1 | // SPDX-License-Identifier: GPL-2.0-only |
2 | /* |
3 | * AMD Platform Security Processor (PSP) interface |
4 | * |
5 | * Copyright (C) 2016,2019 Advanced Micro Devices, Inc. |
6 | * |
7 | * Author: Brijesh Singh <brijesh.singh@amd.com> |
8 | */ |
9 | |
10 | #include <linux/kernel.h> |
11 | #include <linux/irqreturn.h> |
12 | #include <linux/mutex.h> |
13 | #include <linux/bitfield.h> |
14 | #include <linux/delay.h> |
15 | |
16 | #include "sp-dev.h" |
17 | #include "psp-dev.h" |
18 | #include "sev-dev.h" |
19 | #include "tee-dev.h" |
20 | #include "platform-access.h" |
21 | #include "dbc.h" |
22 | |
23 | struct psp_device *psp_master; |
24 | |
25 | #define PSP_C2PMSG_17_CMDRESP_CMD GENMASK(19, 16) |
26 | |
27 | static int psp_mailbox_poll(const void __iomem *cmdresp_reg, unsigned int *cmdresp, |
28 | unsigned int timeout_msecs) |
29 | { |
30 | while (true) { |
31 | *cmdresp = ioread32(cmdresp_reg); |
32 | if (FIELD_GET(PSP_CMDRESP_RESP, *cmdresp)) |
33 | return 0; |
34 | |
35 | if (!timeout_msecs--) |
36 | break; |
37 | |
38 | usleep_range(min: 1000, max: 1100); |
39 | } |
40 | |
41 | return -ETIMEDOUT; |
42 | } |
43 | |
44 | int psp_mailbox_command(struct psp_device *psp, enum psp_cmd cmd, void *cmdbuff, |
45 | unsigned int timeout_msecs, unsigned int *cmdresp) |
46 | { |
47 | void __iomem *cmdresp_reg, *cmdbuff_lo_reg, *cmdbuff_hi_reg; |
48 | int ret; |
49 | |
50 | if (!psp || !psp->vdata || !psp->vdata->cmdresp_reg || |
51 | !psp->vdata->cmdbuff_addr_lo_reg || !psp->vdata->cmdbuff_addr_hi_reg) |
52 | return -ENODEV; |
53 | |
54 | cmdresp_reg = psp->io_regs + psp->vdata->cmdresp_reg; |
55 | cmdbuff_lo_reg = psp->io_regs + psp->vdata->cmdbuff_addr_lo_reg; |
56 | cmdbuff_hi_reg = psp->io_regs + psp->vdata->cmdbuff_addr_hi_reg; |
57 | |
58 | mutex_lock(&psp->mailbox_mutex); |
59 | |
60 | /* Ensure mailbox is ready for a command */ |
61 | ret = -EBUSY; |
62 | if (psp_mailbox_poll(cmdresp_reg, cmdresp, timeout_msecs: 0)) |
63 | goto unlock; |
64 | |
65 | if (cmdbuff) { |
66 | iowrite32(lower_32_bits(__psp_pa(cmdbuff)), cmdbuff_lo_reg); |
67 | iowrite32(upper_32_bits(__psp_pa(cmdbuff)), cmdbuff_hi_reg); |
68 | } |
69 | |
70 | *cmdresp = FIELD_PREP(PSP_C2PMSG_17_CMDRESP_CMD, cmd); |
71 | iowrite32(*cmdresp, cmdresp_reg); |
72 | |
73 | ret = psp_mailbox_poll(cmdresp_reg, cmdresp, timeout_msecs); |
74 | |
75 | unlock: |
76 | mutex_unlock(lock: &psp->mailbox_mutex); |
77 | |
78 | return ret; |
79 | } |
80 | |
81 | int psp_extended_mailbox_cmd(struct psp_device *psp, unsigned int timeout_msecs, |
82 | struct psp_ext_request *req) |
83 | { |
84 | unsigned int reg; |
85 | int ret; |
86 | |
87 | print_hex_dump_debug("->psp " , DUMP_PREFIX_OFFSET, 16, 2, req, |
88 | req->header.payload_size, false); |
89 | |
90 | ret = psp_mailbox_command(psp, cmd: PSP_CMD_TEE_EXTENDED_CMD, cmdbuff: (void *)req, |
91 | timeout_msecs, cmdresp: ®); |
92 | if (ret) { |
93 | return ret; |
94 | } else if (FIELD_GET(PSP_CMDRESP_STS, reg)) { |
95 | req->header.status = FIELD_GET(PSP_CMDRESP_STS, reg); |
96 | return -EIO; |
97 | } |
98 | |
99 | print_hex_dump_debug("<-psp " , DUMP_PREFIX_OFFSET, 16, 2, req, |
100 | req->header.payload_size, false); |
101 | |
102 | return 0; |
103 | } |
104 | |
105 | static struct psp_device *psp_alloc_struct(struct sp_device *sp) |
106 | { |
107 | struct device *dev = sp->dev; |
108 | struct psp_device *psp; |
