1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * AMD Cryptographic Coprocessor (CCP) driver
4 *
5 * Copyright (C) 2013,2019 Advanced Micro Devices, Inc.
6 *
7 * Author: Tom Lendacky <thomas.lendacky@amd.com>
8 * Author: Gary R Hook <gary.hook@amd.com>
9 */
10
11 #include <linux/module.h>
12 #include <linux/kernel.h>
13 #include <linux/kthread.h>
14 #include <linux/sched.h>
15 #include <linux/interrupt.h>
16 #include <linux/spinlock.h>
17 #include <linux/spinlock_types.h>
18 #include <linux/types.h>
19 #include <linux/mutex.h>
20 #include <linux/delay.h>
21 #include <linux/hw_random.h>
22 #include <linux/cpu.h>
23 #include <linux/atomic.h>
24 #ifdef CONFIG_X86
25 #include <asm/cpu_device_id.h>
26 #endif
27 #include <linux/ccp.h>
28
29 #include "ccp-dev.h"
30
31 #define MAX_CCPS 32
32
33 /* Limit CCP use to a specifed number of queues per device */
34 static unsigned int nqueues;
35 module_param(nqueues, uint, 0444);
36 MODULE_PARM_DESC(nqueues, "Number of queues per CCP (minimum 1; default: all available)");
37
38 /* Limit the maximum number of configured CCPs */
39 static atomic_t dev_count = ATOMIC_INIT(0);
40 static unsigned int max_devs = MAX_CCPS;
41 module_param(max_devs, uint, 0444);
42 MODULE_PARM_DESC(max_devs, "Maximum number of CCPs to enable (default: all; 0 disables all CCPs)");
43
44 struct ccp_tasklet_data {
45 struct completion completion;
46 struct ccp_cmd *cmd;
47 };
48
49 /* Human-readable error strings */
50 #define CCP_MAX_ERROR_CODE 64
51 static char *ccp_error_codes[] = {
52 "",
53 "ILLEGAL_ENGINE",
54 "ILLEGAL_KEY_ID",
55 "ILLEGAL_FUNCTION_TYPE",
56 "ILLEGAL_FUNCTION_MODE",
57 "ILLEGAL_FUNCTION_ENCRYPT",
58 "ILLEGAL_FUNCTION_SIZE",
59 "Zlib_MISSING_INIT_EOM",
60 "ILLEGAL_FUNCTION_RSVD",
61 "ILLEGAL_BUFFER_LENGTH",
62 "VLSB_FAULT",
63 "ILLEGAL_MEM_ADDR",
64 "ILLEGAL_MEM_SEL",
65 "ILLEGAL_CONTEXT_ID",
66 "ILLEGAL_KEY_ADDR",
67 "0xF Reserved",
68 "Zlib_ILLEGAL_MULTI_QUEUE",
69 "Zlib_ILLEGAL_JOBID_CHANGE",
70 "CMD_TIMEOUT",
71 "IDMA0_AXI_SLVERR",
72 "IDMA0_AXI_DECERR",
73 "0x15 Reserved",
74 "IDMA1_AXI_SLAVE_FAULT",
75 "IDMA1_AIXI_DECERR",
76 "0x18 Reserved",
77 "ZLIBVHB_AXI_SLVERR",
78 "ZLIBVHB_AXI_DECERR",
79 "0x1B Reserved",
80 "ZLIB_UNEXPECTED_EOM",
81 "ZLIB_EXTRA_DATA",
82 "ZLIB_BTYPE",
83 "ZLIB_UNDEFINED_SYMBOL",
84 "ZLIB_UNDEFINED_DISTANCE_S",
85 "ZLIB_CODE_LENGTH_SYMBOL",
86 "ZLIB _VHB_ILLEGAL_FETCH",
87 "ZLIB_UNCOMPRESSED_LEN",
88 "ZLIB_LIMIT_REACHED",
89 "ZLIB_CHECKSUM_MISMATCH0",
90 "ODMA0_AXI_SLVERR",
91 "ODMA0_AXI_DECERR",
92 "0x28 Reserved",
93 "ODMA1_AXI_SLVERR",
94 "ODMA1_AXI_DECERR",
95 };
96
ccp_log_error(struct ccp_device * d,unsigned int e)97 void ccp_log_error(struct ccp_device *d, unsigned int e)
98 {
99 if (WARN_ON(e >= CCP_MAX_ERROR_CODE))
100 return;
101
102 if (e < ARRAY_SIZE(ccp_error_codes))
103 dev_err(d->dev, "CCP error %d: %s\n", e, ccp_error_codes[e]);
104 else
105 dev_err(d->dev, "CCP error %d: Unknown Error\n", e);
106 }
107
108 /* List of CCPs, CCP count, read-write access lock, and access functions
109 *
110 * Lock structure: get ccp_unit_lock for reading whenever we need to
111 * examine the CCP list. While holding it for reading we can acquire
112 * the RR lock to update the round-robin next-CCP pointer. The unit lock
113 * must be acquired before the RR lock.
