1 /* SPDX-License-Identifier: GPL-2.0 */ 2 /* 3 * Ultravisor Interfaces 4 * 5 * Copyright IBM Corp. 2019, 2022 6 * 7 * Author(s): 8 * Vasily Gorbik <gor@linux.ibm.com> 9 * Janosch Frank <frankja@linux.ibm.com> 10 */ 11 #ifndef _ASM_S390_UV_H 12 #define _ASM_S390_UV_H 13 14 #include <linux/types.h> 15 #include <linux/errno.h> 16 #include <linux/bug.h> 17 #include <linux/sched.h> 18 #include <asm/page.h> 19 #include <asm/gmap.h> 20 21 #define UVC_CC_OK 0 22 #define UVC_CC_ERROR 1 23 #define UVC_CC_BUSY 2 24 #define UVC_CC_PARTIAL 3 25 26 #define UVC_RC_EXECUTED 0x0001 27 #define UVC_RC_INV_CMD 0x0002 28 #define UVC_RC_INV_STATE 0x0003 29 #define UVC_RC_INV_LEN 0x0005 30 #define UVC_RC_NO_RESUME 0x0007 31 #define UVC_RC_NEED_DESTROY 0x8000 32 33 #define UVC_CMD_QUI 0x0001 34 #define UVC_CMD_INIT_UV 0x000f 35 #define UVC_CMD_CREATE_SEC_CONF 0x0100 36 #define UVC_CMD_DESTROY_SEC_CONF 0x0101 37 #define UVC_CMD_CREATE_SEC_CPU 0x0120 38 #define UVC_CMD_DESTROY_SEC_CPU 0x0121 39 #define UVC_CMD_CONV_TO_SEC_STOR 0x0200 40 #define UVC_CMD_CONV_FROM_SEC_STOR 0x0201 41 #define UVC_CMD_DESTR_SEC_STOR 0x0202 42 #define UVC_CMD_SET_SEC_CONF_PARAMS 0x0300 43 #define UVC_CMD_UNPACK_IMG 0x0301 44 #define UVC_CMD_VERIFY_IMG 0x0302 45 #define UVC_CMD_CPU_RESET 0x0310 46 #define UVC_CMD_CPU_RESET_INITIAL 0x0311 47 #define UVC_CMD_PREPARE_RESET 0x0320 48 #define UVC_CMD_CPU_RESET_CLEAR 0x0321 49 #define UVC_CMD_CPU_SET_STATE 0x0330 50 #define UVC_CMD_SET_UNSHARE_ALL 0x0340 51 #define UVC_CMD_PIN_PAGE_SHARED 0x0341 52 #define UVC_CMD_UNPIN_PAGE_SHARED 0x0342 53 #define UVC_CMD_SET_SHARED_ACCESS 0x1000 54 #define UVC_CMD_REMOVE_SHARED_ACCESS 0x1001 55 #define UVC_CMD_RETR_ATTEST 0x1020 56 57 /* Bits in installed uv calls */ 58 enum uv_cmds_inst { 59 BIT_UVC_CMD_QUI = 0, 60 BIT_UVC_CMD_INIT_UV = 1, 61 BIT_UVC_CMD_CREATE_SEC_CONF = 2, 62 BIT_UVC_CMD_DESTROY_SEC_CONF = 3, 63 BIT_UVC_CMD_CREATE_SEC_CPU = 4, 64 BIT_UVC_CMD_DESTROY_SEC_CPU = 5, 65 BIT_UVC_CMD_CONV_TO_SEC_STOR = 6, 66 BIT_UVC_CMD_CONV_FROM_SEC_STOR = 7, 67 BIT_UVC_CMD_SET_SHARED_ACCESS = 8, 68 BIT_UVC_CMD_REMOVE_SHARED_ACCESS = 9, 69 BIT_UVC_CMD_SET_SEC_PARMS = 11, 70 BIT_UVC_CMD_UNPACK_IMG = 13, 71 BIT_UVC_CMD_VERIFY_IMG = 14, 72 BIT_UVC_CMD_CPU_RESET = 15, 73 BIT_UVC_CMD_CPU_RESET_INITIAL = 16, 74 BIT_UVC_CMD_CPU_SET_STATE = 17, 75 BIT_UVC_CMD_PREPARE_RESET = 18, 76 BIT_UVC_CMD_CPU_PERFORM_CLEAR_RESET = 19, 77 BIT_UVC_CMD_UNSHARE_ALL = 20, 78 BIT_UVC_CMD_PIN_PAGE_SHARED = 21, 79 BIT_UVC_CMD_UNPIN_PAGE_SHARED = 22, 80 BIT_UVC_CMD_RETR_ATTEST = 28, 81 }; 82 83 enum uv_feat_ind { 84 BIT_UV_FEAT_MISC = 0, 85 BIT_UV_FEAT_AIV = 1, 86 }; 87 88 struct uv_cb_header { 89 u16 len; 90 u16 cmd; /* Command Code */ 91 u16 rc; /* Response Code */ 