1 | // SPDX-License-Identifier: GPL-2.0-only |
2 | /* Copyright (c) 2010,2015,2019 The Linux Foundation. All rights reserved. |
3 | * Copyright (C) 2015 Linaro Ltd. |
4 | */ |
5 | |
6 | #include <linux/slab.h> |
7 | #include <linux/io.h> |
8 | #include <linux/module.h> |
9 | #include <linux/mutex.h> |
10 | #include <linux/errno.h> |
11 | #include <linux/err.h> |
12 | #include <linux/firmware/qcom/qcom_scm.h> |
13 | #include <linux/arm-smccc.h> |
14 | #include <linux/dma-mapping.h> |
15 | |
16 | #include "qcom_scm.h" |
17 | |
18 | static DEFINE_MUTEX(qcom_scm_lock); |
19 | |
20 | |
21 | /** |
22 | * struct arm_smccc_args |
23 | * @args: The array of values used in registers in smc instruction |
24 | */ |
25 | struct arm_smccc_args { |
26 | unsigned long args[8]; |
27 | }; |
28 | |
29 | |
30 | /** |
31 | * struct scm_legacy_command - one SCM command buffer |
32 | * @len: total available memory for command and response |
33 | * @buf_offset: start of command buffer |
34 | * @resp_hdr_offset: start of response buffer |
35 | * @id: command to be executed |
36 | * @buf: buffer returned from scm_legacy_get_command_buffer() |
37 | * |
38 | * An SCM command is laid out in memory as follows: |
39 | * |
40 | * ------------------- <--- struct scm_legacy_command |
41 | * | command header | |
42 | * ------------------- <--- scm_legacy_get_command_buffer() |
43 | * | command buffer | |
44 | * ------------------- <--- struct scm_legacy_response and |
45 | * | response header | scm_legacy_command_to_response() |
46 | * ------------------- <--- scm_legacy_get_response_buffer() |
47 | * | response buffer | |
48 | * ------------------- |
49 | * |
50 | * There can be arbitrary padding between the headers and buffers so |
51 | * you should always use the appropriate scm_legacy_get_*_buffer() routines |
52 | * to access the buffers in a safe manner. |
53 | */ |
54 | struct scm_legacy_command { |
55 | __le32 len; |
56 | __le32 buf_offset; |
57 | __le32 resp_hdr_offset; |
58 | __le32 id; |
59 | __le32 buf[]; |
60 | }; |
61 | |
62 | /** |
63 | * struct scm_legacy_response - one SCM response buffer |
64 | * @len: total available memory for response |
65 | * @buf_offset: start of response data relative to start of scm_legacy_response |
66 | * @is_complete: indicates if the command has finished processing |
67 | */ |
68 | struct scm_legacy_response { |
69 | __le32 len; |
70 | __le32 buf_offset; |
71 | __le32 is_complete; |
72 | }; |
73 | |
74 | /** |
75 | * scm_legacy_command_to_response() - Get a pointer to a scm_legacy_response |
76 | * @cmd: command |
77 | * |
78 | * Returns a pointer to a response for a command. |
79 | */ |
80 | static inline struct scm_legacy_response *scm_legacy_command_to_response( |
81 | const struct scm_legacy_command *cmd) |
82 | { |
83 | return (void *)cmd + le32_to_cpu(cmd->resp_hdr_offset); |
84 | } |
85 | |
86 | /** |
87 | * scm_legacy_get_command_buffer() - Get a pointer to a command buffer |
88 | * @cmd: command |
89 | * |
90 | * Returns a pointer to the command buffer of a command. |
91 | */ |
92 | static inline void *scm_legacy_get_command_buffer( |
93 | const struct scm_legacy_command *cmd) |
94 | { |
95 | return (void *)cmd->buf; |
96 | } |
97 | |
98 | /** |
99 | * scm_legacy_get_response_buffer() - Get a pointer to a response buffer |
100 | * @rsp: response |
101 | * |
102 | * Returns a pointer to a response buffer of a response. |
103 | */ |
104 | static inline void *scm_legacy_get_response_buffer( |
105 | const struct scm_legacy_response *rsp) |
106 | { |
107 | return (void *)rsp + le32_to_cpu(rsp->buf_offset); |
108 | } |
109 | |
110 | static void __scm_legacy_do(const struct arm_smccc_args *smc, |
111 | struct arm_smccc_res *res) |
112 | { |
113 | do { |
114 | arm_smccc_smc(smc->args[0], smc->args[1], smc->args[2], |
115 | smc->args[3], smc->args[4], smc->args[5], |
116 | smc->args[6], smc->args[7], res); |
117 | } while (res->a0 == QCOM_SCM_INTERRUPTED); |
118 | } |
119 | |
120 | /** |
121 | * scm_legacy_call() - Sends a command to the SCM and waits for the command to |
122 | * finish processing. |
123 | * @dev: device |
124 | * @desc: descriptor structure containing arguments and return values |
125 | * @res: results from SMC call |
126 | * |
127 | * A note on cache maintenance: |
128 | * Note that any buffers that are expected to be accessed by the secure world |
