xref: /linux/drivers/crypto/ccp/psp-dev.c (revision 20dfee95936413708701eb151f419597fdd9d948) 
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * AMD Platform Security Processor (PSP) interface
4  *
5  * Copyright (C) 2016,2019 Advanced Micro Devices, Inc.
6  *
7  * Author: Brijesh Singh <brijesh.singh@amd.com>
8  */
9 
10 #include <linux/kernel.h>
11 #include <linux/irqreturn.h>
12 #include <linux/mutex.h>
13 #include <linux/bitfield.h>
14 #include <linux/delay.h>
15 
16 #include "sp-dev.h"
17 #include "psp-dev.h"
18 #include "sev-dev.h"
19 #include "tee-dev.h"
20 #include "platform-access.h"
21 #include "dbc.h"
22 
23 struct psp_device *psp_master;
24 
25 #define PSP_C2PMSG_17_CMDRESP_CMD	GENMASK(19, 16)
26 
27 static int psp_mailbox_poll(const void __iomem *cmdresp_reg, unsigned int *cmdresp,
28 			    unsigned int timeout_msecs)
29 {
30 	while (true) {
31 		*cmdresp = ioread32(cmdresp_reg);
32 		if (FIELD_GET(PSP_CMDRESP_RESP, *cmdresp))
33 			return 0;
34 
35 		if (!timeout_msecs--)
36 			break;
37 
38 		usleep_range(1000, 1100);
39 	}
40 
41 	return -ETIMEDOUT;
42 }
43 
44 int psp_mailbox_command(struct psp_device *psp, enum psp_cmd cmd, void *cmdbuff,
45 			unsigned int timeout_msecs, unsigned int *cmdresp)
46 {
47 	void __iomem *cmdresp_reg, *cmdbuff_lo_reg, *cmdbuff_hi_reg;
48 	int ret;
49 
50 	if (!psp || !psp->vdata || !psp->vdata->cmdresp_reg ||
51 	    !psp->vdata->cmdbuff_addr_lo_reg || !psp->vdata->cmdbuff_addr_hi_reg)
52 		return -ENODEV;
53 
54 	cmdresp_reg    = psp->io_regs + psp->vdata->cmdresp_reg;
55 	cmdbuff_lo_reg = psp->io_regs + psp->vdata->cmdbuff_addr_lo_reg;
56 	cmdbuff_hi_reg = psp->io_regs + psp->vdata->cmdbuff_addr_hi_reg;
57 
58 	mutex_lock(&psp->mailbox_mutex);
59 
60 	/* Ensure mailbox is ready for a command */
61 	ret = -EBUSY;
62 	if (psp_mailbox_poll(cmdresp_reg, cmdresp, 0))
63 		goto unlock;
64 
65 	if (cmdbuff) {
66 		iowrite32(lower_32_bits(__psp_pa(cmdbuff)), cmdbuff_lo_reg);
67 		iowrite32(upper_32_bits(__psp_pa(cmdbuff)), cmdbuff_hi_reg);
68 	}
69 
70 	*cmdresp = FIELD_PREP(PSP_C2PMSG_17_CMDRESP_CMD, cmd);
71 	iowrite32(*cmdresp, cmdresp_reg);
72 
73 	ret = psp_mailbox_poll(cmdresp_reg, cmdresp, timeout_msecs);
74 
75 unlock:
76 	mutex_unlock(&psp->mailbox_mutex);
77 
78 	return ret;
79 }
80 
81 int psp_extended_mailbox_cmd(struct psp_device *psp, unsigned int timeout_msecs,
82 			     struct psp_ext_request *req)
83 {
84 	unsigned int reg;
85 	int ret;
86 
87 	print_hex_dump_debug("->psp ", DUMP_PREFIX_OFFSET, 16, 2, req,
88 			     req->header.payload_size, false);
89 
90 	ret = psp_mailbox_command(psp, PSP_CMD_TEE_EXTENDED_CMD, (void *)req,
91 				  timeout_msecs, &reg);
92 	if (ret) {
93 		return ret;
94 	} else if (FIELD_GET(PSP_CMDRESP_STS, reg)) {
95 		req->header.status = FIELD_GET(PSP_CMDRESP_STS, reg);
96 		return -EIO;
97 	}
98 
99 	print_hex_dump_debug("<-psp ", DUMP_PREFIX_OFFSET, 16, 2, req,
100 			     req->header.payload_size, false);
101 
102 	return 0;
103 }
104 
105 static struct psp_device *psp_alloc_struct(struct sp_device *sp)
