xref: /openbmc/linux/drivers/crypto/ccp/tee-dev.c (revision 1c5c1daf)
1 // SPDX-License-Identifier: MIT
2 /*
3  * AMD Trusted Execution Environment (TEE) interface
4  *
5  * Author: Rijo Thomas <Rijo-john.Thomas@amd.com>
6  * Author: Devaraj Rangasamy <Devaraj.Rangasamy@amd.com>
7  *
8  * Copyright (C) 2019,2021 Advanced Micro Devices, Inc.
9  */
10 
11 #include <linux/bitfield.h>
12 #include <linux/types.h>
13 #include <linux/mutex.h>
14 #include <linux/delay.h>
15 #include <linux/slab.h>
16 #include <linux/gfp.h>
17 #include <linux/psp.h>
18 #include <linux/psp-tee.h>
19 
20 #include "psp-dev.h"
21 #include "tee-dev.h"
22 
23 static bool psp_dead;
24 
tee_alloc_ring(struct psp_tee_device * tee,int ring_size)25 static int tee_alloc_ring(struct psp_tee_device *tee, int ring_size)
26 {
27 	struct ring_buf_manager *rb_mgr = &tee->rb_mgr;
28 	void *start_addr;
29 
30 	if (!ring_size)
31 		return -EINVAL;
32 
33 	/* We need actual physical address instead of DMA address, since
34 	 * Trusted OS running on AMD Secure Processor will map this region
35 	 */
36 	start_addr = (void *)__get_free_pages(GFP_KERNEL, get_order(ring_size));
37 	if (!start_addr)
38 		return -ENOMEM;
39 
40 	memset(start_addr, 0x0, ring_size);
41 	rb_mgr->ring_start = start_addr;
42 	rb_mgr->ring_size = ring_size;
43 	rb_mgr->ring_pa = __psp_pa(start_addr);
44 	mutex_init(&rb_mgr->mutex);
45 
46 	return 0;
47 }
48 
tee_free_ring(struct psp_tee_device * tee)49 static void tee_free_ring(struct psp_tee_device *tee)
50 {
51 	struct ring_buf_manager *rb_mgr = &tee->rb_mgr;
52 
53 	if (!rb_mgr->ring_start)
54 		return;
55 
56 	free_pages((unsigned long)rb_mgr->ring_start,
57 		   get_order(rb_mgr->ring_size));
58 
59 	rb_mgr->ring_start = NULL;
60 	rb_mgr->ring_size = 0;
61 	rb_mgr->ring_pa = 0;
62 	mutex_destroy(&rb_mgr->mutex);
63 }
64 
tee_wait_cmd_poll(struct psp_tee_device * tee,unsigned int timeout,unsigned int * reg)65 static int tee_wait_cmd_poll(struct psp_tee_device *tee, unsigned int timeout,
66 			     unsigned int *reg)
67 {
68 	/* ~10ms sleep per loop => nloop = timeout * 100 */
69 	int nloop = timeout * 100;
70 
71 	while (--nloop) {
72 		*reg = ioread32(tee->io_regs + tee->vdata->cmdresp_reg);
73 		if (FIELD_GET(PSP_CMDRESP_RESP, *reg))
74 			return 0;
75 
76 		usleep_range(10000, 10100);
77 	}
78 
79 	dev_err(tee->dev, "tee: command timed out, disabling PSP\n");
80 	psp_dead = true;
81 
82 	return -ETIMEDOUT;
83 }
84 
85 static
tee_alloc_cmd_buffer(struct psp_tee_device * tee)86 struct tee_init_ring_cmd *tee_alloc_cmd_buffer(struct psp_tee_device *tee)
87 {
88 	struct tee_init_ring_cmd *cmd;
89 
90 	cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
91 	if (!cmd)
92 		return NULL;
93 
94 	cmd->hi_addr = upper_32_bits(tee->rb_mgr.ring_pa);
95 	cmd->low_addr = lower_32_bits(tee->rb_mgr.ring_pa);
96 	cmd->size = tee->rb_mgr.ring_size;
97 
98 	dev_dbg(tee->dev, "tee: ring address: high = 0x%x low = 0x%x size = %u\n",
99 		cmd->hi_addr, cmd->low_addr, cmd->size);
100 
101 	return cmd;
102 }
103 
