tee-dev.c source code [linux/drivers/crypto/ccp/tee-dev.c]

1	// SPDX-License-Identifier: MIT
2	/*
3	* AMD Trusted Execution Environment (TEE) interface
4	*
5	* Author: Rijo Thomas <Rijo-john.Thomas@amd.com>
6	* Author: Devaraj Rangasamy <Devaraj.Rangasamy@amd.com>
7	*
8	* Copyright (C) 2019,2021 Advanced Micro Devices, Inc.
9	*/
10
11	#include <linux/bitfield.h>
12	#include <linux/types.h>
13	#include <linux/mutex.h>
14	#include <linux/delay.h>
15	#include <linux/slab.h>
16	#include <linux/gfp.h>
17	#include <linux/psp.h>
18	#include <linux/psp-tee.h>
19
20	#include "psp-dev.h"
21	#include "tee-dev.h"
22
23	static bool psp_dead;
24
25	static int tee_alloc_ring(struct psp_tee_device tee, int* ring_size)
26	{
27	struct ring_buf_manager *rb_mgr = &tee->rb_mgr;
28	void *start_addr;
29
30	if (!ring_size)
31	return -EINVAL;
32
33	/ We need actual physical address instead of DMA address, since*
34	* Trusted OS running on AMD Secure Processor will map this region
35	*/
36	start_addr = (void *)__get_free_pages(GFP_KERNEL, order: get_order(size: ring_size));
37	if (!start_addr)
38	return -ENOMEM;
39
40	memset(start_addr, `0x0`, ring_size);
41	rb_mgr->ring_start = start_addr;
42	rb_mgr->ring_size = ring_size;
43	rb_mgr->ring_pa = __psp_pa(start_addr);
44	mutex_init(&rb_mgr->mutex);
45
46	return `0`;
47	}
48
49	static void tee_free_ring(struct psp_tee_device *tee)
50	{
51	struct ring_buf_manager *rb_mgr = &tee->rb_mgr;
52
53	if (!rb_mgr->ring_start)
54	return;
55
56	free_pages(addr: (unsigned long)rb_mgr->ring_start,
57	order: get_order(size: rb_mgr->ring_size));
58
59	rb_mgr->ring_start = NULL;
60	rb_mgr->ring_size = `0`;
61	rb_mgr->ring_pa = `0`;
62	mutex_destroy(lock: &rb_mgr->mutex);
63	}
64
65	static
66	struct tee_init_ring_cmd tee_alloc_cmd_buffer(struct* psp_tee_device *tee)
67	{
68	struct tee_init_ring_cmd *cmd;
69
70	cmd = kzalloc(size: sizeof(*cmd), GFP_KERNEL);
71	if (!cmd)
72	return NULL;
73
74	cmd->hi_addr = upper_32_bits(tee->rb_mgr.ring_pa);
75	cmd->low_addr = lower_32_bits(tee->rb_mgr.ring_pa);
76	cmd->size = tee->rb_mgr.ring_size;
77
78	dev_dbg(tee->dev, "tee: ring address: high = 0x%x low = 0x%x size = %u\n",
79	cmd->hi_addr, cmd->low_addr, cmd->size);
80
81	return cmd;
82	}
83
84	static inline void tee_free_cmd_buffer(struct tee_init_ring_cmd *cmd)
85	{
86	kfree(objp: cmd);
87	}
88
89	static int tee_init_ring(struct psp_tee_device *tee)
90	{
91	int ring_size = MAX_RING_BUFFER_ENTRIES * sizeof(struct tee_ring_cmd);
92	struct tee_init_ring_cmd *cmd;
93	unsigned int reg;
94	int ret;
95
96	BUILD_BUG_ON(sizeof(struct tee_ring_cmd) != `1024`);
97
98	ret = tee_alloc_ring(tee, ring_size);
99	if (ret) {
100	dev_err(tee->dev, "tee: ring allocation failed %d\n", ret);
101	return ret;
102	}
103
104	tee->rb_mgr.wptr = `0`;
105
106	cmd = tee_alloc_cmd_buffer(tee);
107	if (!cmd) {
108	tee_free_ring(tee);
109	return -ENOMEM;
110	}
111
112	/ Send command buffer details to Trusted OS by writing to*
113	* CPU-PSP message registers
114	*/
115	ret = psp_mailbox_command(psp: tee->psp, cmd: PSP_CMD_TEE_RING_INIT, cmdbuff: cmd,
116	TEE_DEFAULT_CMD_TIMEOUT, cmdresp: &reg);
