1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * AMD Platform Security Processor (PSP) interface 4 * 5 * Copyright (C) 2016,2018 Advanced Micro Devices, Inc. 6 * 7 * Author: Brijesh Singh <brijesh.singh@amd.com> 8 */ 9 10 #include <linux/module.h> 11 #include <linux/kernel.h> 12 #include <linux/kthread.h> 13 #include <linux/sched.h> 14 #include <linux/interrupt.h> 15 #include <linux/spinlock.h> 16 #include <linux/spinlock_types.h> 17 #include <linux/types.h> 18 #include <linux/mutex.h> 19 #include <linux/delay.h> 20 #include <linux/hw_random.h> 21 #include <linux/ccp.h> 22 #include <linux/firmware.h> 23 24 #include "sp-dev.h" 25 #include "psp-dev.h" 26 27 #define DEVICE_NAME "sev" 28 #define SEV_FW_FILE "amd/sev.fw" 29 #define SEV_FW_NAME_SIZE 64 30 31 static DEFINE_MUTEX(sev_cmd_mutex); 32 static struct sev_misc_dev *misc_dev; 33 static struct psp_device *psp_master; 34 35 static int psp_cmd_timeout = 100; 36 module_param(psp_cmd_timeout, int, 0644); 37 MODULE_PARM_DESC(psp_cmd_timeout, " default timeout value, in seconds, for PSP commands"); 38 39 static int psp_probe_timeout = 5; 40 module_param(psp_probe_timeout, int, 0644); 41 MODULE_PARM_DESC(psp_probe_timeout, " default timeout value, in seconds, during PSP device probe"); 42 43 static bool psp_dead; 44 static int psp_timeout; 45 46 static inline bool sev_version_greater_or_equal(u8 maj, u8 min) 47 { 48 if (psp_master->api_major > maj) 49 return true; 50 if (psp_master->api_major == maj && psp_master->api_minor >= min) 51 return true; 52 return false; 53 } 54 55 static struct psp_device *psp_alloc_struct(struct sp_device *sp) 56 { 57 struct device *dev = sp->dev; 58 struct psp_device *psp; 59 60 psp = devm_kzalloc(dev, sizeof(*psp), GFP_KERNEL); 61 if (!psp) 62 return NULL; 63 64 psp->dev = dev; 65 psp->sp = sp; 66 67 snprintf(psp->name, sizeof(psp->name), "psp-%u", sp->ord); 68 69 return psp; 70 } 71 72 static irqreturn_t psp_irq_handler(int irq, void *data) 73 { 74 struct psp_device *psp = data; 75 unsigned int status; 76 int reg; 77 78 /* Read the interrupt status: */ 79 status = ioread32(psp->io_regs + psp->vdata->intsts_reg); 80 81 /* Check if it is command completion: */ 82 if (!(status & PSP_CMD_COMPLETE)) 83 goto done; 84 85 /* Check if it is SEV command completion: */ 86 reg = ioread32(psp->io_regs + psp->vdata->cmdresp_reg); 87 if (reg & PSP_CMDRESP_RESP) { 88 psp->sev_int_rcvd = 1; 89 wake_up(&psp->sev_int_queue); 90 } 91 92 done: 93 /* Clear the interrupt status by writing the same value we read. */ 94 iowrite32(status, psp->io_regs + psp->vdata->intsts_reg); 95 96 return IRQ_HANDLED; 97 } 98 99 static int sev_wait_cmd_ioc(struct psp_device *psp, 100 unsigned int *reg, unsigned int timeout) 101 { 102 int ret; 103 104 ret = wait_event_timeout(psp->sev_int_queue, 105 psp->sev_int_rcvd, timeout * HZ); 106 if (!ret) 107 return -ETIMEDOUT; 108 109 *reg = ioread32(psp->io_regs + psp->vdata->cmdresp_reg); 110 111 return 0; 112 } 113 114 static int sev_cmd_buffer_len(int cmd) 115 { 116 switch (cmd) { 117 case SEV_CMD_INIT: return sizeof(struct sev_data_init); 118 case SEV_CMD_PLATFORM_STATUS: return sizeof(struct sev_user_data_status); 119 case SEV_CMD_PEK_CSR: return sizeof(struct sev_data_pek_csr); 120 case SEV_CMD_PEK_CERT_IMPORT: return sizeof(struct sev_data_pek_cert_import); 121 case SEV_CMD_PDH_CERT_EXPORT: return sizeof(struct sev_data_pdh_cert_export); 122 case SEV_CMD_LAUNCH_START: return sizeof(struct sev_data_launch_start); 123 case SEV_CMD_LAUNCH_UPDATE_DATA: return sizeof(struct sev_data_launch_update_data); 124 case SEV_CMD_LAUNCH_UPDATE_VMSA: return sizeof(struct sev_data_launch_update_vmsa); 125 case