>> which user space can use to request attestation documents and influence
>> PCR states. A follow up patch will add a hwrng driver to feed its entropy
>> into the kernel.
>>
>> Originally-by: Petre Eftime <petre.eftime@gmail.com>
> Hasn't this been submitted a long time ago? What changed from that
> submission? Or am I mis-remembering things?
With Nitro Enclaves, there are 2 parties: Parent and Enclave.
The parent launches the Enclave. To do so, it creates a sibling VM using
a special Enclaves PCI device. The driver for that is in
drivers/virt/nitro_enclaves and you helped to upstream that back then.
The enclave is what is running inside the sibling VM. It sees a
Firecracker like device model with virtio-vsock to communicate to the
parent as well as a special virtio-mmio device called "NSM" to
communicate to the hypervisor. This driver is for the latter.
I'm now aware of previous attempts to upstream it.
>
>> --- /dev/null
>> +++ b/drivers/misc/nsm.c
>> @@ -0,0 +1,470 @@
>> +// SPDX-License-Identifier: GPL-2.0
>> +/*
>> + * Amazon Nitro Secure Module driver.
>> + *
>> + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
>> + *
>> + * This program is free software; you can redistribute it and/or modify it
>> + * under the terms and conditions of the GNU General Public License,
>> + * version 2, as published by the Free Software Foundation.
>> + *
>> + * This program is distributed in the hope that it will be useful,
>> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
>> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
>> + * GNU General Public License for more details.
>> + *
>> + * You should have received a copy of the GNU General Public License
>> + * along with this program; if not, see <http://www.gnu.org/licenses/>.
> Please drop the license "boiler-plate" text, the SPDX line is
> sufficient.
Sure, happy to! :)
Alex
Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879
On 29.09.23 07:45, Greg Kroah-Hartman wrote:
>
> On Thu, Sep 28, 2023 at 10:46:44PM +0000, Alexander Graf wrote:
>> +/* Register this as a misc driver */
>> +#define NSM_DEV_NAME "nsm"
>> +#define NSM_IOCTL_MAGIC 0x0A
>> +#define NSM_IO_REQUEST _IOWR(NSM_IOCTL_MAGIC, 0, struct nsm_message)
> You have an ioctl for this driver, yet no include/uapi/ file for it?
> How is userspace supposed to know about this and use it?
D'oh. Will fix :). Thanks!
Alex
Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879
@@ -15098,6 +15098,15 @@ F: include/linux/nitro_enclaves.h
F: include/uapi/linux/nitro_enclaves.h
F: samples/nitro_enclaves/
+NITRO SECURE MODULE (NSM)
+M: Alexander Graf <graf@amazon.com>
+L: linux-kernel@vger.kernel.org
+L: The AWS Nitro Enclaves Team <aws-nitro-enclaves-devel@amazon.com>
+S: Supported
+W: https://aws.amazon.com/ec2/nitro/nitro-enclaves/
+F: drivers/misc/nsm.c
+F: include/linux/nsm.h
+
NOHZ, DYNTICKS SUPPORT
M: Frederic Weisbecker <frederic@kernel.org>
M: Thomas Gleixner <tglx@linutronix.de>
@@ -562,6 +562,17 @@ config TPS6594_PFSM
This driver can also be built as a module. If so, the module
will be called tps6594-pfsm.
+config NSM
+ tristate "Nitro (Enclaves) Security Module support"
+ depends on VIRTIO
+ help
+ This driver provides support for the Nitro Security Module
+ in AWS EC2 Nitro based Enclaves. The driver exposes a /dev/nsm
+ device user space can use to communicate with the hypervisor.
+
+ To compile this driver as a module, choose M here.
+ The module will be called nsm.
+
source "drivers/misc/c2port/Kconfig"
source "drivers/misc/eeprom/Kconfig"
source "drivers/misc/cb710/Kconfig"
@@ -67,3 +67,4 @@ obj-$(CONFIG_TMR_MANAGER) += xilinx_tmr_manager.o
obj-$(CONFIG_TMR_INJECT) += xilinx_tmr_inject.o
obj-$(CONFIG_TPS6594_ESM) += tps6594-esm.o
obj-$(CONFIG_TPS6594_PFSM) += tps6594-pfsm.o
+obj-$(CONFIG_NSM) += nsm.o
new file mode 100644
@@ -0,0 +1,470 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Amazon Nitro Secure Module driver.
