1/*
2 * AMD Platform Security Processor (PSP) interface
3 *
4 * Copyright (C) 2016,2018 Advanced Micro Devices, Inc.
5 *
6 * Author: Brijesh Singh <brijesh.singh@amd.com>
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License version 2 as
10 * published by the Free Software Foundation.
11 */
12
13#include <linux/module.h>
14#include <linux/kernel.h>
15#include <linux/kthread.h>
16#include <linux/sched.h>
17#include <linux/interrupt.h>
18#include <linux/spinlock.h>
19#include <linux/spinlock_types.h>
20#include <linux/types.h>
21#include <linux/mutex.h>
22#include <linux/delay.h>
23#include <linux/hw_random.h>
24#include <linux/ccp.h>
25#include <linux/firmware.h>
26
27#include "sp-dev.h"
28#include "psp-dev.h"
29
30#define SEV_VERSION_GREATER_OR_EQUAL(_maj, _min) \
31 ((psp_master->api_major) >= _maj && \
32 (psp_master->api_minor) >= _min)
33
34#define DEVICE_NAME "sev"
35#define SEV_FW_FILE "amd/sev.fw"
36#define SEV_FW_NAME_SIZE 64
37
38static DEFINE_MUTEX(sev_cmd_mutex);
39static struct sev_misc_dev *misc_dev;
40static struct psp_device *psp_master;
41
42static int psp_cmd_timeout = 100;
43module_param(psp_cmd_timeout, int, 0644);
44MODULE_PARM_DESC(psp_cmd_timeout, " default timeout value, in seconds, for PSP commands");
45
46static int psp_probe_timeout = 5;
47module_param(psp_probe_timeout, int, 0644);
48MODULE_PARM_DESC(psp_probe_timeout, " default timeout value, in seconds, during PSP device probe");
49
50static bool psp_dead;
51static int psp_timeout;
52
53static struct psp_device *psp_alloc_struct(struct sp_device *sp)
54{
55 struct device *dev = sp->dev;
56 struct psp_device *psp;
57
58 psp = devm_kzalloc(dev, sizeof(*psp), GFP_KERNEL);
59 if (!psp)
60 return NULL;
61
62 psp->dev = dev;
63 psp->sp = sp;
64
65 snprintf(psp->name, sizeof(psp->name), "psp-%u", sp->ord);
66
67 return psp;
68}
69
70static irqreturn_t psp_irq_handler(int irq, void *data)
71{
72 struct psp_device *psp = data;
73 unsigned int status;
74 int reg;
75
76 /* Read the interrupt status: */
77 status = ioread32(psp->io_regs + psp->vdata->intsts_reg);
78
79 /* Check if it is command completion: */
80 if (!(status & PSP_CMD_COMPLETE))
81 goto done;
82
83 /* Check if it is SEV command completion: */
84 reg = ioread32(psp->io_regs + psp->vdata->cmdresp_reg);
85 if (reg & PSP_CMDRESP_RESP) {
86 psp->sev_int_rcvd = 1;
87 wake_up(&psp->sev_int_queue);
88 }
89
90done:
91 /* Clear the interrupt status by writing the same value we read. */
92 iowrite32(status, psp->io_regs + psp->vdata->intsts_reg);
93
94 return IRQ_HANDLED;
95}
96
97static int sev_wait_cmd_ioc(struct psp_device *psp,
98 unsigned int *reg, unsigned int timeout)
99{
100 int ret;
101
102 ret = wait_event_timeout(psp->sev_int_queue,
103 psp->sev_int_rcvd, timeout * HZ);
104 if (!ret)
105 return -ETIMEDOUT;
106
107 *reg = ioread32(psp->io_regs + psp->vdata->cmdresp_reg);
108
109 return 0;
110}
111
112static int sev_cmd_buffer_len(int cmd)
113{
114 switch (cmd) {
115 case SEV_CMD_INIT: return sizeof(struct sev_data_init);
116 case SEV_CMD_PLATFORM_STATUS: return sizeof(struct sev_user_data_status);
117 case SEV_CMD_PEK_CSR: return sizeof(struct sev_data_pek_csr);
118 case SEV_CMD_PEK_CERT_IMPORT: return sizeof(struct sev_data_pek_cert_import);
