1 // SPDX-License-Identifier: GPL-2.0-only
3 * AMD Secure Encrypted Virtualization (SEV) interface
5 * Copyright (C) 2016,2019 Advanced Micro Devices, Inc.
7 * Author: Brijesh Singh <brijesh.singh@amd.com>
10 #include <linux/module.h>
11 #include <linux/kernel.h>
12 #include <linux/kthread.h>
13 #include <linux/sched.h>
14 #include <linux/interrupt.h>
15 #include <linux/spinlock.h>
16 #include <linux/spinlock_types.h>
17 #include <linux/types.h>
18 #include <linux/mutex.h>
19 #include <linux/delay.h>
20 #include <linux/hw_random.h>
21 #include <linux/ccp.h>
22 #include <linux/firmware.h>
23 #include <linux/gfp.h>
24 #include <linux/cpufeature.h>
26 #include <linux/fs_struct.h>
33 #define DEVICE_NAME "sev"
34 #define SEV_FW_FILE "amd/sev.fw"
35 #define SEV_FW_NAME_SIZE 64
37 static DEFINE_MUTEX(sev_cmd_mutex);
38 static struct sev_misc_dev *misc_dev;
40 static int psp_cmd_timeout = 100;
41 module_param(psp_cmd_timeout, int, 0644);
42 MODULE_PARM_DESC(psp_cmd_timeout, " default timeout value, in seconds, for PSP commands");
44 static int psp_probe_timeout = 5;
45 module_param(psp_probe_timeout, int, 0644);
46 MODULE_PARM_DESC(psp_probe_timeout, " default timeout value, in seconds, during PSP device probe");
48 static char *init_ex_path;
49 module_param(init_ex_path, charp, 0444);
50 MODULE_PARM_DESC(init_ex_path, " Path for INIT_EX data; if set try INIT_EX");
52 static bool psp_init_on_probe = true;
53 module_param(psp_init_on_probe, bool, 0444);
54 MODULE_PARM_DESC(psp_init_on_probe, " if true, the PSP will be initialized on module init. Else the PSP will be initialized on the first command requiring it");
56 MODULE_FIRMWARE("amd/amd_sev_fam17h_model0xh.sbin"); /* 1st gen EPYC */
57 MODULE_FIRMWARE("amd/amd_sev_fam17h_model3xh.sbin"); /* 2nd gen EPYC */
58 MODULE_FIRMWARE("amd/amd_sev_fam19h_model0xh.sbin"); /* 3rd gen EPYC */
61 static int psp_timeout;
63 /* Trusted Memory Region (TMR):
64 * The TMR is a 1MB area that must be 1MB aligned. Use the page allocator
65 * to allocate the memory, which will return aligned memory for the specified
68 #define SEV_ES_TMR_SIZE (1024 * 1024)
69 static void *sev_es_tmr;
71 /* INIT_EX NV Storage:
72 * The NV Storage is a 32Kb area and must be 4Kb page aligned. Use the page
73 * allocator to allocate the memory, which will return aligned memory for the
74 * specified allocation order.
76 #define NV_LENGTH (32 * 1024)
77 static void *sev_init_ex_buffer;
79 static inline bool sev_version_greater_or_equal(u8 maj, u8 min)
81 struct sev_device *sev = psp_master->sev_data;
83 if (sev->api_major > maj)
86 if (sev->api_major == maj && sev->api_minor >= min)
92 static void sev_irq_handler(int irq, void *data, unsigned int status)
94 struct sev_device *sev = data;
97 /* Check if it is command completion: */
98 if (!(status & SEV_CMD_COMPLETE))
101 /* Check if it is SEV command completion: */
102 reg = ioread32(sev->io_regs + sev->vdata->cmdresp_reg);
103 if (reg & PSP_CMDRESP_RESP) {
105 wake_up(&sev->int_queue);
109 static int sev_wait_cmd_ioc(struct sev_device *sev,
110 unsigned int *reg, unsigned int timeout)
114 ret = wait_event_timeout(sev->int_queue,
115 sev->int_rcvd, timeout * HZ);
119 *reg = ioread32(sev->io_regs + sev->vdata->cmdresp_reg);
124 static int sev_cmd_buffer_len(int cmd)
127 case SEV_CMD_INIT: return sizeof(struct sev_data_init);
128 case SEV_CMD_INIT_EX: return sizeof(struct sev_data_init_ex);
129 case SEV_CMD_PLATFORM_STATUS: return sizeof(struct sev_user_data_status);
130 case SEV_CMD_PEK_CSR: return sizeof(struct sev_data_pek_csr);
131 case SEV_CMD_PEK_CERT_IMPORT: return sizeof(struct sev_data_pek_cert_import);
132 case SEV_CMD_PDH_CERT_EXPORT: return sizeof(struct sev_data_pdh_cert_export);
133 case SEV_CMD_LAUNCH_START: return sizeof(struct sev_data_launch_start);