109 | |
110 | psp = devm_kzalloc(dev, size: sizeof(*psp), GFP_KERNEL); |
111 | if (!psp) |
112 | return NULL; |
113 | |
114 | psp->dev = dev; |
115 | psp->sp = sp; |
116 | |
117 | snprintf(buf: psp->name, size: sizeof(psp->name), fmt: "psp-%u" , sp->ord); |
118 | |
119 | return psp; |
120 | } |
121 | |
122 | static irqreturn_t psp_irq_handler(int irq, void *data) |
123 | { |
124 | struct psp_device *psp = data; |
125 | unsigned int status; |
126 | |
127 | /* Read the interrupt status: */ |
128 | status = ioread32(psp->io_regs + psp->vdata->intsts_reg); |
129 | |
130 | /* Clear the interrupt status by writing the same value we read. */ |
131 | iowrite32(status, psp->io_regs + psp->vdata->intsts_reg); |
132 | |
133 | /* invoke subdevice interrupt handlers */ |
134 | if (status) { |
135 | if (psp->sev_irq_handler) |
136 | psp->sev_irq_handler(irq, psp->sev_irq_data, status); |
137 | } |
138 | |
139 | return IRQ_HANDLED; |
140 | } |
141 | |
142 | static unsigned int psp_get_capability(struct psp_device *psp) |
143 | { |
144 | unsigned int val = ioread32(psp->io_regs + psp->vdata->feature_reg); |
145 | |
146 | /* |
147 | * Check for a access to the registers. If this read returns |
148 | * 0xffffffff, it's likely that the system is running a broken |
149 | * BIOS which disallows access to the device. Stop here and |
150 | * fail the PSP initialization (but not the load, as the CCP |
151 | * could get properly initialized). |
152 | */ |
153 | if (val == 0xffffffff) { |
154 | dev_notice(psp->dev, "psp: unable to access the device: you might be running a broken BIOS.\n" ); |
155 | return -ENODEV; |
156 | } |
157 | psp->capability = val; |
158 | |
159 | /* Detect if TSME and SME are both enabled */ |
160 | if (PSP_CAPABILITY(psp, PSP_SECURITY_REPORTING) && |
161 | psp->capability & (PSP_SECURITY_TSME_STATUS << PSP_CAPABILITY_PSP_SECURITY_OFFSET) && |
162 | cc_platform_has(attr: CC_ATTR_HOST_MEM_ENCRYPT)) |
163 | dev_notice(psp->dev, "psp: Both TSME and SME are active, SME is unnecessary when TSME is active.\n" ); |
164 | |
165 | return 0; |
166 | } |
167 | |
168 | static int psp_check_sev_support(struct psp_device *psp) |
169 | { |
170 | /* Check if device supports SEV feature */ |
171 | if (!PSP_CAPABILITY(psp, SEV)) { |
172 | dev_dbg(psp->dev, "psp does not support SEV\n" ); |
173 | return -ENODEV; |
174 | } |
175 | |
176 | return 0; |
177 | } |
178 | |
179 | static int psp_check_tee_support(struct psp_device *psp) |
180 | { |
181 | /* Check if device supports TEE feature */ |
182 | if (!PSP_CAPABILITY(psp, TEE)) { |
183 | dev_dbg(psp->dev, "psp does not support TEE\n" ); |
184 | return -ENODEV; |
185 | } |
186 | |
187 | return 0; |
188 | } |
189 | |
190 | static int psp_init(struct psp_device *psp) |
191 | { |
192 | int ret; |
193 | |
194 | if (!psp_check_sev_support(psp)) { |
195 | ret = sev_dev_init(psp); |
196 | if (ret) |
197 | return ret; |
198 | } |
199 | |
200 | if (!psp_check_tee_support(psp)) { |
201 | ret = tee_dev_init(psp); |
202 | if (ret) |
203 | return ret; |
204 | } |
205 | |
206 | if (psp->vdata->platform_access) { |
207 | ret = platform_access_dev_init(psp); |
208 | if (ret) |
209 | return ret; |
210 | } |
211 | |
212 | /* dbc must come after platform access as it tests the feature */ |
213 | if (PSP_FEATURE(psp, DBC) || |
214 | PSP_CAPABILITY(psp, DBC_THRU_EXT)) { |
