xref: /linux/drivers/crypto/ccp/psp-dev.c (revision 1a268000b03a162bd5feb7fce1c130f1b31602b5)
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * AMD Platform Security Processor (PSP) interface
4  *
5  * Copyright (C) 2016,2019 Advanced Micro Devices, Inc.
6  *
7  * Author: Brijesh Singh <brijesh.singh@amd.com>
8  */
9 
10 #include <linux/kernel.h>
11 #include <linux/irqreturn.h>
12 #include <linux/mutex.h>
13 #include <linux/bitfield.h>
14 #include <linux/delay.h>
15 
16 #include "sp-dev.h"
17 #include "psp-dev.h"
18 #include "sev-dev.h"
19 #include "tee-dev.h"
20 #include "platform-access.h"
21 #include "dbc.h"
22 
23 struct psp_device *psp_master;
24 
25 #define PSP_C2PMSG_17_CMDRESP_CMD	GENMASK(19, 16)
26 
27 static int psp_mailbox_poll(const void __iomem *cmdresp_reg, unsigned int *cmdresp,
28 			    unsigned int timeout_msecs)
29 {
30 	while (true) {
31 		*cmdresp = ioread32(cmdresp_reg);
32 		if (FIELD_GET(PSP_CMDRESP_RESP, *cmdresp))
33 			return 0;
34 
35 		if (!timeout_msecs--)
36 			break;
37 
38 		usleep_range(1000, 1100);
39 	}
40 
41 	return -ETIMEDOUT;
42 }
43 
44 int psp_mailbox_command(struct psp_device *psp, enum psp_cmd cmd, void *cmdbuff,
45 			unsigned int timeout_msecs, unsigned int *cmdresp)
46 {
47 	void __iomem *cmdresp_reg, *cmdbuff_lo_reg, *cmdbuff_hi_reg;
48 	int ret;
49 
50 	if (!psp || !psp->vdata || !psp->vdata->cmdresp_reg ||
51 	    !psp->vdata->cmdbuff_addr_lo_reg || !psp->vdata->cmdbuff_addr_hi_reg)
52 		return -ENODEV;
53 
54 	cmdresp_reg    = psp->io_regs + psp->vdata->cmdresp_reg;
55 	cmdbuff_lo_reg = psp->io_regs + psp->vdata->cmdbuff_addr_lo_reg;
56 	cmdbuff_hi_reg = psp->io_regs + psp->vdata->cmdbuff_addr_hi_reg;
57 
58 	mutex_lock(&psp->mailbox_mutex);
59 
60 	/* Ensure mailbox is ready for a command */
61 	ret = -EBUSY;
62 	if (psp_mailbox_poll(cmdresp_reg, cmdresp, 0))
63 		goto unlock;
64 
65 	if (cmdbuff) {
66 		iowrite32(lower_32_bits(__psp_pa(cmdbuff)), cmdbuff_lo_reg);
67 		iowrite32(upper_32_bits(__psp_pa(cmdbuff)), cmdbuff_hi_reg);
68 	}
69 
70 	*cmdresp = FIELD_PREP(PSP_C2PMSG_17_CMDRESP_CMD, cmd);
71 	iowrite32(*cmdresp, cmdresp_reg);
72 
73 	ret = psp_mailbox_poll(cmdresp_reg, cmdresp, timeout_msecs);
74 
75 unlock:
76 	mutex_unlock(&psp->mailbox_mutex);
77 
78 	return ret;
79 }
80 
81 int psp_extended_mailbox_cmd(struct psp_device *psp, unsigned int timeout_msecs,
82 			     struct psp_ext_request *req)
83 {
84 	unsigned int reg;
85 	int ret;
86 
87 	print_hex_dump_debug("->psp ", DUMP_PREFIX_OFFSET, 16, 2, req,
88 			     req->header.payload_size, false);
89 
90 	ret = psp_mailbox_command(psp, PSP_CMD_TEE_EXTENDED_CMD, (void *)req,
91 				  timeout_msecs, &reg);
92 	if (ret) {
93 		return ret;
94 	} else if (FIELD_GET(PSP_CMDRESP_STS, reg)) {
95 		req->header.status = FIELD_GET(PSP_CMDRESP_STS, reg);
96 		return -EIO;
97 	}
98 
99 	print_hex_dump_debug("<-psp ", DUMP_PREFIX_OFFSET, 16, 2, req,
100 			     req->header.payload_size, false);
101 
102 	return 0;
103 }
104 
105 static struct psp_device *psp_alloc_struct(struct sp_device *sp)