114 *
115 * If the unit-lock is acquired for writing, we have total control over
116 * the list, so there's no value in getting the RR lock.
117 */
118 static DEFINE_RWLOCK(ccp_unit_lock);
119 static LIST_HEAD(ccp_units);
120
121 /* Round-robin counter */
122 static DEFINE_SPINLOCK(ccp_rr_lock);
123 static struct ccp_device *ccp_rr;
124
125 /**
126 * ccp_add_device - add a CCP device to the list
127 *
128 * @ccp: ccp_device struct pointer
129 *
130 * Put this CCP on the unit list, which makes it available
131 * for use.
132 *
133 * Returns zero if a CCP device is present, -ENODEV otherwise.
134 */
ccp_add_device(struct ccp_device * ccp)135 void ccp_add_device(struct ccp_device *ccp)
136 {
137 unsigned long flags;
138
139 write_lock_irqsave(&ccp_unit_lock, flags);
140 list_add_tail(&ccp->entry, &ccp_units);
141 if (!ccp_rr)
142 /* We already have the list lock (we're first) so this
143 * pointer can't change on us. Set its initial value.
144 */
145 ccp_rr = ccp;
146 write_unlock_irqrestore(&ccp_unit_lock, flags);
147 }
148
149 /**
150 * ccp_del_device - remove a CCP device from the list
151 *
152 * @ccp: ccp_device struct pointer
153 *
154 * Remove this unit from the list of devices. If the next device
155 * up for use is this one, adjust the pointer. If this is the last
156 * device, NULL the pointer.
157 */
ccp_del_device(struct ccp_device * ccp)158 void ccp_del_device(struct ccp_device *ccp)
159 {
160 unsigned long flags;
161
162 write_lock_irqsave(&ccp_unit_lock, flags);
163 if (ccp_rr == ccp) {
164 /* ccp_unit_lock is read/write; any read access
165 * will be suspended while we make changes to the
166 * list and RR pointer.
167 */
168 if (list_is_last(&ccp_rr->entry, &ccp_units))
169 ccp_rr = list_first_entry(&ccp_units, struct ccp_device,
170 entry);
171 else
172 ccp_rr = list_next_entry(ccp_rr, entry);
173 }
174 list_del(&ccp->entry);
175 if (list_empty(&ccp_units))
176 ccp_rr = NULL;
177 write_unlock_irqrestore(&ccp_unit_lock, flags);
178 }
179
180
181
ccp_register_rng(struct ccp_device * ccp)182 int ccp_register_rng(struct ccp_device *ccp)
183 {
184 int ret = 0;
185
186 dev_dbg(ccp->dev, "Registering RNG...\n");
187 /* Register an RNG */
188 ccp->hwrng.name = ccp->rngname;
189 ccp->hwrng.read = ccp_trng_read;
190 ret = hwrng_register(&ccp->hwrng);
191 if (ret)
192 dev_err(ccp->dev, "error registering hwrng (%d)\n", ret);
193
194 return ret;
195 }
196
ccp_unregister_rng(struct ccp_device * ccp)197 void ccp_unregister_rng(struct ccp_device *ccp)
198 {
199 if (ccp->hwrng.name)
200 hwrng_unregister(&ccp->hwrng);
201 }
202
ccp_get_device(void)203 static struct ccp_device *ccp_get_device(void)
204 {
205 unsigned long flags;
206 struct ccp_device *dp = NULL;
207
208 /* We round-robin through the unit list.
