Lines Matching +full:firmware +full:- +full:initialized
1 // SPDX-License-Identifier: GPL-2.0-only
23 #include <linux/firmware.h>
30 #include <linux/amd-iommu.h>
37 #include "psp-dev.h"
38 #include "sev-dev.h"
44 /* Minimum firmware version required for the SEV-SNP support */
49 * Maximum number of firmware-writable buffers that might be specified
54 /* Leave room in the descriptor array for an end-of-list indicator. */
74 …sp_init_on_probe, " if true, the PSP will be initialized on module init. Else the PSP will be ini…
89 * When SEV-SNP is enabled the TMR needs to be 2MB aligned and 2MB sized.
107 * Array containing range of pages that firmware transitions to HV-fixed
114 struct sev_device *sev = psp_master->sev_data; in sev_version_greater_or_equal()
116 if (sev->api_major > maj) in sev_version_greater_or_equal()
119 if (sev->api_major == maj && sev->api_minor >= min) in sev_version_greater_or_equal()
135 reg = ioread32(sev->io_regs + sev->vdata->cmdresp_reg); in sev_irq_handler()
137 sev->int_rcvd = 1; in sev_irq_handler()
138 wake_up(&sev->int_queue); in sev_irq_handler()
156 while (timeout_usecs--) { in sev_wait_cmd_ioc()
157 *reg = ioread32(sev->io_regs + sev->vdata->cmdresp_reg); in sev_wait_cmd_ioc()
163 return -ETIMEDOUT; in sev_wait_cmd_ioc()
166 ret = wait_event_timeout(sev->int_queue, in sev_wait_cmd_ioc()
167 sev->int_rcvd, timeout * HZ); in sev_wait_cmd_ioc()
169 return -ETIMEDOUT; in sev_wait_cmd_ioc()
171 *reg = ioread32(sev->io_regs + sev->vdata->cmdresp_reg); in sev_wait_cmd_ioc()
245 return ERR_PTR(-ENOMEM); in open_file_as_root()
246 cred->fsuid = GLOBAL_ROOT_UID; in open_file_as_root()
259 struct sev_device *sev = psp_master->sev_data; in sev_read_init_ex_file()
266 return -EOPNOTSUPP; in sev_read_init_ex_file()
272 if (ret == -ENOENT) { in sev_read_init_ex_file()
273 dev_info(sev->dev, in sev_read_init_ex_file()
278 dev_err(sev->dev, in sev_read_init_ex_file()
287 dev_info(sev->dev, in sev_read_init_ex_file()
292 dev_dbg(sev->dev, "SEV: read %ld bytes from NV file\n", nread); in sev_read_init_ex_file()
300 struct sev_device *sev = psp_master->sev_data; in sev_write_init_ex_file()
314 dev_err(sev->dev, in sev_write_init_ex_file()
325 dev_err(sev->dev, in sev_write_init_ex_file()
328 return -EIO; in sev_write_init_ex_file()
331 dev_dbg(sev->dev, "SEV: write successful to NV file\n"); in sev_write_init_ex_file()
345 * non-platform commands do. Only INIT(_EX), PLATFORM_RESET, PEK_GEN, in sev_write_init_ex_file_if_required()
399 snp_leak_pages(__phys_to_pfn(paddr), npages - i); in snp_reclaim_pages()
418 * Try unrolling the firmware state changes by in rmp_mark_pages_firmware()
420 * firmware state. in rmp_mark_pages_firmware()
433 if (!psp_master || !psp_master->sev_data) in __snp_alloc_firmware_pages()
440 /* If SEV-SNP is initialized then add the page in RMP table. */ in __snp_alloc_firmware_pages()
441 sev = psp_master->sev_data; in __snp_alloc_firmware_pages()
442 if (!sev->snp_initialized) in __snp_alloc_firmware_pages()
464 struct sev_device *sev = psp_master->sev_data; in __snp_free_firmware_pages()
471 if (sev->snp_initialized && in __snp_free_firmware_pages()
499 * struct cmd_buf_desc - descriptors for managing legacy SEV command address
500 * parameters corresponding to buffers that may be written to by firmware.
507 * be NULL if this descriptor is only an end-of-list indicator.
515 * @guest_owned: true if the address corresponds to guest-owned pages, in which
527 * turn need to be transitioned to/from firmware-owned before/after
528 * executing the firmware command.
530 * Additionally, in cases where those pages are not guest-owned, a bounce
534 * initialized here based on the specific commands being executed.
