1 // SPDX-License-Identifier: MIT
3 * AMD Trusted Execution Environment (TEE) interface
5 * Author: Rijo Thomas <Rijo-john.Thomas@amd.com>
6 * Author: Devaraj Rangasamy <Devaraj.Rangasamy@amd.com>
8 * Copyright (C) 2019,2021 Advanced Micro Devices, Inc.
11 #include <linux/types.h>
12 #include <linux/mutex.h>
13 #include <linux/delay.h>
14 #include <linux/slab.h>
15 #include <linux/gfp.h>
16 #include <linux/psp-sev.h>
17 #include <linux/psp-tee.h>
24 static int tee_alloc_ring(struct psp_tee_device *tee, int ring_size)
26 struct ring_buf_manager *rb_mgr = &tee->rb_mgr;
32 /* We need actual physical address instead of DMA address, since
33 * Trusted OS running on AMD Secure Processor will map this region
35 start_addr = (void *)__get_free_pages(GFP_KERNEL, get_order(ring_size));
39 memset(start_addr, 0x0, ring_size);
40 rb_mgr->ring_start = start_addr;
41 rb_mgr->ring_size = ring_size;
42 rb_mgr->ring_pa = __psp_pa(start_addr);
43 mutex_init(&rb_mgr->mutex);
48 static void tee_free_ring(struct psp_tee_device *tee)
50 struct ring_buf_manager *rb_mgr = &tee->rb_mgr;
52 if (!rb_mgr->ring_start)
55 free_pages((unsigned long)rb_mgr->ring_start,
56 get_order(rb_mgr->ring_size));
58 rb_mgr->ring_start = NULL;
59 rb_mgr->ring_size = 0;
61 mutex_destroy(&rb_mgr->mutex);
64 static int tee_wait_cmd_poll(struct psp_tee_device *tee, unsigned int timeout,
67 /* ~10ms sleep per loop => nloop = timeout * 100 */
68 int nloop = timeout * 100;
71 *reg = ioread32(tee->io_regs + tee->vdata->cmdresp_reg);
72 if (*reg & PSP_CMDRESP_RESP)
75 usleep_range(10000, 10100);
78 dev_err(tee->dev, "tee: command timed out, disabling PSP\n");
85 struct tee_init_ring_cmd *tee_alloc_cmd_buffer(struct psp_tee_device *tee)
87 struct tee_init_ring_cmd *cmd;
89 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
93 cmd->hi_addr = upper_32_bits(tee->rb_mgr.ring_pa);
94 cmd->low_addr = lower_32_bits(tee->rb_mgr.ring_pa);
95 cmd->size = tee->rb_mgr.ring_size;
97 dev_dbg(tee->dev, "tee: ring address: high = 0x%x low = 0x%x size = %u\n",
98 cmd->hi_addr, cmd->low_addr, cmd->size);
103 static inline void tee_free_cmd_buffer(struct tee_init_ring_cmd *cmd)
108 static int tee_init_ring(struct psp_tee_device *tee)
110 int ring_size = MAX_RING_BUFFER_ENTRIES * sizeof(struct tee_ring_cmd);
111 struct tee_init_ring_cmd *cmd;
112 phys_addr_t cmd_buffer;
116 BUILD_BUG_ON(sizeof(struct tee_ring_cmd) != 1024);
118 ret = tee_alloc_ring(tee, ring_size);
120 dev_err(tee->dev, "tee: ring allocation failed %d\n", ret);
124 tee->rb_mgr.wptr = 0;
126 cmd = tee_alloc_cmd_buffer(tee);
132 cmd_buffer = __psp_pa((void *)cmd);
134 /* Send command buffer details to Trusted OS by writing to
135 * CPU-PSP message registers
138 iowrite32(lower_32_bits(cmd_buffer),
139 tee->io_regs + tee->vdata->cmdbuff_addr_lo_reg);
140 iowrite32(upper_32_bits(cmd_buffer),
141 tee->io_regs + tee->vdata->cmdbuff_addr_hi_reg);
142 iowrite32(TEE_RING_INIT_CMD,
143 tee->io_regs + tee->vdata->cmdresp_reg);
145 ret = tee_wait_cmd_poll(tee, TEE_DEFAULT_TIMEOUT, ®);
147 dev_err(tee->dev, "tee: ring init command timed out\n");
152 if (reg & PSP_CMDRESP_ERR_MASK) {
153 dev_err(tee->dev, "tee: ring init command failed (%#010x)\n",
154 reg & PSP_CMDRESP_ERR_MASK);
160 tee_free_cmd_buffer(cmd);
165 static void tee_destroy_ring(struct psp_tee_device *tee)
170 if (!tee->rb_mgr.ring_start)
176 iowrite32(TEE_RING_DESTROY_CMD,
177 tee->io_regs + tee->vdata->cmdresp_reg);
179 ret = tee_wait_cmd_poll(tee, TEE_DEFAULT_TIMEOUT, ®);
181 dev_err(tee->dev, "tee: ring destroy command timed out\n");
182 } else if (reg & PSP_CMDRESP_ERR_MASK) {
183 dev_err(tee->dev, "tee: ring destroy command failed (%#010x)\n",
184 reg & PSP_CMDRESP_ERR_MASK);
191 int tee_dev_init(struct psp_device *psp)
193 struct device *dev = psp->dev;