+ *
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms and conditions of the GNU General Public License,
+ * version 2, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include <linux/nsm.h>
+#include <linux/file.h>
+#include <linux/fs.h>
+#include <linux/interrupt.h>
+#include <linux/miscdevice.h>
+#include <linux/module.h>
+#include <linux/mutex.h>
+#include <linux/slab.h>
+#include <linux/string.h>
+#include <linux/uaccess.h>
+#include <linux/uio.h>
+#include <linux/virtio_config.h>
+#include <linux/virtio_ids.h>
+#include <linux/wait.h>
+
+/* Register this as a misc driver */
+#define NSM_DEV_NAME "nsm"
+#define NSM_IOCTL_MAGIC 0x0A
+#define NSM_IO_REQUEST _IOWR(NSM_IOCTL_MAGIC, 0, struct nsm_message)
+#define NSM_REQUEST_MAX_SIZE 0x1000
+#define NSM_RESPONSE_MAX_SIZE 0x3000
+
+/* Timeout for NSM virtqueue respose in milliseconds. */
+#define NSM_DEFAULT_TIMEOUT_MSECS (120000) /* 2 minutes */
+
+/* The name of the NSM device virtqueue */
+const char *NSM_VQ_NAME = "nsm.vq.0";
+
+/* NSM device ID */
+static const struct virtio_device_id nsm_id_table[] = {
+ { VIRTIO_ID_NITRO_SEC_MOD, VIRTIO_DEV_ANY_ID },
+ { 0 },
+};
+
+/* NSM message from user-space */
+struct nsm_message {
+ /* Request from user */
+ struct iovec request;
+ /* Response to user */
+ struct iovec response;
+};
+
+/* Virtio MMIO device definition */
+struct virtio_mmio_device {
+ struct virtio_device vdev;
+ struct platform_device *pdev;
+
+ void __iomem *base;
+ unsigned long version;
+
+ /* a list of queues so we can dispatch IRQs */
+ spinlock_t lock;
+ struct list_head virtqueues;
+};
+
+/* Virtqueue list entry */
+struct virtio_mmio_vq_info {
+ /* The actual virtqueue */
+ struct virtqueue *vq;
+
+ /* The list node for the virtqueues list */
+ struct list_head node;
+};
+
+static struct virtio_device *nsm_vdev;
+static struct nsm_hwrng *nsm_hwrng;
+static struct mutex nsm_lock;
+static wait_queue_head_t nsm_waitqueue;
+static bool nsm_device_notified;
+
+/* Get the virtqueue */
+static struct virtqueue *nsm_get_vq(struct virtio_device *vdev)
+{
+ struct virtio_mmio_device *vm_dev =
+ container_of(vdev, struct virtio_mmio_device, vdev);
+ struct virtio_mmio_vq_info *info;
+
+ list_for_each_entry(info, &vm_dev->virtqueues, node)
+ return info->vq;
+
+ return NULL;
+}
+
+/* Copy an entire message from user-space to kernel-space */
+static int message_memdup_from_user(struct nsm_kernel_message *dst,
+ struct nsm_message *src)
+{
+ struct nsm_message shallow_copy;
+
+ if (!src || !dst)
+ return -EINVAL;
+
+ /* The destination's request and response buffers should be NULL. */
+ if (dst->request.iov_base || dst->response.iov_base)
+ return -EINVAL;
+
+ /* First, make a shallow copy to be able to read the inner pointers */
+ if (copy_from_user(&shallow_copy, src, sizeof(shallow_copy)) != 0)
+ return -EINVAL;
+
+ /* Verify the user input size. */
+ if (shallow_copy.request.iov_len > NSM_REQUEST_MAX_SIZE)
+ return -EMSGSIZE;
+
+ /* Allocate kernel memory for the user request */
+ dst->request.iov_len = shallow_copy.request.iov_len;
+ dst->request.iov_base = kmalloc(dst->request.iov_len, GFP_KERNEL);