543 desc_list[0].paddr_ptr = &data->pdh_cert_address; in snp_populate_cmd_buf_desc_list()
544 desc_list[0].len = data->pdh_cert_len; in snp_populate_cmd_buf_desc_list()
545 desc_list[1].paddr_ptr = &data->cert_chain_address; in snp_populate_cmd_buf_desc_list()
546 desc_list[1].len = data->cert_chain_len; in snp_populate_cmd_buf_desc_list()
552 desc_list[0].paddr_ptr = &data->address; in snp_populate_cmd_buf_desc_list()
553 desc_list[0].len = data->len; in snp_populate_cmd_buf_desc_list()
559 desc_list[0].paddr_ptr = &data->address; in snp_populate_cmd_buf_desc_list()
560 desc_list[0].len = data->len; in snp_populate_cmd_buf_desc_list()
566 desc_list[0].paddr_ptr = &data->address; in snp_populate_cmd_buf_desc_list()
567 desc_list[0].len = data->len; in snp_populate_cmd_buf_desc_list()
574 desc_list[0].paddr_ptr = &data->address; in snp_populate_cmd_buf_desc_list()
575 desc_list[0].len = data->len; in snp_populate_cmd_buf_desc_list()
582 desc_list[0].paddr_ptr = &data->address; in snp_populate_cmd_buf_desc_list()
583 desc_list[0].len = data->len; in snp_populate_cmd_buf_desc_list()
589 desc_list[0].paddr_ptr = &data->guest_address; in snp_populate_cmd_buf_desc_list()
590 desc_list[0].len = data->guest_len; in snp_populate_cmd_buf_desc_list()
597 desc_list[0].paddr_ptr = &data->dst_addr; in snp_populate_cmd_buf_desc_list()
598 desc_list[0].len = data->len; in snp_populate_cmd_buf_desc_list()
605 desc_list[0].paddr_ptr = &data->dst_addr; in snp_populate_cmd_buf_desc_list()
606 desc_list[0].len = data->len; in snp_populate_cmd_buf_desc_list()
613 desc_list[0].paddr_ptr = &data->address; in snp_populate_cmd_buf_desc_list()
614 desc_list[0].len = data->len; in snp_populate_cmd_buf_desc_list()
620 desc_list[0].paddr_ptr = &data->session_address; in snp_populate_cmd_buf_desc_list()
621 desc_list[0].len = data->session_len; in snp_populate_cmd_buf_desc_list()
627 desc_list[0].paddr_ptr = &data->hdr_address; in snp_populate_cmd_buf_desc_list()
628 desc_list[0].len = data->hdr_len; in snp_populate_cmd_buf_desc_list()
629 desc_list[1].paddr_ptr = &data->trans_address; in snp_populate_cmd_buf_desc_list()
630 desc_list[1].len = data->trans_len; in snp_populate_cmd_buf_desc_list()
636 desc_list[0].paddr_ptr = &data->hdr_address; in snp_populate_cmd_buf_desc_list()
637 desc_list[0].len = data->hdr_len; in snp_populate_cmd_buf_desc_list()
638 desc_list[1].paddr_ptr = &data->trans_address; in snp_populate_cmd_buf_desc_list()
639 desc_list[1].len = data->trans_len; in snp_populate_cmd_buf_desc_list()
645 desc_list[0].paddr_ptr = &data->guest_address; in snp_populate_cmd_buf_desc_list()
646 desc_list[0].len = data->guest_len; in snp_populate_cmd_buf_desc_list()
653 desc_list[0].paddr_ptr = &data->guest_address; in snp_populate_cmd_buf_desc_list()
654 desc_list[0].len = data->guest_len; in snp_populate_cmd_buf_desc_list()
667 if (!desc->len) in snp_map_cmd_buf_desc()
671 if (!desc->guest_owned) { in snp_map_cmd_buf_desc()
674 page = alloc_pages(GFP_KERNEL_ACCOUNT, get_order(desc->len)); in snp_map_cmd_buf_desc()
677 return -ENOMEM; in snp_map_cmd_buf_desc()
680 desc->paddr_orig = *desc->paddr_ptr; in snp_map_cmd_buf_desc()
681 *desc->paddr_ptr = __psp_pa(page_to_virt(page)); in snp_map_cmd_buf_desc()
684 npages = PAGE_ALIGN(desc->len) >> PAGE_SHIFT; in snp_map_cmd_buf_desc()
686 /* Transition the buffer to firmware-owned. */ in snp_map_cmd_buf_desc()
687 if (rmp_mark_pages_firmware(*desc->paddr_ptr, npages, true)) { in snp_map_cmd_buf_desc()
688 pr_warn("Error moving pages to firmware-owned state for SEV legacy command.\n"); in snp_map_cmd_buf_desc()
