1 // SPDX-License-Identifier: GPL-2.0-only
2 /* Copyright (c) 2010,2015,2019 The Linux Foundation. All rights reserved.
3 * Copyright (C) 2015 Linaro Ltd.
4 */
5
6 #include <linux/arm-smccc.h>
7 #include <linux/bitfield.h>
8 #include <linux/bits.h>
9 #include <linux/cleanup.h>
10 #include <linux/clk.h>
11 #include <linux/completion.h>
12 #include <linux/cpumask.h>
13 #include <linux/dma-mapping.h>
14 #include <linux/err.h>
15 #include <linux/export.h>
16 #include <linux/firmware/qcom/qcom_scm.h>
17 #include <linux/firmware/qcom/qcom_tzmem.h>
18 #include <linux/init.h>
19 #include <linux/interconnect.h>
20 #include <linux/interrupt.h>
21 #include <linux/kstrtox.h>
22 #include <linux/module.h>
23 #include <linux/of.h>
24 #include <linux/of_address.h>
25 #include <linux/of_irq.h>
26 #include <linux/of_platform.h>
27 #include <linux/of_reserved_mem.h>
28 #include <linux/platform_device.h>
29 #include <linux/reset-controller.h>
30 #include <linux/sizes.h>
31 #include <linux/types.h>
32
33 #include "qcom_scm.h"
34 #include "qcom_tzmem.h"
35
36 static u32 download_mode;
37
38 struct qcom_scm {
39 struct device *dev;
40 struct clk *core_clk;
41 struct clk *iface_clk;
42 struct clk *bus_clk;
43 struct icc_path *path;
44 struct completion waitq_comp;
45 struct reset_controller_dev reset;
46
47 /* control access to the interconnect path */
48 struct mutex scm_bw_lock;
49 int scm_vote_count;
50
51 u64 dload_mode_addr;
52
53 struct qcom_tzmem_pool *mempool;
54 };
55
56 struct qcom_scm_current_perm_info {
57 __le32 vmid;
58 __le32 perm;
59 __le64 ctx;
60 __le32 ctx_size;
61 __le32 unused;
62 };
63
64 struct qcom_scm_mem_map_info {
65 __le64 mem_addr;
66 __le64 mem_size;
67 };
68
69 /**
70 * struct qcom_scm_qseecom_resp - QSEECOM SCM call response.
71 * @result: Result or status of the SCM call. See &enum qcom_scm_qseecom_result.
72 * @resp_type: Type of the response. See &enum qcom_scm_qseecom_resp_type.
73 * @data: Response data. The type of this data is given in @resp_type.
74 */
75 struct qcom_scm_qseecom_resp {
76 u64 result;
77 u64 resp_type;
78 u64 data;
79 };
80
81 enum qcom_scm_qseecom_result {
82 QSEECOM_RESULT_SUCCESS = 0,
83 QSEECOM_RESULT_INCOMPLETE = 1,
84 QSEECOM_RESULT_BLOCKED_ON_LISTENER = 2,
85 QSEECOM_RESULT_FAILURE = 0xFFFFFFFF,
86 };
87
88 enum qcom_scm_qseecom_resp_type {
89 QSEECOM_SCM_RES_APP_ID = 0xEE01,
90 QSEECOM_SCM_RES_QSEOS_LISTENER_ID = 0xEE02,
91 };
92
93 enum qcom_scm_qseecom_tz_owner {
94 QSEECOM_TZ_OWNER_SIP = 2,
95 QSEECOM_TZ_OWNER_TZ_APPS = 48,
96 QSEECOM_TZ_OWNER_QSEE_OS = 50
97 };
98
99 enum qcom_scm_qseecom_tz_svc {
100 QSEECOM_TZ_SVC_APP_ID_PLACEHOLDER = 0,
101 QSEECOM_TZ_SVC_APP_MGR = 1,
102 QSEECOM_TZ_SVC_INFO = 6,
103 };
104
105 enum qcom_scm_qseecom_tz_cmd_app {
106 QSEECOM_TZ_CMD_APP_SEND = 1,
107 QSEECOM_TZ_CMD_APP_LOOKUP = 3,
108 };
109
110 enum qcom_scm_qseecom_tz_cmd_info {
111 QSEECOM_TZ_CMD_INFO_VERSION = 3,
112 };
113
114 #define QSEECOM_MAX_APP_NAME_SIZE 64
115 #define SHMBRIDGE_RESULT_NOTSUPP 4
116
117 /* Each bit configures cold/warm boot address for one of the 4 CPUs */
118 static const u8 qcom_scm_cpu_cold_bits[QCOM_SCM_BOOT_MAX_CPUS] = {
119 0, BIT(0), BIT(3), BIT(5)
120 };
121 static const u8 qcom_scm_cpu_warm_bits[QCOM_SCM_BOOT_MAX_CPUS] = {
122 BIT(2), BIT(1), BIT(4), BIT(6)
123 };
124
125 #define QCOM_SMC_WAITQ_FLAG_WAKE_ONE BIT(0)
126
127 #define QCOM_DLOAD_MASK GENMASK(5, 4)
128 #define QCOM_DLOAD_NODUMP 0
129 #define QCOM_DLOAD_FULLDUMP 1
130 #define QCOM_DLOAD_MINIDUMP 2
131 #define QCOM_DLOAD_BOTHDUMP 3
132
133 static const char * const qcom_scm_convention_names[] = {
134 [SMC_CONVENTION_UNKNOWN] = "unknown",
135 [SMC_CONVENTION_ARM_32] = "smc arm 32",
136 [SMC_CONVENTION_ARM_64] = "smc arm 64",
137 [SMC_CONVENTION_LEGACY] = "smc legacy",
138 };
139
140 static const char * const download_mode_name[] = {
141 [QCOM_DLOAD_NODUMP] = "off",
142 [QCOM_DLOAD_FULLDUMP] = "full",
143 [QCOM_DLOAD_MINIDUMP] = "mini",
144 [QCOM_DLOAD_BOTHDUMP] = "full,mini",
145 };
146
147 static struct qcom_scm *__scm;
148
qcom_scm_clk_enable(void)149 static int qcom_scm_clk_enable(void)
150 {
151 int ret;
152
153 ret = clk_prepare_enable(__scm->core_clk);
154 if (ret)
155 goto bail;
156
157 ret = clk_prepare_enable(__scm->iface_clk);
158 if (ret)
159 goto disable_core;
160
161 ret = clk_prepare_enable(__scm->bus_clk);
162 if (ret)
163 goto disable_iface;
164
165 return 0;
166
167 disable_iface:
168 clk_disable_unprepare(__scm->iface_clk);
169 disable_core:
170 clk_disable_unprepare(__scm->core_clk);
171 bail:
172 return ret;
173 }
174
qcom_scm_clk_disable(void)175 static void qcom_scm_clk_disable(void)
176 {
177 clk_disable_unprepare(__scm->core_clk);
178 clk_disable_unprepare(__scm->iface_clk);
179 clk_disable_unprepare(__scm->bus_clk);
180 }
181
qcom_scm_bw_enable(void)182 static int qcom_scm_bw_enable(void)
183 {
184 int ret = 0;
185
186 if (!__scm->path)
187 return 0;
188
189 mutex_lock(&__scm->scm_bw_lock);
190 if (!__scm->scm_vote_count) {
191 ret = icc_set_bw(__scm->path, 0, UINT_MAX);
192 if (ret < 0) {
193 dev_err(__scm->dev, "failed to set bandwidth request\n");
194 goto err_bw;
195 }
196 }
197 __scm->scm_vote_count++;
198 err_bw:
199 mutex_unlock(&__scm->scm_bw_lock);
200
201 return ret;
202 }
203
qcom_scm_bw_disable(void)204 static void qcom_scm_bw_disable(void)
205 {
206 if (!__scm->path)
207 return;
208
209 mutex_lock(&__scm->scm_bw_lock);
210 if (__scm->scm_vote_count-- == 1)
211 icc_set_bw(__scm->path, 0, 0);
212 mutex_unlock(&__scm->scm_bw_lock);
213 }
214
215 enum qcom_scm_convention qcom_scm_convention = SMC_CONVENTION_UNKNOWN;
216 static DEFINE_SPINLOCK(scm_query_lock);
217
qcom_scm_get_tzmem_pool(void)218 struct qcom_tzmem_pool *qcom_scm_get_tzmem_pool(void)
219 {
220 if (!qcom_scm_is_available())
221 return NULL;
222
223 return __scm->mempool;
224 }
225
__get_convention(void)226 static enum qcom_scm_convention __get_convention(void)
227 {
228 unsigned long flags;
229 struct qcom_scm_desc desc = {
230 .svc = QCOM_SCM_SVC_INFO,
231 .cmd = QCOM_SCM_INFO_IS_CALL_AVAIL,
232 .args[0] = SCM_SMC_FNID(QCOM_SCM_SVC_INFO,
233 QCOM_SCM_INFO_IS_CALL_AVAIL) |
234 (ARM_SMCCC_OWNER_SIP << ARM_SMCCC_OWNER_SHIFT),
235 .arginfo = QCOM_SCM_ARGS(1),
236 .owner = ARM_SMCCC_OWNER_SIP,
237 };
238 struct qcom_scm_res res;
239 enum qcom_scm_convention probed_convention;
240 int ret;
241 bool forced = false;
242
243 if (likely(qcom_scm_convention != SMC_CONVENTION_UNKNOWN))
244 return qcom_scm_convention;
245
246 /*
247 * Per the "SMC calling convention specification", the 64-bit calling
248 * convention can only be used when the client is 64-bit, otherwise
249 * system will encounter the undefined behaviour.