134 case SEV_CMD_LAUNCH_UPDATE_DATA: return sizeof(struct sev_data_launch_update_data);
135 case SEV_CMD_LAUNCH_UPDATE_VMSA: return sizeof(struct sev_data_launch_update_vmsa);
136 case SEV_CMD_LAUNCH_FINISH: return sizeof(struct sev_data_launch_finish);
137 case SEV_CMD_LAUNCH_MEASURE: return sizeof(struct sev_data_launch_measure);
138 case SEV_CMD_ACTIVATE: return sizeof(struct sev_data_activate);
139 case SEV_CMD_DEACTIVATE: return sizeof(struct sev_data_deactivate);
140 case SEV_CMD_DECOMMISSION: return sizeof(struct sev_data_decommission);
141 case SEV_CMD_GUEST_STATUS: return sizeof(struct sev_data_guest_status);
142 case SEV_CMD_DBG_DECRYPT: return sizeof(struct sev_data_dbg);
143 case SEV_CMD_DBG_ENCRYPT: return sizeof(struct sev_data_dbg);
144 case SEV_CMD_SEND_START: return sizeof(struct sev_data_send_start);
145 case SEV_CMD_SEND_UPDATE_DATA: return sizeof(struct sev_data_send_update_data);
146 case SEV_CMD_SEND_UPDATE_VMSA: return sizeof(struct sev_data_send_update_vmsa);
147 case SEV_CMD_SEND_FINISH: return sizeof(struct sev_data_send_finish);
148 case SEV_CMD_RECEIVE_START: return sizeof(struct sev_data_receive_start);
149 case SEV_CMD_RECEIVE_FINISH: return sizeof(struct sev_data_receive_finish);
150 case SEV_CMD_RECEIVE_UPDATE_DATA: return sizeof(struct sev_data_receive_update_data);
151 case SEV_CMD_RECEIVE_UPDATE_VMSA: return sizeof(struct sev_data_receive_update_vmsa);
152 case SEV_CMD_LAUNCH_UPDATE_SECRET: return sizeof(struct sev_data_launch_secret);
153 case SEV_CMD_DOWNLOAD_FIRMWARE: return sizeof(struct sev_data_download_firmware);
154 case SEV_CMD_GET_ID: return sizeof(struct sev_data_get_id);
155 case SEV_CMD_ATTESTATION_REPORT: return sizeof(struct sev_data_attestation_report);
156 case SEV_CMD_SEND_CANCEL: return sizeof(struct sev_data_send_cancel);
163 static void *sev_fw_alloc(unsigned long len)
167 page = alloc_pages(GFP_KERNEL, get_order(len));
171 return page_address(page);
174 static struct file *open_file_as_root(const char *filename, int flags, umode_t mode)
179 const struct cred *old_cred;
181 task_lock(&init_task);
182 get_fs_root(init_task.fs, &root);
183 task_unlock(&init_task);
185 cred = prepare_creds();
187 return ERR_PTR(-ENOMEM);
188 cred->fsuid = GLOBAL_ROOT_UID;
189 old_cred = override_creds(cred);
191 fp = file_open_root(&root, filename, flags, mode);
194 revert_creds(old_cred);
199 static int sev_read_init_ex_file(void)
201 struct sev_device *sev = psp_master->sev_data;
205 lockdep_assert_held(&sev_cmd_mutex);
207 if (!sev_init_ex_buffer)
210 fp = open_file_as_root(init_ex_path, O_RDONLY, 0);
212 int ret = PTR_ERR(fp);
215 "SEV: could not open %s for read, error %d\n",
220 nread = kernel_read(fp, sev_init_ex_buffer, NV_LENGTH, NULL);
221 if (nread != NV_LENGTH) {
223 "SEV: failed to read %u bytes to non volatile memory area, ret %ld\n",
228 dev_dbg(sev->dev, "SEV: read %ld bytes from NV file\n", nread);
229 filp_close(fp, NULL);
234 static void sev_write_init_ex_file(void)
236 struct sev_device *sev = psp_master->sev_data;
241 lockdep_assert_held(&sev_cmd_mutex);
243 if (!sev_init_ex_buffer)
246 fp = open_file_as_root(init_ex_path, O_CREAT | O_WRONLY, 0600);
249 "SEV: could not open file for write, error %ld\n",
254 nwrite = kernel_write(fp, sev_init_ex_buffer, NV_LENGTH, &offset);
256 filp_close(fp, NULL);
258 if (nwrite != NV_LENGTH) {
260 "SEV: failed to write %u bytes to non volatile memory area, ret %ld\n",
265 dev_dbg(sev->dev, "SEV: write successful to NV file\n");
268 static void sev_write_init_ex_file_if_required(int cmd_id)
270 lockdep_assert_held(&sev_cmd_mutex);
272 if (!sev_init_ex_buffer)
276 * Only a few platform commands modify the SPI/NV area, but none of the
277 * non-platform commands do. Only INIT(_EX), PLATFORM_RESET, PEK_GEN,
278 * PEK_CERT_IMPORT, and PDH_GEN do.