117	if (ret) {
118	dev_err(tee->dev, "tee: ring init command timed out, disabling TEE support\n");
119	tee_free_ring(tee);
120	psp_dead = true;
121	goto free_buf;
122	}
123
124	if (FIELD_GET(PSP_CMDRESP_STS, reg)) {
125	dev_err(tee->dev, "tee: ring init command failed (%#010lx)\n",
126	FIELD_GET(PSP_CMDRESP_STS, reg));
127	tee_free_ring(tee);
128	ret = -EIO;
129	}
130
131	free_buf:
132	tee_free_cmd_buffer(cmd);
133
134	return ret;
135	}
136
137	static void tee_destroy_ring(struct psp_tee_device *tee)
138	{
139	unsigned int reg;
140	int ret;
141
142	if (!tee->rb_mgr.ring_start)
143	return;
144
145	if (psp_dead)
146	goto free_ring;
147
148	ret = psp_mailbox_command(psp: tee->psp, cmd: PSP_CMD_TEE_RING_DESTROY, NULL,
149	TEE_DEFAULT_CMD_TIMEOUT, cmdresp: &reg);
150	if (ret) {
151	dev_err(tee->dev, "tee: ring destroy command timed out, disabling TEE support\n");
152	psp_dead = true;
153	} else if (FIELD_GET(PSP_CMDRESP_STS, reg)) {
154	dev_err(tee->dev, "tee: ring destroy command failed (%#010lx)\n",
155	FIELD_GET(PSP_CMDRESP_STS, reg));
156	}
157
158	free_ring:
159	tee_free_ring(tee);
160	}
161
162	int tee_dev_init(struct psp_device *psp)
163	{
164	struct device *dev = psp->dev;
165	struct psp_tee_device *tee;
166	int ret;
167
168	ret = -ENOMEM;
169	tee = devm_kzalloc(dev, size: sizeof(*tee), GFP_KERNEL);
170	if (!tee)
171	goto e_err;
172
173	psp->tee_data = tee;
174
175	tee->dev = dev;
176	tee->psp = psp;
177
178	tee->io_regs = psp->io_regs;
179
180	tee->vdata = (struct tee_vdata *)psp->vdata->tee;
181	if (!tee->vdata) {
182	ret = -ENODEV;
183	dev_err(dev, "tee: missing driver data\n");
184	goto e_err;
185	}
186
187	ret = tee_init_ring(tee);
188	if (ret) {
189	dev_err(dev, "tee: failed to init ring buffer\n");
190	goto e_err;
191	}
192
193	dev_notice(dev, "tee enabled\n");
194
195	return `0`;
196
197	e_err:
198	psp->tee_data = NULL;
199
200	dev_notice(dev, "tee initialization failed\n");
201
202	return ret;
203	}
204
205	void tee_dev_destroy(struct psp_device *psp)
206	{
207	struct psp_tee_device *tee = psp->tee_data;
208
209	if (!tee)
210	return;
211
212	tee_destroy_ring(tee);
213	}
214
215	static int tee_submit_cmd(struct psp_tee_device tee, enum* tee_cmd_id cmd_id,
216	void buf, size_t len, struct* tee_ring_cmd **resp)
217	{
218	struct tee_ring_cmd *cmd;
219	int nloop = `1000`, ret = `0`;
220	u32 rptr;
221
222	*resp = NULL;
223
224	mutex_lock(&tee->rb_mgr.mutex);
225
226	/ Loop until empty entry found in ring buffer /
227	do {
228	/ Get pointer to ring buffer command entry /
229	cmd = (struct tee_ring_cmd *)
230	(tee->rb_mgr.ring_start + tee->rb_mgr.wptr);
231
232	rptr = ioread32(tee->io_regs + tee->vdata->ring_rptr_reg);
233
234	/ Check if ring buffer is full or command entry is waiting*
235	* for response from TEE
236	*/
237	if (!(tee->rb_mgr.wptr + sizeof(struct tee_ring_cmd) == rptr \|\|
238	cmd->flag == CMD_WAITING_FOR_RESPONSE))
239	break;
240
241	dev_dbg(tee->dev, "tee: ring buffer full. rptr = %u wptr = %u\n",
242	rptr, tee->rb_mgr.wptr);
243
244	/ Wait if ring buffer is full or TEE is processing data /
245	mutex_unlock(lock: &tee->rb_mgr.mutex);