119 case SEV_CMD_PDH_CERT_EXPORT: return sizeof(struct sev_data_pdh_cert_export);
120 case SEV_CMD_LAUNCH_START: return sizeof(struct sev_data_launch_start);
121 case SEV_CMD_LAUNCH_UPDATE_DATA: return sizeof(struct sev_data_launch_update_data);
122 case SEV_CMD_LAUNCH_UPDATE_VMSA: return sizeof(struct sev_data_launch_update_vmsa);
123 case SEV_CMD_LAUNCH_FINISH: return sizeof(struct sev_data_launch_finish);
124 case SEV_CMD_LAUNCH_MEASURE: return sizeof(struct sev_data_launch_measure);
125 case SEV_CMD_ACTIVATE: return sizeof(struct sev_data_activate);
126 case SEV_CMD_DEACTIVATE: return sizeof(struct sev_data_deactivate);
127 case SEV_CMD_DECOMMISSION: return sizeof(struct sev_data_decommission);
128 case SEV_CMD_GUEST_STATUS: return sizeof(struct sev_data_guest_status);
129 case SEV_CMD_DBG_DECRYPT: return sizeof(struct sev_data_dbg);
130 case SEV_CMD_DBG_ENCRYPT: return sizeof(struct sev_data_dbg);
131 case SEV_CMD_SEND_START: return sizeof(struct sev_data_send_start);
132 case SEV_CMD_SEND_UPDATE_DATA: return sizeof(struct sev_data_send_update_data);
133 case SEV_CMD_SEND_UPDATE_VMSA: return sizeof(struct sev_data_send_update_vmsa);
134 case SEV_CMD_SEND_FINISH: return sizeof(struct sev_data_send_finish);
135 case SEV_CMD_RECEIVE_START: return sizeof(struct sev_data_receive_start);
136 case SEV_CMD_RECEIVE_FINISH: return sizeof(struct sev_data_receive_finish);
137 case SEV_CMD_RECEIVE_UPDATE_DATA: return sizeof(struct sev_data_receive_update_data);
138 case SEV_CMD_RECEIVE_UPDATE_VMSA: return sizeof(struct sev_data_receive_update_vmsa);
139 case SEV_CMD_LAUNCH_UPDATE_SECRET: return sizeof(struct sev_data_launch_secret);
140 case SEV_CMD_DOWNLOAD_FIRMWARE: return sizeof(struct sev_data_download_firmware);
141 case SEV_CMD_GET_ID: return sizeof(struct sev_data_get_id);
142 default: return 0;
143 }
144
145 return 0;
146}
147
148static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret)
149{
150 struct psp_device *psp = psp_master;
151 unsigned int phys_lsb, phys_msb;
152 unsigned int reg, ret = 0;
153
154 if (!psp)
155 return -ENODEV;
156
157 if (psp_dead)
158 return -EBUSY;
159
160 /* Get the physical address of the command buffer */
161 phys_lsb = data ? lower_32_bits(__psp_pa(data)) : 0;
162 phys_msb = data ? upper_32_bits(__psp_pa(data)) : 0;
163
164 dev_dbg(psp->dev, "sev command id %#x buffer 0x%08x%08x timeout %us\n",
165 cmd, phys_msb, phys_lsb, psp_timeout);
166
167 print_hex_dump_debug("(in): ", DUMP_PREFIX_OFFSET, 16, 2, data,
168 sev_cmd_buffer_len(cmd), false);
169
170 iowrite32(phys_lsb, psp->io_regs + psp->vdata->cmdbuff_addr_lo_reg);
171 iowrite32(phys_msb, psp->io_regs + psp->vdata->cmdbuff_addr_hi_reg);
172
173 psp->sev_int_rcvd = 0;
174
175 reg = cmd;
176 reg <<= PSP_CMDRESP_CMD_SHIFT;
177 reg |= PSP_CMDRESP_IOC;
178 iowrite32(reg, psp->io_regs + psp->vdata->cmdresp_reg);
179
180 /* wait for command completion */
181 ret = sev_wait_cmd_ioc(psp, &reg, psp_timeout);
182 if (ret) {
183 if (psp_ret)
184 *psp_ret = 0;
185
186 dev_err(psp->dev, "sev command %#x timed out, disabling PSP \n", cmd);
187 psp_dead = true;
188
189 return ret;
190 }
191
192 psp_timeout = psp_cmd_timeout;
193
194 if (psp_ret)
195 *psp_ret = reg & PSP_CMDRESP_ERR_MASK;
196
197 if (reg & PSP_CMDRESP_ERR_MASK) {
