xref: /linux/drivers/crypto/ccp/sp-pci.c (revision c4b5140c6eac2f757d9706c6c783b60554c48cb7)
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * AMD Secure Processor device driver
4  *
5  * Copyright (C) 2013,2019 Advanced Micro Devices, Inc.
6  *
7  * Author: Tom Lendacky <thomas.lendacky@amd.com>
8  * Author: Gary R Hook <gary.hook@amd.com>
9  */
10 
11 #include <linux/bitfield.h>
12 #include <linux/module.h>
13 #include <linux/kernel.h>
14 #include <linux/device.h>
15 #include <linux/pci.h>
16 #include <linux/pci_ids.h>
17 #include <linux/dma-mapping.h>
18 #include <linux/kthread.h>
19 #include <linux/sched.h>
20 #include <linux/interrupt.h>
21 #include <linux/spinlock.h>
22 #include <linux/delay.h>
23 #include <linux/ccp.h>
24 
25 #include "ccp-dev.h"
26 #include "psp-dev.h"
27 
28 /* used for version string AA.BB.CC.DD */
29 #define AA				GENMASK(31, 24)
30 #define BB				GENMASK(23, 16)
31 #define CC				GENMASK(15, 8)
32 #define DD				GENMASK(7, 0)
33 
34 #define MSIX_VECTORS			2
35 
36 struct sp_pci {
37 	int msix_count;
38 	struct msix_entry msix_entry[MSIX_VECTORS];
39 };
40 static struct sp_device *sp_dev_master;
41 
42 #define security_attribute_show(name, def)					\
43 static ssize_t name##_show(struct device *d, struct device_attribute *attr,	\
44 			   char *buf)						\
45 {										\
46 	struct sp_device *sp = dev_get_drvdata(d);				\
47 	struct psp_device *psp = sp->psp_data;					\
48 	int bit = PSP_SECURITY_##def << PSP_CAPABILITY_PSP_SECURITY_OFFSET;	\
49 	return sysfs_emit(buf, "%d\n", (psp->capability & bit) > 0);		\
50 }
51 
52 security_attribute_show(fused_part, FUSED_PART)
53 static DEVICE_ATTR_RO(fused_part);
54 security_attribute_show(debug_lock_on, DEBUG_LOCK_ON)
55 static DEVICE_ATTR_RO(debug_lock_on);
56 security_attribute_show(tsme_status, TSME_STATUS)
57 static DEVICE_ATTR_RO(tsme_status);
58 security_attribute_show(anti_rollback_status, ANTI_ROLLBACK_STATUS)
59 static DEVICE_ATTR_RO(anti_rollback_status);
60 security_attribute_show(rpmc_production_enabled, RPMC_PRODUCTION_ENABLED)
61 static DEVICE_ATTR_RO(rpmc_production_enabled);
62 security_attribute_show(rpmc_spirom_available, RPMC_SPIROM_AVAILABLE)
63 static DEVICE_ATTR_RO(rpmc_spirom_available);
64 security_attribute_show(hsp_tpm_available, HSP_TPM_AVAILABLE)
65 static DEVICE_ATTR_RO(hsp_tpm_available);
66 security_attribute_show(rom_armor_enforced, ROM_ARMOR_ENFORCED)
67 static DEVICE_ATTR_RO(rom_armor_enforced);
68 
69 static struct attribute *psp_security_attrs[] = {
70 	&dev_attr_fused_part.attr,
71 	&dev_attr_debug_lock_on.attr,
72 	&dev_attr_tsme_status.attr,
73 	&dev_attr_anti_rollback_status.attr,
74 	&dev_attr_rpmc_production_enabled.attr,
75 	&dev_attr_rpmc_spirom_available.attr,
76 	&dev_attr_hsp_tpm_available.attr,
77 	&dev_attr_rom_armor_enforced.attr,
78 	NULL
79 };
80 
81 static umode_t psp_security_is_visible(struct kobject *kobj, struct attribute *attr, int idx)
