1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * AMD Secure Encrypted Virtualization (SEV) interface
4 *
5 * Copyright (C) 2016,2019 Advanced Micro Devices, Inc.
6 *
7 * Author: Brijesh Singh <brijesh.singh@amd.com>
8 */
9
10 #include <linux/module.h>
11 #include <linux/kernel.h>
12 #include <linux/kthread.h>
13 #include <linux/sched.h>
14 #include <linux/interrupt.h>
15 #include <linux/spinlock.h>
16 #include <linux/spinlock_types.h>
17 #include <linux/types.h>
18 #include <linux/mutex.h>
19 #include <linux/delay.h>
20 #include <linux/hw_random.h>
21 #include <linux/ccp.h>
22 #include <linux/firmware.h>
23 #include <linux/gfp.h>
24 #include <linux/cpufeature.h>
25
26 #include <asm/smp.h>
27 #include <asm/cacheflush.h>
28
29 #include "psp-dev.h"
30 #include "sev-dev.h"
31
32 #define DEVICE_NAME "sev"
33 #define SEV_FW_FILE "amd/sev.fw"
34 #define SEV_FW_NAME_SIZE 64
35
36 static DEFINE_MUTEX(sev_cmd_mutex);
37 static struct sev_misc_dev *misc_dev;
38
39 static int psp_cmd_timeout = 100;
40 module_param(psp_cmd_timeout, int, 0644);
41 MODULE_PARM_DESC(psp_cmd_timeout, " default timeout value, in seconds, for PSP commands");
42
43 static int psp_probe_timeout = 5;
44 module_param(psp_probe_timeout, int, 0644);
45 MODULE_PARM_DESC(psp_probe_timeout, " default timeout value, in seconds, during PSP device probe");
46
47 MODULE_FIRMWARE("amd/amd_sev_fam17h_model0xh.sbin"); /* 1st gen EPYC */
48 MODULE_FIRMWARE("amd/amd_sev_fam17h_model3xh.sbin"); /* 2nd gen EPYC */
49 MODULE_FIRMWARE("amd/amd_sev_fam19h_model0xh.sbin"); /* 3rd gen EPYC */
50
51 static bool psp_dead;
52 static int psp_timeout;
53
54 /* Trusted Memory Region (TMR):
55 * The TMR is a 1MB area that must be 1MB aligned. Use the page allocator
56 * to allocate the memory, which will return aligned memory for the specified
57 * allocation order.
58 */
59 #define SEV_ES_TMR_SIZE (1024 * 1024)
60 static void *sev_es_tmr;
61
sev_version_greater_or_equal(u8 maj,u8 min)62 static inline bool sev_version_greater_or_equal(u8 maj, u8 min)
63 {
64 struct sev_device *sev = psp_master->sev_data;
65
66 if (sev->api_major > maj)
67 return true;
68
69 if (sev->api_major == maj && sev->api_minor >= min)
70 return true;
71
72 return false;
73 }
74
sev_irq_handler(int irq,void * data,unsigned int status)75 static void sev_irq_handler(int irq, void *data, unsigned int status)
76 {
77 struct sev_device *sev = data;
78 int reg;
79
80 /* Check if it is command completion: */
81 if (!(status & SEV_CMD_COMPLETE))
82 return;
83
84 /* Check if it is SEV command completion: */
85 reg = ioread32(sev->io_regs + sev->vdata->cmdresp_reg);
86 if (reg & PSP_CMDRESP_RESP) {
87 sev->int_rcvd = 1;
88 wake_up(&sev->int_queue);
89 }
90 }
91
sev_wait_cmd_ioc(struct sev_device * sev,unsigned int * reg,unsigned int timeout)92 static int sev_wait_cmd_ioc(struct sev_device *sev,
93 unsigned int *reg, unsigned int timeout)
94 {
95 int ret;
96
97 ret = wait_event_timeout(sev->int_queue,
98 sev->int_rcvd, timeout * HZ);
99 if (!ret)
100 return -ETIMEDOUT;
101
102 *reg = ioread32(sev->io_regs + sev->vdata->cmdresp_reg);
103
104 return 0;
105 }
106
sev_cmd_buffer_len(int cmd)107 static int sev_cmd_buffer_len(int cmd)
108 {
109 switch (cmd) {
110 case SEV_CMD_INIT: return sizeof(struct sev_data_init);
111 case SEV_CMD_PLATFORM_STATUS: return sizeof(struct sev_user_data_status);
112 case SEV_CMD_PEK_CSR: return sizeof(struct sev_data_pek_csr);
113 case SEV_CMD_PEK_CERT_IMPORT: return sizeof(struct sev_data_pek_cert_import);
114 case SEV_CMD_PDH_CERT_EXPORT: return sizeof(struct sev_data_pdh_cert_export);
115 case SEV_CMD_LAUNCH_START: return sizeof(struct sev_data_launch_start);
116 case SEV_CMD_LAUNCH_UPDATE_DATA: return sizeof(struct sev_data_launch_update_data);
117 case SEV_CMD_LAUNCH_UPDATE_VMSA: return sizeof(struct sev_data_launch_update_vmsa);
118 case SEV_CMD_LAUNCH_FINISH: return sizeof(struct sev_data_launch_finish);
119 case SEV_CMD_LAUNCH_MEASURE: return sizeof(struct sev_data_launch_measure);