92 u16 rrc; /* Return Reason Code */ 93 } __packed __aligned(8); 94 95 /* Query Ultravisor Information */ 96 struct uv_cb_qui { 97 struct uv_cb_header header; /* 0x0000 */ 98 u64 reserved08; /* 0x0008 */ 99 u64 inst_calls_list[4]; /* 0x0010 */ 100 u64 reserved30[2]; /* 0x0030 */ 101 u64 uv_base_stor_len; /* 0x0040 */ 102 u64 reserved48; /* 0x0048 */ 103 u64 conf_base_phys_stor_len; /* 0x0050 */ 104 u64 conf_base_virt_stor_len; /* 0x0058 */ 105 u64 conf_virt_var_stor_len; /* 0x0060 */ 106 u64 cpu_stor_len; /* 0x0068 */ 107 u32 reserved70[3]; /* 0x0070 */ 108 u32 max_num_sec_conf; /* 0x007c */ 109 u64 max_guest_stor_addr; /* 0x0080 */ 110 u8 reserved88[158 - 136]; /* 0x0088 */ 111 u16 max_guest_cpu_id; /* 0x009e */ 112 u64 uv_feature_indications; /* 0x00a0 */ 113 u8 reserveda8[200 - 168]; /* 0x00a8 */ 114 } __packed __aligned(8); 115 116 /* Initialize Ultravisor */ 117 struct uv_cb_init { 118 struct uv_cb_header header; 119 u64 reserved08[2]; 120 u64 stor_origin; 121 u64 stor_len; 122 u64 reserved28[4]; 123 } __packed __aligned(8); 124 125 /* Create Guest Configuration */ 126 struct uv_cb_cgc { 127 struct uv_cb_header header; 128 u64 reserved08[2]; 129 u64 guest_handle; 130 u64 conf_base_stor_origin; 131 u64 conf_virt_stor_origin; 132 u64 reserved30; 133 u64 guest_stor_origin; 134 u64 guest_stor_len; 135 u64 guest_sca; 136 u64 guest_asce; 137 u64 reserved58[5]; 138 } __packed __aligned(8); 139 140 /* Create Secure CPU */ 141 struct uv_cb_csc { 142 struct uv_cb_header header; 143 u64 reserved08[2]; 144 u64 cpu_handle; 145 u64 guest_handle; 146 u64 stor_origin; 147 u8 reserved30[6]; 148 u16 num; 149 u64 state_origin; 150 u64 reserved40[4]; 151 } __packed __aligned(8); 152 153 /* Convert to Secure */ 154 struct uv_cb_cts { 155 struct uv_cb_header header; 156 u64 reserved08[2]; 157 u64 guest_handle; 158 u64 gaddr; 159 } __packed __aligned(8); 160 161 /* Convert from Secure / Pin Page Shared */ 162 struct uv_cb_cfs { 163 struct uv_cb_header header; 164 u64 reserved08[2]; 165 u64 paddr; 166 } __packed __aligned(8); 167 168 /* Set Secure Config Parameter */ 169 struct uv_cb_ssc { 170 struct uv_cb_header header; 171 u64 reserved08[2]; 172 u64 guest_handle; 173 u64 sec_header_origin; 174 u32 sec_header_len; 175 u32 reserved2c; 176 u64 reserved30[4]; 177 } __packed __aligned(8); 178 179 /* Unpack */ 180 struct uv_cb_unp { 181 struct uv_cb_header header; 182 u64 reserved08[2]; 183 u64 guest_handle; 184 u64 gaddr; 185 u64 tweak[2]; 186 u64 reserved38[3]; 187 } __packed __aligned(8); 188 189 #define PV_CPU_STATE_OPR 1 190 #define PV_CPU_STATE_STP 2 191 #define PV_CPU_STATE_CHKSTP 3 192 #define PV_CPU_STATE_OPR_LOAD 5 193 194 struct uv_cb_cpu_set_state { 195 struct uv_cb_header header; 