198 dev_dbg(psp->dev, "sev command %#x failed (%#010x)\n",
199 cmd, reg & PSP_CMDRESP_ERR_MASK);
200 ret = -EIO;
201 }
202
203 print_hex_dump_debug("(out): ", DUMP_PREFIX_OFFSET, 16, 2, data,
204 sev_cmd_buffer_len(cmd), false);
205
206 return ret;
207}
208
209static int sev_do_cmd(int cmd, void *data, int *psp_ret)
210{
211 int rc;
212
213 mutex_lock(&sev_cmd_mutex);
214 rc = __sev_do_cmd_locked(cmd, data, psp_ret);
215 mutex_unlock(&sev_cmd_mutex);
216
217 return rc;
218}
219
220static int __sev_platform_init_locked(int *error)
221{
222 struct psp_device *psp = psp_master;
223 int rc = 0;
224
225 if (!psp)
226 return -ENODEV;
227
228 if (psp->sev_state == SEV_STATE_INIT)
229 return 0;
230
231 rc = __sev_do_cmd_locked(SEV_CMD_INIT, &psp->init_cmd_buf, error);
232 if (rc)
233 return rc;
234
235 psp->sev_state = SEV_STATE_INIT;
236 dev_dbg(psp->dev, "SEV firmware initialized\n");
237
238 return rc;
239}
240
241int sev_platform_init(int *error)
242{
243 int rc;
244
245 mutex_lock(&sev_cmd_mutex);
246 rc = __sev_platform_init_locked(error);
247 mutex_unlock(&sev_cmd_mutex);
248
249 return rc;
250}
251EXPORT_SYMBOL_GPL(sev_platform_init);
252
253static int __sev_platform_shutdown_locked(int *error)
254{
255 int ret;
256
257 ret = __sev_do_cmd_locked(SEV_CMD_SHUTDOWN, NULL, error);
258 if (ret)
259 return ret;
260
261 psp_master->sev_state = SEV_STATE_UNINIT;
262 dev_dbg(psp_master->dev, "SEV firmware shutdown\n");
263
264 return ret;
265}
266
267static int sev_platform_shutdown(int *error)
268{
269 int rc;
270
271 mutex_lock(&sev_cmd_mutex);
272 rc = __sev_platform_shutdown_locked(NULL);
273 mutex_unlock(&sev_cmd_mutex);
274
275 return rc;
276}
277
278static int sev_get_platform_state(int *state, int *error)
279{
280 int rc;
281
282 rc = __sev_do_cmd_locked(SEV_CMD_PLATFORM_STATUS,
283 &psp_master->status_cmd_buf, error);
284 if (rc)
285 return rc;
286
287 *state = psp_master->status_cmd_buf.state;
288 return rc;
289}
290
291static int sev_ioctl_do_reset(struct sev_issue_cmd *argp)
292{
293 int state, rc;
294
295 /*
296 * The SEV spec requires that FACTORY_RESET must be issued in
297 * UNINIT state. Before we go further lets check if any guest is
298 * active.
299 *
300 * If FW is in WORKING state then deny the request otherwise issue
301 * SHUTDOWN command do INIT -> UNINIT before issuing the FACTORY_RESET.
302 *
303 */
304 rc = sev_get_platform_state(&state, &argp->error);
305 if (rc)
306 return rc;
307
308 if (state == SEV_STATE_WORKING)
309 return -EBUSY;
310
311 if (state == SEV_STATE_INIT) {
312 rc = __sev_platform_shutdown_locked(&argp->error);
313 if (rc)
314 return rc;
315 }
316
317 return __sev_do_cmd_locked(SEV_CMD_FACTORY_RESET, NULL, &argp->error);
318}
319
320static int sev_ioctl_do_platform_status(struct sev_issue_cmd *argp)
321{
322 struct sev_user_data_status *data = &psp_master->status_cmd_buf;
323 int ret;
324
325 ret = __sev_do_cmd_locked(SEV_CMD_PLATFORM_STATUS, data, &argp->error);
326 if (ret)
327 return ret;
328
329 if (copy_to_user((void __user *)argp->data, data, sizeof(*data)))
330 ret = -EFAULT;
331
332 return ret;
333}
334
335static int sev_ioctl_do_pek_pdh_gen(int cmd, struct sev_issue_cmd *argp)
336{
337 int rc;
338
339 if (psp_master->sev_state == SEV_STATE_UNINIT) {