250 */
251 #if IS_ENABLED(CONFIG_ARM64)
252 /*
253 * Device isn't required as there is only one argument - no device
254 * needed to dma_map_single to secure world
255 */
256 probed_convention = SMC_CONVENTION_ARM_64;
257 ret = __scm_smc_call(NULL, &desc, probed_convention, &res, true);
258 if (!ret && res.result[0] == 1)
259 goto found;
260
261 /*
262 * Some SC7180 firmwares didn't implement the
263 * QCOM_SCM_INFO_IS_CALL_AVAIL call, so we fallback to forcing ARM_64
264 * calling conventions on these firmwares. Luckily we don't make any
265 * early calls into the firmware on these SoCs so the device pointer
266 * will be valid here to check if the compatible matches.
267 */
268 if (of_device_is_compatible(__scm ? __scm->dev->of_node : NULL, "qcom,scm-sc7180")) {
269 forced = true;
270 goto found;
271 }
272 #endif
273
274 probed_convention = SMC_CONVENTION_ARM_32;
275 ret = __scm_smc_call(NULL, &desc, probed_convention, &res, true);
276 if (!ret && res.result[0] == 1)
277 goto found;
278
279 probed_convention = SMC_CONVENTION_LEGACY;
280 found:
281 spin_lock_irqsave(&scm_query_lock, flags);
282 if (probed_convention != qcom_scm_convention) {
283 qcom_scm_convention = probed_convention;
284 pr_info("qcom_scm: convention: %s%s\n",
285 qcom_scm_convention_names[qcom_scm_convention],
286 forced ? " (forced)" : "");
287 }
288 spin_unlock_irqrestore(&scm_query_lock, flags);
289
290 return qcom_scm_convention;
291 }
292
293 /**
294 * qcom_scm_call() - Invoke a syscall in the secure world
295 * @dev: device
296 * @desc: Descriptor structure containing arguments and return values
297 * @res: Structure containing results from SMC/HVC call
298 *
299 * Sends a command to the SCM and waits for the command to finish processing.
300 * This should *only* be called in pre-emptible context.
301 */
qcom_scm_call(struct device * dev,const struct qcom_scm_desc * desc,struct qcom_scm_res * res)302 static int qcom_scm_call(struct device *dev, const struct qcom_scm_desc *desc,
303 struct qcom_scm_res *res)
304 {
305 might_sleep();
306 switch (__get_convention()) {
307 case SMC_CONVENTION_ARM_32:
308 case SMC_CONVENTION_ARM_64:
309 return scm_smc_call(dev, desc, res, false);
310 case SMC_CONVENTION_LEGACY:
311 return scm_legacy_call(dev, desc, res);
312 default:
313 pr_err("Unknown current SCM calling convention.\n");
314 return -EINVAL;
315 }
316 }
317
318 /**
319 * qcom_scm_call_atomic() - atomic variation of qcom_scm_call()
320 * @dev: device
321 * @desc: Descriptor structure containing arguments and return values
322 * @res: Structure containing results from SMC/HVC call
323 *
324 * Sends a command to the SCM and waits for the command to finish processing.
325 * This can be called in atomic context.
326 */
qcom_scm_call_atomic(struct device * dev,const struct qcom_scm_desc * desc,struct qcom_scm_res * res)327 static int qcom_scm_call_atomic(struct device *dev,
328 const struct qcom_scm_desc *desc,
329 struct qcom_scm_res *res)
330 {
331 switch (__get_convention()) {
332 case SMC_CONVENTION_ARM_32:
333 case SMC_CONVENTION_ARM_64:
334 return scm_smc_call(dev, desc, res, true);
335 case SMC_CONVENTION_LEGACY:
336 return scm_legacy_call_atomic(dev, desc, res);
337 default:
338 pr_err("Unknown current SCM calling convention.\n");
339 return -EINVAL;
340 }
341 }
342
__qcom_scm_is_call_available(struct device * dev,u32 svc_id,u32 cmd_id)343 static bool __qcom_scm_is_call_available(struct device *dev, u32 svc_id,
344 u32 cmd_id)
345 {
346 int ret;
347 struct qcom_scm_desc desc = {
348 .svc = QCOM_SCM_SVC_INFO,
349 .cmd = QCOM_SCM_INFO_IS_CALL_AVAIL,
350 .owner = ARM_SMCCC_OWNER_SIP,
351 };
352 struct qcom_scm_res res;
353
354 desc.arginfo = QCOM_SCM_ARGS(1);
355 switch (__get_convention()) {
356 case SMC_CONVENTION_ARM_32:
357 case SMC_CONVENTION_ARM_64:
358 desc.args[0] = SCM_SMC_FNID(svc_id, cmd_id) |
359 (ARM_SMCCC_OWNER_SIP << ARM_SMCCC_OWNER_SHIFT);
360 break;
361 case SMC_CONVENTION_LEGACY:
362 desc.args[0] = SCM_LEGACY_FNID(svc_id, cmd_id);
363 break;
364 default:
365 pr_err("Unknown SMC convention being used\n");
366 return false;
367 }
368
369 ret = qcom_scm_call(dev, &desc, &res);
370
371 return ret ? false : !!res.result[0];
372 }
373
qcom_scm_set_boot_addr(void * entry,const u8 * cpu_bits)374 static int qcom_scm_set_boot_addr(void *entry, const u8 *cpu_bits)
375 {
376 int cpu;
377 unsigned int flags = 0;
378 struct qcom_scm_desc desc = {
379 .svc = QCOM_SCM_SVC_BOOT,
380 .cmd = QCOM_SCM_BOOT_SET_ADDR,
381 .arginfo = QCOM_SCM_ARGS(2),
382 .owner = ARM_SMCCC_OWNER_SIP,
383 };
384
385 for_each_present_cpu(cpu) {
386 if (cpu >= QCOM_SCM_BOOT_MAX_CPUS)
387 return -EINVAL;
388 flags |= cpu_bits[cpu];
389 }
390
391 desc.args[0] = flags;
392 desc.args[1] = virt_to_phys(entry);
393
394 return qcom_scm_call_atomic(__scm ? __scm->dev : NULL, &desc, NULL);
395 }
396
qcom_scm_set_boot_addr_mc(void * entry,unsigned int flags)397 static int qcom_scm_set_boot_addr_mc(void *entry, unsigned int flags)
398 {
399 struct qcom_scm_desc desc = {
400 .svc = QCOM_SCM_SVC_BOOT,
401 .cmd = QCOM_SCM_BOOT_SET_ADDR_MC,
402 .owner = ARM_SMCCC_OWNER_SIP,
403 .arginfo = QCOM_SCM_ARGS(6),
404 .args = {
405 virt_to_phys(entry),
406 /* Apply to all CPUs in all affinity levels */
407 ~0ULL, ~0ULL, ~0ULL, ~0ULL,
408 flags,
409 },
410 };
411
412 /* Need a device for DMA of the additional arguments */
413 if (!__scm || __get_convention() == SMC_CONVENTION_LEGACY)
414 return -EOPNOTSUPP;
415
416 return qcom_scm_call(__scm->dev, &desc, NULL);
417 }
418
419 /**
420 * qcom_scm_set_warm_boot_addr() - Set the warm boot address for all cpus
421 * @entry: Entry point function for the cpus
422 *
423 * Set the Linux entry point for the SCM to transfer control to when coming
424 * out of a power down. CPU power down may be executed on cpuidle or hotplug.
