1 // SPDX-License-Identifier: GPL-2.0-only
2 /* Copyright (c) 2010,2015,2019 The Linux Foundation. All rights reserved.
3 * Copyright (C) 2015 Linaro Ltd.
4 */
5
6 #include <linux/slab.h>
7 #include <linux/io.h>
8 #include <linux/module.h>
9 #include <linux/mutex.h>
10 #include <linux/errno.h>
11 #include <linux/err.h>
12 #include <linux/qcom_scm.h>
13 #include <linux/arm-smccc.h>
14 #include <linux/dma-mapping.h>
15
16 #include "qcom_scm.h"
17
18 static DEFINE_MUTEX(qcom_scm_lock);
19
20
21 /**
22 * struct arm_smccc_args
23 * @args: The array of values used in registers in smc instruction
24 */
25 struct arm_smccc_args {
26 unsigned long args[8];
27 };
28
29
30 /**
31 * struct scm_legacy_command - one SCM command buffer
32 * @len: total available memory for command and response
33 * @buf_offset: start of command buffer
34 * @resp_hdr_offset: start of response buffer
35 * @id: command to be executed
36 * @buf: buffer returned from scm_legacy_get_command_buffer()
37 *
38 * An SCM command is laid out in memory as follows:
39 *
40 * ------------------- <--- struct scm_legacy_command
41 * | command header |
42 * ------------------- <--- scm_legacy_get_command_buffer()
43 * | command buffer |
44 * ------------------- <--- struct scm_legacy_response and
45 * | response header | scm_legacy_command_to_response()
46 * ------------------- <--- scm_legacy_get_response_buffer()
47 * | response buffer |
48 * -------------------
49 *
50 * There can be arbitrary padding between the headers and buffers so
51 * you should always use the appropriate scm_legacy_get_*_buffer() routines
52 * to access the buffers in a safe manner.
53 */
54 struct scm_legacy_command {
55 __le32 len;
56 __le32 buf_offset;
57 __le32 resp_hdr_offset;
58 __le32 id;
59 __le32 buf[];
60 };
61
62 /**
63 * struct scm_legacy_response - one SCM response buffer
64 * @len: total available memory for response
65 * @buf_offset: start of response data relative to start of scm_legacy_response
66 * @is_complete: indicates if the command has finished processing
67 */
68 struct scm_legacy_response {
69 __le32 len;
70 __le32 buf_offset;
71 __le32 is_complete;
72 };
73
74 /**
75 * scm_legacy_command_to_response() - Get a pointer to a scm_legacy_response
76 * @cmd: command
77 *
78 * Returns a pointer to a response for a command.
79 */
scm_legacy_command_to_response(const struct scm_legacy_command * cmd)80 static inline struct scm_legacy_response *scm_legacy_command_to_response(
81 const struct scm_legacy_command *cmd)
82 {
83 return (void *)cmd + le32_to_cpu(cmd->resp_hdr_offset);
84 }
85
86 /**
87 * scm_legacy_get_command_buffer() - Get a pointer to a command buffer
88 * @cmd: command
89 *
90 * Returns a pointer to the command buffer of a command.
91 */
scm_legacy_get_command_buffer(const struct scm_legacy_command * cmd)92 static inline void *scm_legacy_get_command_buffer(
93 const struct scm_legacy_command *cmd)
94 {
95 return (void *)cmd->buf;
96 }
97
98 /**
99 * scm_legacy_get_response_buffer() - Get a pointer to a response buffer
100 * @rsp: response
101 *
102 * Returns a pointer to a response buffer of a response.
103 */
scm_legacy_get_response_buffer(const struct scm_legacy_response * rsp)104 static inline void *scm_legacy_get_response_buffer(
105 const struct scm_legacy_response *rsp)
106 {
107 return (void *)rsp + le32_to_cpu(rsp->buf_offset);
108 }
109
__scm_legacy_do(const struct arm_smccc_args * smc,struct arm_smccc_res * res)110 static void __scm_legacy_do(const struct arm_smccc_args *smc,
111 struct arm_smccc_res *res)
112 {
113 do {
114 arm_smccc_smc(smc->args[0], smc->args[1], smc->args[2],
115 smc->args[3], smc->args[4], smc->args[5],
116 smc->args[6], smc->args[7], res);
117 } while (res->a0 == QCOM_SCM_INTERRUPTED);
118 }
119
120 /**
121 * qcom_scm_call() - Sends a command to the SCM and waits for the command to
122 * finish processing.
123 *
124 * A note on cache maintenance:
125 * Note that any buffers that are expected to be accessed by the secure world
126 * must be flushed before invoking qcom_scm_call and invalidated in the cache
127 * immediately after qcom_scm_call returns. Cache maintenance on the command
128 * and response buffers is taken care of by qcom_scm_call; however, callers are
129 * responsible for any other cached buffers passed over to the secure world.