SEV_CMD_LAUNCH_FINISH: return sizeof(struct sev_data_launch_finish); 126 case SEV_CMD_LAUNCH_MEASURE: return sizeof(struct sev_data_launch_measure); 127 case SEV_CMD_ACTIVATE: return sizeof(struct sev_data_activate); 128 case SEV_CMD_DEACTIVATE: return sizeof(struct sev_data_deactivate); 129 case SEV_CMD_DECOMMISSION: return sizeof(struct sev_data_decommission); 130 case SEV_CMD_GUEST_STATUS: return sizeof(struct sev_data_guest_status); 131 case SEV_CMD_DBG_DECRYPT: return sizeof(struct sev_data_dbg); 132 case SEV_CMD_DBG_ENCRYPT: return sizeof(struct sev_data_dbg); 133 case SEV_CMD_SEND_START: return sizeof(struct sev_data_send_start); 134 case SEV_CMD_SEND_UPDATE_DATA: return sizeof(struct sev_data_send_update_data); 135 case SEV_CMD_SEND_UPDATE_VMSA: return sizeof(struct sev_data_send_update_vmsa); 136 case SEV_CMD_SEND_FINISH: return sizeof(struct sev_data_send_finish); 137 case SEV_CMD_RECEIVE_START: return sizeof(struct sev_data_receive_start); 138 case SEV_CMD_RECEIVE_FINISH: return sizeof(struct sev_data_receive_finish); 139 case SEV_CMD_RECEIVE_UPDATE_DATA: return sizeof(struct sev_data_receive_update_data); 140 case SEV_CMD_RECEIVE_UPDATE_VMSA: return sizeof(struct sev_data_receive_update_vmsa); 141 case SEV_CMD_LAUNCH_UPDATE_SECRET: return sizeof(struct sev_data_launch_secret); 142 case SEV_CMD_DOWNLOAD_FIRMWARE: return sizeof(struct sev_data_download_firmware); 143 case SEV_CMD_GET_ID: return sizeof(struct sev_data_get_id); 144 default: return 0; 145 } 146 147 return 0; 148 } 149 150 static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret) 151 { 152 struct psp_device *psp = psp_master; 153 unsigned int phys_lsb, phys_msb; 154 unsigned int reg, ret = 0; 155 156 if (!psp) 157 return -ENODEV; 158 159 if (psp_dead) 160 return -EBUSY; 161 162 /* Get the physical address of the command buffer */ 163 phys_lsb = data ? lower_32_bits(__psp_pa(data)) : 0; 164 phys_msb = data ? upper_32_bits(__psp_pa(data)) : 0; 165 166 dev_dbg(psp->dev, "sev command id %#x buffer 0x%08x%08x timeout %us\n", 167 cmd, phys_msb, phys_lsb, psp_timeout); 168 169 print_hex_dump_debug("(in): ", DUMP_PREFIX_OFFSET, 16, 2, data, 170 sev_cmd_buffer_len(cmd), false); 171 172 iowrite32(phys_lsb, psp->io_regs + psp->vdata->cmdbuff_addr_lo_reg); 173 iowrite32(phys_msb, psp->io_regs + psp->vdata->cmdbuff_addr_hi_reg); 174 175 psp->sev_int_rcvd = 0; 176 177 reg = cmd; 178 reg <<= PSP_CMDRESP_CMD_SHIFT; 179 reg |= PSP_CMDRESP_IOC; 180 iowrite32(reg, psp->io_regs + psp->vdata->cmdresp_reg); 181 182 /* wait for command completion */ 183 ret = sev_wait_cmd_ioc(psp, ®, psp_timeout); 184 if (ret) { 185 if (psp_ret) 186 *psp_ret = 0; 187 188 dev_err(psp->dev, "sev command %#x timed out, disabling PSP \n", cmd); 189 psp_dead = true; 190 191 return ret; 192 } 193 194 psp_timeout = psp_cmd_timeout; 195 196 if (psp_ret) 197 *psp_ret = reg & PSP_CMDRESP_ERR_MASK; 198 199 if (reg & PSP_CMDRESP_ERR_MASK) { 200 dev_dbg(psp->dev, "sev command %#x failed (%#010x)\n", 201 cmd, reg & PSP_CMDRESP_ERR_MASK); 202 ret = -EIO; 203 } 204 205 print_hex_dump_debug("(out): ", DUMP_PREFIX_OFFSET, 16, 2, data, 206 sev_cmd_buffer_len(cmd), false); 207 208 return ret; 209 } 210 211 static int sev_do_cmd(int cmd, void *data, int *psp_ret) 212 { 213 int rc; 214 215 mutex_lock(&sev_cmd_mutex); 216 rc = __sev_do_cmd_locked(cmd, data, psp_ret); 217 mutex_unlock(&sev_cmd_mutex); 218 219 return rc; 220 } 221 222 static int __sev_platform_init_locked(int *error) 223 { 224 struct psp_device *psp = psp_master; 225 int rc = 0; 226 227 if (!psp) 228 return -ENODEV; 229 230 if (psp->sev_state == SEV_STATE_INIT) 231 return 0; 232 233 rc = __sev_do_cmd_locked(SEV_CMD_INIT, &psp->init_cmd_buf, error); 234 if (rc) 235 return rc; 236 237 psp->sev_state = SEV_STATE_INIT; 238 dev_dbg(psp->dev, "SEV firmware initialized\n"); 239 240 return rc; 241 } 242 243 int sev_platform_init(int *error) 244 { 245 int rc; 246 247 mutex_lock(&sev_cmd_mutex); 248 rc = __sev_platform_init_locked(error); 249 mutex_unlock(&sev_cmd_mutex); 250 251 return rc; 252 } 253 EXPORT_SYMBOL_GPL(sev_platform_init); 254 255 static int __sev_platform_shutdown_locked(int *error) 256 { 257 int ret; 258 259 ret = __sev_do_cmd_locked(SEV_CMD_SHUTDOWN, NULL, error); 260 if (ret) 261 return ret; 262 263 psp_master->sev_state = SEV_STATE_UNINIT; 264 dev_dbg(psp_master->dev, "SEV firmware shutdown\n"); 265 266 return ret; 267 } 268 269 static int sev_platform_shutdown(int *error) 270 { 271 int rc; 272 273 mutex_lock(&sev_cmd_mutex); 274 rc = __sev_platform_shutdown_locked(NULL); 275 mutex_unlock(&sev_cmd_mutex); 276 277 return rc; 278 } 279 280 static int sev_get_platform_state(int *state, int *error) 281 { 282 int rc; 283 284 rc = __sev_do_cmd_locked(SEV_CMD_PLATFORM_STATUS, 285 &psp_master->status_cmd_buf, error); 286 if (rc) 287 return rc; 288 289 *state = psp_master->status_cmd_buf.state; 290 return rc; 291 } 292 293 static int sev_ioctl_do_reset(struct sev_issue_cmd *argp) 294 { 295 int state, rc; 296 297 /* 298 * The SEV spec requires that FACTORY_RESET must be issued in 299 * UNINIT state. Before we go further lets check if any guest is 300 * active. 301 * 302 * If FW is in WORKING state then deny the request otherwise issue 303 * SHUTDOWN command do INIT -> UNINIT before issuing the FACTORY_RESET. 304 * 305 */ 306 rc = sev_get_platform_state(&state, &argp->error); 307 if (rc) 308 return rc; 309 310 if (state == SEV_STATE_WORKING) 311 return -EBUSY; 312 313 if (state == SEV_STATE_INIT) { 314 rc = __sev_platform_shutdown_locked(&argp->error); 315 if (rc) 316 return rc; 317 } 318 319 return __sev_do_cmd_locked(SEV_CMD_FACTORY_RESET, NULL, &argp->error); 320 } 321 322 static int sev_ioctl_do_platform_status(struct sev_issue_cmd *argp) 323 { 324 struct sev_user_data_status *data = &psp_master->status_cmd_buf; 325 int ret; 326 327 ret = __sev_do_cmd_locked(SEV_CMD_PLATFORM_STATUS, data, &argp->error); 328 if (ret) 329 return ret; 330 331 if (copy_to_user((void __user *)argp->data, data, sizeof(*data))) 332 ret = -EFAULT; 333 334 return ret; 335 } 336 337 static int sev_ioctl_do_pek_pdh_gen(int cmd, struct sev_issue_cmd *argp) 338 { 339 int rc; 340 341 if (psp_master->sev_state == SEV_STATE_UNINIT) { 342 rc = __sev_platform_init_locked(&argp->error); 343 if (rc) 344 return rc; 345 } 346 347 return __sev_do_cmd_locked(cmd, NULL, &argp->error); 348 } 349 350 static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp) 351 { 352 struct sev_user_data_pek_csr input; 353 struct sev_data_pek_csr *data; 354 void *blob = NULL; 355 int ret; 356 357 if (copy_from_user(&input, (void __user *)argp->data, sizeof(input))) 358 return -EFAULT; 359 360 data = kzalloc(sizeof(*data), GFP_KERNEL); 361 if (!data) 362 return -ENOMEM; 363 364 /* userspace wants to query CSR length */ 365 if (!input.address || !input.length) 366 goto cmd; 367 368 /* allocate a physically contiguous buffer to store the CSR blob */ 369 if (!access_ok(input.address, input.length) || 370 input.length > SEV_FW_BLOB_MAX_SIZE) { 371 ret = -EFAULT; 372 goto e_free; 373 } 374 375 blob = kmalloc(input.length, GFP_KERNEL); 376 if (!blob) { 377 ret = -ENOMEM; 378 goto e_free; 379 } 380 381 data->address = __psp_pa(blob); 382 data->len = input.length; 383 384 cmd: 385 if (psp_master->sev_state == SEV_STATE_UNINIT) { 386 ret = __sev_platform_init_locked(&argp->error); 