340 rc = __sev_platform_init_locked(&argp->error);
341 if (rc)
342 return rc;
343 }
344
345 return __sev_do_cmd_locked(cmd, NULL, &argp->error);
346}
347
348static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp)
349{
350 struct sev_user_data_pek_csr input;
351 struct sev_data_pek_csr *data;
352 void *blob = NULL;
353 int ret;
354
355 if (copy_from_user(&input, (void __user *)argp->data, sizeof(input)))
356 return -EFAULT;
357
358 data = kzalloc(sizeof(*data), GFP_KERNEL);
359 if (!data)
360 return -ENOMEM;
361
362 /* userspace wants to query CSR length */
363 if (!input.address || !input.length)
364 goto cmd;
365
366 /* allocate a physically contiguous buffer to store the CSR blob */
367 if (!access_ok(input.address, input.length) ||
368 input.length > SEV_FW_BLOB_MAX_SIZE) {
369 ret = -EFAULT;
370 goto e_free;
371 }
372
373 blob = kmalloc(input.length, GFP_KERNEL);
374 if (!blob) {
375 ret = -ENOMEM;
376 goto e_free;
377 }
378
379 data->address = __psp_pa(blob);
380 data->len = input.length;
381
382cmd:
383 if (psp_master->sev_state == SEV_STATE_UNINIT) {
384 ret = __sev_platform_init_locked(&argp->error);
385 if (ret)
386 goto e_free_blob;
387 }
388
389 ret = __sev_do_cmd_locked(SEV_CMD_PEK_CSR, data, &argp->error);
390
391 /* If we query the CSR length, FW responded with expected data. */
392 input.length = data->len;
393
394 if (copy_to_user((void __user *)argp->data, &input, sizeof(input))) {
395 ret = -EFAULT;
396 goto e_free_blob;
397 }
398
399 if (blob) {
400 if (copy_to_user((void __user *)input.address, blob, input.length))
401 ret = -EFAULT;
402 }
403
404e_free_blob:
405 kfree(blob);
406e_free:
407 kfree(data);
408 return ret;
409}
410
411void *psp_copy_user_blob(u64 __user uaddr, u32 len)
412{
413 if (!uaddr || !len)
414 return ERR_PTR(-EINVAL);
415
416 /* verify that blob length does not exceed our limit */
417 if (len > SEV_FW_BLOB_MAX_SIZE)
418 return ERR_PTR(-EINVAL);
419
420 return memdup_user((void __user *)(uintptr_t)uaddr, len);
421}
422EXPORT_SYMBOL_GPL(psp_copy_user_blob);
423
424static int sev_get_api_version(void)
425{
426 struct sev_user_data_status *status;
427 int error = 0, ret;
428
429 status = &psp_master->status_cmd_buf;
430 ret = sev_platform_status(status, &error);
431 if (ret) {
432 dev_err(psp_master->dev,
433 "SEV: failed to get status. Error: %#x\n", error);
434 return 1;
435 }
436
437 psp_master->api_major = status->api_major;
438 psp_master->api_minor = status->api_minor;
439 psp_master->build = status->build;
440 psp_master->sev_state = status->state;
441
442 return 0;
443}
444
445static int sev_get_firmware(struct device *dev,
446 const struct firmware **firmware)
447{
448 char fw_name_specific[SEV_FW_NAME_SIZE];
449 char fw_name_subset[SEV_FW_NAME_SIZE];
450
451 snprintf(fw_name_specific, sizeof(fw_name_specific),
452 "amd/amd_sev_fam%.2xh_model%.2xh.sbin",
453 boot_cpu_data.x86, boot_cpu_data.x86_model);
454
455 snprintf(fw_name_subset, sizeof(fw_name_subset),
456 "amd/amd_sev_fam%.2xh_model%.1xxh.sbin",
457 boot_cpu_data.x86, (boot_cpu_data.x86_model & 0xf0) >> 4);
458
459 /* Check for SEV FW for a particular model.
460 * Ex. amd_sev_fam17h_model00h.sbin for Family 17h Model 00h
461 *
462 * or
463 *
464 * Check for SEV FW common to a subset of models.