209 * The (ccp_rr) pointer refers to the next unit to use.
210 */
211 read_lock_irqsave(&ccp_unit_lock, flags);
212 if (!list_empty(&ccp_units)) {
213 spin_lock(&ccp_rr_lock);
214 dp = ccp_rr;
215 if (list_is_last(&ccp_rr->entry, &ccp_units))
216 ccp_rr = list_first_entry(&ccp_units, struct ccp_device,
217 entry);
218 else
219 ccp_rr = list_next_entry(ccp_rr, entry);
220 spin_unlock(&ccp_rr_lock);
221 }
222 read_unlock_irqrestore(&ccp_unit_lock, flags);
223
224 return dp;
225 }
226
227 /**
228 * ccp_present - check if a CCP device is present
229 *
230 * Returns zero if a CCP device is present, -ENODEV otherwise.
231 */
ccp_present(void)232 int ccp_present(void)
233 {
234 unsigned long flags;
235 int ret;
236
237 read_lock_irqsave(&ccp_unit_lock, flags);
238 ret = list_empty(&ccp_units);
239 read_unlock_irqrestore(&ccp_unit_lock, flags);
240
241 return ret ? -ENODEV : 0;
242 }
243 EXPORT_SYMBOL_GPL(ccp_present);
244
245 /**
246 * ccp_version - get the version of the CCP device
247 *
248 * Returns the version from the first unit on the list;
249 * otherwise a zero if no CCP device is present
250 */
ccp_version(void)251 unsigned int ccp_version(void)
252 {
253 struct ccp_device *dp;
254 unsigned long flags;
255 int ret = 0;
256
257 read_lock_irqsave(&ccp_unit_lock, flags);
258 if (!list_empty(&ccp_units)) {
259 dp = list_first_entry(&ccp_units, struct ccp_device, entry);
260 ret = dp->vdata->version;
261 }
262 read_unlock_irqrestore(&ccp_unit_lock, flags);
263
264 return ret;
265 }
266 EXPORT_SYMBOL_GPL(ccp_version);
267
268 /**
269 * ccp_enqueue_cmd - queue an operation for processing by the CCP
270 *
271 * @cmd: ccp_cmd struct to be processed
272 *
273 * Queue a cmd to be processed by the CCP. If queueing the cmd
274 * would exceed the defined length of the cmd queue the cmd will
275 * only be queued if the CCP_CMD_MAY_BACKLOG flag is set and will
276 * result in a return code of -EBUSY.
277 *
278 * The callback routine specified in the ccp_cmd struct will be
279 * called to notify the caller of completion (if the cmd was not
280 * backlogged) or advancement out of the backlog. If the cmd has
281 * advanced out of the backlog the "err" value of the callback
282 * will be -EINPROGRESS. Any other "err" value during callback is
283 * the result of the operation.