+ if (!dst->request.iov_base)
+ return -ENOMEM;
+
+ /* Copy the request content */
+ if (copy_from_user(dst->request.iov_base,
+ shallow_copy.request.iov_base, dst->request.iov_len) != 0) {
+ kfree(dst->request.iov_base);
+ return -EFAULT;
+ }
+
+ /* Allocate kernel memory for the response, up to a fixed limit */
+ dst->response.iov_len = shallow_copy.response.iov_len;
+ if (dst->response.iov_len > NSM_RESPONSE_MAX_SIZE)
+ dst->response.iov_len = NSM_RESPONSE_MAX_SIZE;
+
+ dst->response.iov_base = kmalloc(dst->response.iov_len, GFP_KERNEL);
+ if (!dst->response.iov_base) {
+ kfree(dst->request.iov_base);
+ return -ENOMEM;
+ }
+
+ return 0;
+}
+
+/* Copy a message back to user-space */
+static int message_copy_to_user(struct nsm_message *user_msg,
+ struct nsm_kernel_message *kern_msg)
+{
+ struct nsm_message shallow_copy;
+
+ if (!kern_msg || !user_msg)
+ return -EINVAL;
+
+ /*
+ * First, do a shallow copy of the user-space message. This is needed in
+ * order to get the request block data, which we do not need to copy but
+ * must preserve in the message sent back to user-space.
+ */
+ if (copy_from_user(&shallow_copy, user_msg, sizeof(shallow_copy)) != 0)
+ return -EINVAL;
+
+ /* Do not exceed the capacity of the user-provided response buffer */
+ shallow_copy.response.iov_len = kern_msg->response.iov_len;
+
+ /* Only the response content must be copied back to user-space */
+ if (copy_to_user(shallow_copy.response.iov_base,
+ kern_msg->response.iov_base,
+ shallow_copy.response.iov_len) != 0)
+ return -EINVAL;
+
+ if (copy_to_user(user_msg, &shallow_copy, sizeof(shallow_copy)) != 0)
+ return -EFAULT;
+
+ return 0;
+}
+
+/* Virtqueue interrupt handler */
+static void nsm_vq_callback(struct virtqueue *vq)
+{
+ nsm_device_notified = true;
+ wake_up(&nsm_waitqueue);
+}
+
+/* Forward a message to the NSM device and wait for the response from it */
+int nsm_communicate_with_device(struct virtio_device *vdev,
+ struct nsm_kernel_message *message)
+{
+ struct virtqueue *vq = NULL;
+ struct scatterlist sg_in, sg_out;
+ unsigned int len;
+ void *queue_buf;
+ bool kicked;
+ int rc;
+
+ if (!vdev)
+ return -EINVAL;
+
+ if (!message)
+ return -EINVAL;
+
+ vq = nsm_get_vq(vdev);
+ if (!vq)
+ return -ENXIO;
+
+ /* Verify if buffer memory is valid. */
+ if (!virt_addr_valid(message->request.iov_base) ||
+ !virt_addr_valid(((u8 *)message->request.iov_base) +
+ message->request.iov_len - 1) ||
+ !virt_addr_valid(message->response.iov_base) ||
+ !virt_addr_valid(((u8 *)message->response.iov_base) +
+ message->response.iov_len - 1))
+ return -EINVAL;
+
+ /* Initialize scatter-gather lists with request and response buffers. */
+ sg_init_one(&sg_out, message->request.iov_base,
+ message->request.iov_len);
+ sg_init_one(&sg_in, message->response.iov_base,
+ message->response.iov_len);
+
+ mutex_lock(&nsm_lock);
+
+ /* Add the request buffer (read by the device). */
+ rc = virtqueue_add_outbuf(vq, &sg_out, 1, message->request.iov_base,
+ GFP_KERNEL);
+ if (rc) {
+ mutex_unlock(&nsm_lock);
+ return rc;
+ }
+
+ /* Add the response buffer (written by the device). */