106 {
107 	struct device *dev = sp->dev;
108 	struct psp_device *psp;
109 
110 	psp = devm_kzalloc(dev, sizeof(*psp), GFP_KERNEL);
111 	if (!psp)
112 		return NULL;
113 
114 	psp->dev = dev;
115 	psp->sp = sp;
116 
117 	snprintf(psp->name, sizeof(psp->name), "psp-%u", sp->ord);
118 
119 	return psp;
120 }
121 
122 static irqreturn_t psp_irq_handler(int irq, void *data)
123 {
124 	struct psp_device *psp = data;
125 	unsigned int status;
126 
127 	/* Read the interrupt status: */
128 	status = ioread32(psp->io_regs + psp->vdata->intsts_reg);
129 
130 	/* Clear the interrupt status by writing the same value we read. */
131 	iowrite32(status, psp->io_regs + psp->vdata->intsts_reg);
132 
133 	/* invoke subdevice interrupt handlers */
134 	if (status) {
135 		if (psp->sev_irq_handler)
136 			psp->sev_irq_handler(irq, psp->sev_irq_data, status);
137 	}
138 
139 	return IRQ_HANDLED;
140 }
141 
142 static unsigned int psp_get_capability(struct psp_device *psp)
143 {
144 	unsigned int val = ioread32(psp->io_regs + psp->vdata->feature_reg);
145 
146 	/*
147 	 * Check for a access to the registers.  If this read returns
148 	 * 0xffffffff, it's likely that the system is running a broken
149 	 * BIOS which disallows access to the device. Stop here and
150 	 * fail the PSP initialization (but not the load, as the CCP
151 	 * could get properly initialized).
152 	 */
153 	if (val == 0xffffffff) {
154 		dev_notice(psp->dev, "psp: unable to access the device: you might be running a broken BIOS.\n");
155 		return -ENODEV;
156 	}
157 	psp->capability = val;
158 
159 	/* Detect TSME and/or SME status */
160 	if (PSP_CAPABILITY(psp, PSP_SECURITY_REPORTING) &&
161 	    psp->capability & (PSP_SECURITY_TSME_STATUS << PSP_CAPABILITY_PSP_SECURITY_OFFSET)) {
162 		if (cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT))
163 			dev_notice(psp->dev, "psp: Both TSME and SME are active, SME is unnecessary when TSME is active.\n");
164 		else
165 			dev_notice(psp->dev, "psp: TSME enabled\n");
166 	}
167 
168 	return 0;
169 }
170 
171 static int psp_check_sev_support(struct psp_device *psp)
172 {
173 	/* Check if device supports SEV feature */
174 	if (!PSP_CAPABILITY(psp, SEV)) {
175 		dev_dbg(psp->dev, "psp does not support SEV\n");
176 		return -ENODEV;
177 	}
178 
179 	return 0;
180 }
181 
182 static int psp_check_tee_support(struct psp_device *psp)
183 {
184 	/* Check if device supports TEE feature */
185 	if (!PSP_CAPABILITY(psp, TEE)) {
186 		dev_dbg(psp->dev, "psp does not support TEE\n");
187 		return -ENODEV;
188 	}
189 
190 	return 0;
191 }
192 
193 static int psp_init(struct psp_device *psp)
194 {
195 	int ret;
196 
197 	if (!psp_check_sev_support(psp)) {
198 		ret = sev_dev_init(psp);
199 		if (ret)
200 			return ret;
201 	}
202 
203 	if (!psp_check_tee_support(psp)) {
204 		ret = tee_dev_init(psp);
205 		if (ret)
206 			return ret;
207 	}
208 
209 	if (psp->vdata->platform_access) {
210 		ret = platform_access_dev_init(psp);
211 		if (ret)
212 			return ret;
213 	}
214 