284 *
285 * The cmd has been successfully queued if:
286 * the return code is -EINPROGRESS or
287 * the return code is -EBUSY and CCP_CMD_MAY_BACKLOG flag is set
288 */
ccp_enqueue_cmd(struct ccp_cmd * cmd)289 int ccp_enqueue_cmd(struct ccp_cmd *cmd)
290 {
291 struct ccp_device *ccp;
292 unsigned long flags;
293 unsigned int i;
294 int ret;
295
296 /* Some commands might need to be sent to a specific device */
297 ccp = cmd->ccp ? cmd->ccp : ccp_get_device();
298
299 if (!ccp)
300 return -ENODEV;
301
302 /* Caller must supply a callback routine */
303 if (!cmd->callback)
304 return -EINVAL;
305
306 cmd->ccp = ccp;
307
308 spin_lock_irqsave(&ccp->cmd_lock, flags);
309
310 i = ccp->cmd_q_count;
311
312 if (ccp->cmd_count >= MAX_CMD_QLEN) {
313 if (cmd->flags & CCP_CMD_MAY_BACKLOG) {
314 ret = -EBUSY;
315 list_add_tail(&cmd->entry, &ccp->backlog);
316 } else {
317 ret = -ENOSPC;
318 }
319 } else {
320 ret = -EINPROGRESS;
321 ccp->cmd_count++;
322 list_add_tail(&cmd->entry, &ccp->cmd);
323
324 /* Find an idle queue */
325 if (!ccp->suspending) {
326 for (i = 0; i < ccp->cmd_q_count; i++) {
327 if (ccp->cmd_q[i].active)
328 continue;
329
330 break;
331 }
332 }
333 }
334
335 spin_unlock_irqrestore(&ccp->cmd_lock, flags);
336
337 /* If we found an idle queue, wake it up */
338 if (i < ccp->cmd_q_count)
339 wake_up_process(ccp->cmd_q[i].kthread);
340
341 return ret;
342 }
343 EXPORT_SYMBOL_GPL(ccp_enqueue_cmd);
344
ccp_do_cmd_backlog(struct work_struct * work)345 static void ccp_do_cmd_backlog(struct work_struct *work)
346 {
347 struct ccp_cmd *cmd = container_of(work, struct ccp_cmd, work);
348 struct ccp_device *ccp = cmd->ccp;
349 unsigned long flags;
350 unsigned int i;
351
352 cmd->callback(cmd->data, -EINPROGRESS);
353
354 spin_lock_irqsave(&ccp->cmd_lock, flags);
355
356 ccp->cmd_count++;
357 list_add_tail(&cmd->entry, &ccp->cmd);
358
359 /* Find an idle queue */
360 for (i = 0; i < ccp->cmd_q_count; i++) {
361 if (ccp->cmd_q[i].active)
362 continue;
363
364 break;
365 }
366
367 spin_unlock_irqrestore(&ccp->cmd_lock, flags);
368
369 /* If we found an idle queue, wake it up */
370 if (i < ccp->cmd_q_count)
371 wake_up_process(ccp->cmd_q[i].kthread);
372 }
373
ccp_dequeue_cmd(struct ccp_cmd_queue * cmd_q)374 static struct ccp_cmd *ccp_dequeue_cmd(struct ccp_cmd_queue *cmd_q)
375 {
376 struct ccp_device *ccp = cmd_q->ccp;
377 struct ccp_cmd *cmd = NULL;
378 struct ccp_cmd *backlog = NULL;
379 unsigned long flags;
380
381 spin_lock_irqsave(&ccp->cmd_lock, flags);
382
383 cmd_q->active = 0;
384
385 if (ccp->suspending) {
386 cmd_q->suspended = 1;
387
388 spin_unlock_irqrestore(&ccp->cmd_lock, flags);
389 wake_up_interruptible(&ccp->suspend_queue);
390
391 return NULL;
392 }
393
394 if (ccp->cmd_count) {
395 cmd_q->active = 1;
396
397 cmd = list_first_entry(&ccp->cmd, struct ccp_cmd, entry);
398 list_del(&cmd->entry);
399
400 ccp->cmd_count--;
401 }
402
403 if (!list_empty(&ccp->backlog)) {
404 backlog = list_first_entry(&ccp->backlog, struct ccp_cmd,
405 entry);
406 list_del(&backlog->entry);
407 }
408
409 spin_unlock_irqrestore(&ccp->cmd_lock, flags);
