1b880a800SSuzuki K Poulose /* SPDX-License-Identifier: GPL-2.0-only */ 2b880a800SSuzuki K Poulose /* 3b880a800SSuzuki K Poulose * Copyright (C) 2023 ARM Ltd. 4b880a800SSuzuki K Poulose */ 5b880a800SSuzuki K Poulose 6b880a800SSuzuki K Poulose #ifndef __ASM_RSI_CMDS_H 7b880a800SSuzuki K Poulose #define __ASM_RSI_CMDS_H 8b880a800SSuzuki K Poulose 9b880a800SSuzuki K Poulose #include <linux/arm-smccc.h> 10b880a800SSuzuki K Poulose 11b880a800SSuzuki K Poulose #include <asm/rsi_smc.h> 12b880a800SSuzuki K Poulose 13b880a800SSuzuki K Poulose #define RSI_GRANULE_SHIFT 12 14b880a800SSuzuki K Poulose #define RSI_GRANULE_SIZE (_AC(1, UL) << RSI_GRANULE_SHIFT) 15b880a800SSuzuki K Poulose 16b880a800SSuzuki K Poulose enum ripas { 17b880a800SSuzuki K Poulose RSI_RIPAS_EMPTY = 0, 18b880a800SSuzuki K Poulose RSI_RIPAS_RAM = 1, 19b880a800SSuzuki K Poulose RSI_RIPAS_DESTROYED = 2, 20b880a800SSuzuki K Poulose RSI_RIPAS_DEV = 3, 21b880a800SSuzuki K Poulose }; 22b880a800SSuzuki K Poulose 23b880a800SSuzuki K Poulose static inline unsigned long rsi_request_version(unsigned long req, 24b880a800SSuzuki K Poulose unsigned long *out_lower, 25b880a800SSuzuki K Poulose unsigned long *out_higher) 26b880a800SSuzuki K Poulose { 27b880a800SSuzuki K Poulose struct arm_smccc_res res; 28b880a800SSuzuki K Poulose 29b880a800SSuzuki K Poulose arm_smccc_smc(SMC_RSI_ABI_VERSION, req, 0, 0, 0, 0, 0, 0, &res); 30b880a800SSuzuki K Poulose 31b880a800SSuzuki K Poulose if (out_lower) 32b880a800SSuzuki K Poulose *out_lower = res.a1; 33b880a800SSuzuki K Poulose if (out_higher) 34b880a800SSuzuki K Poulose *out_higher = res.a2; 35b880a800SSuzuki K Poulose 36b880a800SSuzuki K Poulose return res.a0; 37b880a800SSuzuki K Poulose } 38b880a800SSuzuki K Poulose 39b880a800SSuzuki K Poulose static inline unsigned long rsi_get_realm_config(struct realm_config *cfg) 40b880a800SSuzuki K Poulose { 41b880a800SSuzuki K Poulose struct arm_smccc_res res; 42b880a800SSuzuki K Poulose 43b880a800SSuzuki K Poulose arm_smccc_smc(SMC_RSI_REALM_CONFIG, virt_to_phys(cfg), 44b880a800SSuzuki K Poulose 0, 0, 0, 0, 0, 0, &res); 45b880a800SSuzuki K Poulose return res.a0; 46b880a800SSuzuki K Poulose } 47b880a800SSuzuki K Poulose 48*37158943SSuzuki K Poulose static inline unsigned long rsi_ipa_state_get(phys_addr_t start, 49*37158943SSuzuki K Poulose phys_addr_t end, 50*37158943SSuzuki K Poulose enum ripas *state, 51*37158943SSuzuki K Poulose phys_addr_t *top) 52*37158943SSuzuki K Poulose { 53*37158943SSuzuki K Poulose struct arm_smccc_res res; 54*37158943SSuzuki K Poulose 55*37158943SSuzuki K Poulose arm_smccc_smc(SMC_RSI_IPA_STATE_GET, 56*37158943SSuzuki K Poulose start, end, 0, 0, 0, 0, 0, 57*37158943SSuzuki K Poulose &res); 58*37158943SSuzuki K Poulose 59*37158943SSuzuki K Poulose if (res.a0 == RSI_SUCCESS) { 60*37158943SSuzuki K Poulose if (top) 61*37158943SSuzuki K Poulose *top = res.a1; 62*37158943SSuzuki K Poulose if (state) 63*37158943SSuzuki K Poulose *state = res.a2; 64*37158943SSuzuki K Poulose } 65*37158943SSuzuki K Poulose 66*37158943SSuzuki K Poulose return res.a0; 67*37158943SSuzuki K Poulose } 68*37158943SSuzuki K Poulose 69b880a800SSuzuki K Poulose static inline long rsi_set_addr_range_state(phys_addr_t start, 70b880a800SSuzuki K Poulose phys_addr_t end, 71b880a800SSuzuki K Poulose enum ripas state, 72b880a800SSuzuki K Poulose unsigned long flags, 73b880a800SSuzuki K Poulose phys_addr_t *top) 74b880a800SSuzuki K Poulose { 75b880a800SSuzuki K Poulose struct arm_smccc_res res; 76b880a800SSuzuki K Poulose 77b880a800SSuzuki K Poulose arm_smccc_smc(SMC_RSI_IPA_STATE_SET, start, end, state, 78b880a800SSuzuki K Poulose flags, 0, 0, 0, &res); 79b880a800SSuzuki K Poulose 80b880a800SSuzuki K Poulose if (top) 81b880a800SSuzuki K Poulose *top = res.a1; 82b880a800SSuzuki K Poulose 83b880a800SSuzuki K Poulose if (res.a2 != RSI_ACCEPT) 84b880a800SSuzuki K Poulose return -EPERM; 85b880a800SSuzuki K Poulose 86b880a800SSuzuki K Poulose return res.a0; 87b880a800SSuzuki K Poulose } 88b880a800SSuzuki K Poulose 89b880a800SSuzuki K Poulose /** 90b880a800SSuzuki K Poulose * rsi_attestation_token_init - Initialise the operation to retrieve an 91b880a800SSuzuki K Poulose * attestation token. 