120 case SEV_CMD_ACTIVATE: return sizeof(struct sev_data_activate);
121 case SEV_CMD_DEACTIVATE: return sizeof(struct sev_data_deactivate);
122 case SEV_CMD_DECOMMISSION: return sizeof(struct sev_data_decommission);
123 case SEV_CMD_GUEST_STATUS: return sizeof(struct sev_data_guest_status);
124 case SEV_CMD_DBG_DECRYPT: return sizeof(struct sev_data_dbg);
125 case SEV_CMD_DBG_ENCRYPT: return sizeof(struct sev_data_dbg);
126 case SEV_CMD_SEND_START: return sizeof(struct sev_data_send_start);
127 case SEV_CMD_SEND_UPDATE_DATA: return sizeof(struct sev_data_send_update_data);
128 case SEV_CMD_SEND_UPDATE_VMSA: return sizeof(struct sev_data_send_update_vmsa);
129 case SEV_CMD_SEND_FINISH: return sizeof(struct sev_data_send_finish);
130 case SEV_CMD_RECEIVE_START: return sizeof(struct sev_data_receive_start);
131 case SEV_CMD_RECEIVE_FINISH: return sizeof(struct sev_data_receive_finish);
132 case SEV_CMD_RECEIVE_UPDATE_DATA: return sizeof(struct sev_data_receive_update_data);
133 case SEV_CMD_RECEIVE_UPDATE_VMSA: return sizeof(struct sev_data_receive_update_vmsa);
134 case SEV_CMD_LAUNCH_UPDATE_SECRET: return sizeof(struct sev_data_launch_secret);
135 case SEV_CMD_DOWNLOAD_FIRMWARE: return sizeof(struct sev_data_download_firmware);
136 case SEV_CMD_GET_ID: return sizeof(struct sev_data_get_id);
137 case SEV_CMD_ATTESTATION_REPORT: return sizeof(struct sev_data_attestation_report);
138 case SEV_CMD_SEND_CANCEL: return sizeof(struct sev_data_send_cancel);
139 default: return 0;
140 }
141
142 return 0;
143 }
144
sev_fw_alloc(unsigned long len)145 static void *sev_fw_alloc(unsigned long len)
146 {
147 struct page *page;
148
149 page = alloc_pages(GFP_KERNEL, get_order(len));
150 if (!page)
151 return NULL;
152
153 return page_address(page);
154 }
155
__sev_do_cmd_locked(int cmd,void * data,int * psp_ret)156 static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret)
157 {
158 struct psp_device *psp = psp_master;
159 struct sev_device *sev;
160 unsigned int phys_lsb, phys_msb;
161 unsigned int reg, ret = 0;
162 int buf_len;
163
164 if (!psp || !psp->sev_data)
165 return -ENODEV;
166
167 if (psp_dead)
168 return -EBUSY;
169
170 sev = psp->sev_data;
171
172 buf_len = sev_cmd_buffer_len(cmd);
173 if (WARN_ON_ONCE(!data != !buf_len))
174 return -EINVAL;
175
176 /*
177 * Copy the incoming data to driver's scratch buffer as __pa() will not
178 * work for some memory, e.g. vmalloc'd addresses, and @data may not be
179 * physically contiguous.
180 */
181 if (data)
182 memcpy(sev->cmd_buf, data, buf_len);
183
184 /* Get the physical address of the command buffer */
185 phys_lsb = data ? lower_32_bits(__psp_pa(sev->cmd_buf)) : 0;
186 phys_msb = data ? upper_32_bits(__psp_pa(sev->cmd_buf)) : 0;
187
188 dev_dbg(sev->dev, "sev command id %#x buffer 0x%08x%08x timeout %us\n",
189 cmd, phys_msb, phys_lsb, psp_timeout);
190
191 print_hex_dump_debug("(in): ", DUMP_PREFIX_OFFSET, 16, 2, data,
192 buf_len, false);
193
194 iowrite32(phys_lsb, sev->io_regs + sev->vdata->cmdbuff_addr_lo_reg);
195 iowrite32(phys_msb, sev->io_regs + sev->vdata->cmdbuff_addr_hi_reg);
196
197 sev->int_rcvd = 0;
198
199 reg = cmd;
200 reg <<= SEV_CMDRESP_CMD_SHIFT;
201 reg |= SEV_CMDRESP_IOC;
202 iowrite32(reg, sev->io_regs + sev->vdata->cmdresp_reg);
203
204 /* wait for command completion */
205 ret = sev_wait_cmd_ioc(sev, ®, psp_timeout);
206 if (ret) {
207 if (psp_ret)
208 *psp_ret = 0;
209
210 dev_err(sev->dev, "sev command %#x timed out, disabling PSP\n", cmd);
211 psp_dead = true;
212
213 return ret;
214 }
215
216 psp_timeout = psp_cmd_timeout;
217
218 if (psp_ret)
219 *psp_ret = reg & PSP_CMDRESP_ERR_MASK;
220
221 if (reg & PSP_CMDRESP_ERR_MASK) {
222 dev_dbg(sev->dev, "sev command %#x failed (%#010x)\n",
223 cmd, reg & PSP_CMDRESP_ERR_MASK);
224 ret = -EIO;
225 }
226
227 print_hex_dump_debug("(out): ", DUMP_PREFIX_OFFSET, 16, 2, data,
228 buf_len, false);
229
230 /*
231 * Copy potential output from the PSP back to data. Do this even on
232 * failure in case the caller wants to glean something from the error.