tee_free_cmd_buffer(struct tee_init_ring_cmd * cmd)104 static inline void tee_free_cmd_buffer(struct tee_init_ring_cmd *cmd)
105 {
106 	kfree(cmd);
107 }
108 
tee_init_ring(struct psp_tee_device * tee)109 static int tee_init_ring(struct psp_tee_device *tee)
110 {
111 	int ring_size = MAX_RING_BUFFER_ENTRIES * sizeof(struct tee_ring_cmd);
112 	struct tee_init_ring_cmd *cmd;
113 	phys_addr_t cmd_buffer;
114 	unsigned int reg;
115 	int ret;
116 
117 	BUILD_BUG_ON(sizeof(struct tee_ring_cmd) != 1024);
118 
119 	ret = tee_alloc_ring(tee, ring_size);
120 	if (ret) {
121 		dev_err(tee->dev, "tee: ring allocation failed %d\n", ret);
122 		return ret;
123 	}
124 
125 	tee->rb_mgr.wptr = 0;
126 
127 	cmd = tee_alloc_cmd_buffer(tee);
128 	if (!cmd) {
129 		tee_free_ring(tee);
130 		return -ENOMEM;
131 	}
132 
133 	cmd_buffer = __psp_pa((void *)cmd);
134 
135 	/* Send command buffer details to Trusted OS by writing to
136 	 * CPU-PSP message registers
137 	 */
138 
139 	iowrite32(lower_32_bits(cmd_buffer),
140 		  tee->io_regs + tee->vdata->cmdbuff_addr_lo_reg);
141 	iowrite32(upper_32_bits(cmd_buffer),
142 		  tee->io_regs + tee->vdata->cmdbuff_addr_hi_reg);
143 	iowrite32(TEE_RING_INIT_CMD,
144 		  tee->io_regs + tee->vdata->cmdresp_reg);
145 
146 	ret = tee_wait_cmd_poll(tee, TEE_DEFAULT_TIMEOUT, &reg);
147 	if (ret) {
148 		dev_err(tee->dev, "tee: ring init command timed out\n");
149 		tee_free_ring(tee);
150 		goto free_buf;
151 	}
152 
153 	if (FIELD_GET(PSP_CMDRESP_STS, reg)) {
154 		dev_err(tee->dev, "tee: ring init command failed (%#010lx)\n",
155 			FIELD_GET(PSP_CMDRESP_STS, reg));
156 		tee_free_ring(tee);
157 		ret = -EIO;
158 	}
159 
160 free_buf:
161 	tee_free_cmd_buffer(cmd);
162 
163 	return ret;
164 }
165 
tee_destroy_ring(struct psp_tee_device * tee)166 static void tee_destroy_ring(struct psp_tee_device *tee)
167 {
168 	unsigned int reg;
169 	int ret;
170 
171 	if (!tee->rb_mgr.ring_start)
172 		return;
173 
174 	if (psp_dead)
175 		goto free_ring;
176 
177 	iowrite32(TEE_RING_DESTROY_CMD,
178 		  tee->io_regs + tee->vdata->cmdresp_reg);
179 
180 	ret = tee_wait_cmd_poll(tee, TEE_DEFAULT_TIMEOUT, &reg);
181 	if (ret) {
182 		dev_err(tee->dev, "tee: ring destroy command timed out\n");
183 	} else if (FIELD_GET(PSP_CMDRESP_STS, reg)) {
184 		dev_err(tee->dev, "tee: ring destroy command failed (%#010lx)\n",
185 			FIELD_GET(PSP_CMDRESP_STS, reg));
186 	}
187 
188 free_ring:
189 	tee_free_ring(tee);
190 }
191 
tee_dev_init(struct psp_device * psp)192 int tee_dev_init(struct psp_device *psp)
193 {
194 	struct device *dev = psp->dev;
195 	struct psp_tee_device *tee;
196 	int ret;
197 
198 	ret = -ENOMEM;
199 	tee = devm_kzalloc(dev, sizeof(*tee), GFP_KERNEL);
200 	if (!tee)
201 		goto e_err;
202 
203 	psp->tee_data = tee;
204 
205 	tee->dev = dev;
206 	tee->psp = psp;
207 
208 	tee->io_regs = psp->io_regs;
209 
210 	tee->vdata = (struct tee_vdata *)psp->vdata->tee;
211 	if (!tee->vdata) {
212 		ret = -ENODEV;
213 		dev_err(dev, "tee: missing driver data\n");
214 		goto e_err;
215 	}
216 
217 	ret = tee_init_ring(tee);