465 * Ex. amd_sev_fam17h_model0xh.sbin for
466 * Family 17h Model 00h -- Family 17h Model 0Fh
467 *
468 * or
469 *
470 * Fall-back to using generic name: sev.fw
471 */
472 if ((firmware_request_nowarn(firmware, fw_name_specific, dev) >= 0) ||
473 (firmware_request_nowarn(firmware, fw_name_subset, dev) >= 0) ||
474 (firmware_request_nowarn(firmware, SEV_FW_FILE, dev) >= 0))
475 return 0;
476
477 return -ENOENT;
478}
479
480/* Don't fail if SEV FW couldn't be updated. Continue with existing SEV FW */
481static int sev_update_firmware(struct device *dev)
482{
483 struct sev_data_download_firmware *data;
484 const struct firmware *firmware;
485 int ret, error, order;
486 struct page *p;
487 u64 data_size;
488
489 if (sev_get_firmware(dev, &firmware) == -ENOENT) {
490 dev_dbg(dev, "No SEV firmware file present\n");
491 return -1;
492 }
493
494 /*
495 * SEV FW expects the physical address given to it to be 32
496 * byte aligned. Memory allocated has structure placed at the
497 * beginning followed by the firmware being passed to the SEV
498 * FW. Allocate enough memory for data structure + alignment
499 * padding + SEV FW.
500 */
501 data_size = ALIGN(sizeof(struct sev_data_download_firmware), 32);
502
503 order = get_order(firmware->size + data_size);
504 p = alloc_pages(GFP_KERNEL, order);
505 if (!p) {
506 ret = -1;
507 goto fw_err;
508 }
509
510 /*
511 * Copy firmware data to a kernel allocated contiguous
512 * memory region.
513 */
514 data = page_address(p);
515 memcpy(page_address(p) + data_size, firmware->data, firmware->size);
516
517 data->address = __psp_pa(page_address(p) + data_size);
518 data->len = firmware->size;
519
520 ret = sev_do_cmd(SEV_CMD_DOWNLOAD_FIRMWARE, data, &error);
521 if (ret)
522 dev_dbg(dev, "Failed to update SEV firmware: %#x\n", error);
523 else
524 dev_info(dev, "SEV firmware update successful\n");
525
526 __free_pages(p, order);
527
528fw_err:
529 release_firmware(firmware);
530
531 return ret;
532}
533
534static int sev_ioctl_do_pek_import(struct sev_issue_cmd *argp)
535{
536 struct sev_user_data_pek_cert_import input;
537 struct sev_data_pek_cert_import *data;
538 void *pek_blob, *oca_blob;
539 int ret;
540
541 if (copy_from_user(&input, (void __user *)argp->data, sizeof(input)))
542 return -EFAULT;
543
544 data = kzalloc(sizeof(*data), GFP_KERNEL);
545 if (!data)
546 return -ENOMEM;
547
548 /* copy PEK certificate blobs from userspace */
549 pek_blob = psp_copy_user_blob(input.pek_cert_address, input.pek_cert_len);
550 if (IS_ERR(pek_blob)) {
551 ret = PTR_ERR(pek_blob);
552 goto e_free;
553 }
554
555 data->pek_cert_address = __psp_pa(pek_blob);
556 data->pek_cert_len = input.pek_cert_len;
557
558 /* copy PEK certificate blobs from userspace */
559 oca_blob = psp_copy_user_blob(input.oca_cert_address, input.oca_cert_len);
560 if (IS_ERR(oca_blob)) {
561 ret = PTR_ERR(oca_blob);
562 goto e_free_pek;
563 }
564
565 data->oca_cert_address = __psp_pa(oca_blob);
566 data->oca_cert_len = input.oca_cert_len;
567
568 /* If platform is not in INIT state then transition it to INIT */
569 if (psp_master->sev_state != SEV_STATE_INIT) {
570 ret = __sev_platform_init_locked(&argp->error);
571 if (ret)
572 goto e_free_oca;
573 }
574
575 ret = __sev_do_cmd_locked(SEV_CMD_PEK_CERT_IMPORT, data, &argp->error);
576
577e_free_oca:
578 kfree(oca_blob);
579e_free_pek:
580 kfree(pek_blob);
581e_free:
582 kfree(data);
583 return ret;
584}
585
586static int sev_ioctl_do_get_id(struct sev_issue_cmd *argp)
587{
588 struct sev_data_get_id *data;
589 u64 data_size, user_size;
590 void *id_blob, *mem;
591 int ret;
592
593 /* SEV GET_ID available from SEV API v0.16 and up */
594 if (!SEV_VERSION_GREATER_OR_EQUAL(0, 16))
595 return -ENOTSUPP;
596
597 /* SEV FW expects the buffer it fills with the ID to be
598 * 8-byte aligned. Memory allocated should be enough to
599 * hold data structure + alignment padding + memory
600 * where SEV FW writes the ID.