215 	/* dbc must come after platform access as it tests the feature */
216 	if (PSP_FEATURE(psp, DBC) ||
217 	    PSP_CAPABILITY(psp, DBC_THRU_EXT)) {
218 		ret = dbc_dev_init(psp);
219 		if (ret)
220 			return ret;
221 	}
222 
223 	return 0;
224 }
225 
226 int psp_dev_init(struct sp_device *sp)
227 {
228 	struct device *dev = sp->dev;
229 	struct psp_device *psp;
230 	int ret;
231 
232 	ret = -ENOMEM;
233 	psp = psp_alloc_struct(sp);
234 	if (!psp)
235 		goto e_err;
236 
237 	sp->psp_data = psp;
238 
239 	psp->vdata = (struct psp_vdata *)sp->dev_vdata->psp_vdata;
240 	if (!psp->vdata) {
241 		ret = -ENODEV;
242 		dev_err(dev, "missing driver data\n");
243 		goto e_err;
244 	}
245 
246 	psp->io_regs = sp->io_map;
247 	mutex_init(&psp->mailbox_mutex);
248 
249 	ret = psp_get_capability(psp);
250 	if (ret)
251 		goto e_disable;
252 
253 	/* Disable and clear interrupts until ready */
254 	iowrite32(0, psp->io_regs + psp->vdata->inten_reg);
255 	iowrite32(-1, psp->io_regs + psp->vdata->intsts_reg);
256 
257 	/* Request an irq */
258 	ret = sp_request_psp_irq(psp->sp, psp_irq_handler, psp->name, psp);
259 	if (ret) {
260 		dev_err(dev, "psp: unable to allocate an IRQ\n");
261 		goto e_err;
262 	}
263 
264 	/* master device must be set for platform access */
265 	if (psp->sp->set_psp_master_device)
266 		psp->sp->set_psp_master_device(psp->sp);
267 
268 	ret = psp_init(psp);
269 	if (ret)
270 		goto e_irq;
271 
272 	/* Enable interrupt */
273 	iowrite32(-1, psp->io_regs + psp->vdata->inten_reg);
274 
275 	dev_notice(dev, "psp enabled\n");
276 
277 	return 0;
278 
279 e_irq:
280 	if (sp->clear_psp_master_device)
281 		sp->clear_psp_master_device(sp);
282 
283 	sp_free_psp_irq(psp->sp, psp);
284 e_err:
285 	sp->psp_data = NULL;
286 
287 	dev_notice(dev, "psp initialization failed\n");
288 
289 	return ret;
290 
291 e_disable:
292 	sp->psp_data = NULL;
293 
294 	return ret;
295 }
296 
297 void psp_dev_destroy(struct sp_device *sp)
298 {
299 	struct psp_device *psp = sp->psp_data;
300 
301 	if (!psp)
302 		return;
303 
304 	sev_dev_destroy(psp);
305 
306 	tee_dev_destroy(psp);
307 
308 	dbc_dev_destroy(psp);
309 
310 	platform_access_dev_destroy(psp);
311 
312 	sp_free_psp_irq(sp, psp);
313 
314 	if (sp->clear_psp_master_device)
315 		sp->clear_psp_master_device(sp);
316 }
317 
318 void psp_set_sev_irq_handler(struct psp_device *psp, psp_irq_handler_t handler,
319 			     void *data)
320 {
321 	psp->sev_irq_data = data;
322 	psp->sev_irq_handler = handler;
323 }
324 
325 void psp_clear_sev_irq_handler(struct psp_device *psp)
326 {
327 	psp_set_sev_irq_handler(psp, NULL, NULL);
328 }
329 
330 struct psp_device *psp_get_master_device(void)
331 {
332 	struct sp_device *sp = sp_get_psp_master_device();
333 
334 	return sp ? sp->psp_data : NULL;
335 }
336 
337 void psp_pci_init(void)
338 {
339 	psp_master = psp_get_master_device();
340 
341 	if (!psp_master)
342 		return;
343 
344 	sev_pci_init();
345 }
346 
347 void psp_pci_exit(void)
348 {
349 	if (!psp_master)
350 		return;
351 
352 	sev_pci_exit();
353 }
354