106 {
107 	struct device *dev = sp->dev;
108 	struct psp_device *psp;
109 
110 	psp = devm_kzalloc(dev, sizeof(*psp), GFP_KERNEL);
111 	if (!psp)
112 		return NULL;
113 
114 	psp->dev = dev;
115 	psp->sp = sp;
116 
117 	snprintf(psp->name, sizeof(psp->name), "psp-%u", sp->ord);
118 
119 	return psp;
120 }
121 
122 static irqreturn_t psp_irq_handler(int irq, void *data)
123 {
124 	struct psp_device *psp = data;
125 	unsigned int status;
126 
127 	/* Read the interrupt status: */
128 	status = ioread32(psp->io_regs + psp->vdata->intsts_reg);
129 
130 	/* Clear the interrupt status by writing the same value we read. */
131 	iowrite32(status, psp->io_regs + psp->vdata->intsts_reg);
132 
133 	/* invoke subdevice interrupt handlers */
134 	if (status) {
135 		if (psp->sev_irq_handler)
136 			psp->sev_irq_handler(irq, psp->sev_irq_data, status);
137 	}
138 
139 	return IRQ_HANDLED;
140 }
141 
142 static unsigned int psp_get_capability(struct psp_device *psp)
143 {
144 	unsigned int val = ioread32(psp->io_regs + psp->vdata->feature_reg);
145 
146 	/*
147 	 * Check for a access to the registers.  If this read returns
148 	 * 0xffffffff, it's likely that the system is running a broken
149 	 * BIOS which disallows access to the device. Stop here and
150 	 * fail the PSP initialization (but not the load, as the CCP
151 	 * could get properly initialized).
152 	 */
153 	if (val == 0xffffffff) {
154 		dev_notice(psp->dev, "psp: unable to access the device: you might be running a broken BIOS.\n");
155 		return -ENODEV;
156 	}
157 	psp->capability = val;
158 
159 	/* Detect if TSME and SME are both enabled */
160 	if (PSP_CAPABILITY(psp, PSP_SECURITY_REPORTING) &&
161 	    psp->capability & (PSP_SECURITY_TSME_STATUS << PSP_CAPABILITY_PSP_SECURITY_OFFSET) &&
162 	    cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT))
163 		dev_notice(psp->dev, "psp: Both TSME and SME are active, SME is unnecessary when TSME is active.\n");
164 
165 	return 0;
166 }
167 
168 static int psp_check_sev_support(struct psp_device *psp)
169 {
170 	/* Check if device supports SEV feature */
171 	if (!PSP_CAPABILITY(psp, SEV)) {
172 		dev_dbg(psp->dev, "psp does not support SEV\n");
173 		return -ENODEV;
174 	}
175 
176 	return 0;
177 }
178 
179 static int psp_check_tee_support(struct psp_device *psp)
180 {
181 	/* Check if device supports TEE feature */
182 	if (!PSP_CAPABILITY(psp, TEE)) {
183 		dev_dbg(psp->dev, "psp does not support TEE\n");
184 		return -ENODEV;
185 	}
186 
187 	return 0;
188 }
189 
190 static int psp_init(struct psp_device *psp)
191 {
192 	int ret;
193 
194 	if (!psp_check_sev_support(psp)) {
195 		ret = sev_dev_init(psp);
196 		if (ret)
197 			return ret;
198 	}
199 
200 	if (!psp_check_tee_support(psp)) {
201 		ret = tee_dev_init(psp);
202 		if (ret)
203 			return ret;
204 	}
205 
206 	if (psp->vdata->platform_access) {
207 		ret = platform_access_dev_init(psp);
208 		if (ret)
209 			return ret;
210 	}
211 