281 case SEV_CMD_FACTORY_RESET:
282 case SEV_CMD_INIT_EX:
283 case SEV_CMD_PDH_GEN:
284 case SEV_CMD_PEK_CERT_IMPORT:
285 case SEV_CMD_PEK_GEN:
291 sev_write_init_ex_file();
294 static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret)
296 struct psp_device *psp = psp_master;
297 struct sev_device *sev;
298 unsigned int phys_lsb, phys_msb;
299 unsigned int reg, ret = 0;
302 if (!psp || !psp->sev_data)
310 buf_len = sev_cmd_buffer_len(cmd);
311 if (WARN_ON_ONCE(!data != !buf_len))
315 * Copy the incoming data to driver's scratch buffer as __pa() will not
316 * work for some memory, e.g. vmalloc'd addresses, and @data may not be
317 * physically contiguous.
320 memcpy(sev->cmd_buf, data, buf_len);
322 /* Get the physical address of the command buffer */
323 phys_lsb = data ? lower_32_bits(__psp_pa(sev->cmd_buf)) : 0;
324 phys_msb = data ? upper_32_bits(__psp_pa(sev->cmd_buf)) : 0;
326 dev_dbg(sev->dev, "sev command id %#x buffer 0x%08x%08x timeout %us\n",
327 cmd, phys_msb, phys_lsb, psp_timeout);
329 print_hex_dump_debug("(in): ", DUMP_PREFIX_OFFSET, 16, 2, data,
332 iowrite32(phys_lsb, sev->io_regs + sev->vdata->cmdbuff_addr_lo_reg);
333 iowrite32(phys_msb, sev->io_regs + sev->vdata->cmdbuff_addr_hi_reg);
338 reg <<= SEV_CMDRESP_CMD_SHIFT;
339 reg |= SEV_CMDRESP_IOC;
340 iowrite32(reg, sev->io_regs + sev->vdata->cmdresp_reg);
342 /* wait for command completion */
343 ret = sev_wait_cmd_ioc(sev, ®, psp_timeout);
348 dev_err(sev->dev, "sev command %#x timed out, disabling PSP\n", cmd);
354 psp_timeout = psp_cmd_timeout;
357 *psp_ret = reg & PSP_CMDRESP_ERR_MASK;
359 if (reg & PSP_CMDRESP_ERR_MASK) {
360 dev_dbg(sev->dev, "sev command %#x failed (%#010x)\n",
361 cmd, reg & PSP_CMDRESP_ERR_MASK);
364 sev_write_init_ex_file_if_required(cmd);
367 print_hex_dump_debug("(out): ", DUMP_PREFIX_OFFSET, 16, 2, data,
371 * Copy potential output from the PSP back to data. Do this even on
372 * failure in case the caller wants to glean something from the error.
375 memcpy(data, sev->cmd_buf, buf_len);
380 static int sev_do_cmd(int cmd, void *data, int *psp_ret)
384 mutex_lock(&sev_cmd_mutex);
385 rc = __sev_do_cmd_locked(cmd, data, psp_ret);
386 mutex_unlock(&sev_cmd_mutex);
391 static int __sev_init_locked(int *error)
393 struct sev_data_init data;
395 memset(&data, 0, sizeof(data));
398 * Do not include the encryption mask on the physical
399 * address of the TMR (firmware should clear it anyway).
401 data.tmr_address = __pa(sev_es_tmr);
403 data.flags |= SEV_INIT_FLAGS_SEV_ES;
404 data.tmr_len = SEV_ES_TMR_SIZE;
407 return __sev_do_cmd_locked(SEV_CMD_INIT, &data, error);
410 static int __sev_init_ex_locked(int *error)
412 struct sev_data_init_ex data;
415 memset(&data, 0, sizeof(data));
416 data.length = sizeof(data);
417 data.nv_address = __psp_pa(sev_init_ex_buffer);
418 data.nv_len = NV_LENGTH;
420 ret = sev_read_init_ex_file();
426 * Do not include the encryption mask on the physical
427 * address of the TMR (firmware should clear it anyway).