82 {
83 	struct device *dev = kobj_to_dev(kobj);
84 	struct sp_device *sp = dev_get_drvdata(dev);
85 	struct psp_device *psp = sp->psp_data;
86 
87 	if (psp && (psp->capability & PSP_CAPABILITY_PSP_SECURITY_REPORTING))
88 		return 0444;
89 
90 	return 0;
91 }
92 
93 static struct attribute_group psp_security_attr_group = {
94 	.attrs = psp_security_attrs,
95 	.is_visible = psp_security_is_visible,
96 };
97 
98 #define version_attribute_show(name, _offset)					\
99 static ssize_t name##_show(struct device *d, struct device_attribute *attr,	\
100 			   char *buf)						\
101 {										\
102 	struct sp_device *sp = dev_get_drvdata(d);				\
103 	struct psp_device *psp = sp->psp_data;					\
104 	unsigned int val = ioread32(psp->io_regs + _offset);			\
105 	return sysfs_emit(buf, "%02lx.%02lx.%02lx.%02lx\n",			\
106 			  FIELD_GET(AA, val),			\
107 			  FIELD_GET(BB, val),			\
108 			  FIELD_GET(CC, val),			\
109 			  FIELD_GET(DD, val));			\
110 }
111 
112 version_attribute_show(bootloader_version, psp->vdata->bootloader_info_reg)
113 static DEVICE_ATTR_RO(bootloader_version);
114 version_attribute_show(tee_version, psp->vdata->tee->info_reg)
115 static DEVICE_ATTR_RO(tee_version);
116 
117 static struct attribute *psp_firmware_attrs[] = {
118 	&dev_attr_bootloader_version.attr,
119 	&dev_attr_tee_version.attr,
120 	NULL,
121 };
122 
123 static umode_t psp_firmware_is_visible(struct kobject *kobj, struct attribute *attr, int idx)
124 {
125 	struct device *dev = kobj_to_dev(kobj);
126 	struct sp_device *sp = dev_get_drvdata(dev);
127 	struct psp_device *psp = sp->psp_data;
128 	unsigned int val = 0xffffffff;
129 
130 	if (!psp)
131 		return 0;
132 
133 	if (attr == &dev_attr_bootloader_version.attr &&
134 	    psp->vdata->bootloader_info_reg)
135 		val = ioread32(psp->io_regs + psp->vdata->bootloader_info_reg);
136 
137 	if (attr == &dev_attr_tee_version.attr &&
138 	    psp->capability & PSP_CAPABILITY_TEE &&
139 	    psp->vdata->tee->info_reg)
140 		val = ioread32(psp->io_regs + psp->vdata->tee->info_reg);
141 
142 	/* If platform disallows accessing this register it will be all f's */
143 	if (val != 0xffffffff)
144 		return 0444;
145 
146 	return 0;
147 }
148 
149 static struct attribute_group psp_firmware_attr_group = {
150 	.attrs = psp_firmware_attrs,
151 	.is_visible = psp_firmware_is_visible,
152 };
153 
154 static const struct attribute_group *psp_groups[] = {
155 	&psp_security_attr_group,
156 	&psp_firmware_attr_group,
157 	NULL,
158 };
159 
160 static int sp_get_msix_irqs(struct sp_device *sp)
161 {
162 	struct sp_pci *sp_pci = sp->dev_specific;
163 	struct device *dev = sp->dev;
164 	struct pci_dev *pdev = to_pci_dev(dev);
165 	int v, ret;
166 
167 	for (v = 0; v < ARRAY_SIZE(sp_pci->msix_entry); v++)
168 		sp_pci->msix_entry[v].entry = v;
169 
170 	ret = pci_enable_msix_range(pdev, sp_pci->msix_entry, 1, v);