410
411 if (backlog) {
412 INIT_WORK(&backlog->work, ccp_do_cmd_backlog);
413 schedule_work(&backlog->work);
414 }
415
416 return cmd;
417 }
418
ccp_do_cmd_complete(unsigned long data)419 static void ccp_do_cmd_complete(unsigned long data)
420 {
421 struct ccp_tasklet_data *tdata = (struct ccp_tasklet_data *)data;
422 struct ccp_cmd *cmd = tdata->cmd;
423
424 cmd->callback(cmd->data, cmd->ret);
425
426 complete(&tdata->completion);
427 }
428
429 /**
430 * ccp_cmd_queue_thread - create a kernel thread to manage a CCP queue
431 *
432 * @data: thread-specific data
433 */
ccp_cmd_queue_thread(void * data)434 int ccp_cmd_queue_thread(void *data)
435 {
436 struct ccp_cmd_queue *cmd_q = (struct ccp_cmd_queue *)data;
437 struct ccp_cmd *cmd;
438 struct ccp_tasklet_data tdata;
439 struct tasklet_struct tasklet;
440
441 tasklet_init(&tasklet, ccp_do_cmd_complete, (unsigned long)&tdata);
442
443 set_current_state(TASK_INTERRUPTIBLE);
444 while (!kthread_should_stop()) {
445 schedule();
446
447 set_current_state(TASK_INTERRUPTIBLE);
448
449 cmd = ccp_dequeue_cmd(cmd_q);
450 if (!cmd)
451 continue;
452
453 __set_current_state(TASK_RUNNING);
454
455 /* Execute the command */
456 cmd->ret = ccp_run_cmd(cmd_q, cmd);
457
458 /* Schedule the completion callback */
459 tdata.cmd = cmd;
460 init_completion(&tdata.completion);
461 tasklet_schedule(&tasklet);
462 wait_for_completion(&tdata.completion);
463 }
464
465 __set_current_state(TASK_RUNNING);
466
467 return 0;
468 }
469
470 /**
471 * ccp_alloc_struct - allocate and initialize the ccp_device struct
472 *
473 * @sp: sp_device struct of the CCP
474 */
ccp_alloc_struct(struct sp_device * sp)475 struct ccp_device *ccp_alloc_struct(struct sp_device *sp)
476 {
477 struct device *dev = sp->dev;
478 struct ccp_device *ccp;
479
480 ccp = devm_kzalloc(dev, sizeof(*ccp), GFP_KERNEL);
481 if (!ccp)
482 return NULL;
483 ccp->dev = dev;
484 ccp->sp = sp;
485 ccp->axcache = sp->axcache;
486
487 INIT_LIST_HEAD(&ccp->cmd);
488 INIT_LIST_HEAD(&ccp->backlog);
489
490 spin_lock_init(&ccp->cmd_lock);
491 mutex_init(&ccp->req_mutex);
492 mutex_init(&ccp->sb_mutex);
493 ccp->sb_count = KSB_COUNT;
494 ccp->sb_start = 0;
495
496 /* Initialize the wait queues */
497 init_waitqueue_head(&ccp->sb_queue);
498 init_waitqueue_head(&ccp->suspend_queue);
499
500 snprintf(ccp->name, MAX_CCP_NAME_LEN, "ccp-%u", sp->ord);
501 snprintf(ccp->rngname, MAX_CCP_NAME_LEN, "ccp-%u-rng", sp->ord);
502
503 return ccp;
504 }
505
ccp_trng_read(struct hwrng * rng,void * data,size_t max,bool wait)506 int ccp_trng_read(struct hwrng *rng, void *data, size_t max, bool wait)
507 {
508 struct ccp_device *ccp = container_of(rng, struct ccp_device, hwrng);
509 u32 trng_value;
510 int len = min_t(int, sizeof(trng_value), max);
511
512 /* Locking is provided by the caller so we can update device
513 * hwrng-related fields safely
514 */
515 trng_value = ioread32(ccp->io_regs + TRNG_OUT_REG);
516 if (!trng_value) {
517 /* Zero is returned if not data is available or if a
518 * bad-entropy error is present. Assume an error if
519 * we exceed TRNG_RETRIES reads of zero.