689 return -EFAULT; in snp_map_cmd_buf_desc()
699 if (!desc->len) in snp_unmap_cmd_buf_desc()
702 npages = PAGE_ALIGN(desc->len) >> PAGE_SHIFT; in snp_unmap_cmd_buf_desc()
704 /* Transition the buffers back to hypervisor-owned. */ in snp_unmap_cmd_buf_desc()
705 if (snp_reclaim_pages(*desc->paddr_ptr, npages, true)) { in snp_unmap_cmd_buf_desc()
706 pr_warn("Failed to reclaim firmware-owned pages while issuing SEV legacy command.\n"); in snp_unmap_cmd_buf_desc()
707 return -EFAULT; in snp_unmap_cmd_buf_desc()
711 if (!desc->guest_owned) { in snp_unmap_cmd_buf_desc()
712 void *bounce_buf = __va(__sme_clr(*desc->paddr_ptr)); in snp_unmap_cmd_buf_desc()
713 void *dst_buf = __va(__sme_clr(desc->paddr_orig)); in snp_unmap_cmd_buf_desc()
715 memcpy(dst_buf, bounce_buf, desc->len); in snp_unmap_cmd_buf_desc()
716 __free_pages(virt_to_page(bounce_buf), get_order(desc->len)); in snp_unmap_cmd_buf_desc()
719 *desc->paddr_ptr = desc->paddr_orig; in snp_unmap_cmd_buf_desc()
734 if (!desc->paddr_ptr) in snp_map_cmd_buf_desc_list()
744 for (i--; i >= 0; i--) in snp_map_cmd_buf_desc_list()
747 return -EFAULT; in snp_map_cmd_buf_desc_list()
757 if (!desc->paddr_ptr) in snp_unmap_cmd_buf_desc_list()
761 ret = -EFAULT; in snp_unmap_cmd_buf_desc_list()
791 struct sev_device *sev = psp_master->sev_data; in snp_legacy_handling_needed()
793 return cmd < SEV_CMD_SNP_INIT && sev->snp_initialized; in snp_legacy_handling_needed()
802 return -EFAULT; in snp_prep_cmd_buf()
806 * the firmware-owned state. in snp_prep_cmd_buf()
810 return -EFAULT; in snp_prep_cmd_buf()
823 * into the hypervisor-owned state. in snp_reclaim_cmd_buf()
827 return -EFAULT; in snp_reclaim_cmd_buf()
843 if (!psp || !psp->sev_data) in __sev_do_cmd_locked()
844 return -ENODEV; in __sev_do_cmd_locked()
847 return -EBUSY; in __sev_do_cmd_locked()
849 sev = psp->sev_data; in __sev_do_cmd_locked()
853 return -EINVAL; in __sev_do_cmd_locked()
863 * sev_cmd_mutex, but there could be recursive firmware requests in __sev_do_cmd_locked()
869 if (!sev->cmd_buf_active) { in __sev_do_cmd_locked()
870 cmd_buf = sev->cmd_buf; in __sev_do_cmd_locked()
871 sev->cmd_buf_active = true; in __sev_do_cmd_locked()
872 } else if (!sev->cmd_buf_backup_active) { in __sev_do_cmd_locked()
873 cmd_buf = sev->cmd_buf_backup; in __sev_do_cmd_locked()
874 sev->cmd_buf_backup_active = true; in __sev_do_cmd_locked()
876 dev_err(sev->dev, in __sev_do_cmd_locked()
877 "SEV: too many firmware commands in progress, no command buffers available.\n"); in __sev_do_cmd_locked()
878 return -EBUSY; in __sev_do_cmd_locked()
884 * The behavior of the SEV-legacy commands is altered when the in __sev_do_cmd_locked()
885 * SNP firmware is in the INIT state. in __sev_do_cmd_locked()
889 dev_err(sev->dev, in __sev_do_cmd_locked()
895 cmd_buf = sev->cmd_buf; in __sev_do_cmd_locked()
902 dev_dbg(sev->dev, "sev command id %#x buffer 0x%08x%08x timeout %us\n", in __sev_do_cmd_locked()
908 iowrite32(phys_lsb, sev->io_regs + sev->vdata->cmdbuff_addr_lo_reg); in __sev_do_cmd_locked()
909 iowrite32(phys_msb, sev->io_regs + sev->vdata->cmdbuff_addr_hi_reg); in __sev_do_cmd_locked()
911 sev->int_rcvd = 0; in __sev_do_cmd_locked()
925 iowrite32(reg, sev->io_regs + sev->vdata->cmdresp_reg); in __sev_do_cmd_locked()
933 dev_err(sev->dev, "sev command %#x timed out, disabling PSP\n", cmd); in __sev_do_cmd_locked()
945 dev_dbg(sev->dev, "sev command %#x failed (%#010lx)\n", in __sev_do_cmd_locked()
949 * PSP firmware may report additional error information in the in __sev_do_cmd_locked()