429 data.tmr_address = __pa(sev_es_tmr);
431 data.flags |= SEV_INIT_FLAGS_SEV_ES;
432 data.tmr_len = SEV_ES_TMR_SIZE;
435 return __sev_do_cmd_locked(SEV_CMD_INIT_EX, &data, error);
438 static int __sev_platform_init_locked(int *error)
440 struct psp_device *psp = psp_master;
441 struct sev_device *sev;
442 int rc, psp_ret = -1;
443 int (*init_function)(int *error);
445 if (!psp || !psp->sev_data)
450 if (sev->state == SEV_STATE_INIT)
453 init_function = sev_init_ex_buffer ? __sev_init_ex_locked :
455 rc = init_function(&psp_ret);
456 if (rc && psp_ret == SEV_RET_SECURE_DATA_INVALID) {
458 * Initialization command returned an integrity check failure
459 * status code, meaning that firmware load and validation of SEV
460 * related persistent data has failed. Retrying the
461 * initialization function should succeed by replacing the state
462 * with a reset state.
464 dev_err(sev->dev, "SEV: retrying INIT command because of SECURE_DATA_INVALID error. Retrying once to reset PSP SEV state.");
465 rc = init_function(&psp_ret);
473 sev->state = SEV_STATE_INIT;
475 /* Prepare for first SEV guest launch after INIT */
476 wbinvd_on_all_cpus();
477 rc = __sev_do_cmd_locked(SEV_CMD_DF_FLUSH, NULL, error);
481 dev_dbg(sev->dev, "SEV firmware initialized\n");
483 dev_info(sev->dev, "SEV API:%d.%d build:%d\n", sev->api_major,
484 sev->api_minor, sev->build);
489 int sev_platform_init(int *error)
493 mutex_lock(&sev_cmd_mutex);
494 rc = __sev_platform_init_locked(error);
495 mutex_unlock(&sev_cmd_mutex);
499 EXPORT_SYMBOL_GPL(sev_platform_init);
501 static int __sev_platform_shutdown_locked(int *error)
503 struct sev_device *sev = psp_master->sev_data;
506 if (sev->state == SEV_STATE_UNINIT)
509 ret = __sev_do_cmd_locked(SEV_CMD_SHUTDOWN, NULL, error);
513 sev->state = SEV_STATE_UNINIT;
514 dev_dbg(sev->dev, "SEV firmware shutdown\n");
519 static int sev_platform_shutdown(int *error)
523 mutex_lock(&sev_cmd_mutex);
524 rc = __sev_platform_shutdown_locked(NULL);
525 mutex_unlock(&sev_cmd_mutex);
530 static int sev_get_platform_state(int *state, int *error)
532 struct sev_user_data_status data;
535 rc = __sev_do_cmd_locked(SEV_CMD_PLATFORM_STATUS, &data, error);
543 static int sev_ioctl_do_reset(struct sev_issue_cmd *argp, bool writable)
551 * The SEV spec requires that FACTORY_RESET must be issued in
552 * UNINIT state. Before we go further lets check if any guest is
555 * If FW is in WORKING state then deny the request otherwise issue
556 * SHUTDOWN command do INIT -> UNINIT before issuing the FACTORY_RESET.