218 	if (ret) {
219 		dev_err(dev, "tee: failed to init ring buffer\n");
220 		goto e_err;
221 	}
222 
223 	dev_notice(dev, "tee enabled\n");
224 
225 	return 0;
226 
227 e_err:
228 	psp->tee_data = NULL;
229 
230 	dev_notice(dev, "tee initialization failed\n");
231 
232 	return ret;
233 }
234 
tee_dev_destroy(struct psp_device * psp)235 void tee_dev_destroy(struct psp_device *psp)
236 {
237 	struct psp_tee_device *tee = psp->tee_data;
238 
239 	if (!tee)
240 		return;
241 
242 	tee_destroy_ring(tee);
243 }
244 
tee_submit_cmd(struct psp_tee_device * tee,enum tee_cmd_id cmd_id,void * buf,size_t len,struct tee_ring_cmd ** resp)245 static int tee_submit_cmd(struct psp_tee_device *tee, enum tee_cmd_id cmd_id,
246 			  void *buf, size_t len, struct tee_ring_cmd **resp)
247 {
248 	struct tee_ring_cmd *cmd;
249 	int nloop = 1000, ret = 0;
250 	u32 rptr;
251 
252 	*resp = NULL;
253 
254 	mutex_lock(&tee->rb_mgr.mutex);
255 
256 	/* Loop until empty entry found in ring buffer */
257 	do {
258 		/* Get pointer to ring buffer command entry */
259 		cmd = (struct tee_ring_cmd *)
260 			(tee->rb_mgr.ring_start + tee->rb_mgr.wptr);
261 
262 		rptr = ioread32(tee->io_regs + tee->vdata->ring_rptr_reg);
263 
264 		/* Check if ring buffer is full or command entry is waiting
265 		 * for response from TEE
266 		 */
267 		if (!(tee->rb_mgr.wptr + sizeof(struct tee_ring_cmd) == rptr ||
268 		      cmd->flag == CMD_WAITING_FOR_RESPONSE))
269 			break;
270 
271 		dev_dbg(tee->dev, "tee: ring buffer full. rptr = %u wptr = %u\n",
272 			rptr, tee->rb_mgr.wptr);
273 
274 		/* Wait if ring buffer is full or TEE is processing data */
275 		mutex_unlock(&tee->rb_mgr.mutex);
276 		schedule_timeout_interruptible(msecs_to_jiffies(10));
277 		mutex_lock(&tee->rb_mgr.mutex);
278 
279 	} while (--nloop);
280 
281 	if (!nloop &&
282 	    (tee->rb_mgr.wptr + sizeof(struct tee_ring_cmd) == rptr ||
283 	     cmd->flag == CMD_WAITING_FOR_RESPONSE)) {
284 		dev_err(tee->dev, "tee: ring buffer full. rptr = %u wptr = %u response flag %u\n",
285 			rptr, tee->rb_mgr.wptr, cmd->flag);
286 		ret = -EBUSY;
287 		goto unlock;
288 	}
289 
290 	/* Do not submit command if PSP got disabled while processing any
291 	 * command in another thread
292 	 */
293 	if (psp_dead) {
294 		ret = -EBUSY;
295 		goto unlock;
296 	}
297 
298 	/* Write command data into ring buffer */
299 	cmd->cmd_id = cmd_id;
300 	cmd->cmd_state = TEE_CMD_STATE_INIT;
301 	memset(&cmd->buf[0], 0, sizeof(cmd->buf));
302 	memcpy(&cmd->buf[0], buf, len);
303 
304 	/* Indicate driver is waiting for response */
305 	cmd->flag = CMD_WAITING_FOR_RESPONSE;
306 
307 	/* Update local copy of write pointer */
308 	tee->rb_mgr.wptr += sizeof(struct tee_ring_cmd);
309 	if (tee->rb_mgr.wptr >= tee->rb_mgr.ring_size)
310 		tee->rb_mgr.wptr = 0;
311 
312 	/* Trigger interrupt to Trusted OS */
313 	iowrite32(tee->rb_mgr.wptr, tee->io_regs + tee->vdata->ring_wptr_reg);
314 
315 	/* The response is provided by Trusted OS in same
316 	 * location as submitted data entry within ring buffer.