387 if (ret) 388 goto e_free_blob; 389 } 390 391 ret = __sev_do_cmd_locked(SEV_CMD_PEK_CSR, data, &argp->error); 392 393 /* If we query the CSR length, FW responded with expected data. */ 394 input.length = data->len; 395 396 if (copy_to_user((void __user *)argp->data, &input, sizeof(input))) { 397 ret = -EFAULT; 398 goto e_free_blob; 399 } 400 401 if (blob) { 402 if (copy_to_user((void __user *)input.address, blob, input.length)) 403 ret = -EFAULT; 404 } 405 406 e_free_blob: 407 kfree(blob); 408 e_free: 409 kfree(data); 410 return ret; 411 } 412 413 void *psp_copy_user_blob(u64 __user uaddr, u32 len) 414 { 415 if (!uaddr || !len) 416 return ERR_PTR(-EINVAL); 417 418 /* verify that blob length does not exceed our limit */ 419 if (len > SEV_FW_BLOB_MAX_SIZE) 420 return ERR_PTR(-EINVAL); 421 422 return memdup_user((void __user *)(uintptr_t)uaddr, len); 423 } 424 EXPORT_SYMBOL_GPL(psp_copy_user_blob); 425 426 static int sev_get_api_version(void) 427 { 428 struct sev_user_data_status *status; 429 int error = 0, ret; 430 431 status = &psp_master->status_cmd_buf; 432 ret = sev_platform_status(status, &error); 433 if (ret) { 434 dev_err(psp_master->dev, 435 "SEV: failed to get status. Error: %#x\n", error); 436 return 1; 437 } 438 439 psp_master->api_major = status->api_major; 440 psp_master->api_minor = status->api_minor; 441 psp_master->build = status->build; 442 psp_master->sev_state = status->state; 443 444 return 0; 445 } 446 447 static int sev_get_firmware(struct device *dev, 448 const struct firmware **firmware) 449 { 450 char fw_name_specific[SEV_FW_NAME_SIZE]; 451 char fw_name_subset[SEV_FW_NAME_SIZE]; 452 453 snprintf(fw_name_specific, sizeof(fw_name_specific), 454 "amd/amd_sev_fam%.2xh_model%.2xh.sbin", 455 boot_cpu_data.x86, boot_cpu_data.x86_model); 456 457 snprintf(fw_name_subset, sizeof(fw_name_subset), 458 "amd/amd_sev_fam%.2xh_model%.1xxh.sbin", 459 boot_cpu_data.x86, (boot_cpu_data.x86_model & 0xf0) >> 4); 460 461 /* Check for SEV FW for a particular model. 462 * Ex. amd_sev_fam17h_model00h.sbin for Family 17h Model 00h 463 * 464 * or 465 * 466 * Check for SEV FW common to a subset of models. 467 * Ex. amd_sev_fam17h_model0xh.sbin for 468 * Family 17h Model 00h -- Family 17h Model 0Fh 469 * 470 * or 471 * 472 * Fall-back to using generic name: sev.fw 473 */ 474 if ((firmware_request_nowarn(firmware, fw_name_specific, dev) >= 0) || 475 (firmware_request_nowarn(firmware, fw_name_subset, dev) >= 0) || 476 (firmware_request_nowarn(firmware, SEV_FW_FILE, dev) >= 0)) 477 return 0; 478 479 return -ENOENT; 480 } 481 482 /* Don't fail if SEV FW couldn't be updated. Continue with existing SEV FW */ 483 static int sev_update_firmware(struct device *dev) 484 { 485 struct sev_data_download_firmware *data; 486 const struct firmware *firmware; 487 int ret, error, order; 488 struct page *p; 489 u64 data_size; 490 491 if (sev_get_firmware(dev, &firmware) == -ENOENT) { 492 dev_dbg(dev, "No SEV firmware file present\n"); 493 return -1; 494 } 495 496 /* 497 * SEV FW expects the physical address given to it to be 32 498 * byte aligned. Memory allocated has structure placed at the 499 * beginning followed by the firmware being passed to the SEV 500 * FW. Allocate enough memory for data structure + alignment 501 * padding + SEV FW. 502 */ 503 data_size = ALIGN(sizeof(struct sev_data_download_firmware), 32); 504 505 order = get_order(firmware->size + data_size); 506 p = alloc_pages(GFP_KERNEL, order); 507 if (!p) { 508 ret = -1; 509 goto fw_err; 510 } 511 512 /* 513 * Copy firmware data to a kernel allocated contiguous 514 * memory region. 