425 */
qcom_scm_set_warm_boot_addr(void * entry)426 int qcom_scm_set_warm_boot_addr(void *entry)
427 {
428 if (qcom_scm_set_boot_addr_mc(entry, QCOM_SCM_BOOT_MC_FLAG_WARMBOOT))
429 /* Fallback to old SCM call */
430 return qcom_scm_set_boot_addr(entry, qcom_scm_cpu_warm_bits);
431 return 0;
432 }
433 EXPORT_SYMBOL_GPL(qcom_scm_set_warm_boot_addr);
434
435 /**
436 * qcom_scm_set_cold_boot_addr() - Set the cold boot address for all cpus
437 * @entry: Entry point function for the cpus
438 */
qcom_scm_set_cold_boot_addr(void * entry)439 int qcom_scm_set_cold_boot_addr(void *entry)
440 {
441 if (qcom_scm_set_boot_addr_mc(entry, QCOM_SCM_BOOT_MC_FLAG_COLDBOOT))
442 /* Fallback to old SCM call */
443 return qcom_scm_set_boot_addr(entry, qcom_scm_cpu_cold_bits);
444 return 0;
445 }
446 EXPORT_SYMBOL_GPL(qcom_scm_set_cold_boot_addr);
447
448 /**
449 * qcom_scm_cpu_power_down() - Power down the cpu
450 * @flags: Flags to flush cache
451 *
452 * This is an end point to power down cpu. If there was a pending interrupt,
453 * the control would return from this function, otherwise, the cpu jumps to the
454 * warm boot entry point set for this cpu upon reset.
455 */
qcom_scm_cpu_power_down(u32 flags)456 void qcom_scm_cpu_power_down(u32 flags)
457 {
458 struct qcom_scm_desc desc = {
459 .svc = QCOM_SCM_SVC_BOOT,
460 .cmd = QCOM_SCM_BOOT_TERMINATE_PC,
461 .args[0] = flags & QCOM_SCM_FLUSH_FLAG_MASK,
462 .arginfo = QCOM_SCM_ARGS(1),
463 .owner = ARM_SMCCC_OWNER_SIP,
464 };
465
466 qcom_scm_call_atomic(__scm ? __scm->dev : NULL, &desc, NULL);
467 }
468 EXPORT_SYMBOL_GPL(qcom_scm_cpu_power_down);
469
qcom_scm_set_remote_state(u32 state,u32 id)470 int qcom_scm_set_remote_state(u32 state, u32 id)
471 {
472 struct qcom_scm_desc desc = {
473 .svc = QCOM_SCM_SVC_BOOT,
474 .cmd = QCOM_SCM_BOOT_SET_REMOTE_STATE,
475 .arginfo = QCOM_SCM_ARGS(2),
476 .args[0] = state,
477 .args[1] = id,
478 .owner = ARM_SMCCC_OWNER_SIP,
479 };
480 struct qcom_scm_res res;
481 int ret;
482
483 ret = qcom_scm_call(__scm->dev, &desc, &res);
484
485 return ret ? : res.result[0];
486 }
487 EXPORT_SYMBOL_GPL(qcom_scm_set_remote_state);
488
qcom_scm_disable_sdi(void)489 static int qcom_scm_disable_sdi(void)
490 {
491 int ret;
492 struct qcom_scm_desc desc = {
493 .svc = QCOM_SCM_SVC_BOOT,
494 .cmd = QCOM_SCM_BOOT_SDI_CONFIG,
495 .args[0] = 1, /* Disable watchdog debug */
496 .args[1] = 0, /* Disable SDI */
497 .arginfo = QCOM_SCM_ARGS(2),
498 .owner = ARM_SMCCC_OWNER_SIP,
499 };
500 struct qcom_scm_res res;
501
502 ret = qcom_scm_clk_enable();
503 if (ret)
504 return ret;
505 ret = qcom_scm_call(__scm->dev, &desc, &res);
506
507 qcom_scm_clk_disable();
508
509 return ret ? : res.result[0];
510 }
511
__qcom_scm_set_dload_mode(struct device * dev,bool enable)512 static int __qcom_scm_set_dload_mode(struct device *dev, bool enable)
513 {
514 struct qcom_scm_desc desc = {
515 .svc = QCOM_SCM_SVC_BOOT,
516 .cmd = QCOM_SCM_BOOT_SET_DLOAD_MODE,
517 .arginfo = QCOM_SCM_ARGS(2),
518 .args[0] = QCOM_SCM_BOOT_SET_DLOAD_MODE,
519 .owner = ARM_SMCCC_OWNER_SIP,
520 };
521
522 desc.args[1] = enable ? QCOM_SCM_BOOT_SET_DLOAD_MODE : 0;
523
524 return qcom_scm_call_atomic(__scm->dev, &desc, NULL);
525 }
526
qcom_scm_io_rmw(phys_addr_t addr,unsigned int mask,unsigned int val)527 static int qcom_scm_io_rmw(phys_addr_t addr, unsigned int mask, unsigned int val)
528 {
529 unsigned int old;
530 unsigned int new;
531 int ret;
532
533 ret = qcom_scm_io_readl(addr, &old);
534 if (ret)
535 return ret;
536
537 new = (old & ~mask) | (val & mask);
538
539 return qcom_scm_io_writel(addr, new);
540 }
541
qcom_scm_set_download_mode(u32 dload_mode)542 static void qcom_scm_set_download_mode(u32 dload_mode)
543 {
544 int ret = 0;
545
546 if (__scm->dload_mode_addr) {
547 ret = qcom_scm_io_rmw(__scm->dload_mode_addr, QCOM_DLOAD_MASK,
548 FIELD_PREP(QCOM_DLOAD_MASK, dload_mode));
549 } else if (__qcom_scm_is_call_available(__scm->dev, QCOM_SCM_SVC_BOOT,
550 QCOM_SCM_BOOT_SET_DLOAD_MODE)) {
551 ret = __qcom_scm_set_dload_mode(__scm->dev, !!dload_mode);
552 } else if (dload_mode) {
553 dev_err(__scm->dev,
554 "No available mechanism for setting download mode\n");
555 }
556
557 if (ret)
558 dev_err(__scm->dev, "failed to set download mode: %d\n", ret);
559 }
560
561 /**
562 * qcom_scm_pas_init_image() - Initialize peripheral authentication service
563 * state machine for a given peripheral, using the
564 * metadata
565 * @peripheral: peripheral id
566 * @metadata: pointer to memory containing ELF header, program header table
567 * and optional blob of data used for authenticating the metadata
568 * and the rest of the firmware
569 * @size: size of the metadata
570 * @ctx: optional metadata context
571 *
572 * Return: 0 on success.
573 *
574 * Upon successful return, the PAS metadata context (@ctx) will be used to
575 * track the metadata allocation, this needs to be released by invoking
576 * qcom_scm_pas_metadata_release() by the caller.
577 */
qcom_scm_pas_init_image(u32 peripheral,const void * metadata,size_t size,struct qcom_scm_pas_metadata * ctx)578 int qcom_scm_pas_init_image(u32 peripheral, const void *metadata, size_t size,
579 struct qcom_scm_pas_metadata *ctx)
580 {
581 dma_addr_t mdata_phys;
582 void *mdata_buf;
583 int ret;
584 struct qcom_scm_desc desc = {
585 .svc = QCOM_SCM_SVC_PIL,
586 .cmd = QCOM_SCM_PIL_PAS_INIT_IMAGE,
587 .arginfo = QCOM_SCM_ARGS(2, QCOM_SCM_VAL, QCOM_SCM_RW),
588 .args[0] = peripheral,
589 .owner = ARM_SMCCC_OWNER_SIP,
590 };
591 struct qcom_scm_res res;
592
593 /*
594 * During the scm call memory protection will be enabled for the meta
595 * data blob, so make sure it's physically contiguous, 4K aligned and
596 * non-cachable to avoid XPU violations.
597 *
598 * For PIL calls the hypervisor creates SHM Bridges for the blob
599 * buffers on behalf of Linux so we must not do it ourselves hence
600 * not using the TZMem allocator here.
601 *
602 * If we pass a buffer that is already part of an SHM Bridge to this
603 * call, it will fail.