130 */
scm_legacy_call(struct device * dev,const struct qcom_scm_desc * desc,struct qcom_scm_res * res)131 int scm_legacy_call(struct device *dev, const struct qcom_scm_desc *desc,
132 struct qcom_scm_res *res)
133 {
134 u8 arglen = desc->arginfo & 0xf;
135 int ret = 0, context_id;
136 unsigned int i;
137 struct scm_legacy_command *cmd;
138 struct scm_legacy_response *rsp;
139 struct arm_smccc_args smc = {0};
140 struct arm_smccc_res smc_res;
141 const size_t cmd_len = arglen * sizeof(__le32);
142 const size_t resp_len = MAX_QCOM_SCM_RETS * sizeof(__le32);
143 size_t alloc_len = sizeof(*cmd) + cmd_len + sizeof(*rsp) + resp_len;
144 dma_addr_t cmd_phys;
145 __le32 *arg_buf;
146 const __le32 *res_buf;
147
148 cmd = kzalloc(PAGE_ALIGN(alloc_len), GFP_KERNEL);
149 if (!cmd)
150 return -ENOMEM;
151
152 cmd->len = cpu_to_le32(alloc_len);
153 cmd->buf_offset = cpu_to_le32(sizeof(*cmd));
154 cmd->resp_hdr_offset = cpu_to_le32(sizeof(*cmd) + cmd_len);
155 cmd->id = cpu_to_le32(SCM_LEGACY_FNID(desc->svc, desc->cmd));
156
157 arg_buf = scm_legacy_get_command_buffer(cmd);
158 for (i = 0; i < arglen; i++)
159 arg_buf[i] = cpu_to_le32(desc->args[i]);
160
161 rsp = scm_legacy_command_to_response(cmd);
162
163 cmd_phys = dma_map_single(dev, cmd, alloc_len, DMA_TO_DEVICE);
164 if (dma_mapping_error(dev, cmd_phys)) {
165 kfree(cmd);
166 return -ENOMEM;
167 }
168
169 smc.args[0] = 1;
170 smc.args[1] = (unsigned long)&context_id;
171 smc.args[2] = cmd_phys;
172
173 mutex_lock(&qcom_scm_lock);
174 __scm_legacy_do(&smc, &smc_res);
175 if (smc_res.a0)
176 ret = qcom_scm_remap_error(smc_res.a0);
177 mutex_unlock(&qcom_scm_lock);
178 if (ret)
179 goto out;
180
181 do {
182 dma_sync_single_for_cpu(dev, cmd_phys + sizeof(*cmd) + cmd_len,
183 sizeof(*rsp), DMA_FROM_DEVICE);
184 } while (!rsp->is_complete);
185
186 dma_sync_single_for_cpu(dev, cmd_phys + sizeof(*cmd) + cmd_len +
187 le32_to_cpu(rsp->buf_offset),
188 resp_len, DMA_FROM_DEVICE);
189
190 if (res) {
191 res_buf = scm_legacy_get_response_buffer(rsp);
192 for (i = 0; i < MAX_QCOM_SCM_RETS; i++)
193 res->result[i] = le32_to_cpu(res_buf[i]);
194 }
195 out:
196 dma_unmap_single(dev, cmd_phys, alloc_len, DMA_TO_DEVICE);
197 kfree(cmd);
198 return ret;
199 }
200
201 #define SCM_LEGACY_ATOMIC_N_REG_ARGS 5
202 #define SCM_LEGACY_ATOMIC_FIRST_REG_IDX 2
203 #define SCM_LEGACY_CLASS_REGISTER (0x2 << 8)
204 #define SCM_LEGACY_MASK_IRQS BIT(5)
205 #define SCM_LEGACY_ATOMIC_ID(svc, cmd, n) \
206 ((SCM_LEGACY_FNID(svc, cmd) << 12) | \
207 SCM_LEGACY_CLASS_REGISTER | \
208 SCM_LEGACY_MASK_IRQS | \
209 (n & 0xf))
210
211 /**
212 * qcom_scm_call_atomic() - Send an atomic SCM command with up to 5 arguments
213 * and 3 return values
214 * @desc: SCM call descriptor containing arguments
215 * @res: SCM call return values
216 *
217 * This shall only be used with commands that are guaranteed to be
218 * uninterruptable, atomic and SMP safe.
219 */
scm_legacy_call_atomic(struct device * unused,const struct qcom_scm_desc * desc,struct qcom_scm_res * res)220 int scm_legacy_call_atomic(struct device *unused,
221 const struct qcom_scm_desc *desc,
222 struct qcom_scm_res *res)
223 {
224 int context_id;
225 struct arm_smccc_res smc_res;
226 size_t arglen = desc->arginfo & 0xf;
227
228 BUG_ON(arglen > SCM_LEGACY_ATOMIC_N_REG_ARGS);
229
230 arm_smccc_smc(SCM_LEGACY_ATOMIC_ID(desc->svc, desc->cmd, arglen),
231 (unsigned long)&context_id,
232 desc->args[0], desc->args[1], desc->args[2],
233 desc->args[3], desc->args[4], 0, &smc_res);
234
235 if (res) {
236 res->result[0] = smc_res.a1;
237 res->result[1] = smc_res.a2;
238 res->result[2] = smc_res.a3;
239 }
240
241 return smc_res.a0;
242 }
243