92b880a800SSuzuki K Poulose * 93b880a800SSuzuki K Poulose * @challenge: The challenge data to be used in the attestation token 94b880a800SSuzuki K Poulose * generation. 95b880a800SSuzuki K Poulose * @size: Size of the challenge data in bytes. 96b880a800SSuzuki K Poulose * 97b880a800SSuzuki K Poulose * Initialises the attestation token generation and returns an upper bound 98b880a800SSuzuki K Poulose * on the attestation token size that can be used to allocate an adequate 99b880a800SSuzuki K Poulose * buffer. The caller is expected to subsequently call 100b880a800SSuzuki K Poulose * rsi_attestation_token_continue() to retrieve the attestation token data on 101b880a800SSuzuki K Poulose * the same CPU. 102b880a800SSuzuki K Poulose * 103b880a800SSuzuki K Poulose * Returns: 104b880a800SSuzuki K Poulose * On success, returns the upper limit of the attestation report size. 105b880a800SSuzuki K Poulose * Otherwise, -EINVAL 106b880a800SSuzuki K Poulose */ 107b880a800SSuzuki K Poulose static inline long 108b880a800SSuzuki K Poulose rsi_attestation_token_init(const u8 *challenge, unsigned long size) 109b880a800SSuzuki K Poulose { 110b880a800SSuzuki K Poulose struct arm_smccc_1_2_regs regs = { 0 }; 111b880a800SSuzuki K Poulose 112b880a800SSuzuki K Poulose /* The challenge must be at least 32bytes and at most 64bytes */ 113b880a800SSuzuki K Poulose if (!challenge || size < 32 || size > 64) 114b880a800SSuzuki K Poulose return -EINVAL; 115b880a800SSuzuki K Poulose 116b880a800SSuzuki K Poulose regs.a0 = SMC_RSI_ATTESTATION_TOKEN_INIT; 117b880a800SSuzuki K Poulose memcpy(®s.a1, challenge, size); 118b880a800SSuzuki K Poulose arm_smccc_1_2_smc(®s, ®s); 119b880a800SSuzuki K Poulose 120b880a800SSuzuki K Poulose if (regs.a0 == RSI_SUCCESS) 121b880a800SSuzuki K Poulose return regs.a1; 122b880a800SSuzuki K Poulose 123b880a800SSuzuki K Poulose return -EINVAL; 124b880a800SSuzuki K Poulose } 125b880a800SSuzuki K Poulose 126b880a800SSuzuki K Poulose /** 127b880a800SSuzuki K Poulose * rsi_attestation_token_continue - Continue the operation to retrieve an 128b880a800SSuzuki K Poulose * attestation token. 129b880a800SSuzuki K Poulose * 130b880a800SSuzuki K Poulose * @granule: {I}PA of the Granule to which the token will be written. 131b880a800SSuzuki K Poulose * @offset: Offset within Granule to start of buffer in bytes. 132b880a800SSuzuki K Poulose * @size: The size of the buffer. 133b880a800SSuzuki K Poulose * @len: The number of bytes written to the buffer. 134b880a800SSuzuki K Poulose * 135b880a800SSuzuki K Poulose * Retrieves up to a RSI_GRANULE_SIZE worth of token data per call. The caller 136b880a800SSuzuki K Poulose * is expected to call rsi_attestation_token_init() before calling this 137b880a800SSuzuki K Poulose * function to retrieve the attestation token. 138b880a800SSuzuki K Poulose * 139b880a800SSuzuki K Poulose * Return: 140b880a800SSuzuki K Poulose * * %RSI_SUCCESS - Attestation token retrieved successfully. 141b880a800SSuzuki K Poulose * * %RSI_INCOMPLETE - Token generation is not complete. 142b880a800SSuzuki K Poulose * * %RSI_ERROR_INPUT - A parameter was not valid. 143b880a800SSuzuki K Poulose * * %RSI_ERROR_STATE - Attestation not in progress. 144b880a800SSuzuki K Poulose */ 145b880a800SSuzuki K Poulose static inline unsigned long rsi_attestation_token_continue(phys_addr_t granule, 146b880a800SSuzuki K Poulose unsigned long offset, 147b880a800SSuzuki K Poulose unsigned long size, 148b880a800SSuzuki K Poulose unsigned long *len) 149b880a800SSuzuki K Poulose { 150b880a800SSuzuki K Poulose struct arm_smccc_res res; 151b880a800SSuzuki K Poulose 152b880a800SSuzuki K Poulose arm_smccc_1_1_invoke(SMC_RSI_ATTESTATION_TOKEN_CONTINUE, 153b880a800SSuzuki K Poulose granule, offset, size, 0, &res); 154b880a800SSuzuki K Poulose 155b880a800SSuzuki K Poulose if (len) 156b880a800SSuzuki K Poulose *len = res.a1; 157b880a800SSuzuki K Poulose return res.a0; 158b880a800SSuzuki K Poulose } 159b880a800SSuzuki K Poulose 160b880a800SSuzuki K Poulose #endif /* __ASM_RSI_CMDS_H */ 161