233 */
234 if (data)
235 memcpy(data, sev->cmd_buf, buf_len);
236
237 return ret;
238 }
239
sev_do_cmd(int cmd,void * data,int * psp_ret)240 static int sev_do_cmd(int cmd, void *data, int *psp_ret)
241 {
242 int rc;
243
244 mutex_lock(&sev_cmd_mutex);
245 rc = __sev_do_cmd_locked(cmd, data, psp_ret);
246 mutex_unlock(&sev_cmd_mutex);
247
248 return rc;
249 }
250
__sev_platform_init_locked(int * error)251 static int __sev_platform_init_locked(int *error)
252 {
253 struct psp_device *psp = psp_master;
254 struct sev_data_init data;
255 struct sev_device *sev;
256 int psp_ret = -1, rc = 0;
257
258 if (!psp || !psp->sev_data)
259 return -ENODEV;
260
261 sev = psp->sev_data;
262
263 if (sev->state == SEV_STATE_INIT)
264 return 0;
265
266 memset(&data, 0, sizeof(data));
267 if (sev_es_tmr) {
268 u64 tmr_pa;
269
270 /*
271 * Do not include the encryption mask on the physical
272 * address of the TMR (firmware should clear it anyway).
273 */
274 tmr_pa = __pa(sev_es_tmr);
275
276 data.flags |= SEV_INIT_FLAGS_SEV_ES;
277 data.tmr_address = tmr_pa;
278 data.tmr_len = SEV_ES_TMR_SIZE;
279 }
280
281 rc = __sev_do_cmd_locked(SEV_CMD_INIT, &data, &psp_ret);
282 if (rc && psp_ret == SEV_RET_SECURE_DATA_INVALID) {
283 /*
284 * Initialization command returned an integrity check failure
285 * status code, meaning that firmware load and validation of SEV
286 * related persistent data has failed. Retrying the
287 * initialization function should succeed by replacing the state
288 * with a reset state.
289 */
290 dev_dbg(sev->dev, "SEV: retrying INIT command");
291 rc = __sev_do_cmd_locked(SEV_CMD_INIT, &data, &psp_ret);
292 }
293 if (error)
294 *error = psp_ret;
295
296 if (rc)
297 return rc;
298
299 sev->state = SEV_STATE_INIT;
300
301 /* Prepare for first SEV guest launch after INIT */
302 wbinvd_on_all_cpus();
303 rc = __sev_do_cmd_locked(SEV_CMD_DF_FLUSH, NULL, error);
304 if (rc)
305 return rc;
306
307 dev_dbg(sev->dev, "SEV firmware initialized\n");
308
309 return rc;
310 }
311
sev_platform_init(int * error)312 int sev_platform_init(int *error)
313 {
314 int rc;
315
316 mutex_lock(&sev_cmd_mutex);
317 rc = __sev_platform_init_locked(error);
318 mutex_unlock(&sev_cmd_mutex);
319
320 return rc;
321 }
322 EXPORT_SYMBOL_GPL(sev_platform_init);
323
__sev_platform_shutdown_locked(int * error)324 static int __sev_platform_shutdown_locked(int *error)
325 {
326 struct psp_device *psp = psp_master;
327 struct sev_device *sev;
328 int ret;
329
330 if (!psp || !psp->sev_data)
331 return 0;
332
333 sev = psp->sev_data;
334
335 if (sev->state == SEV_STATE_UNINIT)
336 return 0;
337
338 ret = __sev_do_cmd_locked(SEV_CMD_SHUTDOWN, NULL, error);
339 if (ret)
340 return ret;
341
342 sev->state = SEV_STATE_UNINIT;
343 dev_dbg(sev->dev, "SEV firmware shutdown\n");
344
345 return ret;
346 }
347
sev_platform_shutdown(int * error)348 static int sev_platform_shutdown(int *error)
349 {
350 int rc;
351
352 mutex_lock(&sev_cmd_mutex);
353 rc = __sev_platform_shutdown_locked(NULL);
354 mutex_unlock(&sev_cmd_mutex);
355
356 return rc;
357 }
358
sev_get_platform_state(int * state,int * error)359 static int sev_get_platform_state(int *state, int *error)
360 {
361 struct sev_user_data_status data;
362 int rc;
363
364 rc = __sev_do_cmd_locked(SEV_CMD_PLATFORM_STATUS, &data, error);
365 if (rc)
366 return rc;
367
368 *state = data.state;
369 return rc;
370 }
371
sev_ioctl_do_reset(struct sev_issue_cmd * argp,bool writable)372 static int sev_ioctl_do_reset(struct sev_issue_cmd *argp, bool writable)
373 {
374 int state, rc;
375
376 if (!writable)
377 return -EPERM;
378
379 /*
380 * The SEV spec requires that FACTORY_RESET must be issued in
381 * UNINIT state. Before we go further lets check if any guest is
382 * active.
383 *
384 * If FW is in WORKING state then deny the request otherwise issue
385 * SHUTDOWN command do INIT -> UNINIT before issuing the FACTORY_RESET.