604 */
605 mdata_buf = dma_alloc_coherent(__scm->dev, size, &mdata_phys,
606 GFP_KERNEL);
607 if (!mdata_buf)
608 return -ENOMEM;
609
610 memcpy(mdata_buf, metadata, size);
611
612 ret = qcom_scm_clk_enable();
613 if (ret)
614 goto out;
615
616 ret = qcom_scm_bw_enable();
617 if (ret)
618 goto disable_clk;
619
620 desc.args[1] = mdata_phys;
621
622 ret = qcom_scm_call(__scm->dev, &desc, &res);
623 qcom_scm_bw_disable();
624
625 disable_clk:
626 qcom_scm_clk_disable();
627
628 out:
629 if (ret < 0 || !ctx) {
630 dma_free_coherent(__scm->dev, size, mdata_buf, mdata_phys);
631 } else if (ctx) {
632 ctx->ptr = mdata_buf;
633 ctx->phys = mdata_phys;
634 ctx->size = size;
635 }
636
637 return ret ? : res.result[0];
638 }
639 EXPORT_SYMBOL_GPL(qcom_scm_pas_init_image);
640
641 /**
642 * qcom_scm_pas_metadata_release() - release metadata context
643 * @ctx: metadata context
644 */
qcom_scm_pas_metadata_release(struct qcom_scm_pas_metadata * ctx)645 void qcom_scm_pas_metadata_release(struct qcom_scm_pas_metadata *ctx)
646 {
647 if (!ctx->ptr)
648 return;
649
650 dma_free_coherent(__scm->dev, ctx->size, ctx->ptr, ctx->phys);
651
652 ctx->ptr = NULL;
653 ctx->phys = 0;
654 ctx->size = 0;
655 }
656 EXPORT_SYMBOL_GPL(qcom_scm_pas_metadata_release);
657
658 /**
659 * qcom_scm_pas_mem_setup() - Prepare the memory related to a given peripheral
660 * for firmware loading
661 * @peripheral: peripheral id
662 * @addr: start address of memory area to prepare
663 * @size: size of the memory area to prepare
664 *
665 * Returns 0 on success.
666 */
qcom_scm_pas_mem_setup(u32 peripheral,phys_addr_t addr,phys_addr_t size)667 int qcom_scm_pas_mem_setup(u32 peripheral, phys_addr_t addr, phys_addr_t size)
668 {
669 int ret;
670 struct qcom_scm_desc desc = {
671 .svc = QCOM_SCM_SVC_PIL,
672 .cmd = QCOM_SCM_PIL_PAS_MEM_SETUP,
673 .arginfo = QCOM_SCM_ARGS(3),
674 .args[0] = peripheral,
675 .args[1] = addr,
676 .args[2] = size,
677 .owner = ARM_SMCCC_OWNER_SIP,
678 };
679 struct qcom_scm_res res;
680
681 ret = qcom_scm_clk_enable();
682 if (ret)
683 return ret;
684
685 ret = qcom_scm_bw_enable();
686 if (ret)
687 goto disable_clk;
688
689 ret = qcom_scm_call(__scm->dev, &desc, &res);
690 qcom_scm_bw_disable();
691
692 disable_clk:
693 qcom_scm_clk_disable();
694
695 return ret ? : res.result[0];
696 }
697 EXPORT_SYMBOL_GPL(qcom_scm_pas_mem_setup);
698
699 /**
700 * qcom_scm_pas_auth_and_reset() - Authenticate the given peripheral firmware
701 * and reset the remote processor
702 * @peripheral: peripheral id
703 *
704 * Return 0 on success.
705 */
qcom_scm_pas_auth_and_reset(u32 peripheral)706 int qcom_scm_pas_auth_and_reset(u32 peripheral)
707 {
708 int ret;
709 struct qcom_scm_desc desc = {
710 .svc = QCOM_SCM_SVC_PIL,
711 .cmd = QCOM_SCM_PIL_PAS_AUTH_AND_RESET,
712 .arginfo = QCOM_SCM_ARGS(1),
713 .args[0] = peripheral,
714 .owner = ARM_SMCCC_OWNER_SIP,
715 };
716 struct qcom_scm_res res;
717
718 ret = qcom_scm_clk_enable();
719 if (ret)
720 return ret;
721
722 ret = qcom_scm_bw_enable();
723 if (ret)
724 goto disable_clk;
725
726 ret = qcom_scm_call(__scm->dev, &desc, &res);
727 qcom_scm_bw_disable();
728
729 disable_clk:
730 qcom_scm_clk_disable();
731
732 return ret ? : res.result[0];
733 }
734 EXPORT_SYMBOL_GPL(qcom_scm_pas_auth_and_reset);
735
736 /**
737 * qcom_scm_pas_shutdown() - Shut down the remote processor
738 * @peripheral: peripheral id
739 *
740 * Returns 0 on success.
741 */
qcom_scm_pas_shutdown(u32 peripheral)742 int qcom_scm_pas_shutdown(u32 peripheral)
743 {
744 int ret;
745 struct qcom_scm_desc desc = {
746 .svc = QCOM_SCM_SVC_PIL,
747 .cmd = QCOM_SCM_PIL_PAS_SHUTDOWN,
748 .arginfo = QCOM_SCM_ARGS(1),
749 .args[0] = peripheral,
750 .owner = ARM_SMCCC_OWNER_SIP,
751 };
752 struct qcom_scm_res res;
753
754 ret = qcom_scm_clk_enable();
755 if (ret)
756 return ret;
757
758 ret = qcom_scm_bw_enable();
759 if (ret)
760 goto disable_clk;
761
762 ret = qcom_scm_call(__scm->dev, &desc, &res);
763 qcom_scm_bw_disable();
764
765 disable_clk:
766 qcom_scm_clk_disable();
767
768 return ret ? : res.result[0];
769 }
770 EXPORT_SYMBOL_GPL(qcom_scm_pas_shutdown);
771
772 /**
773 * qcom_scm_pas_supported() - Check if the peripheral authentication service is
774 * available for the given peripherial
775 * @peripheral: peripheral id
776 *
777 * Returns true if PAS is supported for this peripheral, otherwise false.
778 */
qcom_scm_pas_supported(u32 peripheral)779 bool qcom_scm_pas_supported(u32 peripheral)
780 {
781 int ret;
782 struct qcom_scm_desc desc = {
783 .svc = QCOM_SCM_SVC_PIL,
784 .cmd = QCOM_SCM_PIL_PAS_IS_SUPPORTED,
785 .arginfo = QCOM_SCM_ARGS(1),
786 .args[0] = peripheral,
787 .owner = ARM_SMCCC_OWNER_SIP,
788 };
789 struct qcom_scm_res res;
790
791 if (!__qcom_scm_is_call_available(__scm->dev, QCOM_SCM_SVC_PIL,
792 QCOM_SCM_PIL_PAS_IS_SUPPORTED))
793 return false;
794
795 ret = qcom_scm_call(__scm->dev, &desc, &res);
796
797 return ret ? false : !!res.result[0];
798 }
799 EXPORT_SYMBOL_GPL(qcom_scm_pas_supported);
800
__qcom_scm_pas_mss_reset(struct device * dev,bool reset)801 static int __qcom_scm_pas_mss_reset(struct device *dev, bool reset)
802 {
803 struct qcom_scm_desc desc = {
804 .svc = QCOM_SCM_SVC_PIL,
805 .cmd = QCOM_SCM_PIL_PAS_MSS_RESET,
806 .arginfo = QCOM_SCM_ARGS(2),
807 .args[0] = reset,
808 .args[1] = 0,
809 .owner = ARM_SMCCC_OWNER_SIP,
810 };
811 struct qcom_scm_res res;
812 int ret;
813
814 ret = qcom_scm_call(__scm->dev, &desc, &res);
815
816 return ret ? : res.result[0];
817 }
818
qcom_scm_pas_reset_assert(struct reset_controller_dev * rcdev,unsigned long idx)819 static int qcom_scm_pas_reset_assert(struct reset_controller_dev *rcdev,
820 unsigned long idx)
821 {
822 if (idx != 0)
823 return -EINVAL;
824
825 return __qcom_scm_pas_mss_reset(__scm->dev, 1);
826 }
827
qcom_scm_pas_reset_deassert(struct reset_controller_dev * rcdev,unsigned long idx)828 static int qcom_scm_pas_reset_deassert(struct reset_controller_dev *rcdev,
829 unsigned long idx)
830 {
831 if (idx != 0)
832 return -EINVAL;
833
834 return __qcom_scm_pas_mss_reset(__scm->dev, 0);
835 }
836
837 static const struct reset_control_ops qcom_scm_pas_reset_ops = {
838 .assert = qcom_scm_pas_reset_assert,
839 .deassert = qcom_scm_pas_reset_deassert,
840 };
841
qcom_scm_io_readl(phys_addr_t addr,unsigned int * val)842 int qcom_scm_io_readl(phys_addr_t addr, unsigned int *val)
843 {
844 struct qcom_scm_desc desc = {
845 .svc = QCOM_SCM_SVC_IO,
846 .cmd = QCOM_SCM_IO_READ,
847 .arginfo = QCOM_SCM_ARGS(1),
848 .args[0] = addr,
849 .owner = ARM_SMCCC_OWNER_SIP,
850 };
851 struct qcom_scm_res res;
852 int ret;
853
854
855 ret = qcom_scm_call_atomic(__scm->dev, &desc, &res);
856 if (ret >= 0)
857 *val = res.result[0];
858
859 return ret < 0 ? ret : 0;
860 }
861 EXPORT_SYMBOL_GPL(qcom_scm_io_readl);
862
qcom_scm_io_writel(phys_addr_t addr,unsigned int val)863 int qcom_scm_io_writel(phys_addr_t addr, unsigned int val)
864 {
865 struct qcom_scm_desc desc = {
866 .svc = QCOM_SCM_SVC_IO,
867 .cmd = QCOM_SCM_IO_WRITE,
868 .arginfo = QCOM_SCM_ARGS(2),
869 .args[0] = addr,
870 .args[1] = val,
871 .owner = ARM_SMCCC_OWNER_SIP,
872 };
873
874 return qcom_scm_call_atomic(__scm->dev, &desc, NULL);
875 }
876 EXPORT_SYMBOL_GPL(qcom_scm_io_writel);
877
878 /**
879 * qcom_scm_restore_sec_cfg_available() - Check if secure environment
880 * supports restore security config interface.