601 */
602 data_size = ALIGN(sizeof(struct sev_data_get_id), 8);
603 user_size = sizeof(struct sev_user_data_get_id);
604
605 mem = kzalloc(data_size + user_size, GFP_KERNEL);
606 if (!mem)
607 return -ENOMEM;
608
609 data = mem;
610 id_blob = mem + data_size;
611
612 data->address = __psp_pa(id_blob);
613 data->len = user_size;
614
615 ret = __sev_do_cmd_locked(SEV_CMD_GET_ID, data, &argp->error);
616 if (!ret) {
617 if (copy_to_user((void __user *)argp->data, id_blob, data->len))
618 ret = -EFAULT;
619 }
620
621 kfree(mem);
622
623 return ret;
624}
625
626static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp)
627{
628 struct sev_user_data_pdh_cert_export input;
629 void *pdh_blob = NULL, *cert_blob = NULL;
630 struct sev_data_pdh_cert_export *data;
631 int ret;
632
633 if (copy_from_user(&input, (void __user *)argp->data, sizeof(input)))
634 return -EFAULT;
635
636 data = kzalloc(sizeof(*data), GFP_KERNEL);
637 if (!data)
638 return -ENOMEM;
639
640 /* Userspace wants to query the certificate length. */
641 if (!input.pdh_cert_address ||
642 !input.pdh_cert_len ||
643 !input.cert_chain_address)
644 goto cmd;
645
646 /* Allocate a physically contiguous buffer to store the PDH blob. */
647 if ((input.pdh_cert_len > SEV_FW_BLOB_MAX_SIZE) ||
648 !access_ok(input.pdh_cert_address, input.pdh_cert_len)) {
649 ret = -EFAULT;
650 goto e_free;
651 }
652
653 /* Allocate a physically contiguous buffer to store the cert chain blob. */
654 if ((input.cert_chain_len > SEV_FW_BLOB_MAX_SIZE) ||
655 !access_ok(input.cert_chain_address, input.cert_chain_len)) {
656 ret = -EFAULT;
657 goto e_free;
658 }
659
660 pdh_blob = kmalloc(input.pdh_cert_len, GFP_KERNEL);
661 if (!pdh_blob) {
662 ret = -ENOMEM;
663 goto e_free;
664 }
665
666 data->pdh_cert_address = __psp_pa(pdh_blob);
667 data->pdh_cert_len = input.pdh_cert_len;
668
669 cert_blob = kmalloc(input.cert_chain_len, GFP_KERNEL);
670 if (!cert_blob) {
671 ret = -ENOMEM;
672 goto e_free_pdh;
673 }
674
675 data->cert_chain_address = __psp_pa(cert_blob);
676 data->cert_chain_len = input.cert_chain_len;
677
678cmd:
679 /* If platform is not in INIT state then transition it to INIT. */
680 if (psp_master->sev_state != SEV_STATE_INIT) {
681 ret = __sev_platform_init_locked(&argp->error);
682 if (ret)
683 goto e_free_cert;
684 }
685
686 ret = __sev_do_cmd_locked(SEV_CMD_PDH_CERT_EXPORT, data, &argp->error);
687
688 /* If we query the length, FW responded with expected data. */
689 input.cert_chain_len = data->cert_chain_len;
690 input.pdh_cert_len = data->pdh_cert_len;
691
692 if (copy_to_user((void __user *)argp->data, &input, sizeof(input))) {
693 ret = -EFAULT;
694 goto e_free_cert;
695 }
696
697 if (pdh_blob) {
698 if (copy_to_user((void __user *)input.pdh_cert_address,
699 pdh_blob, input.pdh_cert_len)) {
700 ret = -EFAULT;
701 goto e_free_cert;
702 }
703 }
704
705 if (cert_blob) {
706 if (copy_to_user((void __user *)input.cert_chain_address,
707 cert_blob, input.cert_chain_len))
708 ret = -EFAULT;
709 }
710
711e_free_cert:
712 kfree(cert_blob);
713e_free_pdh:
714 kfree(pdh_blob);