386 *
387 */
388 rc = sev_get_platform_state(&state, &argp->error);
389 if (rc)
390 return rc;
391
392 if (state == SEV_STATE_WORKING)
393 return -EBUSY;
394
395 if (state == SEV_STATE_INIT) {
396 rc = __sev_platform_shutdown_locked(&argp->error);
397 if (rc)
398 return rc;
399 }
400
401 return __sev_do_cmd_locked(SEV_CMD_FACTORY_RESET, NULL, &argp->error);
402 }
403
sev_ioctl_do_platform_status(struct sev_issue_cmd * argp)404 static int sev_ioctl_do_platform_status(struct sev_issue_cmd *argp)
405 {
406 struct sev_user_data_status data;
407 int ret;
408
409 memset(&data, 0, sizeof(data));
410
411 ret = __sev_do_cmd_locked(SEV_CMD_PLATFORM_STATUS, &data, &argp->error);
412 if (ret)
413 return ret;
414
415 if (copy_to_user((void __user *)argp->data, &data, sizeof(data)))
416 ret = -EFAULT;
417
418 return ret;
419 }
420
sev_ioctl_do_pek_pdh_gen(int cmd,struct sev_issue_cmd * argp,bool writable)421 static int sev_ioctl_do_pek_pdh_gen(int cmd, struct sev_issue_cmd *argp, bool writable)
422 {
423 struct sev_device *sev = psp_master->sev_data;
424 int rc;
425
426 if (!writable)
427 return -EPERM;
428
429 if (sev->state == SEV_STATE_UNINIT) {
430 rc = __sev_platform_init_locked(&argp->error);
431 if (rc)
432 return rc;
433 }
434
435 return __sev_do_cmd_locked(cmd, NULL, &argp->error);
436 }
437
sev_ioctl_do_pek_csr(struct sev_issue_cmd * argp,bool writable)438 static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp, bool writable)
439 {
440 struct sev_device *sev = psp_master->sev_data;
441 struct sev_user_data_pek_csr input;
442 struct sev_data_pek_csr data;
443 void __user *input_address;
444 void *blob = NULL;
445 int ret;
446
447 if (!writable)
448 return -EPERM;
449
450 if (copy_from_user(&input, (void __user *)argp->data, sizeof(input)))
451 return -EFAULT;
452
453 memset(&data, 0, sizeof(data));
454
455 /* userspace wants to query CSR length */
456 if (!input.address || !input.length)
457 goto cmd;
458
459 /* allocate a physically contiguous buffer to store the CSR blob */
460 input_address = (void __user *)input.address;
461 if (input.length > SEV_FW_BLOB_MAX_SIZE)
462 return -EFAULT;
463
464 blob = kzalloc(input.length, GFP_KERNEL);
465 if (!blob)
466 return -ENOMEM;
467
468 data.address = __psp_pa(blob);
469 data.len = input.length;
470
471 cmd:
472 if (sev->state == SEV_STATE_UNINIT) {
473 ret = __sev_platform_init_locked(&argp->error);
474 if (ret)
475 goto e_free_blob;
476 }
477
478 ret = __sev_do_cmd_locked(SEV_CMD_PEK_CSR, &data, &argp->error);
479
480 /* If we query the CSR length, FW responded with expected data. */
481 input.length = data.len;
482
483 if (copy_to_user((void __user *)argp->data, &input, sizeof(input))) {
484 ret = -EFAULT;
485 goto e_free_blob;
486 }
487
488 if (blob) {
489 if (copy_to_user(input_address, blob, input.length))
490 ret = -EFAULT;
491 }
492
493 e_free_blob:
494 kfree(blob);
495 return ret;
496 }
497
psp_copy_user_blob(u64 uaddr,u32 len)498 void *psp_copy_user_blob(u64 uaddr, u32 len)
499 {
500 if (!uaddr || !len)
501 return ERR_PTR(-EINVAL);
502
503 /* verify that blob length does not exceed our limit */
504 if (len > SEV_FW_BLOB_MAX_SIZE)
505 return ERR_PTR(-EINVAL);
506
507 return memdup_user((void __user *)uaddr, len);
508 }
509 EXPORT_SYMBOL_GPL(psp_copy_user_blob);
510
sev_get_api_version(void)511 static int sev_get_api_version(void)
512 {
513 struct sev_device *sev = psp_master->sev_data;
514 struct sev_user_data_status status;
515 int error = 0, ret;
516
517 ret = sev_platform_status(&status, &error);
518 if (ret) {
519 dev_err(sev->dev,
520 "SEV: failed to get status. Error: %#x\n", error);
521 return 1;
522 }
523
524 sev->api_major = status.api_major;
525 sev->api_minor = status.api_minor;
526 sev->build = status.build;
527 sev->state = status.state;
528
529 return 0;
530 }
531
sev_get_firmware(struct device * dev,const struct firmware ** firmware)532 static int sev_get_firmware(struct device *dev,
533 const struct firmware **firmware)
534 {
535 char fw_name_specific[SEV_FW_NAME_SIZE];
536 char fw_name_subset[SEV_FW_NAME_SIZE];
537
538 snprintf(fw_name_specific, sizeof(fw_name_specific),
539 "amd/amd_sev_fam%.2xh_model%.2xh.sbin",
540 boot_cpu_data.x86, boot_cpu_data.x86_model);
541
542 snprintf(fw_name_subset, sizeof(fw_name_subset),
543 "amd/amd_sev_fam%.2xh_model%.1xxh.sbin",
544 boot_cpu_data.x86, (boot_cpu_data.x86_model & 0xf0) >> 4);
545
546 /* Check for SEV FW for a particular model.
547 * Ex. amd_sev_fam17h_model00h.sbin for Family 17h Model 00h
548 *
549 * or
550 *
551 * Check for SEV FW common to a subset of models.