881 *
882 * Return true if restore-cfg interface is supported, false if not.
883 */
qcom_scm_restore_sec_cfg_available(void)884 bool qcom_scm_restore_sec_cfg_available(void)
885 {
886 return __qcom_scm_is_call_available(__scm->dev, QCOM_SCM_SVC_MP,
887 QCOM_SCM_MP_RESTORE_SEC_CFG);
888 }
889 EXPORT_SYMBOL_GPL(qcom_scm_restore_sec_cfg_available);
890
qcom_scm_restore_sec_cfg(u32 device_id,u32 spare)891 int qcom_scm_restore_sec_cfg(u32 device_id, u32 spare)
892 {
893 struct qcom_scm_desc desc = {
894 .svc = QCOM_SCM_SVC_MP,
895 .cmd = QCOM_SCM_MP_RESTORE_SEC_CFG,
896 .arginfo = QCOM_SCM_ARGS(2),
897 .args[0] = device_id,
898 .args[1] = spare,
899 .owner = ARM_SMCCC_OWNER_SIP,
900 };
901 struct qcom_scm_res res;
902 int ret;
903
904 ret = qcom_scm_call(__scm->dev, &desc, &res);
905
906 return ret ? : res.result[0];
907 }
908 EXPORT_SYMBOL_GPL(qcom_scm_restore_sec_cfg);
909
qcom_scm_iommu_secure_ptbl_size(u32 spare,size_t * size)910 int qcom_scm_iommu_secure_ptbl_size(u32 spare, size_t *size)
911 {
912 struct qcom_scm_desc desc = {
913 .svc = QCOM_SCM_SVC_MP,
914 .cmd = QCOM_SCM_MP_IOMMU_SECURE_PTBL_SIZE,
915 .arginfo = QCOM_SCM_ARGS(1),
916 .args[0] = spare,
917 .owner = ARM_SMCCC_OWNER_SIP,
918 };
919 struct qcom_scm_res res;
920 int ret;
921
922 ret = qcom_scm_call(__scm->dev, &desc, &res);
923
924 if (size)
925 *size = res.result[0];
926
927 return ret ? : res.result[1];
928 }
929 EXPORT_SYMBOL_GPL(qcom_scm_iommu_secure_ptbl_size);
930
qcom_scm_iommu_secure_ptbl_init(u64 addr,u32 size,u32 spare)931 int qcom_scm_iommu_secure_ptbl_init(u64 addr, u32 size, u32 spare)
932 {
933 struct qcom_scm_desc desc = {
934 .svc = QCOM_SCM_SVC_MP,
935 .cmd = QCOM_SCM_MP_IOMMU_SECURE_PTBL_INIT,
936 .arginfo = QCOM_SCM_ARGS(3, QCOM_SCM_RW, QCOM_SCM_VAL,
937 QCOM_SCM_VAL),
938 .args[0] = addr,
939 .args[1] = size,
940 .args[2] = spare,
941 .owner = ARM_SMCCC_OWNER_SIP,
942 };
943 int ret;
944
945 ret = qcom_scm_call(__scm->dev, &desc, NULL);
946
947 /* the pg table has been initialized already, ignore the error */
948 if (ret == -EPERM)
949 ret = 0;
950
951 return ret;
952 }
953 EXPORT_SYMBOL_GPL(qcom_scm_iommu_secure_ptbl_init);
954
qcom_scm_iommu_set_cp_pool_size(u32 spare,u32 size)955 int qcom_scm_iommu_set_cp_pool_size(u32 spare, u32 size)
956 {
957 struct qcom_scm_desc desc = {
958 .svc = QCOM_SCM_SVC_MP,
959 .cmd = QCOM_SCM_MP_IOMMU_SET_CP_POOL_SIZE,
960 .arginfo = QCOM_SCM_ARGS(2),
961 .args[0] = size,
962 .args[1] = spare,
963 .owner = ARM_SMCCC_OWNER_SIP,
964 };
965
966 return qcom_scm_call(__scm->dev, &desc, NULL);
967 }
968 EXPORT_SYMBOL_GPL(qcom_scm_iommu_set_cp_pool_size);
969
qcom_scm_mem_protect_video_var(u32 cp_start,u32 cp_size,u32 cp_nonpixel_start,u32 cp_nonpixel_size)970 int qcom_scm_mem_protect_video_var(u32 cp_start, u32 cp_size,
971 u32 cp_nonpixel_start,
972 u32 cp_nonpixel_size)
973 {
974 int ret;
975 struct qcom_scm_desc desc = {
976 .svc = QCOM_SCM_SVC_MP,
977 .cmd = QCOM_SCM_MP_VIDEO_VAR,
978 .arginfo = QCOM_SCM_ARGS(4, QCOM_SCM_VAL, QCOM_SCM_VAL,
979 QCOM_SCM_VAL, QCOM_SCM_VAL),
980 .args[0] = cp_start,
981 .args[1] = cp_size,
982 .args[2] = cp_nonpixel_start,
983 .args[3] = cp_nonpixel_size,
984 .owner = ARM_SMCCC_OWNER_SIP,
985 };
986 struct qcom_scm_res res;
987
988 ret = qcom_scm_call(__scm->dev, &desc, &res);
989
990 return ret ? : res.result[0];
991 }
992 EXPORT_SYMBOL_GPL(qcom_scm_mem_protect_video_var);
993
__qcom_scm_assign_mem(struct device * dev,phys_addr_t mem_region,size_t mem_sz,phys_addr_t src,size_t src_sz,phys_addr_t dest,size_t dest_sz)994 static int __qcom_scm_assign_mem(struct device *dev, phys_addr_t mem_region,
995 size_t mem_sz, phys_addr_t src, size_t src_sz,
996 phys_addr_t dest, size_t dest_sz)
997 {
998 int ret;
999 struct qcom_scm_desc desc = {
1000 .svc = QCOM_SCM_SVC_MP,
1001 .cmd = QCOM_SCM_MP_ASSIGN,
1002 .arginfo = QCOM_SCM_ARGS(7, QCOM_SCM_RO, QCOM_SCM_VAL,
1003 QCOM_SCM_RO, QCOM_SCM_VAL, QCOM_SCM_RO,
1004 QCOM_SCM_VAL, QCOM_SCM_VAL),
1005 .args[0] = mem_region,
1006 .args[1] = mem_sz,
1007 .args[2] = src,
1008 .args[3] = src_sz,
1009 .args[4] = dest,
1010 .args[5] = dest_sz,
1011 .args[6] = 0,
1012 .owner = ARM_SMCCC_OWNER_SIP,
1013 };
1014 struct qcom_scm_res res;
1015
1016 ret = qcom_scm_call(dev, &desc, &res);
1017
1018 return ret ? : res.result[0];
1019 }
1020
1021 /**
1022 * qcom_scm_assign_mem() - Make a secure call to reassign memory ownership
1023 * @mem_addr: mem region whose ownership need to be reassigned
1024 * @mem_sz: size of the region.