196 u64 reserved08[2]; 197 u64 cpu_handle; 198 u8 reserved20[7]; 199 u8 state; 200 u64 reserved28[5]; 201 }; 202 203 /* 204 * A common UV call struct for calls that take no payload 205 * Examples: 206 * Destroy cpu/config 207 * Verify 208 */ 209 struct uv_cb_nodata { 210 struct uv_cb_header header; 211 u64 reserved08[2]; 212 u64 handle; 213 u64 reserved20[4]; 214 } __packed __aligned(8); 215 216 /* Set Shared Access */ 217 struct uv_cb_share { 218 struct uv_cb_header header; 219 u64 reserved08[3]; 220 u64 paddr; 221 u64 reserved28; 222 } __packed __aligned(8); 223 224 /* Retrieve Attestation Measurement */ 225 struct uv_cb_attest { 226 struct uv_cb_header header; /* 0x0000 */ 227 u64 reserved08[2]; /* 0x0008 */ 228 u64 arcb_addr; /* 0x0018 */ 229 u64 cont_token; /* 0x0020 */ 230 u8 reserved28[6]; /* 0x0028 */ 231 u16 user_data_len; /* 0x002e */ 232 u8 user_data[256]; /* 0x0030 */ 233 u32 reserved130[3]; /* 0x0130 */ 234 u32 meas_len; /* 0x013c */ 235 u64 meas_addr; /* 0x0140 */ 236 u8 config_uid[16]; /* 0x0148 */ 237 u32 reserved158; /* 0x0158 */ 238 u32 add_data_len; /* 0x015c */ 239 u64 add_data_addr; /* 0x0160 */ 240 u64 reserved168[4]; /* 0x0168 */ 241 } __packed __aligned(8); 242 243 static inline int __uv_call(unsigned long r1, unsigned long r2) 244 { 245 int cc; 246 247 asm volatile( 248 " .insn rrf,0xB9A40000,%[r1],%[r2],0,0\n" 249 " ipm %[cc]\n" 250 " srl %[cc],28\n" 251 : [cc] "=d" (cc) 252 : [r1] "a" (r1), [r2] "a" (r2) 253 : "memory", "cc"); 254 return cc; 255 } 256 257 static inline int uv_call(unsigned long r1, unsigned long r2) 258 { 259 int cc; 260 261 do { 262 cc = __uv_call(r1, r2); 263 } while (cc > 1); 264 return cc; 265 } 266 267 /* Low level uv_call that avoids stalls for long running busy conditions */ 268 static inline int uv_call_sched(unsigned long r1, unsigned long r2) 269 { 270 int cc; 271 272 do { 273 cc = __uv_call(r1, r2); 274 cond_resched(); 275 } while (cc > 1); 276 return cc; 277 } 278 279 /* 280 * special variant of uv_call that only transports the cpu or guest 281 * handle and the command, like destroy or verify. 282 */ 283 static inline int uv_cmd_nodata(u64 handle, u16 cmd, u16 *rc, u16 *rrc) 284 { 285 struct uv_cb_nodata uvcb = { 286 .header.cmd = cmd, 287 .header.len = sizeof(uvcb), 288 .handle = handle, 289 }; 290 int cc; 291 292 WARN(!handle, "No handle provided to Ultravisor call cmd %x\n", cmd); 293 cc = uv_call_sched(0, (u64)&uvcb); 294 *rc = uvcb.header.rc; 295 *rrc = uvcb.header.rrc; 296 return cc ? -EINVAL : 0; 297 } 298 299 struct uv_info { 300 unsigned long inst_calls_list[4]; 301 unsigned long uv_base_stor_len; 302 unsigned long guest_base_stor_len; 303 unsigned long guest_virt_base_stor_len; 304 unsigned long