953 cmdbuff_hi = ioread32(sev->io_regs + sev->vdata->cmdbuff_addr_hi_reg); in __sev_do_cmd_locked()
954 cmdbuff_lo = ioread32(sev->io_regs + sev->vdata->cmdbuff_addr_lo_reg); in __sev_do_cmd_locked()
956 dev_dbg(sev->dev, "Additional error information reported in cmdbuff:"); in __sev_do_cmd_locked()
957 dev_dbg(sev->dev, " cmdbuff hi: %#010x\n", cmdbuff_hi); in __sev_do_cmd_locked()
958 dev_dbg(sev->dev, " cmdbuff lo: %#010x\n", cmdbuff_lo); in __sev_do_cmd_locked()
960 ret = -EIO; in __sev_do_cmd_locked()
976 dev_err(sev->dev, in __sev_do_cmd_locked()
984 if (sev->cmd_buf_backup_active) in __sev_do_cmd_locked()
985 sev->cmd_buf_backup_active = false; in __sev_do_cmd_locked()
987 sev->cmd_buf_active = false; in __sev_do_cmd_locked()
990 return -EFAULT; in __sev_do_cmd_locked()
1019 * address of the TMR (firmware should clear it anyway). in __sev_init_locked()
1042 * address of the TMR (firmware should clear it anyway). in __sev_init_ex_locked()
1069 struct sev_data_range *range = &range_list->ranges[range_list->num_elements]; in snp_filter_reserved_mem_regions()
1073 * Ensure the list of HV_FIXED pages that will be passed to firmware in snp_filter_reserved_mem_regions()
1074 * do not exceed the page-sized argument buffer. in snp_filter_reserved_mem_regions()
1076 if ((range_list->num_elements * sizeof(struct sev_data_range) + in snp_filter_reserved_mem_regions()
1078 return -E2BIG; in snp_filter_reserved_mem_regions()
1080 switch (rs->desc) { in snp_filter_reserved_mem_regions()
1084 range->base = rs->start & PAGE_MASK; in snp_filter_reserved_mem_regions()
1085 size = PAGE_ALIGN((rs->end + 1) - rs->start); in snp_filter_reserved_mem_regions()
1086 range->page_count = size >> PAGE_SHIFT; in snp_filter_reserved_mem_regions()
1087 range_list->num_elements++; in snp_filter_reserved_mem_regions()
1105 return -ENODEV; in __sev_snp_init_locked()
1107 sev = psp->sev_data; in __sev_snp_init_locked()
1109 if (sev->snp_initialized) in __sev_snp_init_locked()
1113 dev_dbg(sev->dev, "SEV-SNP support requires firmware version >= %d:%d\n", in __sev_snp_init_locked()
1122 * Starting in SNP firmware v1.52, the SNP_INIT_EX command takes a list in __sev_snp_init_locked()
1123 * of system physical address ranges to convert into HV-fixed page in __sev_snp_init_locked()
1133 * Firmware checks that the pages containing the ranges enumerated in __sev_snp_init_locked()
1135 * firmware page state. in __sev_snp_init_locked()
1139 dev_err(sev->dev, in __sev_snp_init_locked()
1141 return -ENOMEM; in __sev_snp_init_locked()
1146 * to be setup as HV-fixed pages. in __sev_snp_init_locked()
1151 dev_err(sev->dev, in __sev_snp_init_locked()
1171 * - WBINVD on all running CPUs in __sev_snp_init_locked()
1172 * - SEV_CMD_SNP_INIT[_EX] firmware command in __sev_snp_init_locked()
1173 * - WBINVD on all running CPUs in __sev_snp_init_locked()
1174 * - SEV_CMD_SNP_DF_FLUSH firmware command in __sev_snp_init_locked()
1188 sev->snp_initialized = true; in __sev_snp_init_locked()
1189 dev_dbg(sev->dev, "SEV-SNP firmware initialized\n"); in __sev_snp_init_locked()
1201 /* Obtain the TMR memory area for SEV-ES use */ in __sev_platform_init_handle_tmr()
1204 /* Must flush the cache before giving it to the firmware */ in __sev_platform_init_handle_tmr()
1205 if (!sev->snp_initialized) in __sev_platform_init_handle_tmr()
1208 dev_warn(sev->dev, "SEV: TMR allocation failed, SEV-ES support unavailable\n"); in __sev_platform_init_handle_tmr()
1214 * read in the contents. Additionally, if SNP is initialized, convert
1215 * the buffer pages to firmware pages.