171 	if (ret < 0)
172 		return ret;
173 
174 	sp_pci->msix_count = ret;
175 	sp->use_tasklet = true;
176 
177 	sp->psp_irq = sp_pci->msix_entry[0].vector;
178 	sp->ccp_irq = (sp_pci->msix_count > 1) ? sp_pci->msix_entry[1].vector
179 					       : sp_pci->msix_entry[0].vector;
180 	return 0;
181 }
182 
183 static int sp_get_msi_irq(struct sp_device *sp)
184 {
185 	struct device *dev = sp->dev;
186 	struct pci_dev *pdev = to_pci_dev(dev);
187 	int ret;
188 
189 	ret = pci_enable_msi(pdev);
190 	if (ret)
191 		return ret;
192 
193 	sp->ccp_irq = pdev->irq;
194 	sp->psp_irq = pdev->irq;
195 
196 	return 0;
197 }
198 
199 static int sp_get_irqs(struct sp_device *sp)
200 {
201 	struct device *dev = sp->dev;
202 	int ret;
203 
204 	ret = sp_get_msix_irqs(sp);
205 	if (!ret)
206 		return 0;
207 
208 	/* Couldn't get MSI-X vectors, try MSI */
209 	dev_notice(dev, "could not enable MSI-X (%d), trying MSI\n", ret);
210 	ret = sp_get_msi_irq(sp);
211 	if (!ret)
212 		return 0;
213 
214 	/* Couldn't get MSI interrupt */
215 	dev_notice(dev, "could not enable MSI (%d)\n", ret);
216 
217 	return ret;
218 }
219 
220 static void sp_free_irqs(struct sp_device *sp)
221 {
222 	struct sp_pci *sp_pci = sp->dev_specific;
223 	struct device *dev = sp->dev;
224 	struct pci_dev *pdev = to_pci_dev(dev);
225 
226 	if (sp_pci->msix_count)
227 		pci_disable_msix(pdev);
228 	else if (sp->psp_irq)
229 		pci_disable_msi(pdev);
230 
231 	sp->ccp_irq = 0;
232 	sp->psp_irq = 0;
233 }
234 
235 static bool sp_pci_is_master(struct sp_device *sp)
236 {
237 	struct device *dev_cur, *dev_new;
238 	struct pci_dev *pdev_cur, *pdev_new;
239 
240 	dev_new = sp->dev;
241 	dev_cur = sp_dev_master->dev;
242 
243 	pdev_new = to_pci_dev(dev_new);
244 	pdev_cur = to_pci_dev(dev_cur);
245 
246 	if (pdev_new->bus->number < pdev_cur->bus->number)
247 		return true;
248 
249 	if (PCI_SLOT(pdev_new->devfn) < PCI_SLOT(pdev_cur->devfn))
250 		return true;
251 
252 	if (PCI_FUNC(pdev_new->devfn) < PCI_FUNC(pdev_cur->devfn))
253 		return true;
254 
255 	return false;
256 }
257 
258 static void psp_set_master(struct sp_device *sp)
259 {
260 	if (!sp_dev_master) {
261 		sp_dev_master = sp;
262 		return;
263 	}
264 
265 	if (sp_pci_is_master(sp))
266 		sp_dev_master = sp;
267 }
268 
269 static struct sp_device *psp_get_master(void)
270 {
271 	return sp_dev_master;
272 }
273 
274 static void psp_clear_master(struct sp_device *sp)
275 {
276 	if (sp == sp_dev_master) {
277 		sp_dev_master = NULL;
278 		dev_dbg(sp->dev, "Cleared sp_dev_master\n");
279 	}
280 }
281 
282 static int sp_pci_probe(struct pci_dev *pdev, const struct pci_device_id *id)
283 {
284 	struct sp_device *sp;
285 	struct sp_pci *sp_pci;
286 	struct device *dev = &pdev->dev;
287 	void __iomem * const *iomap_table;
288 	int bar_mask;
289 	int ret;
290 
291 	ret = -ENOMEM;
292 	sp = sp_alloc_struct(dev);