552 * Ex. amd_sev_fam17h_model0xh.sbin for
553 * Family 17h Model 00h -- Family 17h Model 0Fh
554 *
555 * or
556 *
557 * Fall-back to using generic name: sev.fw
558 */
559 if ((firmware_request_nowarn(firmware, fw_name_specific, dev) >= 0) ||
560 (firmware_request_nowarn(firmware, fw_name_subset, dev) >= 0) ||
561 (firmware_request_nowarn(firmware, SEV_FW_FILE, dev) >= 0))
562 return 0;
563
564 return -ENOENT;
565 }
566
567 /* Don't fail if SEV FW couldn't be updated. Continue with existing SEV FW */
sev_update_firmware(struct device * dev)568 static int sev_update_firmware(struct device *dev)
569 {
570 struct sev_data_download_firmware *data;
571 const struct firmware *firmware;
572 int ret, error, order;
573 struct page *p;
574 u64 data_size;
575
576 if (sev_get_firmware(dev, &firmware) == -ENOENT) {
577 dev_dbg(dev, "No SEV firmware file present\n");
578 return -1;
579 }
580
581 /*
582 * SEV FW expects the physical address given to it to be 32
583 * byte aligned. Memory allocated has structure placed at the
584 * beginning followed by the firmware being passed to the SEV
585 * FW. Allocate enough memory for data structure + alignment
586 * padding + SEV FW.
587 */
588 data_size = ALIGN(sizeof(struct sev_data_download_firmware), 32);
589
590 order = get_order(firmware->size + data_size);
591 p = alloc_pages(GFP_KERNEL, order);
592 if (!p) {
593 ret = -1;
594 goto fw_err;
595 }
596
597 /*
598 * Copy firmware data to a kernel allocated contiguous
599 * memory region.
600 */
601 data = page_address(p);
602 memcpy(page_address(p) + data_size, firmware->data, firmware->size);
603
604 data->address = __psp_pa(page_address(p) + data_size);
605 data->len = firmware->size;
606
607 ret = sev_do_cmd(SEV_CMD_DOWNLOAD_FIRMWARE, data, &error);
608 if (ret)
609 dev_dbg(dev, "Failed to update SEV firmware: %#x\n", error);
610 else
611 dev_info(dev, "SEV firmware update successful\n");
612
613 __free_pages(p, order);
614
615 fw_err:
616 release_firmware(firmware);
617
618 return ret;
619 }
620
sev_ioctl_do_pek_import(struct sev_issue_cmd * argp,bool writable)621 static int sev_ioctl_do_pek_import(struct sev_issue_cmd *argp, bool writable)
622 {
623 struct sev_device *sev = psp_master->sev_data;
624 struct sev_user_data_pek_cert_import input;
625 struct sev_data_pek_cert_import data;
626 void *pek_blob, *oca_blob;
627 int ret;
628
629 if (!writable)
630 return -EPERM;
631
632 if (copy_from_user(&input, (void __user *)argp->data, sizeof(input)))
633 return -EFAULT;
634
635 /* copy PEK certificate blobs from userspace */
636 pek_blob = psp_copy_user_blob(input.pek_cert_address, input.pek_cert_len);
637 if (IS_ERR(pek_blob))
638 return PTR_ERR(pek_blob);
639
640 data.reserved = 0;
641 data.pek_cert_address = __psp_pa(pek_blob);
642 data.pek_cert_len = input.pek_cert_len;
643
644 /* copy PEK certificate blobs from userspace */
645 oca_blob = psp_copy_user_blob(input.oca_cert_address, input.oca_cert_len);
646 if (IS_ERR(oca_blob)) {
647 ret = PTR_ERR(oca_blob);
648 goto e_free_pek;
649 }
650
651 data.oca_cert_address = __psp_pa(oca_blob);
652 data.oca_cert_len = input.oca_cert_len;
653
654 /* If platform is not in INIT state then transition it to INIT */
655 if (sev->state != SEV_STATE_INIT) {
656 ret = __sev_platform_init_locked(&argp->error);
657 if (ret)
658 goto e_free_oca;
659 }
660
661 ret = __sev_do_cmd_locked(SEV_CMD_PEK_CERT_IMPORT, &data, &argp->error);
662
663 e_free_oca:
664 kfree(oca_blob);
665 e_free_pek:
666 kfree(pek_blob);
667 return ret;
668 }
669
sev_ioctl_do_get_id2(struct sev_issue_cmd * argp)670 static int sev_ioctl_do_get_id2(struct sev_issue_cmd *argp)
671 {
672 struct sev_user_data_get_id2 input;
673 struct sev_data_get_id data;
674 void __user *input_address;
675 void *id_blob = NULL;
676 int ret;
677
678 /* SEV GET_ID is available from SEV API v0.16 and up */
679 if (!sev_version_greater_or_equal(0, 16))
680 return -ENOTSUPP;
681
682 if (copy_from_user(&input, (void __user *)argp->data, sizeof(input)))
683 return -EFAULT;
684
685 input_address = (void __user *)input.address;
686
687 if (input.address && input.length) {
688 /*
689 * The length of the ID shouldn't be assumed by software since
690 * it may change in the future. The allocation size is limited
691 * to 1 << (PAGE_SHIFT + MAX_ORDER - 1) by the page allocator.
692 * If the allocation fails, simply return ENOMEM rather than
693 * warning in the kernel log.