1230 dev_err(sev->dev, "SEV: INIT_EX NV memory allocation failed\n"); in __sev_platform_init_handle_init_ex_path()
1231 return -ENOMEM; in __sev_platform_init_handle_init_ex_path()
1240 /* If SEV-SNP is initialized, transition to firmware page. */ in __sev_platform_init_handle_init_ex_path()
1241 if (sev->snp_initialized) { in __sev_platform_init_handle_init_ex_path()
1246 dev_err(sev->dev, "SEV: INIT_EX NV memory page state change failed.\n"); in __sev_platform_init_handle_init_ex_path()
1247 return -ENOMEM; in __sev_platform_init_handle_init_ex_path()
1259 if (!psp_master || !psp_master->sev_data) in __sev_platform_init_locked()
1260 return -ENODEV; in __sev_platform_init_locked()
1262 sev = psp_master->sev_data; in __sev_platform_init_locked()
1264 if (sev->state == SEV_STATE_INIT) in __sev_platform_init_locked()
1277 * status code, meaning that firmware load and validation of SEV in __sev_platform_init_locked()
1282 dev_err(sev->dev, in __sev_platform_init_locked()
1293 sev->state = SEV_STATE_INIT; in __sev_platform_init_locked()
1301 dev_dbg(sev->dev, "SEV firmware initialized\n"); in __sev_platform_init_locked()
1303 dev_info(sev->dev, "SEV API:%d.%d build:%d\n", sev->api_major, in __sev_platform_init_locked()
1304 sev->api_minor, sev->build); in __sev_platform_init_locked()
1314 if (!psp_master || !psp_master->sev_data) in _sev_platform_init_locked()
1315 return -ENODEV; in _sev_platform_init_locked()
1317 sev = psp_master->sev_data; in _sev_platform_init_locked()
1319 if (sev->state == SEV_STATE_INIT) in _sev_platform_init_locked()
1324 * so perform SEV-SNP initialization at probe time. in _sev_platform_init_locked()
1326 rc = __sev_snp_init_locked(&args->error); in _sev_platform_init_locked()
1327 if (rc && rc != -ENODEV) { in _sev_platform_init_locked()
1330 * continue to initialize the legacy SEV firmware. in _sev_platform_init_locked()
1332 dev_err(sev->dev, "SEV-SNP: failed to INIT rc %d, error %#x\n", in _sev_platform_init_locked()
1333 rc, args->error); in _sev_platform_init_locked()
1336 /* Defer legacy SEV/SEV-ES support if allowed by caller/module. */ in _sev_platform_init_locked()
1337 if (args->probe && !psp_init_on_probe) in _sev_platform_init_locked()
1340 return __sev_platform_init_locked(&args->error); in _sev_platform_init_locked()
1361 if (!psp || !psp->sev_data) in __sev_platform_shutdown_locked()
1364 sev = psp->sev_data; in __sev_platform_shutdown_locked()
1366 if (sev->state == SEV_STATE_UNINIT) in __sev_platform_shutdown_locked()
1373 sev->state = SEV_STATE_UNINIT; in __sev_platform_shutdown_locked()
1374 dev_dbg(sev->dev, "SEV firmware shutdown\n"); in __sev_platform_shutdown_locked()
1397 return -EPERM; in sev_ioctl_do_reset()
1405 * SHUTDOWN command do INIT -> UNINIT before issuing the FACTORY_RESET. in sev_ioctl_do_reset()
1408 rc = sev_get_platform_state(&state, &argp->error); in sev_ioctl_do_reset()
1413 return -EBUSY; in sev_ioctl_do_reset()
1416 rc = __sev_platform_shutdown_locked(&argp->error); in sev_ioctl_do_reset()
1421 return __sev_do_cmd_locked(SEV_CMD_FACTORY_RESET, NULL, &argp->error); in sev_ioctl_do_reset()
1431 ret = __sev_do_cmd_locked(SEV_CMD_PLATFORM_STATUS, &data, &argp->error); in sev_ioctl_do_platform_status()
1435 if (copy_to_user((void __user *)argp->data, &data, sizeof(data))) in sev_ioctl_do_platform_status()
1436 ret = -EFAULT; in sev_ioctl_do_platform_status()
1443 struct sev_device *sev = psp_master->sev_data; in sev_ioctl_do_pek_pdh_gen()
1447 return -EPERM; in sev_ioctl_do_pek_pdh_gen()
1449 if (sev->state == SEV_STATE_UNINIT) { in sev_ioctl_do_pek_pdh_gen()
1450 rc = __sev_platform_init_locked(&argp->error); in sev_ioctl_do_pek_pdh_gen()
1455 return __sev_do_cmd_locked(cmd, NULL, &argp->error); in sev_ioctl_do_pek_pdh_gen()
1460 struct sev_device *sev = psp_master->sev_data; in sev_ioctl_do_pek_csr()
1468 return -EPERM; in sev_ioctl_do_pek_csr()
1470 if (copy_from_user(&input, (void __user *)argp->data, sizeof(input))) in sev_ioctl_do_pek_csr()