559 rc = sev_get_platform_state(&state, &argp->error);
563 if (state == SEV_STATE_WORKING)
566 if (state == SEV_STATE_INIT) {
567 rc = __sev_platform_shutdown_locked(&argp->error);
572 return __sev_do_cmd_locked(SEV_CMD_FACTORY_RESET, NULL, &argp->error);
575 static int sev_ioctl_do_platform_status(struct sev_issue_cmd *argp)
577 struct sev_user_data_status data;
580 ret = __sev_do_cmd_locked(SEV_CMD_PLATFORM_STATUS, &data, &argp->error);
584 if (copy_to_user((void __user *)argp->data, &data, sizeof(data)))
590 static int sev_ioctl_do_pek_pdh_gen(int cmd, struct sev_issue_cmd *argp, bool writable)
592 struct sev_device *sev = psp_master->sev_data;
598 if (sev->state == SEV_STATE_UNINIT) {
599 rc = __sev_platform_init_locked(&argp->error);
604 return __sev_do_cmd_locked(cmd, NULL, &argp->error);
607 static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp, bool writable)
609 struct sev_device *sev = psp_master->sev_data;
610 struct sev_user_data_pek_csr input;
611 struct sev_data_pek_csr data;
612 void __user *input_address;
619 if (copy_from_user(&input, (void __user *)argp->data, sizeof(input)))
622 memset(&data, 0, sizeof(data));
624 /* userspace wants to query CSR length */
625 if (!input.address || !input.length)
628 /* allocate a physically contiguous buffer to store the CSR blob */
629 input_address = (void __user *)input.address;
630 if (input.length > SEV_FW_BLOB_MAX_SIZE)
633 blob = kmalloc(input.length, GFP_KERNEL);
637 data.address = __psp_pa(blob);
638 data.len = input.length;
641 if (sev->state == SEV_STATE_UNINIT) {
642 ret = __sev_platform_init_locked(&argp->error);
647 ret = __sev_do_cmd_locked(SEV_CMD_PEK_CSR, &data, &argp->error);
649 /* If we query the CSR length, FW responded with expected data. */
650 input.length = data.len;
652 if (copy_to_user((void __user *)argp->data, &input, sizeof(input))) {
658 if (copy_to_user(input_address, blob, input.length))
667 void *psp_copy_user_blob(u64 uaddr, u32 len)
670 return ERR_PTR(-EINVAL);
672 /* verify that blob length does not exceed our limit */
673 if (len > SEV_FW_BLOB_MAX_SIZE)
674 return ERR_PTR(-EINVAL);
676 return memdup_user((void __user *)uaddr, len);
678 EXPORT_SYMBOL_GPL(psp_copy_user_blob);
680 static int sev_get_api_version(void)
682 struct sev_device *sev = psp_master->sev_data;
683 struct sev_user_data_status status;
686 ret = sev_platform_status(&status, &error);
689 "SEV: failed to get status. Error: %#x\n", error);
693 sev->api_major = status.api_major;
694 sev->api_minor = status.api_minor;
695 sev->build = status.build;
696 sev->state = status.state;
701 static int sev_get_firmware(struct device *dev,
702 const struct firmware **firmware)
704 char fw_name_specific[SEV_FW_NAME_SIZE];
705 char fw_name_subset[SEV_FW_NAME_SIZE];
707 snprintf(fw_name_specific, sizeof(fw_name_specific),
708 "amd/amd_sev_fam%.2xh_model%.2xh.sbin",
709 boot_cpu_data.x86, boot_cpu_data.x86_model);
711 snprintf(fw_name_subset, sizeof(fw_name_subset),
712 "amd/amd_sev_fam%.2xh_model%.1xxh.sbin",
713 boot_cpu_data.x86, (boot_cpu_data.x86_model & 0xf0) >> 4);
715 /* Check for SEV FW for a particular model.
716 * Ex. amd_sev_fam17h_model00h.sbin for Family 17h Model 00h
720 * Check for SEV FW common to a subset of models.
721 * Ex. amd_sev_fam17h_model0xh.sbin for
722 * Family 17h Model 00h -- Family 17h Model 0Fh
726 * Fall-back to using generic name: sev.fw
728 if ((firmware_request_nowarn(firmware, fw_name_specific, dev) >= 0) ||
729 (firmware_request_nowarn(firmware, fw_name_subset, dev) >= 0) ||
730 (firmware_request_nowarn(firmware, SEV_FW_FILE, dev) >= 0))
736 /* Don't fail if SEV FW couldn't be updated. Continue with existing SEV FW */
737 static int sev_update_firmware(struct device *dev)
739 struct sev_data_download_firmware *data;
740 const struct firmware *firmware;
741 int ret, error, order;
745 if (sev_get_firmware(dev, &firmware) == -ENOENT) {
746 dev_dbg(dev, "No SEV firmware file present\n");
751 * SEV FW expects the physical address given to it to be 32
752 * byte aligned. Memory allocated has structure placed at the
753 * beginning followed by the firmware being passed to the SEV