246	schedule_timeout_interruptible(timeout: msecs_to_jiffies(m: `10`));
247	mutex_lock(&tee->rb_mgr.mutex);
248
249	} while (--nloop);
250
251	if (!nloop &&
252	(tee->rb_mgr.wptr + sizeof(struct tee_ring_cmd) == rptr \|\|
253	cmd->flag == CMD_WAITING_FOR_RESPONSE)) {
254	dev_err(tee->dev, "tee: ring buffer full. rptr = %u wptr = %u response flag %u\n",
255	rptr, tee->rb_mgr.wptr, cmd->flag);
256	ret = -EBUSY;
257	goto unlock;
258	}
259
260	/ Do not submit command if PSP got disabled while processing any*
261	* command in another thread
262	*/
263	if (psp_dead) {
264	ret = -EBUSY;
265	goto unlock;
266	}
267
268	/ Write command data into ring buffer /
269	cmd->cmd_id = cmd_id;
270	cmd->cmd_state = TEE_CMD_STATE_INIT;
271	memset(&cmd->buf[`0`], `0`, sizeof(cmd->buf));
272	memcpy(&cmd->buf[`0`], buf, len);
273
274	/ Indicate driver is waiting for response /
275	cmd->flag = CMD_WAITING_FOR_RESPONSE;
276
277	/ Update local copy of write pointer /
278	tee->rb_mgr.wptr += sizeof(struct tee_ring_cmd);
279	if (tee->rb_mgr.wptr >= tee->rb_mgr.ring_size)
280	tee->rb_mgr.wptr = `0`;
281
282	/ Trigger interrupt to Trusted OS /
283	iowrite32(tee->rb_mgr.wptr, tee->io_regs + tee->vdata->ring_wptr_reg);
284
285	/ The response is provided by Trusted OS in same*
286	* location as submitted data entry within ring buffer.
287	*/
288	*resp = cmd;
289
290	unlock:
291	mutex_unlock(lock: &tee->rb_mgr.mutex);
292
293	return ret;
294	}
295
296	static int tee_wait_cmd_completion(struct psp_tee_device *tee,
297	struct tee_ring_cmd *resp,
298	unsigned int timeout)
299	{
300	/ ~1ms sleep per loop => nloop = timeout * 1000 /
301	int nloop = timeout * `1000`;
302
303	while (--nloop) {
304	if (resp->cmd_state == TEE_CMD_STATE_COMPLETED)
305	return `0`;
306
307	usleep_range(min: `1000`, max: `1100`);
308	}
309
310	dev_err(tee->dev, "tee: command 0x%x timed out, disabling PSP\n",
311	resp->cmd_id);
312
313	psp_dead = true;
314
315	return -ETIMEDOUT;
316	}
317
318	int psp_tee_process_cmd(enum tee_cmd_id cmd_id, void *buf, size_t len,
319	u32 *status)
320	{
321	struct psp_device *psp = psp_get_master_device();
322	struct psp_tee_device *tee;
323	struct tee_ring_cmd *resp;
324	int ret;
325
326	if (!buf \|\| !status \|\| !len \|\| len > sizeof(resp->buf))
327	return -EINVAL;
328
329	*status = `0`;
330
331	if (!psp \|\| !psp->tee_data)
332	return -ENODEV;
333
334	if (psp_dead)
335	return -EBUSY;
336
337	tee = psp->tee_data;
338
339	ret = tee_submit_cmd(tee, cmd_id, buf, len, resp: &resp);
340	if (ret)
341	return ret;
342
343	ret = tee_wait_cmd_completion(tee, resp, TEE_DEFAULT_RING_TIMEOUT);
344	if (ret) {
345	resp->flag = CMD_RESPONSE_TIMEDOUT;
346	return ret;
347	}
348
349	memcpy(buf, &resp->buf[`0`], len);
350	*status = resp->status;
351
352	resp->flag = CMD_RESPONSE_COPIED;
353
354	return `0`;
355	}
356	EXPORT_SYMBOL(psp_tee_process_cmd);
357
358	int psp_check_tee_status(void)
359	{
360	struct psp_device *psp = psp_get_master_device();
361
362	if (!psp \|\| !psp->tee_data)
363	return -ENODEV;
364
365	return `0`;
366	}
367	EXPORT_SYMBOL(psp_check_tee_status);
368

source code of linux/drivers/crypto/ccp/tee-dev.c