1471 return -EFAULT; in sev_ioctl_do_pek_csr()
1482 return -EFAULT; in sev_ioctl_do_pek_csr()
1486 return -ENOMEM; in sev_ioctl_do_pek_csr()
1492 if (sev->state == SEV_STATE_UNINIT) { in sev_ioctl_do_pek_csr()
1493 ret = __sev_platform_init_locked(&argp->error); in sev_ioctl_do_pek_csr()
1498 ret = __sev_do_cmd_locked(SEV_CMD_PEK_CSR, &data, &argp->error); in sev_ioctl_do_pek_csr()
1503 if (copy_to_user((void __user *)argp->data, &input, sizeof(input))) { in sev_ioctl_do_pek_csr()
1504 ret = -EFAULT; in sev_ioctl_do_pek_csr()
1510 ret = -EFAULT; in sev_ioctl_do_pek_csr()
1521 return ERR_PTR(-EINVAL); in psp_copy_user_blob()
1525 return ERR_PTR(-EINVAL); in psp_copy_user_blob()
1533 struct sev_device *sev = psp_master->sev_data; in sev_get_api_version()
1539 dev_err(sev->dev, in sev_get_api_version()
1544 sev->api_major = status.api_major; in sev_get_api_version()
1545 sev->api_minor = status.api_minor; in sev_get_api_version()
1546 sev->build = status.build; in sev_get_api_version()
1547 sev->state = status.state; in sev_get_api_version()
1553 const struct firmware **firmware) in sev_get_firmware() argument
1573 * Family 17h Model 00h -- Family 17h Model 0Fh in sev_get_firmware()
1577 * Fall-back to using generic name: sev.fw in sev_get_firmware()
1579 if ((firmware_request_nowarn(firmware, fw_name_specific, dev) >= 0) || in sev_get_firmware()
1580 (firmware_request_nowarn(firmware, fw_name_subset, dev) >= 0) || in sev_get_firmware()
1581 (firmware_request_nowarn(firmware, SEV_FW_FILE, dev) >= 0)) in sev_get_firmware()
1584 return -ENOENT; in sev_get_firmware()
1591 const struct firmware *firmware; in sev_update_firmware() local
1598 return -1; in sev_update_firmware()
1601 if (sev_get_firmware(dev, &firmware) == -ENOENT) { in sev_update_firmware()
1602 dev_dbg(dev, "No SEV firmware file present\n"); in sev_update_firmware()
1603 return -1; in sev_update_firmware()
1609 * beginning followed by the firmware being passed to the SEV in sev_update_firmware()
1615 order = get_order(firmware->size + data_size); in sev_update_firmware()
1618 ret = -1; in sev_update_firmware()
1623 * Copy firmware data to a kernel allocated contiguous in sev_update_firmware()
1627 memcpy(page_address(p) + data_size, firmware->data, firmware->size); in sev_update_firmware()
1629 data->address = __psp_pa(page_address(p) + data_size); in sev_update_firmware()
1630 data->len = firmware->size; in sev_update_firmware()
1636 * earlier firmware version than 1.50. in sev_update_firmware()
1642 dev_dbg(dev, "Failed to update SEV firmware: %#x\n", error); in sev_update_firmware()
1647 release_firmware(firmware); in sev_update_firmware()
1659 if (!psp || !psp->sev_data) in __sev_snp_shutdown_locked()
1662 sev = psp->sev_data; in __sev_snp_shutdown_locked()
1664 if (!sev->snp_initialized) in __sev_snp_shutdown_locked()
1687 dev_err(sev->dev, "SEV-SNP DF_FLUSH failed\n"); in __sev_snp_shutdown_locked()
1695 dev_err(sev->dev, "SEV-SNP firmware shutdown failed\n"); in __sev_snp_shutdown_locked()
1703 * Firmware was transitioning the IOMMU pages to Hypervisor state in __sev_snp_shutdown_locked()
1708 * firmware now transitions these pages to Reclaim state and hypervisor in __sev_snp_shutdown_locked()
1709 * needs to transition these pages to shared state. SNP Firmware in __sev_snp_shutdown_locked()
1714 dev_err(sev->dev, "SNP IOMMU shutdown failed\n"); in __sev_snp_shutdown_locked()
1718 sev->snp_initialized = false; in __sev_snp_shutdown_locked()
1719 dev_dbg(sev->dev, "SEV-SNP firmware shutdown\n"); in __sev_snp_shutdown_locked()
1726 struct sev_device *sev = psp_master->sev_data; in sev_ioctl_do_pek_import()
1733 return -EPERM; in sev_ioctl_do_pek_import()
1735 if (copy_from_user(&input, (void __user *)argp->data, sizeof(input))) in sev_ioctl_do_pek_import()
1736 return -EFAULT; in sev_ioctl_do_pek_import()
1758 if (sev->state != SEV_STATE_INIT) { in sev_ioctl_do_pek_import()
1759 ret = __sev_platform_init_locked(&argp->error); in sev_ioctl_do_pek_import()