694 */
695 id_blob = kzalloc(input.length, GFP_KERNEL | __GFP_NOWARN);
696 if (!id_blob)
697 return -ENOMEM;
698
699 data.address = __psp_pa(id_blob);
700 data.len = input.length;
701 } else {
702 data.address = 0;
703 data.len = 0;
704 }
705
706 ret = __sev_do_cmd_locked(SEV_CMD_GET_ID, &data, &argp->error);
707
708 /*
709 * Firmware will return the length of the ID value (either the minimum
710 * required length or the actual length written), return it to the user.
711 */
712 input.length = data.len;
713
714 if (copy_to_user((void __user *)argp->data, &input, sizeof(input))) {
715 ret = -EFAULT;
716 goto e_free;
717 }
718
719 if (id_blob) {
720 if (copy_to_user(input_address, id_blob, data.len)) {
721 ret = -EFAULT;
722 goto e_free;
723 }
724 }
725
726 e_free:
727 kfree(id_blob);
728
729 return ret;
730 }
731
sev_ioctl_do_get_id(struct sev_issue_cmd * argp)732 static int sev_ioctl_do_get_id(struct sev_issue_cmd *argp)
733 {
734 struct sev_data_get_id *data;
735 u64 data_size, user_size;
736 void *id_blob, *mem;
737 int ret;
738
739 /* SEV GET_ID available from SEV API v0.16 and up */
740 if (!sev_version_greater_or_equal(0, 16))
741 return -ENOTSUPP;
742
743 /* SEV FW expects the buffer it fills with the ID to be
744 * 8-byte aligned. Memory allocated should be enough to
745 * hold data structure + alignment padding + memory
746 * where SEV FW writes the ID.
747 */
748 data_size = ALIGN(sizeof(struct sev_data_get_id), 8);
749 user_size = sizeof(struct sev_user_data_get_id);
750
751 mem = kzalloc(data_size + user_size, GFP_KERNEL);
752 if (!mem)
753 return -ENOMEM;
754
755 data = mem;
756 id_blob = mem + data_size;
757
758 data->address = __psp_pa(id_blob);
759 data->len = user_size;
760
761 ret = __sev_do_cmd_locked(SEV_CMD_GET_ID, data, &argp->error);
762 if (!ret) {
763 if (copy_to_user((void __user *)argp->data, id_blob, data->len))
764 ret = -EFAULT;
765 }
766
767 kfree(mem);
768
769 return ret;
770 }
771
sev_ioctl_do_pdh_export(struct sev_issue_cmd * argp,bool writable)772 static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable)
773 {
774 struct sev_device *sev = psp_master->sev_data;
775 struct sev_user_data_pdh_cert_export input;
776 void *pdh_blob = NULL, *cert_blob = NULL;
777 struct sev_data_pdh_cert_export data;
778 void __user *input_cert_chain_address;
779 void __user *input_pdh_cert_address;
780 int ret;
781
782 /* If platform is not in INIT state then transition it to INIT. */
783 if (sev->state != SEV_STATE_INIT) {
784 if (!writable)
785 return -EPERM;
786
787 ret = __sev_platform_init_locked(&argp->error);
788 if (ret)
789 return ret;
790 }
791
792 if (copy_from_user(&input, (void __user *)argp->data, sizeof(input)))
793 return -EFAULT;
794
795 memset(&data, 0, sizeof(data));
796
797 /* Userspace wants to query the certificate length. */
798 if (!input.pdh_cert_address ||
799 !input.pdh_cert_len ||
800 !input.cert_chain_address)
801 goto cmd;
802
803 input_pdh_cert_address = (void __user *)input.pdh_cert_address;
804 input_cert_chain_address = (void __user *)input.cert_chain_address;
805
806 /* Allocate a physically contiguous buffer to store the PDH blob. */
807 if (input.pdh_cert_len > SEV_FW_BLOB_MAX_SIZE)
808 return -EFAULT;
809
810 /* Allocate a physically contiguous buffer to store the cert chain blob. */
811 if (input.cert_chain_len > SEV_FW_BLOB_MAX_SIZE)
812 return -EFAULT;
813
814 pdh_blob = kzalloc(input.pdh_cert_len, GFP_KERNEL);
815 if (!pdh_blob)
816 return -ENOMEM;
817
818 data.pdh_cert_address = __psp_pa(pdh_blob);
819 data.pdh_cert_len = input.pdh_cert_len;
820
821 cert_blob = kzalloc(input.cert_chain_len, GFP_KERNEL);
822 if (!cert_blob) {
823 ret = -ENOMEM;
824 goto e_free_pdh;
825 }
826
827 data.cert_chain_address = __psp_pa(cert_blob);
828 data.cert_chain_len = input.cert_chain_len;
829
830 cmd:
831 ret = __sev_do_cmd_locked(SEV_CMD_PDH_CERT_EXPORT, &data, &argp->error);
832
833 /* If we query the length, FW responded with expected data. */
834 input.cert_chain_len = data.cert_chain_len;
835 input.pdh_cert_len = data.pdh_cert_len;
836
837 if (copy_to_user((void __user *)argp->data, &input, sizeof(input))) {