515 */ 516 data = page_address(p); 517 memcpy(page_address(p) + data_size, firmware->data, firmware->size); 518 519 data->address = __psp_pa(page_address(p) + data_size); 520 data->len = firmware->size; 521 522 ret = sev_do_cmd(SEV_CMD_DOWNLOAD_FIRMWARE, data, &error); 523 if (ret) 524 dev_dbg(dev, "Failed to update SEV firmware: %#x\n", error); 525 else 526 dev_info(dev, "SEV firmware update successful\n"); 527 528 __free_pages(p, order); 529 530 fw_err: 531 release_firmware(firmware); 532 533 return ret; 534 } 535 536 static int sev_ioctl_do_pek_import(struct sev_issue_cmd *argp) 537 { 538 struct sev_user_data_pek_cert_import input; 539 struct sev_data_pek_cert_import *data; 540 void *pek_blob, *oca_blob; 541 int ret; 542 543 if (copy_from_user(&input, (void __user *)argp->data, sizeof(input))) 544 return -EFAULT; 545 546 data = kzalloc(sizeof(*data), GFP_KERNEL); 547 if (!data) 548 return -ENOMEM; 549 550 /* copy PEK certificate blobs from userspace */ 551 pek_blob = psp_copy_user_blob(input.pek_cert_address, input.pek_cert_len); 552 if (IS_ERR(pek_blob)) { 553 ret = PTR_ERR(pek_blob); 554 goto e_free; 555 } 556 557 data->pek_cert_address = __psp_pa(pek_blob); 558 data->pek_cert_len = input.pek_cert_len; 559 560 /* copy PEK certificate blobs from userspace */ 561 oca_blob = psp_copy_user_blob(input.oca_cert_address, input.oca_cert_len); 562 if (IS_ERR(oca_blob)) { 563 ret = PTR_ERR(oca_blob); 564 goto e_free_pek; 565 } 566 567 data->oca_cert_address = __psp_pa(oca_blob); 568 data->oca_cert_len = input.oca_cert_len; 569 570 /* If platform is not in INIT state then transition it to INIT */ 571 if (psp_master->sev_state != SEV_STATE_INIT) { 572 ret = __sev_platform_init_locked(&argp->error); 573 if (ret) 574 goto e_free_oca; 575 } 576 577 ret = __sev_do_cmd_locked(SEV_CMD_PEK_CERT_IMPORT, data, &argp->error); 578 579 e_free_oca: 580 kfree(oca_blob); 581 e_free_pek: 582 kfree(pek_blob); 583 e_free: 584 kfree(data); 585 return ret; 586 } 587 588 static int sev_ioctl_do_get_id2(struct sev_issue_cmd *argp) 589 { 590 struct sev_user_data_get_id2 input; 591 struct sev_data_get_id *data; 592 void *id_blob = NULL; 593 int ret; 594 595 /* SEV GET_ID is available from SEV API v0.16 and up */ 596 if (!sev_version_greater_or_equal(0, 16)) 597 return -ENOTSUPP; 598 599 if (copy_from_user(&input, (void __user *)argp->data, sizeof(input))) 600 return -EFAULT; 601 602 /* Check if we have write access to the userspace buffer */ 603 if (input.address && 604 input.length && 605 !access_ok(input.address, input.length)) 606 return -EFAULT; 607 608 data = kzalloc(sizeof(*data), GFP_KERNEL); 609 if (!data) 610 return -ENOMEM; 611 612 if (input.address && input.length) { 613 id_blob = kmalloc(input.length, GFP_KERNEL); 614 if (!id_blob) { 615 kfree(data); 616 return -ENOMEM; 617 } 618 619 data->address = __psp_pa(id_blob); 620 data->len = input.length; 621 } 622 623 ret = __sev_do_cmd_locked(SEV_CMD_GET_ID, data, &argp->error); 624 625 /* 626 * Firmware will return the length of the ID value (either the minimum 627 * required length or the actual length written), return it to the user. 628 */ 629 input.length = data->len; 630 631 if (copy_to_user((void __user *)argp->data, &input, sizeof(input))) { 632 ret = -EFAULT; 633 goto e_free; 634 } 635 636 if (id_blob) { 637 if (copy_to_user((void __user *)input.address, 638 id_blob, data->len)) { 639 ret = -EFAULT; 640 goto e_free; 641 } 642 } 643 644 e_free: 645 kfree(id_blob); 646 kfree(data); 647 648 return ret; 649 } 650 651 static int sev_ioctl_do_get_id(struct sev_issue_cmd *argp) 652 { 653 struct sev_data_get_id *data; 654 u64 data_size, user_size; 655 void *id_blob, *mem; 656 int ret; 657 658 /* SEV GET_ID