215 | ret = dbc_dev_init(psp); |
216 | if (ret) |
217 | return ret; |
218 | } |
219 | |
220 | return 0; |
221 | } |
222 | |
223 | int psp_dev_init(struct sp_device *sp) |
224 | { |
225 | struct device *dev = sp->dev; |
226 | struct psp_device *psp; |
227 | int ret; |
228 | |
229 | ret = -ENOMEM; |
230 | psp = psp_alloc_struct(sp); |
231 | if (!psp) |
232 | goto e_err; |
233 | |
234 | sp->psp_data = psp; |
235 | |
236 | psp->vdata = (struct psp_vdata *)sp->dev_vdata->psp_vdata; |
237 | if (!psp->vdata) { |
238 | ret = -ENODEV; |
239 | dev_err(dev, "missing driver data\n" ); |
240 | goto e_err; |
241 | } |
242 | |
243 | psp->io_regs = sp->io_map; |
244 | mutex_init(&psp->mailbox_mutex); |
245 | |
246 | ret = psp_get_capability(psp); |
247 | if (ret) |
248 | goto e_disable; |
249 | |
250 | /* Disable and clear interrupts until ready */ |
251 | iowrite32(0, psp->io_regs + psp->vdata->inten_reg); |
252 | iowrite32(-1, psp->io_regs + psp->vdata->intsts_reg); |
253 | |
254 | /* Request an irq */ |
255 | ret = sp_request_psp_irq(sp: psp->sp, handler: psp_irq_handler, name: psp->name, data: psp); |
256 | if (ret) { |
257 | dev_err(dev, "psp: unable to allocate an IRQ\n" ); |
258 | goto e_err; |
259 | } |
260 | |
261 | /* master device must be set for platform access */ |
262 | if (psp->sp->set_psp_master_device) |
263 | psp->sp->set_psp_master_device(psp->sp); |
264 | |
265 | ret = psp_init(psp); |
266 | if (ret) |
267 | goto e_irq; |
268 | |
269 | /* Enable interrupt */ |
270 | iowrite32(-1, psp->io_regs + psp->vdata->inten_reg); |
271 | |
272 | dev_notice(dev, "psp enabled\n" ); |
273 | |
274 | return 0; |
275 | |
276 | e_irq: |
277 | if (sp->clear_psp_master_device) |
278 | sp->clear_psp_master_device(sp); |
279 | |
280 | sp_free_psp_irq(sp: psp->sp, data: psp); |
281 | e_err: |
282 | sp->psp_data = NULL; |
283 | |
284 | dev_notice(dev, "psp initialization failed\n" ); |
285 | |
286 | return ret; |
287 | |
288 | e_disable: |
289 | sp->psp_data = NULL; |
290 | |
291 | return ret; |
292 | } |
293 | |
294 | void psp_dev_destroy(struct sp_device *sp) |
295 | { |
296 | struct psp_device *psp = sp->psp_data; |
297 | |
298 | if (!psp) |
299 | return; |
300 | |
301 | sev_dev_destroy(psp); |
302 | |
303 | tee_dev_destroy(psp); |
304 | |
305 | dbc_dev_destroy(psp); |
306 | |
307 | platform_access_dev_destroy(psp); |
308 | |
309 | sp_free_psp_irq(sp, data: psp); |
310 | |
311 | if (sp->clear_psp_master_device) |
312 | sp->clear_psp_master_device(sp); |
313 | } |
314 | |
315 | void psp_set_sev_irq_handler(struct psp_device *psp, psp_irq_handler_t handler, |
316 | void *data) |
317 | { |
318 | psp->sev_irq_data = data; |
319 | psp->sev_irq_handler = handler; |
320 | } |
321 | |
322 | void psp_clear_sev_irq_handler(struct psp_device *psp) |
323 | { |
324 | psp_set_sev_irq_handler(psp, NULL, NULL); |
325 | } |
326 | |
327 | struct psp_device *psp_get_master_device(void) |
328 | { |
329 | struct sp_device *sp = sp_get_psp_master_device(); |
330 | |
331 | return sp ? sp->psp_data : NULL; |
332 | } |
333 | |
334 | void psp_pci_init(void) |
335 | { |
336 | psp_master = psp_get_master_device(); |
337 | |
338 | if (!psp_master) |
339 | return; |
340 | |
341 | sev_pci_init(); |
342 | } |
343 | |
344 | void psp_pci_exit(void) |
345 | { |
346 | if (!psp_master) |
347 | return; |
348 | |
349 | sev_pci_exit(); |
350 | } |
351 | |