129 | * must be flushed before invoking qcom_scm_call and invalidated in the cache |
130 | * immediately after qcom_scm_call returns. Cache maintenance on the command |
131 | * and response buffers is taken care of by qcom_scm_call; however, callers are |
132 | * responsible for any other cached buffers passed over to the secure world. |
133 | */ |
134 | int scm_legacy_call(struct device *dev, const struct qcom_scm_desc *desc, |
135 | struct qcom_scm_res *res) |
136 | { |
137 | u8 arglen = desc->arginfo & 0xf; |
138 | int ret = 0, context_id; |
139 | unsigned int i; |
140 | struct scm_legacy_command *cmd; |
141 | struct scm_legacy_response *rsp; |
142 | struct arm_smccc_args smc = {0}; |
143 | struct arm_smccc_res smc_res; |
144 | const size_t cmd_len = arglen * sizeof(__le32); |
145 | const size_t resp_len = MAX_QCOM_SCM_RETS * sizeof(__le32); |
146 | size_t alloc_len = sizeof(*cmd) + cmd_len + sizeof(*rsp) + resp_len; |
147 | dma_addr_t cmd_phys; |
148 | __le32 *arg_buf; |
149 | const __le32 *res_buf; |
150 | |
151 | cmd = kzalloc(PAGE_ALIGN(alloc_len), GFP_KERNEL); |
152 | if (!cmd) |
153 | return -ENOMEM; |
154 | |
155 | cmd->len = cpu_to_le32(alloc_len); |
156 | cmd->buf_offset = cpu_to_le32(sizeof(*cmd)); |
157 | cmd->resp_hdr_offset = cpu_to_le32(sizeof(*cmd) + cmd_len); |
158 | cmd->id = cpu_to_le32(SCM_LEGACY_FNID(desc->svc, desc->cmd)); |
159 | |
160 | arg_buf = scm_legacy_get_command_buffer(cmd); |
161 | for (i = 0; i < arglen; i++) |
162 | arg_buf[i] = cpu_to_le32(desc->args[i]); |
163 | |
164 | rsp = scm_legacy_command_to_response(cmd); |
165 | |
166 | cmd_phys = dma_map_single(dev, cmd, alloc_len, DMA_TO_DEVICE); |
167 | if (dma_mapping_error(dev, dma_addr: cmd_phys)) { |
168 | kfree(objp: cmd); |
169 | return -ENOMEM; |
170 | } |
171 | |
172 | smc.args[0] = 1; |
173 | smc.args[1] = (unsigned long)&context_id; |
174 | smc.args[2] = cmd_phys; |
175 | |
176 | mutex_lock(&qcom_scm_lock); |
177 | __scm_legacy_do(smc: &smc, res: &smc_res); |
178 | if (smc_res.a0) |
179 | ret = qcom_scm_remap_error(err: smc_res.a0); |
180 | mutex_unlock(lock: &qcom_scm_lock); |
181 | if (ret) |
182 | goto out; |
183 | |
184 | do { |
185 | dma_sync_single_for_cpu(dev, addr: cmd_phys + sizeof(*cmd) + cmd_len, |
186 | size: sizeof(*rsp), dir: DMA_FROM_DEVICE); |
187 | } while (!rsp->is_complete); |
188 | |
189 | dma_sync_single_for_cpu(dev, addr: cmd_phys + sizeof(*cmd) + cmd_len + |
190 | le32_to_cpu(rsp->buf_offset), |
191 | size: resp_len, dir: DMA_FROM_DEVICE); |
192 | |
193 | if (res) { |
194 | res_buf = scm_legacy_get_response_buffer(rsp); |
195 | for (i = 0; i < MAX_QCOM_SCM_RETS; i++) |
196 | res->result[i] = le32_to_cpu(res_buf[i]); |
197 | } |
198 | out: |
199 | dma_unmap_single(dev, cmd_phys, alloc_len, DMA_TO_DEVICE); |
200 | kfree(objp: cmd); |
201 | return ret; |
202 | } |
203 | |
204 | #define SCM_LEGACY_ATOMIC_N_REG_ARGS 5 |
205 | #define SCM_LEGACY_ATOMIC_FIRST_REG_IDX 2 |
206 | #define SCM_LEGACY_CLASS_REGISTER (0x2 << 8) |
207 | #define SCM_LEGACY_MASK_IRQS BIT(5) |
208 | #define SCM_LEGACY_ATOMIC_ID(svc, cmd, n) \ |
209 | ((SCM_LEGACY_FNID(svc, cmd) << 12) | \ |
210 | SCM_LEGACY_CLASS_REGISTER | \ |
211 | SCM_LEGACY_MASK_IRQS | \ |
212 | (n & 0xf)) |
213 | |
214 | /** |
215 | * scm_legacy_call_atomic() - Send an atomic SCM command with up to 5 arguments |
216 | * and 3 return values |
217 | * @unused: device, legacy argument, not used, can be NULL |
218 | * @desc: SCM call descriptor containing arguments |
219 | * @res: SCM call return values |
220 | * |
221 | * This shall only be used with commands that are guaranteed to be |
222 | * uninterruptable, atomic and SMP safe. |
223 | */ |
224 | int scm_legacy_call_atomic(struct device *unused, |
225 | const struct qcom_scm_desc *desc, |
226 | struct qcom_scm_res *res) |
227 | { |
228 | int context_id; |
229 | struct arm_smccc_res smc_res; |
230 | size_t arglen = desc->arginfo & 0xf; |
231 | |
232 | BUG_ON(arglen > SCM_LEGACY_ATOMIC_N_REG_ARGS); |
233 | |
234 | arm_smccc_smc(SCM_LEGACY_ATOMIC_ID(desc->svc, desc->cmd, arglen), |
235 | (unsigned long)&context_id, |
236 | desc->args[0], desc->args[1], desc->args[2], |
237 | desc->args[3], desc->args[4], 0, &smc_res); |
238 | |
239 | if (res) { |
240 | res->result[0] = smc_res.a1; |
241 | res->result[1] = smc_res.a2; |
242 | res->result[2] = smc_res.a3; |
243 | } |
244 | |
245 | return smc_res.a0; |
246 | } |
247 | |