754 * FW. Allocate enough memory for data structure + alignment
757 data_size = ALIGN(sizeof(struct sev_data_download_firmware), 32);
759 order = get_order(firmware->size + data_size);
760 p = alloc_pages(GFP_KERNEL, order);
767 * Copy firmware data to a kernel allocated contiguous
770 data = page_address(p);
771 memcpy(page_address(p) + data_size, firmware->data, firmware->size);
773 data->address = __psp_pa(page_address(p) + data_size);
774 data->len = firmware->size;
776 ret = sev_do_cmd(SEV_CMD_DOWNLOAD_FIRMWARE, data, &error);
778 dev_dbg(dev, "Failed to update SEV firmware: %#x\n", error);
780 dev_info(dev, "SEV firmware update successful\n");
782 __free_pages(p, order);
785 release_firmware(firmware);
790 static int sev_ioctl_do_pek_import(struct sev_issue_cmd *argp, bool writable)
792 struct sev_device *sev = psp_master->sev_data;
793 struct sev_user_data_pek_cert_import input;
794 struct sev_data_pek_cert_import data;
795 void *pek_blob, *oca_blob;
801 if (copy_from_user(&input, (void __user *)argp->data, sizeof(input)))
804 /* copy PEK certificate blobs from userspace */
805 pek_blob = psp_copy_user_blob(input.pek_cert_address, input.pek_cert_len);
806 if (IS_ERR(pek_blob))
807 return PTR_ERR(pek_blob);
810 data.pek_cert_address = __psp_pa(pek_blob);
811 data.pek_cert_len = input.pek_cert_len;
813 /* copy PEK certificate blobs from userspace */
814 oca_blob = psp_copy_user_blob(input.oca_cert_address, input.oca_cert_len);
815 if (IS_ERR(oca_blob)) {
816 ret = PTR_ERR(oca_blob);
820 data.oca_cert_address = __psp_pa(oca_blob);
821 data.oca_cert_len = input.oca_cert_len;
823 /* If platform is not in INIT state then transition it to INIT */
824 if (sev->state != SEV_STATE_INIT) {
825 ret = __sev_platform_init_locked(&argp->error);
830 ret = __sev_do_cmd_locked(SEV_CMD_PEK_CERT_IMPORT, &data, &argp->error);
839 static int sev_ioctl_do_get_id2(struct sev_issue_cmd *argp)
841 struct sev_user_data_get_id2 input;
842 struct sev_data_get_id data;
843 void __user *input_address;
844 void *id_blob = NULL;
847 /* SEV GET_ID is available from SEV API v0.16 and up */
848 if (!sev_version_greater_or_equal(0, 16))
851 if (copy_from_user(&input, (void __user *)argp->data, sizeof(input)))
854 input_address = (void __user *)input.address;
856 if (input.address && input.length) {
857 id_blob = kmalloc(input.length, GFP_KERNEL);
861 data.address = __psp_pa(id_blob);
862 data.len = input.length;
868 ret = __sev_do_cmd_locked(SEV_CMD_GET_ID, &data, &argp->error);
871 * Firmware will return the length of the ID value (either the minimum
872 * required length or the actual length written), return it to the user.
874 input.length = data.len;
876 if (copy_to_user((void __user *)argp->data, &input, sizeof(input))) {
882 if (copy_to_user(input_address, id_blob, data.len)) {
894 static int sev_ioctl_do_get_id(struct sev_issue_cmd *argp)
896 struct sev_data_get_id *data;
897 u64 data_size, user_size;
901 /* SEV GET_ID available from SEV API v0.16 and up */
902 if (!sev_version_greater_or_equal(0, 16))
905 /* SEV FW expects the buffer it fills with the ID to be
906 * 8-byte aligned. Memory allocated should be enough to
907 * hold data structure + alignment padding + memory
908 * where SEV FW writes the ID.
910 data_size = ALIGN(sizeof(struct sev_data_get_id), 8);
911 user_size = sizeof(struct sev_user_data_get_id);
913 mem = kzalloc(data_size + user_size, GFP_KERNEL);
918 id_blob = mem + data_size;
920 data->address = __psp_pa(id_blob);
921 data->len = user_size;
923 ret = __sev_do_cmd_locked(SEV_CMD_GET_ID, data, &argp->error);
925 if (copy_to_user((void __user *)argp->data, id_blob, data->len))
934 static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable)
936 struct sev_device *sev = psp_master->sev_data;
937 struct sev_user_data_pdh_cert_export input;
938 void *pdh_blob = NULL, *cert_blob = NULL;
939 struct sev_data_pdh_cert_export data;
940 void __user *input_cert_chain_address;
941 void __user *input_pdh_cert_address;
944 /* If platform is not in INIT state then transition it to INIT. */