1764 ret = __sev_do_cmd_locked(SEV_CMD_PEK_CERT_IMPORT, &data, &argp->error); in sev_ioctl_do_pek_import()
1783 return -ENOTSUPP; in sev_ioctl_do_get_id2()
1785 if (copy_from_user(&input, (void __user *)argp->data, sizeof(input))) in sev_ioctl_do_get_id2()
1786 return -EFAULT; in sev_ioctl_do_get_id2()
1800 return -ENOMEM; in sev_ioctl_do_get_id2()
1809 ret = __sev_do_cmd_locked(SEV_CMD_GET_ID, &data, &argp->error); in sev_ioctl_do_get_id2()
1812 * Firmware will return the length of the ID value (either the minimum in sev_ioctl_do_get_id2()
1817 if (copy_to_user((void __user *)argp->data, &input, sizeof(input))) { in sev_ioctl_do_get_id2()
1818 ret = -EFAULT; in sev_ioctl_do_get_id2()
1824 ret = -EFAULT; in sev_ioctl_do_get_id2()
1844 return -ENOTSUPP; in sev_ioctl_do_get_id()
1847 * 8-byte aligned. Memory allocated should be enough to in sev_ioctl_do_get_id()
1856 return -ENOMEM; in sev_ioctl_do_get_id()
1861 data->address = __psp_pa(id_blob); in sev_ioctl_do_get_id()
1862 data->len = user_size; in sev_ioctl_do_get_id()
1864 ret = __sev_do_cmd_locked(SEV_CMD_GET_ID, data, &argp->error); in sev_ioctl_do_get_id()
1866 if (copy_to_user((void __user *)argp->data, id_blob, data->len)) in sev_ioctl_do_get_id()
1867 ret = -EFAULT; in sev_ioctl_do_get_id()
1877 struct sev_device *sev = psp_master->sev_data; in sev_ioctl_do_pdh_export()
1886 if (sev->state != SEV_STATE_INIT) { in sev_ioctl_do_pdh_export()
1888 return -EPERM; in sev_ioctl_do_pdh_export()
1890 ret = __sev_platform_init_locked(&argp->error); in sev_ioctl_do_pdh_export()
1895 if (copy_from_user(&input, (void __user *)argp->data, sizeof(input))) in sev_ioctl_do_pdh_export()
1896 return -EFAULT; in sev_ioctl_do_pdh_export()
1911 return -EFAULT; in sev_ioctl_do_pdh_export()
1915 return -EFAULT; in sev_ioctl_do_pdh_export()
1919 return -ENOMEM; in sev_ioctl_do_pdh_export()
1926 ret = -ENOMEM; in sev_ioctl_do_pdh_export()
1934 ret = __sev_do_cmd_locked(SEV_CMD_PDH_CERT_EXPORT, &data, &argp->error); in sev_ioctl_do_pdh_export()
1940 if (copy_to_user((void __user *)argp->data, &input, sizeof(input))) { in sev_ioctl_do_pdh_export()
1941 ret = -EFAULT; in sev_ioctl_do_pdh_export()
1948 ret = -EFAULT; in sev_ioctl_do_pdh_export()
1956 ret = -EFAULT; in sev_ioctl_do_pdh_export()
1968 struct sev_device *sev = psp_master->sev_data; in sev_ioctl_do_snp_platform_status()
1974 if (!sev->snp_initialized || !argp->data) in sev_ioctl_do_snp_platform_status()
1975 return -EINVAL; in sev_ioctl_do_snp_platform_status()
1979 return -ENOMEM; in sev_ioctl_do_snp_platform_status()
1984 * Firmware expects status page to be in firmware-owned state, otherwise in sev_ioctl_do_snp_platform_status()
1985 * it will report firmware error code INVALID_PAGE_STATE (0x1A). in sev_ioctl_do_snp_platform_status()
1988 ret = -EFAULT; in sev_ioctl_do_snp_platform_status()
1993 ret = __sev_do_cmd_locked(SEV_CMD_SNP_PLATFORM_STATUS, &buf, &argp->error); in sev_ioctl_do_snp_platform_status()
1997 * left in Firmware state in failure. Use snp_reclaim_pages() to in sev_ioctl_do_snp_platform_status()
1998 * transition either case back to Hypervisor-owned state. in sev_ioctl_do_snp_platform_status()
2001 return -EFAULT; in sev_ioctl_do_snp_platform_status()
2006 if (copy_to_user((void __user *)argp->data, data, in sev_ioctl_do_snp_platform_status()
2008 ret = -EFAULT; in sev_ioctl_do_snp_platform_status()
2017 struct sev_device *sev = psp_master->sev_data; in sev_ioctl_do_snp_commit()
2020 if (!sev->snp_initialized) in sev_ioctl_do_snp_commit()
2021 return -EINVAL; in sev_ioctl_do_snp_commit()
2025 return __sev_do_cmd_locked(SEV_CMD_SNP_COMMIT, &buf, &argp->error); in sev_ioctl_do_snp_commit()
2030 struct sev_device *sev = psp_master->sev_data; in sev_ioctl_do_snp_set_config()
2033 if (!sev->snp_initialized || !argp->data) in sev_ioctl_do_snp_set_config()
2034 return -EINVAL; in sev_ioctl_do_snp_set_config()
2037 return -EPERM; in sev_ioctl_do_snp_set_config()