1025 * @srcvm: vmid for current set of owners, each set bit in
1026 * flag indicate a unique owner
1027 * @newvm: array having new owners and corresponding permission
1028 * flags
1029 * @dest_cnt: number of owners in next set.
1030 *
1031 * Return negative errno on failure or 0 on success with @srcvm updated.
1032 */
qcom_scm_assign_mem(phys_addr_t mem_addr,size_t mem_sz,u64 * srcvm,const struct qcom_scm_vmperm * newvm,unsigned int dest_cnt)1033 int qcom_scm_assign_mem(phys_addr_t mem_addr, size_t mem_sz,
1034 u64 *srcvm,
1035 const struct qcom_scm_vmperm *newvm,
1036 unsigned int dest_cnt)
1037 {
1038 struct qcom_scm_current_perm_info *destvm;
1039 struct qcom_scm_mem_map_info *mem_to_map;
1040 phys_addr_t mem_to_map_phys;
1041 phys_addr_t dest_phys;
1042 phys_addr_t ptr_phys;
1043 size_t mem_to_map_sz;
1044 size_t dest_sz;
1045 size_t src_sz;
1046 size_t ptr_sz;
1047 int next_vm;
1048 __le32 *src;
1049 int ret, i, b;
1050 u64 srcvm_bits = *srcvm;
1051
1052 src_sz = hweight64(srcvm_bits) * sizeof(*src);
1053 mem_to_map_sz = sizeof(*mem_to_map);
1054 dest_sz = dest_cnt * sizeof(*destvm);
1055 ptr_sz = ALIGN(src_sz, SZ_64) + ALIGN(mem_to_map_sz, SZ_64) +
1056 ALIGN(dest_sz, SZ_64);
1057
1058 void *ptr __free(qcom_tzmem) = qcom_tzmem_alloc(__scm->mempool,
1059 ptr_sz, GFP_KERNEL);
1060 if (!ptr)
1061 return -ENOMEM;
1062
1063 ptr_phys = qcom_tzmem_to_phys(ptr);
1064
1065 /* Fill source vmid detail */
1066 src = ptr;
1067 i = 0;
1068 for (b = 0; b < BITS_PER_TYPE(u64); b++) {
1069 if (srcvm_bits & BIT(b))
1070 src[i++] = cpu_to_le32(b);
1071 }
1072
1073 /* Fill details of mem buff to map */
1074 mem_to_map = ptr + ALIGN(src_sz, SZ_64);
1075 mem_to_map_phys = ptr_phys + ALIGN(src_sz, SZ_64);
1076 mem_to_map->mem_addr = cpu_to_le64(mem_addr);
1077 mem_to_map->mem_size = cpu_to_le64(mem_sz);
1078
1079 next_vm = 0;
1080 /* Fill details of next vmid detail */
1081 destvm = ptr + ALIGN(mem_to_map_sz, SZ_64) + ALIGN(src_sz, SZ_64);
1082 dest_phys = ptr_phys + ALIGN(mem_to_map_sz, SZ_64) + ALIGN(src_sz, SZ_64);
1083 for (i = 0; i < dest_cnt; i++, destvm++, newvm++) {
1084 destvm->vmid = cpu_to_le32(newvm->vmid);
1085 destvm->perm = cpu_to_le32(newvm->perm);
1086 destvm->ctx = 0;
1087 destvm->ctx_size = 0;
1088 next_vm |= BIT(newvm->vmid);
1089 }
1090
1091 ret = __qcom_scm_assign_mem(__scm->dev, mem_to_map_phys, mem_to_map_sz,
1092 ptr_phys, src_sz, dest_phys, dest_sz);
1093 if (ret) {
1094 dev_err(__scm->dev,
1095 "Assign memory protection call failed %d\n", ret);
1096 return -EINVAL;
1097 }
1098
1099 *srcvm = next_vm;
1100 return 0;
1101 }
1102 EXPORT_SYMBOL_GPL(qcom_scm_assign_mem);
1103
1104 /**
1105 * qcom_scm_ocmem_lock_available() - is OCMEM lock/unlock interface available
1106 */
qcom_scm_ocmem_lock_available(void)1107 bool qcom_scm_ocmem_lock_available(void)
1108 {
1109 return __qcom_scm_is_call_available(__scm->dev, QCOM_SCM_SVC_OCMEM,
1110 QCOM_SCM_OCMEM_LOCK_CMD);
1111 }
1112 EXPORT_SYMBOL_GPL(qcom_scm_ocmem_lock_available);
1113
1114 /**
1115 * qcom_scm_ocmem_lock() - call OCMEM lock interface to assign an OCMEM
1116 * region to the specified initiator
1117 *
1118 * @id: tz initiator id
1119 * @offset: OCMEM offset
1120 * @size: OCMEM size
1121 * @mode: access mode (WIDE/NARROW)
1122 */
qcom_scm_ocmem_lock(enum qcom_scm_ocmem_client id,u32 offset,u32 size,u32 mode)1123 int qcom_scm_ocmem_lock(enum qcom_scm_ocmem_client id, u32 offset, u32 size,
1124 u32 mode)
1125 {
1126 struct qcom_scm_desc desc = {
1127 .svc = QCOM_SCM_SVC_OCMEM,
1128 .cmd = QCOM_SCM_OCMEM_LOCK_CMD,
1129 .args[0] = id,
1130 .args[1] = offset,
1131 .args[2] = size,
1132 .args[3] = mode,
1133 .arginfo = QCOM_SCM_ARGS(4),
1134 };
1135
1136 return qcom_scm_call(__scm->dev, &desc, NULL);
1137 }
1138 EXPORT_SYMBOL_GPL(qcom_scm_ocmem_lock);
1139
1140 /**
1141 * qcom_scm_ocmem_unlock() - call OCMEM unlock interface to release an OCMEM
1142 * region from the specified initiator
1143 *
1144 * @id: tz initiator id
1145 * @offset: OCMEM offset
1146 * @size: OCMEM size
1147 */
qcom_scm_ocmem_unlock(enum qcom_scm_ocmem_client id,u32 offset,u32 size)1148 int qcom_scm_ocmem_unlock(enum qcom_scm_ocmem_client id, u32 offset, u32 size)
1149 {
1150 struct qcom_scm_desc desc = {
1151 .svc = QCOM_SCM_SVC_OCMEM,
1152 .cmd = QCOM_SCM_OCMEM_UNLOCK_CMD,
1153 .args[0] = id,
1154 .args[1] = offset,
1155 .args[2] = size,
1156 .arginfo = QCOM_SCM_ARGS(3),
1157 };
1158
1159 return qcom_scm_call(__scm->dev, &desc, NULL);
1160 }
1161 EXPORT_SYMBOL_GPL(qcom_scm_ocmem_unlock);
1162
1163 /**
1164 * qcom_scm_ice_available() - Is the ICE key programming interface available?
1165 *
1166 * Return: true iff the SCM calls wrapped by qcom_scm_ice_invalidate_key() and
1167 * qcom_scm_ice_set_key() are available.
1168 */
qcom_scm_ice_available(void)1169 bool qcom_scm_ice_available(void)
1170 {
1171 return __qcom_scm_is_call_available(__scm->dev, QCOM_SCM_SVC_ES,
1172 QCOM_SCM_ES_INVALIDATE_ICE_KEY) &&
1173 __qcom_scm_is_call_available(__scm->dev, QCOM_SCM_SVC_ES,
1174 QCOM_SCM_ES_CONFIG_SET_ICE_KEY);
1175 }
1176 EXPORT_SYMBOL_GPL(qcom_scm_ice_available);
1177
1178 /**
1179 * qcom_scm_ice_invalidate_key() - Invalidate an inline encryption key
1180 * @index: the keyslot to invalidate
1181 *
1182 * The UFSHCI and eMMC standards define a standard way to do this, but it
1183 * doesn't work on these SoCs; only this SCM call does.