293 	if (!sp)
294 		goto e_err;
295 
296 	sp_pci = devm_kzalloc(dev, sizeof(*sp_pci), GFP_KERNEL);
297 	if (!sp_pci)
298 		goto e_err;
299 
300 	sp->dev_specific = sp_pci;
301 	sp->dev_vdata = (struct sp_dev_vdata *)id->driver_data;
302 	if (!sp->dev_vdata) {
303 		ret = -ENODEV;
304 		dev_err(dev, "missing driver data\n");
305 		goto e_err;
306 	}
307 
308 	ret = pcim_enable_device(pdev);
309 	if (ret) {
310 		dev_err(dev, "pcim_enable_device failed (%d)\n", ret);
311 		goto e_err;
312 	}
313 
314 	bar_mask = pci_select_bars(pdev, IORESOURCE_MEM);
315 	ret = pcim_iomap_regions(pdev, bar_mask, "ccp");
316 	if (ret) {
317 		dev_err(dev, "pcim_iomap_regions failed (%d)\n", ret);
318 		goto e_err;
319 	}
320 
321 	iomap_table = pcim_iomap_table(pdev);
322 	if (!iomap_table) {
323 		dev_err(dev, "pcim_iomap_table failed\n");
324 		ret = -ENOMEM;
325 		goto e_err;
326 	}
327 
328 	sp->io_map = iomap_table[sp->dev_vdata->bar];
329 	if (!sp->io_map) {
330 		dev_err(dev, "ioremap failed\n");
331 		ret = -ENOMEM;
332 		goto e_err;
333 	}
334 
335 	ret = sp_get_irqs(sp);
336 	if (ret)
337 		goto e_err;
338 
339 	pci_set_master(pdev);
340 	sp->set_psp_master_device = psp_set_master;
341 	sp->get_psp_master_device = psp_get_master;
342 	sp->clear_psp_master_device = psp_clear_master;
343 
344 	ret = dma_set_mask_and_coherent(dev, DMA_BIT_MASK(48));
345 	if (ret) {
346 		ret = dma_set_mask_and_coherent(dev, DMA_BIT_MASK(32));
347 		if (ret) {
348 			dev_err(dev, "dma_set_mask_and_coherent failed (%d)\n",
349 				ret);
350 			goto free_irqs;
351 		}
352 	}
353 
354 	dev_set_drvdata(dev, sp);
355 
356 	ret = sp_init(sp);
357 	if (ret)
358 		goto free_irqs;
359 
360 	return 0;
361 
362 free_irqs:
363 	sp_free_irqs(sp);
364 e_err:
365 	dev_notice(dev, "initialization failed\n");
366 	return ret;
367 }
368 
369 static void sp_pci_shutdown(struct pci_dev *pdev)
370 {
371 	struct device *dev = &pdev->dev;
372 	struct sp_device *sp = dev_get_drvdata(dev);
373 
374 	if (!sp)
375 		return;
376 
377 	sp_destroy(sp);
378 }
379 
380 static void sp_pci_remove(struct pci_dev *pdev)
381 {
382 	struct device *dev = &pdev->dev;
383 	struct sp_device *sp = dev_get_drvdata(dev);
384 
385 	if (!sp)
386 		return;
387 
388 	sp_destroy(sp);
389 
390 	sp_free_irqs(sp);
391 }
392 
393 static int __maybe_unused sp_pci_suspend(struct device *dev)
394 {
395 	struct sp_device *sp = dev_get_drvdata(dev);
396 
397 	return sp_suspend(sp);
398 }
399 
400 static int __maybe_unused sp_pci_resume(struct device *dev)
401 {
402 	struct sp_device *sp = dev_get_drvdata(dev);
403 
404 	return sp_resume(sp);
405 }
406 
407 #ifdef CONFIG_CRYPTO_DEV_SP_PSP
408 static const struct sev_vdata sevv1 = {
409 	.cmdresp_reg		= 0x10580,	/* C2PMSG_32 */
410 	.cmdbuff_addr_lo_reg	= 0x105e0,	/* C2PMSG_56 */
411 	.cmdbuff_addr_hi_reg	= 0x105e4,	/* C2PMSG_57 */
412 };
413 
414 static const struct sev_vdata sevv2 = {