715e_free:
716 kfree(data);
717 return ret;
718}
719
720static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg)
721{
722 void __user *argp = (void __user *)arg;
723 struct sev_issue_cmd input;
724 int ret = -EFAULT;
725
726 if (!psp_master)
727 return -ENODEV;
728
729 if (ioctl != SEV_ISSUE_CMD)
730 return -EINVAL;
731
732 if (copy_from_user(&input, argp, sizeof(struct sev_issue_cmd)))
733 return -EFAULT;
734
735 if (input.cmd > SEV_MAX)
736 return -EINVAL;
737
738 mutex_lock(&sev_cmd_mutex);
739
740 switch (input.cmd) {
741
742 case SEV_FACTORY_RESET:
743 ret = sev_ioctl_do_reset(&input);
744 break;
745 case SEV_PLATFORM_STATUS:
746 ret = sev_ioctl_do_platform_status(&input);
747 break;
748 case SEV_PEK_GEN:
749 ret = sev_ioctl_do_pek_pdh_gen(SEV_CMD_PEK_GEN, &input);
750 break;
751 case SEV_PDH_GEN:
752 ret = sev_ioctl_do_pek_pdh_gen(SEV_CMD_PDH_GEN, &input);
753 break;
754 case SEV_PEK_CSR:
755 ret = sev_ioctl_do_pek_csr(&input);
756 break;
757 case SEV_PEK_CERT_IMPORT:
758 ret = sev_ioctl_do_pek_import(&input);
759 break;
760 case SEV_PDH_CERT_EXPORT:
761 ret = sev_ioctl_do_pdh_export(&input);
762 break;
763 case SEV_GET_ID:
764 ret = sev_ioctl_do_get_id(&input);
765 break;
766 default:
767 ret = -EINVAL;
768 goto out;
769 }
770
771 if (copy_to_user(argp, &input, sizeof(struct sev_issue_cmd)))
772 ret = -EFAULT;
773out:
774 mutex_unlock(&sev_cmd_mutex);
775
776 return ret;
777}
778
779static const struct file_operations sev_fops = {
780 .owner = THIS_MODULE,
781 .unlocked_ioctl = sev_ioctl,
782};
783
784int sev_platform_status(struct sev_user_data_status *data, int *error)
785{
786 return sev_do_cmd(SEV_CMD_PLATFORM_STATUS, data, error);
787}
788EXPORT_SYMBOL_GPL(sev_platform_status);
789
790int sev_guest_deactivate(struct sev_data_deactivate *data, int *error)
791{
792 return sev_do_cmd(SEV_CMD_DEACTIVATE, data, error);
793}
794EXPORT_SYMBOL_GPL(sev_guest_deactivate);
795
796int sev_guest_activate(struct sev_data_activate *data, int *error)
797{
798 return sev_do_cmd(SEV_CMD_ACTIVATE, data, error);
799}
800EXPORT_SYMBOL_GPL(sev_guest_activate);
801
802int sev_guest_decommission(struct sev_data_decommission *data, int *error)
803{
804 return sev_do_cmd(SEV_CMD_DECOMMISSION, data, error);
805}
806EXPORT_SYMBOL_GPL(sev_guest_decommission);
807
808int sev_guest_df_flush(int *error)
809{
810 return sev_do_cmd(SEV_CMD_DF_FLUSH, NULL, error);
811}
812EXPORT_SYMBOL_GPL(sev_guest_df_flush);
813
814static void sev_exit(struct kref *ref)
815{
816 struct sev_misc_dev *misc_dev = container_of(ref, struct sev_misc_dev, refcount);
817
818 misc_deregister(&misc_dev->misc);
819}
820
821static int sev_misc_init(struct psp_device *psp)
822{
823 struct device *dev = psp->dev;
824 int ret;
825
826 /*
827 * SEV feature support can be detected on multiple devices but the SEV
828 * FW commands must be issued on the master. During probe, we do not
829 * know the master hence we create /dev/sev on the first device probe.
830 * sev_do_cmd() finds the right master device to which to issue the
831 * command to the firmware.