+ rc = virtqueue_add_inbuf(vq, &sg_in, 1, message->response.iov_base,
+ GFP_KERNEL);
+ if (rc)
+ goto cleanup;
+
+ nsm_device_notified = false;
+ kicked = virtqueue_kick(vq);
+ if (!kicked) {
+ /* Cannot kick the virtqueue. */
+ rc = -EIO;
+ goto cleanup;
+ }
+
+ /* If the kick succeeded, wait for the device's response. */
+ rc = wait_event_timeout(nsm_waitqueue,
+ nsm_device_notified == true,
+ msecs_to_jiffies(NSM_DEFAULT_TIMEOUT_MSECS));
+ if (!rc) {
+ rc = -ETIMEDOUT;
+ goto cleanup;
+ }
+
+ queue_buf = virtqueue_get_buf(vq, &len);
+ if (!queue_buf || (queue_buf != message->request.iov_base)) {
+ pr_err("NSM device received wrong request buffer.");
+ rc = -ENODATA;
+ goto cleanup;
+ }
+
+ queue_buf = virtqueue_get_buf(vq, &len);
+ if (!queue_buf || (queue_buf != message->response.iov_base)) {
+ pr_err("NSM device received wrong response buffer.");
+ rc = -ENODATA;
+ goto cleanup;
+ }
+
+ /* Make sure the response length doesn't exceed the buffer capacity. */
+ if (len < message->response.iov_len)
+ message->response.iov_len = len;
+
+ rc = 0;
+
+cleanup:
+ if (rc) {
+ /* Clean the virtqueue. */
+ while (virtqueue_get_buf(vq, &len) != NULL)
+ ;
+ }
+
+ mutex_unlock(&nsm_lock);
+ return rc;
+}
+EXPORT_SYMBOL_GPL(nsm_communicate_with_device);
+
+static long nsm_dev_ioctl(struct file *file, unsigned int cmd,
+ unsigned long arg)
+{
+ struct nsm_kernel_message message;
+ int status = 0;
+
+ if (cmd != NSM_IO_REQUEST)
+ return -EINVAL;
+
+ /* The kernel message structure must be cleared */
+ memset(&message, 0, sizeof(message));
+
+ /* Copy the message from user-space to kernel-space */
+ status = message_memdup_from_user(&message, (struct nsm_message *)arg);
+ if (status != 0)
+ return status;
+
+ /* Communicate with the NSM device */
+ status = nsm_communicate_with_device(nsm_vdev, &message);
+
+ if (status != 0)
+ goto out;
+
+ /* Copy the response back to user-space */
+ status = message_copy_to_user((struct nsm_message *)arg, &message);
+
+out:
+ /* At this point, everything succeeded, so clean up and finish. */
+ kfree(message.request.iov_base);
+ kfree(message.response.iov_base);
+
+ return status;
+}
+
+static int nsm_dev_file_open(struct inode *node, struct file *file)
+{
+ pr_debug("NSM device file opened.\n");
+ return 0;
+}
+
+static int nsm_dev_file_close(struct inode *inode, struct file *file)
+{
+ pr_debug("NSM device file closed.\n");
+ return 0;
+}
+
+/* Supported driver operations */
+static const struct file_operations nsm_dev_fops = {
+ .open = nsm_dev_file_open,
+ .release = nsm_dev_file_close,
+ .unlocked_ioctl = nsm_dev_ioctl,
+};
+
+/* Driver configuration */
+static struct miscdevice nsm_driver_miscdevice = {
+ .minor = MISC_DYNAMIC_MINOR,
+ .name = NSM_DEV_NAME,
+ .fops = &nsm_dev_fops,
+ .mode = 0666
+};
+
+static int nsm_device_init_vq(struct virtio_device *vdev)
+{
+ struct virtqueue *vq = virtio_find_single_vq(vdev,
+ nsm_vq_callback, NSM_VQ_NAME);
+ if (IS_ERR(vq))
+ return PTR_ERR(vq);
+
+ return 0;
+}
+
+/* Handler for probing the NSM device */
+static int nsm_device_probe(struct virtio_device *vdev)
+{
+ int rc;
+