212 	/* dbc must come after platform access as it tests the feature */
213 	if (PSP_FEATURE(psp, DBC) ||
214 	    PSP_CAPABILITY(psp, DBC_THRU_EXT)) {
215 		ret = dbc_dev_init(psp);
216 		if (ret)
217 			return ret;
218 	}
219 
220 	return 0;
221 }
222 
223 int psp_dev_init(struct sp_device *sp)
224 {
225 	struct device *dev = sp->dev;
226 	struct psp_device *psp;
227 	int ret;
228 
229 	ret = -ENOMEM;
230 	psp = psp_alloc_struct(sp);
231 	if (!psp)
232 		goto e_err;
233 
234 	sp->psp_data = psp;
235 
236 	psp->vdata = (struct psp_vdata *)sp->dev_vdata->psp_vdata;
237 	if (!psp->vdata) {
238 		ret = -ENODEV;
239 		dev_err(dev, "missing driver data\n");
240 		goto e_err;
241 	}
242 
243 	psp->io_regs = sp->io_map;
244 	mutex_init(&psp->mailbox_mutex);
245 
246 	ret = psp_get_capability(psp);
247 	if (ret)
248 		goto e_disable;
249 
250 	/* Disable and clear interrupts until ready */
251 	iowrite32(0, psp->io_regs + psp->vdata->inten_reg);
252 	iowrite32(-1, psp->io_regs + psp->vdata->intsts_reg);
253 
254 	/* Request an irq */
255 	ret = sp_request_psp_irq(psp->sp, psp_irq_handler, psp->name, psp);
256 	if (ret) {
257 		dev_err(dev, "psp: unable to allocate an IRQ\n");
258 		goto e_err;
259 	}
260 
261 	/* master device must be set for platform access */
262 	if (psp->sp->set_psp_master_device)
263 		psp->sp->set_psp_master_device(psp->sp);
264 
265 	ret = psp_init(psp);
266 	if (ret)
267 		goto e_irq;
268 
269 	/* Enable interrupt */
270 	iowrite32(-1, psp->io_regs + psp->vdata->inten_reg);
271 
272 	dev_notice(dev, "psp enabled\n");
273 
274 	return 0;
275 
276 e_irq:
277 	if (sp->clear_psp_master_device)
278 		sp->clear_psp_master_device(sp);
279 
280 	sp_free_psp_irq(psp->sp, psp);
281 e_err:
282 	sp->psp_data = NULL;
283 
284 	dev_notice(dev, "psp initialization failed\n");
285 
286 	return ret;
287 
288 e_disable:
289 	sp->psp_data = NULL;
290 
291 	return ret;
292 }
293 
294 void psp_dev_destroy(struct sp_device *sp)
295 {
296 	struct psp_device *psp = sp->psp_data;
297 
298 	if (!psp)
299 		return;
300 
301 	sev_dev_destroy(psp);
302 
303 	tee_dev_destroy(psp);
304 
305 	dbc_dev_destroy(psp);
306 
307 	platform_access_dev_destroy(psp);
308 
309 	sp_free_psp_irq(sp, psp);
310 
311 	if (sp->clear_psp_master_device)
312 		sp->clear_psp_master_device(sp);
313 }
314 
315 void psp_set_sev_irq_handler(struct psp_device *psp, psp_irq_handler_t handler,
316 			     void *data)
317 {
318 	psp->sev_irq_data = data;
319 	psp->sev_irq_handler = handler;
320 }
321 
322 void psp_clear_sev_irq_handler(struct psp_device *psp)
323 {
324 	psp_set_sev_irq_handler(psp, NULL, NULL);
325 }
326 
327 struct psp_device *psp_get_master_device(void)
328 {
329 	struct sp_device *sp = sp_get_psp_master_device();
330 
331 	return sp ? sp->psp_data : NULL;
332 }
333 
334 void psp_pci_init(void)
335 {
336 	psp_master = psp_get_master_device();
337 
338 	if (!psp_master)
339 		return;
340 
341 	sev_pci_init();
342 }
343 
344 void psp_pci_exit(void)
345 {
346 	if (!psp_master)
347 		return;
348 
349 	sev_pci_exit();
350 }
351