838 ret = -EFAULT;
839 goto e_free_cert;
840 }
841
842 if (pdh_blob) {
843 if (copy_to_user(input_pdh_cert_address,
844 pdh_blob, input.pdh_cert_len)) {
845 ret = -EFAULT;
846 goto e_free_cert;
847 }
848 }
849
850 if (cert_blob) {
851 if (copy_to_user(input_cert_chain_address,
852 cert_blob, input.cert_chain_len))
853 ret = -EFAULT;
854 }
855
856 e_free_cert:
857 kfree(cert_blob);
858 e_free_pdh:
859 kfree(pdh_blob);
860 return ret;
861 }
862
sev_ioctl(struct file * file,unsigned int ioctl,unsigned long arg)863 static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg)
864 {
865 void __user *argp = (void __user *)arg;
866 struct sev_issue_cmd input;
867 int ret = -EFAULT;
868 bool writable = file->f_mode & FMODE_WRITE;
869
870 if (!psp_master || !psp_master->sev_data)
871 return -ENODEV;
872
873 if (ioctl != SEV_ISSUE_CMD)
874 return -EINVAL;
875
876 if (copy_from_user(&input, argp, sizeof(struct sev_issue_cmd)))
877 return -EFAULT;
878
879 if (input.cmd > SEV_MAX)
880 return -EINVAL;
881
882 mutex_lock(&sev_cmd_mutex);
883
884 switch (input.cmd) {
885
886 case SEV_FACTORY_RESET:
887 ret = sev_ioctl_do_reset(&input, writable);
888 break;
889 case SEV_PLATFORM_STATUS:
890 ret = sev_ioctl_do_platform_status(&input);
891 break;
892 case SEV_PEK_GEN:
893 ret = sev_ioctl_do_pek_pdh_gen(SEV_CMD_PEK_GEN, &input, writable);
894 break;
895 case SEV_PDH_GEN:
896 ret = sev_ioctl_do_pek_pdh_gen(SEV_CMD_PDH_GEN, &input, writable);
897 break;
898 case SEV_PEK_CSR:
899 ret = sev_ioctl_do_pek_csr(&input, writable);
900 break;
901 case SEV_PEK_CERT_IMPORT:
902 ret = sev_ioctl_do_pek_import(&input, writable);
903 break;
904 case SEV_PDH_CERT_EXPORT:
905 ret = sev_ioctl_do_pdh_export(&input, writable);
906 break;
907 case SEV_GET_ID:
908 pr_warn_once("SEV_GET_ID command is deprecated, use SEV_GET_ID2\n");
909 ret = sev_ioctl_do_get_id(&input);
910 break;
911 case SEV_GET_ID2:
912 ret = sev_ioctl_do_get_id2(&input);
913 break;
914 default:
915 ret = -EINVAL;
916 goto out;
917 }
918
919 if (copy_to_user(argp, &input, sizeof(struct sev_issue_cmd)))
920 ret = -EFAULT;
921 out:
922 mutex_unlock(&sev_cmd_mutex);
923
924 return ret;
925 }
926
927 static const struct file_operations sev_fops = {
928 .owner = THIS_MODULE,
929 .unlocked_ioctl = sev_ioctl,
930 };
931
sev_platform_status(struct sev_user_data_status * data,int * error)932 int sev_platform_status(struct sev_user_data_status *data, int *error)
933 {
934 return sev_do_cmd(SEV_CMD_PLATFORM_STATUS, data, error);
935 }
936 EXPORT_SYMBOL_GPL(sev_platform_status);
937
sev_guest_deactivate(struct sev_data_deactivate * data,int * error)938 int sev_guest_deactivate(struct sev_data_deactivate *data, int *error)
939 {
940 return sev_do_cmd(SEV_CMD_DEACTIVATE, data, error);
941 }
942 EXPORT_SYMBOL_GPL(sev_guest_deactivate);
943
sev_guest_activate(struct sev_data_activate * data,int * error)944 int sev_guest_activate(struct sev_data_activate *data, int *error)
945 {
946 return sev_do_cmd(SEV_CMD_ACTIVATE, data, error);
947 }
948 EXPORT_SYMBOL_GPL(sev_guest_activate);
949
sev_guest_decommission(struct sev_data_decommission * data,int * error)950 int sev_guest_decommission(struct sev_data_decommission *data, int *error)
951 {
952 return sev_do_cmd(SEV_CMD_DECOMMISSION, data, error);
953 }
954 EXPORT_SYMBOL_GPL(sev_guest_decommission);
955
sev_guest_df_flush(int * error)956 int sev_guest_df_flush(int *error)
957 {
958 return sev_do_cmd(SEV_CMD_DF_FLUSH, NULL, error);
959 }
960 EXPORT_SYMBOL_GPL(sev_guest_df_flush);
961
sev_exit(struct kref * ref)962 static void sev_exit(struct kref *ref)
963 {
964 misc_deregister(&misc_dev->misc);
965 kfree(misc_dev);
966 misc_dev = NULL;
967 }
968
sev_misc_init(struct sev_device * sev)969 static int sev_misc_init(struct sev_device *sev)
970 {
971 struct device *dev = sev->dev;
972 int ret;
973
974 /*
975 * SEV feature support can be detected on multiple devices but the SEV
976 * FW commands must be issued on the master. During probe, we do not
977 * know the master hence we create /dev/sev on the first device probe.
978 * sev_do_cmd() finds the right master device to which to issue the
979 * command to the firmware.