+ if (nsm_vdev)
+ return -EEXIST;
+
+ nsm_vdev = vdev;
+
+ rc = nsm_device_init_vq(vdev);
+ if (rc) {
+ pr_err("NSM device queue failed to initialize: %d.\n", rc);
+ return rc;
+ }
+
+ rc = misc_register(&nsm_driver_miscdevice);
+ if (rc) {
+ pr_err("NSM misc device registration error: %d.\n", rc);
+ vdev->config->del_vqs(vdev);
+ return rc;
+ }
+
+ if (nsm_hwrng)
+ nsm_hwrng->probe(vdev);
+
+ pr_debug("NSM device has been probed.\n");
+ return 0;
+}
+
+/* Handler for removing the NSM device */
+static void nsm_device_remove(struct virtio_device *vdev)
+{
+ if (vdev != nsm_vdev)
+ return;
+
+ if (nsm_hwrng)
+ nsm_hwrng->remove(vdev);
+
+ vdev->config->del_vqs(vdev);
+ misc_deregister(&nsm_driver_miscdevice);
+ nsm_vdev = NULL;
+ pr_debug("NSM device has been removed.\n");
+}
+
+int nsm_register_hwrng(struct nsm_hwrng *_nsm_hwrng)
+{
+ if (nsm_hwrng)
+ return -EEXIST;
+
+ nsm_hwrng = _nsm_hwrng;
+ if (nsm_vdev)
+ nsm_hwrng->probe(nsm_vdev);
+
+ return 0;
+}
+EXPORT_SYMBOL_GPL(nsm_register_hwrng);
+
+void nsm_unregister_hwrng(struct nsm_hwrng *_nsm_hwrng)
+{
+ if (_nsm_hwrng != nsm_hwrng)
+ return;
+
+ if (nsm_vdev)
+ nsm_hwrng->remove(nsm_vdev);
+ nsm_hwrng = NULL;
+}
+EXPORT_SYMBOL_GPL(nsm_unregister_hwrng);
+
+/* NSM device configuration structure */
+static struct virtio_driver virtio_nsm_driver = {
+ .feature_table = 0,
+ .feature_table_size = 0,
+ .feature_table_legacy = 0,
+ .feature_table_size_legacy = 0,
+ .driver.name = KBUILD_MODNAME,
+ .driver.owner = THIS_MODULE,
+ .id_table = nsm_id_table,
+ .probe = nsm_device_probe,
+ .remove = nsm_device_remove,
+};
+
+static int __init nsm_driver_init(void)
+{
+ int rc;
+
+ mutex_init(&nsm_lock);
+ init_waitqueue_head(&nsm_waitqueue);
+
+ rc = register_virtio_driver(&virtio_nsm_driver);
+ if (rc)
+ pr_err("NSM driver initialization error: %d.\n", rc);
+
+ return rc;
+}
+
+static void __exit nsm_driver_exit(void)
+{
+ unregister_virtio_driver(&virtio_nsm_driver);
+ mutex_destroy(&nsm_lock);
+ pr_debug("NSM driver exited.\n");
+}
+
+module_init(nsm_driver_init);
+module_exit(nsm_driver_exit);
+
+MODULE_DEVICE_TABLE(virtio, nsm_id_table);
+MODULE_DESCRIPTION("Virtio NSM driver");
+MODULE_LICENSE("GPL");
new file mode 100644
@@ -0,0 +1,42 @@
+/* SPDX-License-Identifier: GPL-2.0
+ *
+ * Amazon Nitro Secure Module driver.
+ *
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms and conditions of the GNU General Public License,
+ * version 2, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include <linux/uio.h>
+#include <linux/virtio.h>
+
+#define NSM_RESPONSE_MAX_SIZE 0x3000
+
+struct nsm_hwrng {
+ int (*probe)(struct virtio_device *dev);
+ void (*remove)(struct virtio_device *dev);
+};
+
+int nsm_register_hwrng(struct nsm_hwrng *nsm_hwrng);
+void nsm_unregister_hwrng(struct nsm_hwrng *nsm_hwrng);
+
+/* Copy of NSM message in kernel-space */
+struct nsm_kernel_message {
+ /* Copy of user request in kernel memory */
+ struct kvec request;
+ /* Copy of user response in kernel memory */
+ struct kvec response;
+};
+
+int nsm_communicate_with_device(struct virtio_device *dev,
+ struct nsm_kernel_message *message);