guest_virt_var_stor_len; 305 unsigned long guest_cpu_stor_len; 306 unsigned long max_sec_stor_addr; 307 unsigned int max_num_sec_conf; 308 unsigned short max_guest_cpu_id; 309 unsigned long uv_feature_indications; 310 }; 311 312 extern struct uv_info uv_info; 313 314 #ifdef CONFIG_PROTECTED_VIRTUALIZATION_GUEST 315 extern int prot_virt_guest; 316 317 static inline int is_prot_virt_guest(void) 318 { 319 return prot_virt_guest; 320 } 321 322 static inline int share(unsigned long addr, u16 cmd) 323 { 324 struct uv_cb_share uvcb = { 325 .header.cmd = cmd, 326 .header.len = sizeof(uvcb), 327 .paddr = addr 328 }; 329 330 if (!is_prot_virt_guest()) 331 return -EOPNOTSUPP; 332 /* 333 * Sharing is page wise, if we encounter addresses that are 334 * not page aligned, we assume something went wrong. If 335 * malloced structs are passed to this function, we could leak 336 * data to the hypervisor. 337 */ 338 BUG_ON(addr & ~PAGE_MASK); 339 340 if (!uv_call(0, (u64)&uvcb)) 341 return 0; 342 return -EINVAL; 343 } 344 345 /* 346 * Guest 2 request to the Ultravisor to make a page shared with the 347 * hypervisor for IO. 348 * 349 * @addr: Real or absolute address of the page to be shared 350 */ 351 static inline int uv_set_shared(unsigned long addr) 352 { 353 return share(addr, UVC_CMD_SET_SHARED_ACCESS); 354 } 355 356 /* 357 * Guest 2 request to the Ultravisor to make a page unshared. 358 * 359 * @addr: Real or absolute address of the page to be unshared 360 */ 361 static inline int uv_remove_shared(unsigned long addr) 362 { 363 return share(addr, UVC_CMD_REMOVE_SHARED_ACCESS); 364 } 365 366 #else 367 #define is_prot_virt_guest() 0 368 static inline int uv_set_shared(unsigned long addr) { return 0; } 369 static inline int uv_remove_shared(unsigned long addr) { return 0; } 370 #endif 371 372 #if IS_ENABLED(CONFIG_KVM) 373 extern int prot_virt_host; 374 375 static inline int is_prot_virt_host(void) 376 { 377 return prot_virt_host; 378 } 379 380 int gmap_make_secure(struct gmap *gmap, unsigned long gaddr, void *uvcb); 381 int uv_destroy_owned_page(unsigned long paddr); 382 int uv_convert_from_secure(unsigned long paddr); 383 int uv_convert_owned_from_secure(unsigned long paddr); 384 int gmap_convert_to_secure(struct gmap *gmap, unsigned long gaddr); 385 386 void setup_uv(void); 387 #else 388 #define is_prot_virt_host() 0 389 static inline void setup_uv(void) {} 390 391 static inline int uv_destroy_owned_page(unsigned long paddr) 392 { 393 return 0; 394 } 395 396 static inline int uv_convert_from_secure(unsigned long paddr) 397 { 398 return 0; 399 } 400 401 static inline int uv_convert_owned_from_secure(unsigned long paddr) 402 { 403 return 0; 404 } 405 #endif 406 407 #endif /* _ASM_S390_UV_H */ 408