317 	 */
318 	*resp = cmd;
319 
320 unlock:
321 	mutex_unlock(&tee->rb_mgr.mutex);
322 
323 	return ret;
324 }
325 
tee_wait_cmd_completion(struct psp_tee_device * tee,struct tee_ring_cmd * resp,unsigned int timeout)326 static int tee_wait_cmd_completion(struct psp_tee_device *tee,
327 				   struct tee_ring_cmd *resp,
328 				   unsigned int timeout)
329 {
330 	/* ~1ms sleep per loop => nloop = timeout * 1000 */
331 	int nloop = timeout * 1000;
332 
333 	while (--nloop) {
334 		if (resp->cmd_state == TEE_CMD_STATE_COMPLETED)
335 			return 0;
336 
337 		usleep_range(1000, 1100);
338 	}
339 
340 	dev_err(tee->dev, "tee: command 0x%x timed out, disabling PSP\n",
341 		resp->cmd_id);
342 
343 	psp_dead = true;
344 
345 	return -ETIMEDOUT;
346 }
347 
psp_tee_process_cmd(enum tee_cmd_id cmd_id,void * buf,size_t len,u32 * status)348 int psp_tee_process_cmd(enum tee_cmd_id cmd_id, void *buf, size_t len,
349 			u32 *status)
350 {
351 	struct psp_device *psp = psp_get_master_device();
352 	struct psp_tee_device *tee;
353 	struct tee_ring_cmd *resp;
354 	int ret;
355 
356 	if (!buf || !status || !len || len > sizeof(resp->buf))
357 		return -EINVAL;
358 
359 	*status = 0;
360 
361 	if (!psp || !psp->tee_data)
362 		return -ENODEV;
363 
364 	if (psp_dead)
365 		return -EBUSY;
366 
367 	tee = psp->tee_data;
368 
369 	ret = tee_submit_cmd(tee, cmd_id, buf, len, &resp);
370 	if (ret)
371 		return ret;
372 
373 	ret = tee_wait_cmd_completion(tee, resp, TEE_DEFAULT_TIMEOUT);
374 	if (ret) {
375 		resp->flag = CMD_RESPONSE_TIMEDOUT;
376 		return ret;
377 	}
378 
379 	memcpy(buf, &resp->buf[0], len);
380 	*status = resp->status;
381 
382 	resp->flag = CMD_RESPONSE_COPIED;
383 
384 	return 0;
385 }
386 EXPORT_SYMBOL(psp_tee_process_cmd);
387 
psp_check_tee_status(void)388 int psp_check_tee_status(void)
389 {
390 	struct psp_device *psp = psp_get_master_device();
391 
392 	if (!psp || !psp->tee_data)
393 		return -ENODEV;
394 
395 	return 0;
396 }
397 EXPORT_SYMBOL(psp_check_tee_status);
398