945 if (sev->state != SEV_STATE_INIT) {
949 ret = __sev_platform_init_locked(&argp->error);
954 if (copy_from_user(&input, (void __user *)argp->data, sizeof(input)))
957 memset(&data, 0, sizeof(data));
959 /* Userspace wants to query the certificate length. */
960 if (!input.pdh_cert_address ||
961 !input.pdh_cert_len ||
962 !input.cert_chain_address)
965 input_pdh_cert_address = (void __user *)input.pdh_cert_address;
966 input_cert_chain_address = (void __user *)input.cert_chain_address;
968 /* Allocate a physically contiguous buffer to store the PDH blob. */
969 if (input.pdh_cert_len > SEV_FW_BLOB_MAX_SIZE)
972 /* Allocate a physically contiguous buffer to store the cert chain blob. */
973 if (input.cert_chain_len > SEV_FW_BLOB_MAX_SIZE)
976 pdh_blob = kmalloc(input.pdh_cert_len, GFP_KERNEL);
980 data.pdh_cert_address = __psp_pa(pdh_blob);
981 data.pdh_cert_len = input.pdh_cert_len;
983 cert_blob = kmalloc(input.cert_chain_len, GFP_KERNEL);
989 data.cert_chain_address = __psp_pa(cert_blob);
990 data.cert_chain_len = input.cert_chain_len;
993 ret = __sev_do_cmd_locked(SEV_CMD_PDH_CERT_EXPORT, &data, &argp->error);
995 /* If we query the length, FW responded with expected data. */
996 input.cert_chain_len = data.cert_chain_len;
997 input.pdh_cert_len = data.pdh_cert_len;
999 if (copy_to_user((void __user *)argp->data, &input, sizeof(input))) {
1005 if (copy_to_user(input_pdh_cert_address,
1006 pdh_blob, input.pdh_cert_len)) {
1013 if (copy_to_user(input_cert_chain_address,
1014 cert_blob, input.cert_chain_len))
1025 static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg)
1027 void __user *argp = (void __user *)arg;
1028 struct sev_issue_cmd input;
1030 bool writable = file->f_mode & FMODE_WRITE;
1032 if (!psp_master || !psp_master->sev_data)
1035 if (ioctl != SEV_ISSUE_CMD)
1038 if (copy_from_user(&input, argp, sizeof(struct sev_issue_cmd)))
1041 if (input.cmd > SEV_MAX)
1044 mutex_lock(&sev_cmd_mutex);
1046 switch (input.cmd) {
1048 case SEV_FACTORY_RESET:
1049 ret = sev_ioctl_do_reset(&input, writable);
1051 case SEV_PLATFORM_STATUS:
1052 ret = sev_ioctl_do_platform_status(&input);
1055 ret = sev_ioctl_do_pek_pdh_gen(SEV_CMD_PEK_GEN, &input, writable);
1058 ret = sev_ioctl_do_pek_pdh_gen(SEV_CMD_PDH_GEN, &input, writable);
1061 ret = sev_ioctl_do_pek_csr(&input, writable);
1063 case SEV_PEK_CERT_IMPORT:
1064 ret = sev_ioctl_do_pek_import(&input, writable);
1066 case SEV_PDH_CERT_EXPORT:
1067 ret = sev_ioctl_do_pdh_export(&input, writable);
1070 pr_warn_once("SEV_GET_ID command is deprecated, use SEV_GET_ID2\n");
1071 ret = sev_ioctl_do_get_id(&input);
1074 ret = sev_ioctl_do_get_id2(&input);
1081 if (copy_to_user(argp, &input, sizeof(struct sev_issue_cmd)))
1084 mutex_unlock(&sev_cmd_mutex);
1089 static const struct file_operations sev_fops = {
1090 .owner = THIS_MODULE,
1091 .unlocked_ioctl = sev_ioctl,
1094 int sev_platform_status(struct sev_user_data_status *data, int *error)
1096 return sev_do_cmd(SEV_CMD_PLATFORM_STATUS, data, error);
1098 EXPORT_SYMBOL_GPL(sev_platform_status);
1100 int sev_guest_deactivate(struct sev_data_deactivate *data, int *error)
1102 return sev_do_cmd(SEV_CMD_DEACTIVATE, data, error);
1104 EXPORT_SYMBOL_GPL(sev_guest_deactivate);
1106 int sev_guest_activate(struct sev_data_activate *data, int *error)
1108 return sev_do_cmd(SEV_CMD_ACTIVATE, data, error);
1110 EXPORT_SYMBOL_GPL(sev_guest_activate);
1112 int sev_guest_decommission(struct sev_data_decommission *data, int *error)
1114 return sev_do_cmd(SEV_CMD_DECOMMISSION, data, error);
1116 EXPORT_SYMBOL_GPL(sev_guest_decommission);
1118 int sev_guest_df_flush(int *error)
1120 return sev_do_cmd(SEV_CMD_DF_FLUSH, NULL, error);
1122 EXPORT_SYMBOL_GPL(sev_guest_df_flush);
1124 static void sev_exit(struct kref *ref)
1126 misc_deregister(&misc_dev->misc);
1131 static int sev_misc_init(struct sev_device *sev)
1133 struct device *dev = sev->dev;
1137 * SEV feature support can be detected on multiple devices but the SEV
1138 * FW commands must be issued on the master. During probe, we do not
1139 * know the master hence we create /dev/sev on the first device probe.