available from SEV API v0.16 and up */ 659 if (!sev_version_greater_or_equal(0, 16)) 660 return -ENOTSUPP; 661 662 /* SEV FW expects the buffer it fills with the ID to be 663 * 8-byte aligned. Memory allocated should be enough to 664 * hold data structure + alignment padding + memory 665 * where SEV FW writes the ID. 666 */ 667 data_size = ALIGN(sizeof(struct sev_data_get_id), 8); 668 user_size = sizeof(struct sev_user_data_get_id); 669 670 mem = kzalloc(data_size + user_size, GFP_KERNEL); 671 if (!mem) 672 return -ENOMEM; 673 674 data = mem; 675 id_blob = mem + data_size; 676 677 data->address = __psp_pa(id_blob); 678 data->len = user_size; 679 680 ret = __sev_do_cmd_locked(SEV_CMD_GET_ID, data, &argp->error); 681 if (!ret) { 682 if (copy_to_user((void __user *)argp->data, id_blob, data->len)) 683 ret = -EFAULT; 684 } 685 686 kfree(mem); 687 688 return ret; 689 } 690 691 static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp) 692 { 693 struct sev_user_data_pdh_cert_export input; 694 void *pdh_blob = NULL, *cert_blob = NULL; 695 struct sev_data_pdh_cert_export *data; 696 int ret; 697 698 if (copy_from_user(&input, (void __user *)argp->data, sizeof(input))) 699 return -EFAULT; 700 701 data = kzalloc(sizeof(*data), GFP_KERNEL); 702 if (!data) 703 return -ENOMEM; 704 705 /* Userspace wants to query the certificate length. */ 706 if (!input.pdh_cert_address || 707 !input.pdh_cert_len || 708 !input.cert_chain_address) 709 goto cmd; 710 711 /* Allocate a physically contiguous buffer to store the PDH blob. */ 712 if ((input.pdh_cert_len > SEV_FW_BLOB_MAX_SIZE) || 713 !access_ok(input.pdh_cert_address, input.pdh_cert_len)) { 714 ret = -EFAULT; 715 goto e_free; 716 } 717 718 /* Allocate a physically contiguous buffer to store the cert chain blob. */ 719 if ((input.cert_chain_len > SEV_FW_BLOB_MAX_SIZE) || 720 !access_ok(input.cert_chain_address, input.cert_chain_len)) { 721 ret = -EFAULT; 722 goto e_free; 723 } 724 725 pdh_blob = kmalloc(input.pdh_cert_len, GFP_KERNEL); 726 if (!pdh_blob) { 727 ret = -ENOMEM; 728 goto e_free; 729 } 730 731 data->pdh_cert_address = __psp_pa(pdh_blob); 732 data->pdh_cert_len = input.pdh_cert_len; 733 734 cert_blob = kmalloc(input.cert_chain_len, GFP_KERNEL); 735 if (!cert_blob) { 736 ret = -ENOMEM; 737 goto e_free_pdh; 738 } 739 740 data->cert_chain_address = __psp_pa(cert_blob); 741 data->cert_chain_len = input.cert_chain_len; 742 743 cmd: 744 /* If platform is not in INIT state then transition it to INIT. */ 745 if (psp_master->sev_state != SEV_STATE_INIT) { 746 ret = __sev_platform_init_locked(&argp->error); 747 if (ret) 748 goto e_free_cert; 749 } 750 751 ret = __sev_do_cmd_locked(SEV_CMD_PDH_CERT_EXPORT, data, &argp->error); 752 753 /* If we query the length, FW responded with expected data. */ 754 input.cert_chain_len = data->cert_chain_len; 755 input.pdh_cert_len = data->pdh_cert_len; 756 757 if (copy_to_user((void __user *)argp->data, &input, sizeof(input))) { 758 ret = -EFAULT; 759 goto e_free_cert; 760 } 761 762 if (pdh_blob) { 763 if (copy_to_user((void __user *)input.pdh_cert_address, 764 pdh_blob, input.pdh_cert_len)) { 765 ret = -EFAULT; 766 goto e_free_cert; 767 } 768 } 769 770 if (cert_blob) { 771 if (copy_to_user((void __user *)input.cert_chain_address, 772 cert_blob, input.cert_chain_len)) 773 ret = -EFAULT; 774 } 775 776 e_free_cert: 777 kfree(cert_blob); 778 e_free_pdh: 779 kfree(pdh_blob); 780 e_free: 781 kfree(data); 782 return ret; 783 } 784 785 static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) 786 { 787 void __user *argp = (void __user *)arg; 788 struct sev_issue_cmd input; 789 int ret = -EFAULT; 790 791 if (!psp_master) 792 return -ENODEV; 793 794 if (ioctl != SEV_ISSUE_CMD) 795 return -EINVAL; 796 797 if (copy_from_user(&input, argp, sizeof(struct sev_issue_cmd))) 798 return -EFAULT; 799 800 if (input.cmd > SEV_MAX) 801 return -EINVAL; 802 803 mutex_lock(&sev_cmd_mutex); 804 805 switch (input.cmd) { 806 807 case SEV_FACTORY_RESET: 808 ret = sev_ioctl_do_reset(&input); 809 break; 810 case SEV_PLATFORM_STATUS: 811 ret = sev_ioctl_do_platform_status(&input); 812 break; 813 case SEV_PEK_GEN: 814 ret = sev_ioctl_do_pek_pdh_gen(SEV_CMD_PEK_GEN, &input); 815 break; 816 case SEV_PDH_GEN: 817 ret = sev_ioctl_do_pek_pdh_gen(SEV_CMD_PDH_GEN, &input); 818 break; 819 case SEV_PEK_CSR: 820 ret = sev_ioctl_do_pek_csr(&input); 821 break; 822 case SEV_PEK_CERT_IMPORT: 823 ret = sev_ioctl_do_pek_import(&input); 824 break; 825 case SEV_PDH_CERT_EXPORT: 826 ret = sev_ioctl_do_pdh_export(&input); 827 break; 828 case SEV_GET_ID: 829 pr_warn_once("SEV_GET_ID command is deprecated, use SEV_GET_ID2\n"); 830 ret = sev_ioctl_do_get_id(&input); 831 break; 832 case SEV_GET_ID2: 833 ret = sev_ioctl_do_get_id2(&input); 834 break; 835 default: 836 ret = -EINVAL; 837 goto out; 838 } 839 840 if (copy_to_user(argp, &input, sizeof(struct sev_issue_cmd))) 841 ret = -EFAULT; 842 out: 843 mutex_unlock(&sev_cmd_mutex); 844 845 return ret; 846 } 847 848 static const struct file_operations sev_fops = { 849 .owner = THIS_MODULE, 850 .unlocked_ioctl = sev_ioctl, 851 }; 852 853 int sev_platform_status(struct sev_user_data_status *data, int *error) 854 { 855 return sev_do_cmd(SEV_CMD_PLATFORM_STATUS, data, error); 856 } 857 EXPORT_SYMBOL_GPL(sev_platform_status); 858 859 int sev_guest_deactivate(struct sev_data_deactivate *data, int *error) 860 { 861 return sev_do_cmd(SEV_CMD_DEACTIVATE, data, error); 862 } 863 EXPORT_SYMBOL_GPL(sev_guest_deactivate); 864 865 int sev_guest_activate(struct sev_data_activate *data, int *error) 866 { 867 return sev_do_cmd(SEV_CMD_ACTIVATE, data, error); 868 } 869 EXPORT_SYMBOL_GPL(sev_guest_activate); 870 871 int sev_guest_decommission(struct sev_data_decommission *data, int *error) 872 { 873 return sev_do_cmd(SEV_CMD_DECOMMISSION, data, error); 874 } 875 EXPORT_SYMBOL_GPL(sev_guest_decommission); 876 877 int sev_guest_df_flush(int *error) 878 { 879 return sev_do_cmd(SEV_CMD_DF_FLUSH, NULL, error); 880 } 881 EXPORT_SYMBOL_GPL(sev_guest_df_flush); 882 883 static void sev_exit(struct kref *ref) 884 { 885 struct sev_misc_dev *misc_dev = container_of(ref, struct sev_misc_dev, refcount); 886 887 misc_deregister(&misc_dev->misc); 888 } 889 890 static int sev_misc_init(struct psp_device *psp) 891 { 892 struct device *dev = psp->dev; 893 int ret; 894 895 /* 896 * SEV feature support can be detected on multiple devices but the SEV 897 * FW commands must be issued on the master. During probe, we do not 898 * know the master hence we create /dev/sev on the first device probe. 899 * sev_do_cmd() finds the right master device to which to issue the 900 * command to the firmware. 901 */ 902 if (!misc_dev) { 903 struct miscdevice *misc; 904 905 misc_dev = devm_kzalloc(dev, sizeof(*misc_dev), GFP_KERNEL); 906 if (!misc_dev) 907 return -ENOMEM; 908 909 misc = &misc_dev->misc; 910 misc->minor = MISC_DYNAMIC_MINOR; 911 misc->name = DEVICE_NAME; 912 misc->fops = &sev_fops; 913 914 ret = misc_register(misc); 915 if (ret) 916 return ret; 917 918 kref_init(&misc_dev->refcount); 919 } else { 920 kref_get(&misc_dev->refcount); 921 } 922 923 init_waitqueue_head(&psp->sev_int_queue); 924 psp->sev_misc = misc_dev; 925 dev_dbg(dev, "registered SEV device\n"); 926 927 return 0; 928 } 929 930 static int psp_check_sev_support(struct psp_device *psp) 931 { 932 /* Check if device supports SEV feature */ 933 if (!