980 */
981 if (!misc_dev) {
982 struct miscdevice *misc;
983
984 misc_dev = kzalloc(sizeof(*misc_dev), GFP_KERNEL);
985 if (!misc_dev)
986 return -ENOMEM;
987
988 misc = &misc_dev->misc;
989 misc->minor = MISC_DYNAMIC_MINOR;
990 misc->name = DEVICE_NAME;
991 misc->fops = &sev_fops;
992
993 ret = misc_register(misc);
994 if (ret)
995 return ret;
996
997 kref_init(&misc_dev->refcount);
998 } else {
999 kref_get(&misc_dev->refcount);
1000 }
1001
1002 init_waitqueue_head(&sev->int_queue);
1003 sev->misc = misc_dev;
1004 dev_dbg(dev, "registered SEV device\n");
1005
1006 return 0;
1007 }
1008
sev_dev_init(struct psp_device * psp)1009 int sev_dev_init(struct psp_device *psp)
1010 {
1011 struct device *dev = psp->dev;
1012 struct sev_device *sev;
1013 int ret = -ENOMEM;
1014
1015 if (!boot_cpu_has(X86_FEATURE_SEV)) {
1016 dev_info_once(dev, "SEV: memory encryption not enabled by BIOS\n");
1017 return 0;
1018 }
1019
1020 sev = devm_kzalloc(dev, sizeof(*sev), GFP_KERNEL);
1021 if (!sev)
1022 goto e_err;
1023
1024 sev->cmd_buf = (void *)devm_get_free_pages(dev, GFP_KERNEL, 0);
1025 if (!sev->cmd_buf)
1026 goto e_sev;
1027
1028 psp->sev_data = sev;
1029
1030 sev->dev = dev;
1031 sev->psp = psp;
1032
1033 sev->io_regs = psp->io_regs;
1034
1035 sev->vdata = (struct sev_vdata *)psp->vdata->sev;
1036 if (!sev->vdata) {
1037 ret = -ENODEV;
1038 dev_err(dev, "sev: missing driver data\n");
1039 goto e_buf;
1040 }
1041
1042 psp_set_sev_irq_handler(psp, sev_irq_handler, sev);
1043
1044 ret = sev_misc_init(sev);
1045 if (ret)
1046 goto e_irq;
1047
1048 dev_notice(dev, "sev enabled\n");
1049
1050 return 0;
1051
1052 e_irq:
1053 psp_clear_sev_irq_handler(psp);
1054 e_buf:
1055 devm_free_pages(dev, (unsigned long)sev->cmd_buf);
1056 e_sev:
1057 devm_kfree(dev, sev);
1058 e_err:
1059 psp->sev_data = NULL;
1060
1061 dev_notice(dev, "sev initialization failed\n");
1062
1063 return ret;
1064 }
1065
sev_firmware_shutdown(struct sev_device * sev)1066 static void sev_firmware_shutdown(struct sev_device *sev)
1067 {
1068 sev_platform_shutdown(NULL);
1069
1070 if (sev_es_tmr) {
1071 /* The TMR area was encrypted, flush it from the cache */
1072 wbinvd_on_all_cpus();
1073
1074 free_pages((unsigned long)sev_es_tmr,
1075 get_order(SEV_ES_TMR_SIZE));
1076 sev_es_tmr = NULL;
1077 }
1078 }
1079
sev_dev_destroy(struct psp_device * psp)1080 void sev_dev_destroy(struct psp_device *psp)
1081 {
1082 struct sev_device *sev = psp->sev_data;
1083
1084 if (!sev)
1085 return;
1086
1087 sev_firmware_shutdown(sev);
1088
1089 if (sev->misc)
1090 kref_put(&misc_dev->refcount, sev_exit);
1091
1092 psp_clear_sev_irq_handler(psp);
1093 }
1094
sev_issue_cmd_external_user(struct file * filep,unsigned int cmd,void * data,int * error)1095 int sev_issue_cmd_external_user(struct file *filep, unsigned int cmd,
1096 void *data, int *error)
1097 {
1098 if (!filep || filep->f_op != &sev_fops)
1099 return -EBADF;
1100
1101 return sev_do_cmd(cmd, data, error);
1102 }
1103 EXPORT_SYMBOL_GPL(sev_issue_cmd_external_user);
1104
sev_pci_init(void)1105 void sev_pci_init(void)
1106 {
1107 struct sev_device *sev = psp_master->sev_data;
1108 int error, rc;
1109
1110 if (!sev)
1111 return;
1112
1113 psp_timeout = psp_probe_timeout;
1114
1115 if (sev_get_api_version())
1116 goto err;
1117
1118 if (sev_version_greater_or_equal(0, 15) &&
1119 sev_update_firmware(sev->dev) == 0)
1120 sev_get_api_version();
1121
1122 /* Obtain the TMR memory area for SEV-ES use */
1123 sev_es_tmr = sev_fw_alloc(SEV_ES_TMR_SIZE);
1124 if (sev_es_tmr)
1125 /* Must flush the cache before giving it to the firmware */
1126 clflush_cache_range(sev_es_tmr, SEV_ES_TMR_SIZE);
1127 else
1128 dev_warn(sev->dev,
1129 "SEV: TMR allocation failed, SEV-ES support unavailable\n");
1130
1131 /* Initialize the platform */
1132 rc = sev_platform_init(&error);
1133 if (rc) {
1134 dev_err(sev->dev, "SEV: failed to INIT error %#x\n", error);
1135 return;
1136 }
1137
1138 dev_info(sev->dev, "SEV API:%d.%d build:%d\n", sev->api_major,
1139 sev->api_minor, sev->build);
1140
1141 return;
1142
1143 err:
1144 psp_master->sev_data = NULL;
1145 }
1146
sev_pci_exit(void)1147 void sev_pci_exit(void)
1148 {
1149 struct sev_device *sev = psp_master->sev_data;
1150
1151 if (!sev)
1152 return;
1153
1154 sev_firmware_shutdown(sev);
1155 }
1156