520 */
521 if (ccp->hwrng_retries++ > TRNG_RETRIES)
522 return -EIO;
523
524 return 0;
525 }
526
527 /* Reset the counter and save the rng value */
528 ccp->hwrng_retries = 0;
529 memcpy(data, &trng_value, len);
530
531 return len;
532 }
533
ccp_queues_suspended(struct ccp_device * ccp)534 bool ccp_queues_suspended(struct ccp_device *ccp)
535 {
536 unsigned int suspended = 0;
537 unsigned long flags;
538 unsigned int i;
539
540 spin_lock_irqsave(&ccp->cmd_lock, flags);
541
542 for (i = 0; i < ccp->cmd_q_count; i++)
543 if (ccp->cmd_q[i].suspended)
544 suspended++;
545
546 spin_unlock_irqrestore(&ccp->cmd_lock, flags);
547
548 return ccp->cmd_q_count == suspended;
549 }
550
ccp_dev_suspend(struct sp_device * sp)551 void ccp_dev_suspend(struct sp_device *sp)
552 {
553 struct ccp_device *ccp = sp->ccp_data;
554 unsigned long flags;
555 unsigned int i;
556
557 /* If there's no device there's nothing to do */
558 if (!ccp)
559 return;
560
561 spin_lock_irqsave(&ccp->cmd_lock, flags);
562
563 ccp->suspending = 1;
564
565 /* Wake all the queue kthreads to prepare for suspend */
566 for (i = 0; i < ccp->cmd_q_count; i++)
567 wake_up_process(ccp->cmd_q[i].kthread);
568
569 spin_unlock_irqrestore(&ccp->cmd_lock, flags);
570
571 /* Wait for all queue kthreads to say they're done */
572 while (!ccp_queues_suspended(ccp))
573 wait_event_interruptible(ccp->suspend_queue,
574 ccp_queues_suspended(ccp));
575 }
576
ccp_dev_resume(struct sp_device * sp)577 void ccp_dev_resume(struct sp_device *sp)
578 {
579 struct ccp_device *ccp = sp->ccp_data;
580 unsigned long flags;
581 unsigned int i;
582
583 /* If there's no device there's nothing to do */
584 if (!ccp)
585 return;
586
587 spin_lock_irqsave(&ccp->cmd_lock, flags);
588
589 ccp->suspending = 0;
590
591 /* Wake up all the kthreads */
592 for (i = 0; i < ccp->cmd_q_count; i++) {
593 ccp->cmd_q[i].suspended = 0;
594 wake_up_process(ccp->cmd_q[i].kthread);
595 }
596
597 spin_unlock_irqrestore(&ccp->cmd_lock, flags);
598 }
599
ccp_dev_init(struct sp_device * sp)600 int ccp_dev_init(struct sp_device *sp)
601 {
602 struct device *dev = sp->dev;
603 struct ccp_device *ccp;
604 int ret;
605
606 /*
607 * Check how many we have so far, and stop after reaching
608 * that number
609 */
610 if (atomic_inc_return(&dev_count) > max_devs)
611 return 0; /* don't fail the load */
612
613 ret = -ENOMEM;
614 ccp = ccp_alloc_struct(sp);
615 if (!ccp)
616 goto e_err;
617 sp->ccp_data = ccp;
618
619 if (!nqueues || (nqueues > MAX_HW_QUEUES))
620 ccp->max_q_count = MAX_HW_QUEUES;
621 else
622 ccp->max_q_count = nqueues;
623
624 ccp->vdata = (struct ccp_vdata *)sp->dev_vdata->ccp_vdata;
625 if (!ccp->vdata || !ccp->vdata->version) {
626 ret = -ENODEV;
627 dev_err(dev, "missing driver data\n");
628 goto e_err;
629 }
630
631 ccp->use_tasklet = sp->use_tasklet;
632
633 ccp->io_regs = sp->io_map + ccp->vdata->offset;
634 if (ccp->vdata->setup)
635 ccp->vdata->setup(ccp);
636
637 ret = ccp->vdata->perform->init(ccp);
638 if (ret) {
639 /* A positive number means that the device cannot be initialized,
640 * but no additional message is required.
641 */
642 if (ret > 0)
643 goto e_quiet;
644
645 /* An unexpected problem occurred, and should be reported in the log */
646 goto e_err;
647 }
648
649 dev_notice(dev, "ccp enabled\n");
650
651 return 0;
652
653 e_err:
654 dev_notice(dev, "ccp initialization failed\n");
655
656 e_quiet:
657 sp->ccp_data = NULL;
658
659 return ret;
660 }
661
ccp_dev_destroy(struct sp_device * sp)662 void ccp_dev_destroy(struct sp_device *sp)
663 {
664 struct ccp_device *ccp = sp->ccp_data;
665
666 if (!ccp)
667 return;
668
669 ccp->vdata->perform->destroy(ccp);
670 }
671