415 	.cmdresp_reg		= 0x10980,	/* C2PMSG_32 */
416 	.cmdbuff_addr_lo_reg	= 0x109e0,	/* C2PMSG_56 */
417 	.cmdbuff_addr_hi_reg	= 0x109e4,	/* C2PMSG_57 */
418 };
419 
420 static const struct tee_vdata teev1 = {
421 	.cmdresp_reg		= 0x10544,	/* C2PMSG_17 */
422 	.cmdbuff_addr_lo_reg	= 0x10548,	/* C2PMSG_18 */
423 	.cmdbuff_addr_hi_reg	= 0x1054c,	/* C2PMSG_19 */
424 	.ring_wptr_reg          = 0x10550,	/* C2PMSG_20 */
425 	.ring_rptr_reg          = 0x10554,	/* C2PMSG_21 */
426 	.info_reg		= 0x109e8,	/* C2PMSG_58 */
427 };
428 
429 static const struct tee_vdata teev2 = {
430 	.cmdresp_reg		= 0x10944,	/* C2PMSG_17 */
431 	.cmdbuff_addr_lo_reg	= 0x10948,	/* C2PMSG_18 */
432 	.cmdbuff_addr_hi_reg	= 0x1094c,	/* C2PMSG_19 */
433 	.ring_wptr_reg		= 0x10950,	/* C2PMSG_20 */
434 	.ring_rptr_reg		= 0x10954,	/* C2PMSG_21 */
435 };
436 
437 static const struct platform_access_vdata pa_v1 = {
438 	.cmdresp_reg		= 0x10570,	/* C2PMSG_28 */
439 	.cmdbuff_addr_lo_reg	= 0x10574,	/* C2PMSG_29 */
440 	.cmdbuff_addr_hi_reg	= 0x10578,	/* C2PMSG_30 */
441 	.doorbell_button_reg	= 0x10a24,	/* C2PMSG_73 */
442 	.doorbell_cmd_reg	= 0x10a40,	/* C2PMSG_80 */
443 };
444 
445 static const struct platform_access_vdata pa_v2 = {
446 	.doorbell_button_reg	= 0x10a24,	/* C2PMSG_73 */
447 	.doorbell_cmd_reg	= 0x10a40,	/* C2PMSG_80 */
448 };
449 
450 static const struct psp_vdata pspv1 = {
451 	.sev			= &sevv1,
452 	.bootloader_info_reg	= 0x105ec,	/* C2PMSG_59 */
453 	.feature_reg		= 0x105fc,	/* C2PMSG_63 */
454 	.inten_reg		= 0x10610,	/* P2CMSG_INTEN */
455 	.intsts_reg		= 0x10614,	/* P2CMSG_INTSTS */
456 };
457 
458 static const struct psp_vdata pspv2 = {
459 	.sev			= &sevv2,
460 	.bootloader_info_reg	= 0x109ec,	/* C2PMSG_59 */
461 	.feature_reg		= 0x109fc,	/* C2PMSG_63 */
462 	.inten_reg		= 0x10690,	/* P2CMSG_INTEN */
463 	.intsts_reg		= 0x10694,	/* P2CMSG_INTSTS */
464 };
465 
466 static const struct psp_vdata pspv3 = {
467 	.tee			= &teev1,
468 	.platform_access	= &pa_v1,
469 	.bootloader_info_reg	= 0x109ec,	/* C2PMSG_59 */
470 	.feature_reg		= 0x109fc,	/* C2PMSG_63 */
471 	.inten_reg		= 0x10690,	/* P2CMSG_INTEN */
472 	.intsts_reg		= 0x10694,	/* P2CMSG_INTSTS */
473 	.platform_features	= PLATFORM_FEATURE_DBC,
474 };
475 
476 static const struct psp_vdata pspv4 = {
477 	.sev			= &sevv2,
478 	.tee			= &teev1,
479 	.bootloader_info_reg	= 0x109ec,	/* C2PMSG_59 */
480 	.feature_reg		= 0x109fc,	/* C2PMSG_63 */
481 	.inten_reg		= 0x10690,	/* P2CMSG_INTEN */
482 	.intsts_reg		= 0x10694,	/* P2CMSG_INTSTS */
483 };
484 
485 static const struct psp_vdata pspv5 = {
486 	.tee			= &teev2,
487 	.platform_access	= &pa_v2,
488 	.feature_reg		= 0x109fc,	/* C2PMSG_63 */
489 	.inten_reg		= 0x10510,	/* P2CMSG_INTEN */
490 	.intsts_reg		= 0x10514,	/* P2CMSG_INTSTS */
491 };
492 
493 static const struct psp_vdata pspv6 = {
494 	.sev                    = &sevv2,