1140 * sev_do_cmd() finds the right master device to which to issue the
1141 * command to the firmware.
1144 struct miscdevice *misc;
1146 misc_dev = kzalloc(sizeof(*misc_dev), GFP_KERNEL);
1150 misc = &misc_dev->misc;
1151 misc->minor = MISC_DYNAMIC_MINOR;
1152 misc->name = DEVICE_NAME;
1153 misc->fops = &sev_fops;
1155 ret = misc_register(misc);
1159 kref_init(&misc_dev->refcount);
1161 kref_get(&misc_dev->refcount);
1164 init_waitqueue_head(&sev->int_queue);
1165 sev->misc = misc_dev;
1166 dev_dbg(dev, "registered SEV device\n");
1171 int sev_dev_init(struct psp_device *psp)
1173 struct device *dev = psp->dev;
1174 struct sev_device *sev;
1177 if (!boot_cpu_has(X86_FEATURE_SEV)) {
1178 dev_info_once(dev, "SEV: memory encryption not enabled by BIOS\n");
1182 sev = devm_kzalloc(dev, sizeof(*sev), GFP_KERNEL);
1186 sev->cmd_buf = (void *)devm_get_free_pages(dev, GFP_KERNEL, 0);
1190 psp->sev_data = sev;
1195 sev->io_regs = psp->io_regs;
1197 sev->vdata = (struct sev_vdata *)psp->vdata->sev;
1200 dev_err(dev, "sev: missing driver data\n");
1204 psp_set_sev_irq_handler(psp, sev_irq_handler, sev);
1206 ret = sev_misc_init(sev);
1210 dev_notice(dev, "sev enabled\n");
1215 psp_clear_sev_irq_handler(psp);
1217 devm_free_pages(dev, (unsigned long)sev->cmd_buf);
1219 devm_kfree(dev, sev);
1221 psp->sev_data = NULL;
1223 dev_notice(dev, "sev initialization failed\n");
1228 static void sev_firmware_shutdown(struct sev_device *sev)
1230 sev_platform_shutdown(NULL);
1233 /* The TMR area was encrypted, flush it from the cache */
1234 wbinvd_on_all_cpus();
1236 free_pages((unsigned long)sev_es_tmr,
1237 get_order(SEV_ES_TMR_SIZE));
1241 if (sev_init_ex_buffer) {
1242 free_pages((unsigned long)sev_init_ex_buffer,
1243 get_order(NV_LENGTH));
1244 sev_init_ex_buffer = NULL;
1248 void sev_dev_destroy(struct psp_device *psp)
1250 struct sev_device *sev = psp->sev_data;
1255 sev_firmware_shutdown(sev);
1258 kref_put(&misc_dev->refcount, sev_exit);
1260 psp_clear_sev_irq_handler(psp);
1263 int sev_issue_cmd_external_user(struct file *filep, unsigned int cmd,
1264 void *data, int *error)
1266 if (!filep || filep->f_op != &sev_fops)
1269 return sev_do_cmd(cmd, data, error);
1271 EXPORT_SYMBOL_GPL(sev_issue_cmd_external_user);
1273 void sev_pci_init(void)
1275 struct sev_device *sev = psp_master->sev_data;
1281 psp_timeout = psp_probe_timeout;
1283 if (sev_get_api_version())
1286 if (sev_version_greater_or_equal(0, 15) &&
1287 sev_update_firmware(sev->dev) == 0)
1288 sev_get_api_version();
1290 /* If an init_ex_path is provided rely on INIT_EX for PSP initialization
1294 sev_init_ex_buffer = sev_fw_alloc(NV_LENGTH);
1295 if (!sev_init_ex_buffer) {
1297 "SEV: INIT_EX NV memory allocation failed\n");
1302 /* Obtain the TMR memory area for SEV-ES use */
1303 sev_es_tmr = sev_fw_alloc(SEV_ES_TMR_SIZE);
1306 "SEV: TMR allocation failed, SEV-ES support unavailable\n");
1308 if (!psp_init_on_probe)
1311 /* Initialize the platform */
1312 rc = sev_platform_init(&error);
1314 dev_err(sev->dev, "SEV: failed to INIT error %#x, rc %d\n",
1320 psp_master->sev_data = NULL;
1323 void sev_pci_exit(void)
1325 struct sev_device *sev = psp_master->sev_data;
1330 sev_firmware_shutdown(sev);
projects / linux-2.6-microblaze.git / blob