2039 if (copy_from_user(&config, (void __user *)argp->data, sizeof(config))) in sev_ioctl_do_snp_set_config()
2040 return -EFAULT; in sev_ioctl_do_snp_set_config()
2042 return __sev_do_cmd_locked(SEV_CMD_SNP_CONFIG, &config, &argp->error); in sev_ioctl_do_snp_set_config()
2047 struct sev_device *sev = psp_master->sev_data; in sev_ioctl_do_snp_vlek_load()
2052 if (!sev->snp_initialized || !argp->data) in sev_ioctl_do_snp_vlek_load()
2053 return -EINVAL; in sev_ioctl_do_snp_vlek_load()
2056 return -EPERM; in sev_ioctl_do_snp_vlek_load()
2058 if (copy_from_user(&input, u64_to_user_ptr(argp->data), sizeof(input))) in sev_ioctl_do_snp_vlek_load()
2059 return -EFAULT; in sev_ioctl_do_snp_vlek_load()
2062 return -EINVAL; in sev_ioctl_do_snp_vlek_load()
2071 ret = __sev_do_cmd_locked(SEV_CMD_SNP_VLEK_LOAD, &input, &argp->error); in sev_ioctl_do_snp_vlek_load()
2082 int ret = -EFAULT; in sev_ioctl()
2083 bool writable = file->f_mode & FMODE_WRITE; in sev_ioctl()
2085 if (!psp_master || !psp_master->sev_data) in sev_ioctl()
2086 return -ENODEV; in sev_ioctl()
2089 return -EINVAL; in sev_ioctl()
2092 return -EFAULT; in sev_ioctl()
2095 return -EINVAL; in sev_ioctl()
2142 ret = -EINVAL; in sev_ioctl()
2147 ret = -EFAULT; in sev_ioctl()
2191 misc_deregister(&misc_dev->misc); in sev_exit()
2198 struct device *dev = sev->dev; in sev_misc_init()
2206 * command to the firmware. in sev_misc_init()
2213 return -ENOMEM; in sev_misc_init()
2215 misc = &misc_dev->misc; in sev_misc_init()
2216 misc->minor = MISC_DYNAMIC_MINOR; in sev_misc_init()
2217 misc->name = DEVICE_NAME; in sev_misc_init()
2218 misc->fops = &sev_fops; in sev_misc_init()
2224 kref_init(&misc_dev->refcount); in sev_misc_init()
2226 kref_get(&misc_dev->refcount); in sev_misc_init()
2229 init_waitqueue_head(&sev->int_queue); in sev_misc_init()
2230 sev->misc = misc_dev; in sev_misc_init()
2238 struct device *dev = psp->dev; in sev_dev_init()
2240 int ret = -ENOMEM; in sev_dev_init()
2251 sev->cmd_buf = (void *)devm_get_free_pages(dev, GFP_KERNEL, 1); in sev_dev_init()
2252 if (!sev->cmd_buf) in sev_dev_init()
2255 sev->cmd_buf_backup = (uint8_t *)sev->cmd_buf + PAGE_SIZE; in sev_dev_init()
2257 psp->sev_data = sev; in sev_dev_init()
2259 sev->dev = dev; in sev_dev_init()
2260 sev->psp = psp; in sev_dev_init()
2262 sev->io_regs = psp->io_regs; in sev_dev_init()
2264 sev->vdata = (struct sev_vdata *)psp->vdata->sev; in sev_dev_init()
2265 if (!sev->vdata) { in sev_dev_init()
2266 ret = -ENODEV; in sev_dev_init()
2284 devm_free_pages(dev, (unsigned long)sev->cmd_buf); in sev_dev_init()
2288 psp->sev_data = NULL; in sev_dev_init()
2344 struct sev_device *sev = psp->sev_data; in sev_dev_destroy()
2351 if (sev->misc) in sev_dev_destroy()
2352 kref_put(&misc_dev->refcount, sev_exit); in sev_dev_destroy()
2360 struct sev_device *sev = psp_master->sev_data; in snp_shutdown_on_panic()
2383 if (!filep || filep->f_op != &sev_fops) in sev_issue_cmd_external_user()
2384 return -EBADF; in sev_issue_cmd_external_user()
2392 struct sev_device *sev = psp_master->sev_data; in sev_pci_init()
2405 api_major = sev->api_major; in sev_pci_init()
2406 api_minor = sev->api_minor; in sev_pci_init()
2407 build = sev->build; in sev_pci_init()
2409 if (sev_update_firmware(sev->dev) == 0) in sev_pci_init()
2412 if (api_major != sev->api_major || api_minor != sev->api_minor || in sev_pci_init()
2413 build != sev->build) in sev_pci_init()
2414 dev_info(sev->dev, "SEV firmware updated from %d.%d.%d to %d.%d.%d\n", in sev_pci_init()
2416 sev->api_major, sev->api_minor, sev->build); in sev_pci_init()
2422 dev_err(sev->dev, "SEV: failed to INIT error %#x, rc %d\n", in sev_pci_init()
2425 dev_info(sev->dev, "SEV%s API:%d.%d build:%d\n", sev->snp_initialized ? in sev_pci_init()
2426 "-SNP" : "", sev->api_major, sev->api_minor, sev->build); in sev_pci_init()
2435 psp_master->sev_data = NULL; in sev_pci_init()
2440 struct sev_device *sev = psp_master->sev_data; in sev_pci_exit()