832 */
833 if (!misc_dev) {
834 struct miscdevice *misc;
835
836 misc_dev = devm_kzalloc(dev, sizeof(*misc_dev), GFP_KERNEL);
837 if (!misc_dev)
838 return -ENOMEM;
839
840 misc = &misc_dev->misc;
841 misc->minor = MISC_DYNAMIC_MINOR;
842 misc->name = DEVICE_NAME;
843 misc->fops = &sev_fops;
844
845 ret = misc_register(misc);
846 if (ret)
847 return ret;
848
849 kref_init(&misc_dev->refcount);
850 } else {
851 kref_get(&misc_dev->refcount);
852 }
853
854 init_waitqueue_head(&psp->sev_int_queue);
855 psp->sev_misc = misc_dev;
856 dev_dbg(dev, "registered SEV device\n");
857
858 return 0;
859}
860
861static int psp_check_sev_support(struct psp_device *psp)
862{
863 /* Check if device supports SEV feature */
864 if (!(ioread32(psp->io_regs + psp->vdata->feature_reg) & 1)) {
865 dev_dbg(psp->dev, "psp does not support SEV\n");
866 return -ENODEV;
867 }
868
869 return 0;
870}
871
872int psp_dev_init(struct sp_device *sp)
873{
874 struct device *dev = sp->dev;
875 struct psp_device *psp;
876 int ret;
877
878 ret = -ENOMEM;
879 psp = psp_alloc_struct(sp);
880 if (!psp)
881 goto e_err;
882
883 sp->psp_data = psp;
884
885 psp->vdata = (struct psp_vdata *)sp->dev_vdata->psp_vdata;
886 if (!psp->vdata) {
887 ret = -ENODEV;
888 dev_err(dev, "missing driver data\n");
889 goto e_err;
890 }
891
892 psp->io_regs = sp->io_map;
893
894 ret = psp_check_sev_support(psp);
895 if (ret)
896 goto e_disable;
897
898 /* Disable and clear interrupts until ready */
899 iowrite32(0, psp->io_regs + psp->vdata->inten_reg);
900 iowrite32(-1, psp->io_regs + psp->vdata->intsts_reg);
901
902 /* Request an irq */
903 ret = sp_request_psp_irq(psp->sp, psp_irq_handler, psp->name, psp);
904 if (ret) {
905 dev_err(dev, "psp: unable to allocate an IRQ\n");
906 goto e_err;
907 }
908
909 ret = sev_misc_init(psp);
910 if (ret)
911 goto e_irq;
912
913 if (sp->set_psp_master_device)
914 sp->set_psp_master_device(sp);
915
916 /* Enable interrupt */
917 iowrite32(-1, psp->io_regs + psp->vdata->inten_reg);
918
919 dev_notice(dev, "psp enabled\n");
920
921 return 0;
922
923e_irq:
924 sp_free_psp_irq(psp->sp, psp);
925e_err:
926 sp->psp_data = NULL;
927
928 dev_notice(dev, "psp initialization failed\n");
929
930 return ret;
931
932e_disable:
933 sp->psp_data = NULL;
934
935 return ret;
936}
937
938void psp_dev_destroy(struct sp_device *sp)
939{
940 struct psp_device *psp = sp->psp_data;
941
942 if (!psp)
943 return;
944
945 if (psp->sev_misc)
946 kref_put(&misc_dev->refcount, sev_exit);
947
948 sp_free_psp_irq(sp, psp);
949}
950
951int sev_issue_cmd_external_user(struct file *filep, unsigned int cmd,
952 void *data, int *error)
953{
954 if (!filep || filep->f_op != &sev_fops)
955 return -EBADF;
956
957 return sev_do_cmd(cmd, data, error);
958}
959EXPORT_SYMBOL_GPL(sev_issue_cmd_external_user);
960
961void psp_pci_init(void)
962{
963 struct sp_device *sp;
964 int error, rc;
965
966 sp = sp_get_psp_master_device();
967 if (!sp)
968 return;
969
970 psp_master = sp->psp_data;
971
972 psp_timeout = psp_probe_timeout;
973
974 if (sev_get_api_version())
975 goto err;
976
977 /*
978 * If platform is not in UNINIT state then firmware upgrade and/or
979 * platform INIT command will fail. These command require UNINIT state.
980 *
981 * In a normal boot we should never run into case where the firmware
982 * is not in UNINIT state on boot. But in case of kexec boot, a reboot
983 * may not go through a typical shutdown sequence and may leave the
984 * firmware in INIT or WORKING state.
985 */
986
987 if (psp_master->sev_state != SEV_STATE_UNINIT) {
988 sev_platform_shutdown(NULL);
989 psp_master->sev_state = SEV_STATE_UNINIT;
990 }
991
992 if (SEV_VERSION_GREATER_OR_EQUAL(0, 15) &&
993 sev_update_firmware(psp_master->dev) == 0)
994 sev_get_api_version();
995
996 /* Initialize the platform */
997 rc = sev_platform_init(&error);
998 if (rc) {
999 dev_err(sp->dev, "SEV: failed to INIT error %#x\n", error);
1000 goto err;
1001 }
1002
1003 dev_info(sp->dev, "SEV API:%d.%d build:%d\n", psp_master->api_major,
1004 psp_master->api_minor, psp_master->build);
1005
1006 return;
1007
1008err:
1009 psp_master = NULL;
1010}
1011
1012void psp_pci_exit(void)
1013{
1014 if (!psp_master)
1015 return;
1016
1017 sev_platform_shutdown(NULL);
1018}
1019