194 struct psp_tee_device *tee;
198 tee = devm_kzalloc(dev, sizeof(*tee), GFP_KERNEL);
207 tee->io_regs = psp->io_regs;
209 tee->vdata = (struct tee_vdata *)psp->vdata->tee;
212 dev_err(dev, "tee: missing driver data\n");
216 ret = tee_init_ring(tee);
218 dev_err(dev, "tee: failed to init ring buffer\n");
222 dev_notice(dev, "tee enabled\n");
227 psp->tee_data = NULL;
229 dev_notice(dev, "tee initialization failed\n");
234 void tee_dev_destroy(struct psp_device *psp)
236 struct psp_tee_device *tee = psp->tee_data;
241 tee_destroy_ring(tee);
244 static int tee_submit_cmd(struct psp_tee_device *tee, enum tee_cmd_id cmd_id,
245 void *buf, size_t len, struct tee_ring_cmd **resp)
247 struct tee_ring_cmd *cmd;
248 int nloop = 1000, ret = 0;
253 mutex_lock(&tee->rb_mgr.mutex);
255 /* Loop until empty entry found in ring buffer */
257 /* Get pointer to ring buffer command entry */
258 cmd = (struct tee_ring_cmd *)
259 (tee->rb_mgr.ring_start + tee->rb_mgr.wptr);
261 rptr = ioread32(tee->io_regs + tee->vdata->ring_rptr_reg);
263 /* Check if ring buffer is full or command entry is waiting
264 * for response from TEE
266 if (!(tee->rb_mgr.wptr + sizeof(struct tee_ring_cmd) == rptr ||
267 cmd->flag == CMD_WAITING_FOR_RESPONSE))
270 dev_dbg(tee->dev, "tee: ring buffer full. rptr = %u wptr = %u\n",
271 rptr, tee->rb_mgr.wptr);
273 /* Wait if ring buffer is full or TEE is processing data */
274 mutex_unlock(&tee->rb_mgr.mutex);
275 schedule_timeout_interruptible(msecs_to_jiffies(10));
276 mutex_lock(&tee->rb_mgr.mutex);
281 (tee->rb_mgr.wptr + sizeof(struct tee_ring_cmd) == rptr ||
282 cmd->flag == CMD_WAITING_FOR_RESPONSE)) {
283 dev_err(tee->dev, "tee: ring buffer full. rptr = %u wptr = %u response flag %u\n",
284 rptr, tee->rb_mgr.wptr, cmd->flag);
289 /* Do not submit command if PSP got disabled while processing any
290 * command in another thread
297 /* Write command data into ring buffer */
298 cmd->cmd_id = cmd_id;
299 cmd->cmd_state = TEE_CMD_STATE_INIT;
300 memset(&cmd->buf[0], 0, sizeof(cmd->buf));
301 memcpy(&cmd->buf[0], buf, len);
303 /* Indicate driver is waiting for response */
304 cmd->flag = CMD_WAITING_FOR_RESPONSE;
306 /* Update local copy of write pointer */
307 tee->rb_mgr.wptr += sizeof(struct tee_ring_cmd);
308 if (tee->rb_mgr.wptr >= tee->rb_mgr.ring_size)
309 tee->rb_mgr.wptr = 0;
311 /* Trigger interrupt to Trusted OS */
312 iowrite32(tee->rb_mgr.wptr, tee->io_regs + tee->vdata->ring_wptr_reg);
314 /* The response is provided by Trusted OS in same
315 * location as submitted data entry within ring buffer.
320 mutex_unlock(&tee->rb_mgr.mutex);
325 static int tee_wait_cmd_completion(struct psp_tee_device *tee,
326 struct tee_ring_cmd *resp,
327 unsigned int timeout)
329 /* ~1ms sleep per loop => nloop = timeout * 1000 */
330 int nloop = timeout * 1000;
333 if (resp->cmd_state == TEE_CMD_STATE_COMPLETED)
336 usleep_range(1000, 1100);
339 dev_err(tee->dev, "tee: command 0x%x timed out, disabling PSP\n",
347 int psp_tee_process_cmd(enum tee_cmd_id cmd_id, void *buf, size_t len,
350 struct psp_device *psp = psp_get_master_device();
351 struct psp_tee_device *tee;
352 struct tee_ring_cmd *resp;
355 if (!buf || !status || !len || len > sizeof(resp->buf))
360 if (!psp || !psp->tee_data)
368 ret = tee_submit_cmd(tee, cmd_id, buf, len, &resp);
372 ret = tee_wait_cmd_completion(tee, resp, TEE_DEFAULT_TIMEOUT);
374 resp->flag = CMD_RESPONSE_TIMEDOUT;
378 memcpy(buf, &resp->buf[0], len);
379 *status = resp->status;
381 resp->flag = CMD_RESPONSE_COPIED;
385 EXPORT_SYMBOL(psp_tee_process_cmd);
387 int psp_check_tee_status(void)
389 struct psp_device *psp = psp_get_master_device();
391 if (!psp || !psp->tee_data)
396 EXPORT_SYMBOL(psp_check_tee_status);
projects / linux-2.6-microblaze.git / blob