(ioread32(psp->io_regs + psp->vdata->feature_reg) & 1)) { 934 dev_dbg(psp->dev, "psp does not support SEV\n"); 935 return -ENODEV; 936 } 937 938 return 0; 939 } 940 941 int psp_dev_init(struct sp_device *sp) 942 { 943 struct device *dev = sp->dev; 944 struct psp_device *psp; 945 int ret; 946 947 ret = -ENOMEM; 948 psp = psp_alloc_struct(sp); 949 if (!psp) 950 goto e_err; 951 952 sp->psp_data = psp; 953 954 psp->vdata = (struct psp_vdata *)sp->dev_vdata->psp_vdata; 955 if (!psp->vdata) { 956 ret = -ENODEV; 957 dev_err(dev, "missing driver data\n"); 958 goto e_err; 959 } 960 961 psp->io_regs = sp->io_map; 962 963 ret = psp_check_sev_support(psp); 964 if (ret) 965 goto e_disable; 966 967 /* Disable and clear interrupts until ready */ 968 iowrite32(0, psp->io_regs + psp->vdata->inten_reg); 969 iowrite32(-1, psp->io_regs + psp->vdata->intsts_reg); 970 971 /* Request an irq */ 972 ret = sp_request_psp_irq(psp->sp, psp_irq_handler, psp->name, psp); 973 if (ret) { 974 dev_err(dev, "psp: unable to allocate an IRQ\n"); 975 goto e_err; 976 } 977 978 ret = sev_misc_init(psp); 979 if (ret) 980 goto e_irq; 981 982 if (sp->set_psp_master_device) 983 sp->set_psp_master_device(sp); 984 985 /* Enable interrupt */ 986 iowrite32(-1, psp->io_regs + psp->vdata->inten_reg); 987 988 dev_notice(dev, "psp enabled\n"); 989 990 return 0; 991 992 e_irq: 993 sp_free_psp_irq(psp->sp, psp); 994 e_err: 995 sp->psp_data = NULL; 996 997 dev_notice(dev, "psp initialization failed\n"); 998 999 return ret; 1000 1001 e_disable: 1002 sp->psp_data = NULL; 1003 1004 return ret; 1005 } 1006 1007 void psp_dev_destroy(struct sp_device *sp) 1008 { 1009 struct psp_device *psp = sp->psp_data; 1010 1011 if (!psp) 1012 return; 1013 1014 if (psp->sev_misc) 1015 kref_put(&misc_dev->refcount, sev_exit); 1016 1017 sp_free_psp_irq(sp, psp); 1018 } 1019 1020 int sev_issue_cmd_external_user(struct file *filep, unsigned int cmd, 1021 void *data, int *error) 1022 { 1023 if (!filep || filep->f_op != &sev_fops) 1024 return -EBADF; 1025 1026 return sev_do_cmd(cmd, data, error); 1027 } 1028 EXPORT_SYMBOL_GPL(sev_issue_cmd_external_user); 1029 1030 void psp_pci_init(void) 1031 { 1032 struct sp_device *sp; 1033 int error, rc; 1034 1035 sp = sp_get_psp_master_device(); 1036 if (!sp) 1037 return; 1038 1039 psp_master = sp->psp_data; 1040 1041 psp_timeout = psp_probe_timeout; 1042 1043 if (sev_get_api_version()) 1044 goto err; 1045 1046 /* 1047 * If platform is not in UNINIT state then firmware upgrade and/or 1048 * platform INIT command will fail. These command require UNINIT state. 1049 * 1050 * In a normal boot we should never run into case where the firmware 1051 * is not in UNINIT state on boot. But in case of kexec boot, a reboot 1052 * may not go through a typical shutdown sequence and may leave the 1053 * firmware in INIT or WORKING state. 1054 */ 1055 1056 if (psp_master->sev_state != SEV_STATE_UNINIT) { 1057 sev_platform_shutdown(NULL); 1058 psp_master->sev_state = SEV_STATE_UNINIT; 1059 } 1060 1061 if (sev_version_greater_or_equal(0, 15) && 1062 sev_update_firmware(psp_master->dev) == 0) 1063 sev_get_api_version(); 1064 1065 /* Initialize the platform */ 1066 rc = sev_platform_init(&error); 1067 if (rc) { 1068 dev_err(sp->dev, "SEV: failed to INIT error %#x\n", error); 1069 return; 1070 } 1071 1072 dev_info(sp->dev, "SEV API:%d.%d build:%d\n", psp_master->api_major, 1073 psp_master->api_minor, psp_master->build); 1074 1075 return; 1076 1077 err: 1078 psp_master = NULL; 1079 } 1080 1081 void psp_pci_exit(void) 1082 { 1083 if (!psp_master) 1084 return; 1085 1086 sev_platform_shutdown(NULL); 1087 } 1088