1184 *
1185 * It is assumed that the SoC has only one ICE instance being used, as this SCM
1186 * call doesn't specify which ICE instance the keyslot belongs to.
1187 *
1188 * Return: 0 on success; -errno on failure.
1189 */
qcom_scm_ice_invalidate_key(u32 index)1190 int qcom_scm_ice_invalidate_key(u32 index)
1191 {
1192 struct qcom_scm_desc desc = {
1193 .svc = QCOM_SCM_SVC_ES,
1194 .cmd = QCOM_SCM_ES_INVALIDATE_ICE_KEY,
1195 .arginfo = QCOM_SCM_ARGS(1),
1196 .args[0] = index,
1197 .owner = ARM_SMCCC_OWNER_SIP,
1198 };
1199
1200 return qcom_scm_call(__scm->dev, &desc, NULL);
1201 }
1202 EXPORT_SYMBOL_GPL(qcom_scm_ice_invalidate_key);
1203
1204 /**
1205 * qcom_scm_ice_set_key() - Set an inline encryption key
1206 * @index: the keyslot into which to set the key
1207 * @key: the key to program
1208 * @key_size: the size of the key in bytes
1209 * @cipher: the encryption algorithm the key is for
1210 * @data_unit_size: the encryption data unit size, i.e. the size of each
1211 * individual plaintext and ciphertext. Given in 512-byte
1212 * units, e.g. 1 = 512 bytes, 8 = 4096 bytes, etc.
1213 *
1214 * Program a key into a keyslot of Qualcomm ICE (Inline Crypto Engine), where it
1215 * can then be used to encrypt/decrypt UFS or eMMC I/O requests inline.
1216 *
1217 * The UFSHCI and eMMC standards define a standard way to do this, but it
1218 * doesn't work on these SoCs; only this SCM call does.
1219 *
1220 * It is assumed that the SoC has only one ICE instance being used, as this SCM
1221 * call doesn't specify which ICE instance the keyslot belongs to.
1222 *
1223 * Return: 0 on success; -errno on failure.
1224 */
qcom_scm_ice_set_key(u32 index,const u8 * key,u32 key_size,enum qcom_scm_ice_cipher cipher,u32 data_unit_size)1225 int qcom_scm_ice_set_key(u32 index, const u8 *key, u32 key_size,
1226 enum qcom_scm_ice_cipher cipher, u32 data_unit_size)
1227 {
1228 struct qcom_scm_desc desc = {
1229 .svc = QCOM_SCM_SVC_ES,
1230 .cmd = QCOM_SCM_ES_CONFIG_SET_ICE_KEY,
1231 .arginfo = QCOM_SCM_ARGS(5, QCOM_SCM_VAL, QCOM_SCM_RW,
1232 QCOM_SCM_VAL, QCOM_SCM_VAL,
1233 QCOM_SCM_VAL),
1234 .args[0] = index,
1235 .args[2] = key_size,
1236 .args[3] = cipher,
1237 .args[4] = data_unit_size,
1238 .owner = ARM_SMCCC_OWNER_SIP,
1239 };
1240
1241 int ret;
1242
1243 void *keybuf __free(qcom_tzmem) = qcom_tzmem_alloc(__scm->mempool,
1244 key_size,
1245 GFP_KERNEL);
1246 if (!keybuf)
1247 return -ENOMEM;
1248 memcpy(keybuf, key, key_size);
1249 desc.args[1] = qcom_tzmem_to_phys(keybuf);
1250
1251 ret = qcom_scm_call(__scm->dev, &desc, NULL);
1252
1253 memzero_explicit(keybuf, key_size);
1254
1255 return ret;
1256 }
1257 EXPORT_SYMBOL_GPL(qcom_scm_ice_set_key);
1258
1259 /**
1260 * qcom_scm_hdcp_available() - Check if secure environment supports HDCP.
1261 *
1262 * Return true if HDCP is supported, false if not.
1263 */
qcom_scm_hdcp_available(void)1264 bool qcom_scm_hdcp_available(void)
1265 {
1266 bool avail;
1267 int ret = qcom_scm_clk_enable();
1268
1269 if (ret)
1270 return ret;
1271
1272 avail = __qcom_scm_is_call_available(__scm->dev, QCOM_SCM_SVC_HDCP,
1273 QCOM_SCM_HDCP_INVOKE);
1274
1275 qcom_scm_clk_disable();
1276
1277 return avail;
1278 }
1279 EXPORT_SYMBOL_GPL(qcom_scm_hdcp_available);
1280
1281 /**
1282 * qcom_scm_hdcp_req() - Send HDCP request.
1283 * @req: HDCP request array
1284 * @req_cnt: HDCP request array count
1285 * @resp: response buffer passed to SCM
1286 *
1287 * Write HDCP register(s) through SCM.
1288 */
qcom_scm_hdcp_req(struct qcom_scm_hdcp_req * req,u32 req_cnt,u32 * resp)1289 int qcom_scm_hdcp_req(struct qcom_scm_hdcp_req *req, u32 req_cnt, u32 *resp)
1290 {
1291 int ret;
1292 struct qcom_scm_desc desc = {
1293 .svc = QCOM_SCM_SVC_HDCP,
1294 .cmd = QCOM_SCM_HDCP_INVOKE,
1295 .arginfo = QCOM_SCM_ARGS(10),
1296 .args = {
1297 req[0].addr,
1298 req[0].val,
1299 req[1].addr,
1300 req[1].val,
1301 req[2].addr,
1302 req[2].val,
1303 req[3].addr,
1304 req[3].val,
1305 req[4].addr,
1306 req[4].val
1307 },
1308 .owner = ARM_SMCCC_OWNER_SIP,
1309 };
1310 struct qcom_scm_res res;
1311
1312 if (req_cnt > QCOM_SCM_HDCP_MAX_REQ_CNT)
1313 return -ERANGE;
1314
1315 ret = qcom_scm_clk_enable();
1316 if (ret)
1317 return ret;
1318
1319 ret = qcom_scm_call(__scm->dev, &desc, &res);
1320 *resp = res.result[0];
1321
1322 qcom_scm_clk_disable();
1323
1324 return ret;
1325 }
1326 EXPORT_SYMBOL_GPL(qcom_scm_hdcp_req);
1327
qcom_scm_iommu_set_pt_format(u32 sec_id,u32 ctx_num,u32 pt_fmt)1328 int qcom_scm_iommu_set_pt_format(u32 sec_id, u32 ctx_num, u32 pt_fmt)
1329 {
1330 struct qcom_scm_desc desc = {
1331 .svc = QCOM_SCM_SVC_SMMU_PROGRAM,
1332 .cmd = QCOM_SCM_SMMU_PT_FORMAT,
1333 .arginfo = QCOM_SCM_ARGS(3),
1334 .args[0] = sec_id,
1335 .args[1] = ctx_num,
1336 .args[2] = pt_fmt, /* 0: LPAE AArch32 - 1: AArch64 */
1337 .owner = ARM_SMCCC_OWNER_SIP,
1338 };
1339
1340 return qcom_scm_call(__scm->dev, &desc, NULL);
1341 }
1342 EXPORT_SYMBOL_GPL(qcom_scm_iommu_set_pt_format);
1343
qcom_scm_qsmmu500_wait_safe_toggle(bool en)1344 int qcom_scm_qsmmu500_wait_safe_toggle(bool en)
1345 {
1346 struct qcom_scm_desc desc = {
1347 .svc = QCOM_SCM_SVC_SMMU_PROGRAM,
1348 .cmd = QCOM_SCM_SMMU_CONFIG_ERRATA1,
1349 .arginfo = QCOM_SCM_ARGS(2),
1350 .args[0] = QCOM_SCM_SMMU_CONFIG_ERRATA1_CLIENT_ALL,
1351 .args[1] = en,
1352 .owner = ARM_SMCCC_OWNER_SIP,
1353 };
1354
1355
1356 return qcom_scm_call_atomic(__scm->dev, &desc, NULL);
1357 }
1358 EXPORT_SYMBOL_GPL(qcom_scm_qsmmu500_wait_safe_toggle);
1359
qcom_scm_lmh_dcvsh_available(void)1360 bool qcom_scm_lmh_dcvsh_available(void)
1361 {