495 	.tee                    = &teev2,
496 	.feature_reg            = 0x109fc,	/* C2PMSG_63 */
497 	.inten_reg              = 0x10510,	/* P2CMSG_INTEN */
498 	.intsts_reg             = 0x10514,	/* P2CMSG_INTSTS */
499 };
500 
501 #endif
502 
503 static const struct sp_dev_vdata dev_vdata[] = {
504 	{	/* 0 */
505 		.bar = 2,
506 #ifdef CONFIG_CRYPTO_DEV_SP_CCP
507 		.ccp_vdata = &ccpv3,
508 #endif
509 	},
510 	{	/* 1 */
511 		.bar = 2,
512 #ifdef CONFIG_CRYPTO_DEV_SP_CCP
513 		.ccp_vdata = &ccpv5a,
514 #endif
515 #ifdef CONFIG_CRYPTO_DEV_SP_PSP
516 		.psp_vdata = &pspv1,
517 #endif
518 	},
519 	{	/* 2 */
520 		.bar = 2,
521 #ifdef CONFIG_CRYPTO_DEV_SP_CCP
522 		.ccp_vdata = &ccpv5b,
523 #endif
524 	},
525 	{	/* 3 */
526 		.bar = 2,
527 #ifdef CONFIG_CRYPTO_DEV_SP_CCP
528 		.ccp_vdata = &ccpv5a,
529 #endif
530 #ifdef CONFIG_CRYPTO_DEV_SP_PSP
531 		.psp_vdata = &pspv2,
532 #endif
533 	},
534 	{	/* 4 */
535 		.bar = 2,
536 #ifdef CONFIG_CRYPTO_DEV_SP_CCP
537 		.ccp_vdata = &ccpv5a,
538 #endif
539 #ifdef CONFIG_CRYPTO_DEV_SP_PSP
540 		.psp_vdata = &pspv3,
541 #endif
542 	},
543 	{	/* 5 */
544 		.bar = 2,
545 #ifdef CONFIG_CRYPTO_DEV_SP_PSP
546 		.psp_vdata = &pspv4,
547 #endif
548 	},
549 	{	/* 6 */
550 		.bar = 2,
551 #ifdef CONFIG_CRYPTO_DEV_SP_PSP
552 		.psp_vdata = &pspv3,
553 #endif
554 	},
555 	{	/* 7 */
556 		.bar = 2,
557 #ifdef CONFIG_CRYPTO_DEV_SP_PSP
558 		.psp_vdata = &pspv5,
559 #endif
560 	},
561 	{	/* 8 */
562 		.bar = 2,
563 #ifdef CONFIG_CRYPTO_DEV_SP_PSP
564 		.psp_vdata = &pspv6,
565 #endif
566 	},
567 };
568 static const struct pci_device_id sp_pci_table[] = {
569 	{ PCI_VDEVICE(AMD, 0x1537), (kernel_ulong_t)&dev_vdata[0] },
570 	{ PCI_VDEVICE(AMD, 0x1456), (kernel_ulong_t)&dev_vdata[1] },
571 	{ PCI_VDEVICE(AMD, 0x1468), (kernel_ulong_t)&dev_vdata[2] },
572 	{ PCI_VDEVICE(AMD, 0x1486), (kernel_ulong_t)&dev_vdata[3] },
573 	{ PCI_VDEVICE(AMD, 0x15DF), (kernel_ulong_t)&dev_vdata[4] },
574 	{ PCI_VDEVICE(AMD, 0x14CA), (kernel_ulong_t)&dev_vdata[5] },
575 	{ PCI_VDEVICE(AMD, 0x15C7), (kernel_ulong_t)&dev_vdata[6] },
576 	{ PCI_VDEVICE(AMD, 0x1649), (kernel_ulong_t)&dev_vdata[6] },
577 	{ PCI_VDEVICE(AMD, 0x17E0), (kernel_ulong_t)&dev_vdata[7] },
578 	{ PCI_VDEVICE(AMD, 0x156E), (kernel_ulong_t)&dev_vdata[8] },
579 	/* Last entry must be zero */
580 	{ 0, }
581 };
582 MODULE_DEVICE_TABLE(pci, sp_pci_table);
583 
584 static SIMPLE_DEV_PM_OPS(sp_pci_pm_ops, sp_pci_suspend, sp_pci_resume);
585 
586 static struct pci_driver sp_pci_driver = {
587 	.name = "ccp",
588 	.id_table = sp_pci_table,
589 	.probe = sp_pci_probe,
590 	.remove = sp_pci_remove,
591 	.shutdown = sp_pci_shutdown,
592 	.driver.pm = &sp_pci_pm_ops,
593 	.dev_groups = psp_groups,
594 };
595 
596 int sp_pci_init(void)
597 {
598 	return pci_register_driver(&sp_pci_driver);
599 }
600 
601 void sp_pci_exit(void)
602 {
603 	pci_unregister_driver(&sp_pci_driver);
604 }
605