1362 return __qcom_scm_is_call_available(__scm->dev, QCOM_SCM_SVC_LMH, QCOM_SCM_LMH_LIMIT_DCVSH);
1363 }
1364 EXPORT_SYMBOL_GPL(qcom_scm_lmh_dcvsh_available);
1365
qcom_scm_shm_bridge_enable(void)1366 int qcom_scm_shm_bridge_enable(void)
1367 {
1368 int ret;
1369
1370 struct qcom_scm_desc desc = {
1371 .svc = QCOM_SCM_SVC_MP,
1372 .cmd = QCOM_SCM_MP_SHM_BRIDGE_ENABLE,
1373 .owner = ARM_SMCCC_OWNER_SIP
1374 };
1375
1376 struct qcom_scm_res res;
1377
1378 if (!__qcom_scm_is_call_available(__scm->dev, QCOM_SCM_SVC_MP,
1379 QCOM_SCM_MP_SHM_BRIDGE_ENABLE))
1380 return -EOPNOTSUPP;
1381
1382 ret = qcom_scm_call(__scm->dev, &desc, &res);
1383
1384 if (ret)
1385 return ret;
1386
1387 if (res.result[0] == SHMBRIDGE_RESULT_NOTSUPP)
1388 return -EOPNOTSUPP;
1389
1390 return res.result[0];
1391 }
1392 EXPORT_SYMBOL_GPL(qcom_scm_shm_bridge_enable);
1393
qcom_scm_shm_bridge_create(struct device * dev,u64 pfn_and_ns_perm_flags,u64 ipfn_and_s_perm_flags,u64 size_and_flags,u64 ns_vmids,u64 * handle)1394 int qcom_scm_shm_bridge_create(struct device *dev, u64 pfn_and_ns_perm_flags,
1395 u64 ipfn_and_s_perm_flags, u64 size_and_flags,
1396 u64 ns_vmids, u64 *handle)
1397 {
1398 struct qcom_scm_desc desc = {
1399 .svc = QCOM_SCM_SVC_MP,
1400 .cmd = QCOM_SCM_MP_SHM_BRIDGE_CREATE,
1401 .owner = ARM_SMCCC_OWNER_SIP,
1402 .args[0] = pfn_and_ns_perm_flags,
1403 .args[1] = ipfn_and_s_perm_flags,
1404 .args[2] = size_and_flags,
1405 .args[3] = ns_vmids,
1406 .arginfo = QCOM_SCM_ARGS(4, QCOM_SCM_VAL, QCOM_SCM_VAL,
1407 QCOM_SCM_VAL, QCOM_SCM_VAL),
1408 };
1409
1410 struct qcom_scm_res res;
1411 int ret;
1412
1413 ret = qcom_scm_call(__scm->dev, &desc, &res);
1414
1415 if (handle && !ret)
1416 *handle = res.result[1];
1417
1418 return ret ?: res.result[0];
1419 }
1420 EXPORT_SYMBOL_GPL(qcom_scm_shm_bridge_create);
1421
qcom_scm_shm_bridge_delete(struct device * dev,u64 handle)1422 int qcom_scm_shm_bridge_delete(struct device *dev, u64 handle)
1423 {
1424 struct qcom_scm_desc desc = {
1425 .svc = QCOM_SCM_SVC_MP,
1426 .cmd = QCOM_SCM_MP_SHM_BRIDGE_DELETE,
1427 .owner = ARM_SMCCC_OWNER_SIP,
1428 .args[0] = handle,
1429 .arginfo = QCOM_SCM_ARGS(1, QCOM_SCM_VAL),
1430 };
1431
1432 return qcom_scm_call(__scm->dev, &desc, NULL);
1433 }
1434 EXPORT_SYMBOL_GPL(qcom_scm_shm_bridge_delete);
1435
qcom_scm_lmh_profile_change(u32 profile_id)1436 int qcom_scm_lmh_profile_change(u32 profile_id)
1437 {
1438 struct qcom_scm_desc desc = {
1439 .svc = QCOM_SCM_SVC_LMH,
1440 .cmd = QCOM_SCM_LMH_LIMIT_PROFILE_CHANGE,
1441 .arginfo = QCOM_SCM_ARGS(1, QCOM_SCM_VAL),
1442 .args[0] = profile_id,
1443 .owner = ARM_SMCCC_OWNER_SIP,
1444 };
1445
1446 return qcom_scm_call(__scm->dev, &desc, NULL);
1447 }
1448 EXPORT_SYMBOL_GPL(qcom_scm_lmh_profile_change);
1449
qcom_scm_lmh_dcvsh(u32 payload_fn,u32 payload_reg,u32 payload_val,u64 limit_node,u32 node_id,u64 version)1450 int qcom_scm_lmh_dcvsh(u32 payload_fn, u32 payload_reg, u32 payload_val,
1451 u64 limit_node, u32 node_id, u64 version)
1452 {
1453 int ret, payload_size = 5 * sizeof(u32);
1454
1455 struct qcom_scm_desc desc = {
1456 .svc = QCOM_SCM_SVC_LMH,
1457 .cmd = QCOM_SCM_LMH_LIMIT_DCVSH,
1458 .arginfo = QCOM_SCM_ARGS(5, QCOM_SCM_RO, QCOM_SCM_VAL, QCOM_SCM_VAL,
1459 QCOM_SCM_VAL, QCOM_SCM_VAL),
1460 .args[1] = payload_size,
1461 .args[2] = limit_node,
1462 .args[3] = node_id,
1463 .args[4] = version,
1464 .owner = ARM_SMCCC_OWNER_SIP,
1465 };
1466
1467 u32 *payload_buf __free(qcom_tzmem) = qcom_tzmem_alloc(__scm->mempool,
1468 payload_size,
1469 GFP_KERNEL);
1470 if (!payload_buf)
1471 return -ENOMEM;
1472
1473 payload_buf[0] = payload_fn;
1474 payload_buf[1] = 0;
1475 payload_buf[2] = payload_reg;
1476 payload_buf[3] = 1;
1477 payload_buf[4] = payload_val;
1478
1479 desc.args[0] = qcom_tzmem_to_phys(payload_buf);
1480
1481 ret = qcom_scm_call(__scm->dev, &desc, NULL);
1482
1483 return ret;
1484 }
1485 EXPORT_SYMBOL_GPL(qcom_scm_lmh_dcvsh);
1486
qcom_scm_gpu_init_regs(u32 gpu_req)1487 int qcom_scm_gpu_init_regs(u32 gpu_req)
1488 {
1489 struct qcom_scm_desc desc = {
1490 .svc = QCOM_SCM_SVC_GPU,
1491 .cmd = QCOM_SCM_SVC_GPU_INIT_REGS,
1492 .arginfo = QCOM_SCM_ARGS(1),
1493 .args[0] = gpu_req,
1494 .owner = ARM_SMCCC_OWNER_SIP,
1495 };
1496
1497 return qcom_scm_call(__scm->dev, &desc, NULL);
1498 }
1499 EXPORT_SYMBOL_GPL(qcom_scm_gpu_init_regs);
1500
qcom_scm_find_dload_address(struct device * dev,u64 * addr)1501 static int qcom_scm_find_dload_address(struct device *dev, u64 *addr)
1502 {
1503 struct device_node *tcsr;
1504 struct device_node *np = dev->of_node;
1505 struct resource res;
1506 u32 offset;
1507 int ret;
1508
1509 tcsr = of_parse_phandle(np, "qcom,dload-mode", 0);
1510 if (!tcsr)
1511 return 0;
1512
1513 ret = of_address_to_resource(tcsr, 0, &res);
1514 of_node_put(tcsr);
1515 if (ret)
1516 return ret;
1517
1518 ret = of_property_read_u32_index(np, "qcom,dload-mode", 1, &offset);
1519 if (ret < 0)
1520 return ret;
1521
1522 *addr = res.start + offset;
1523
1524 return 0;
1525 }
1526
1527 #ifdef CONFIG_QCOM_QSEECOM
1528
1529 /* Lock for QSEECOM SCM call executions */
1530 static DEFINE_MUTEX(qcom_scm_qseecom_call_lock);
1531
__qcom_scm_qseecom_call(const struct qcom_scm_desc * desc,struct qcom_scm_qseecom_resp * res)1532 static int __qcom_scm_qseecom_call(const struct qcom_scm_desc *desc,
1533 struct qcom_scm_qseecom_resp *res)
1534 {
1535 struct qcom_scm_res scm_res = {};
1536 int status;
1537
1538 /*
1539 * QSEECOM SCM calls should not be executed concurrently. Therefore, we
1540 * require the respective call lock to be held.
1541 */
1542 lockdep_assert_held(&qcom_scm_qseecom_call_lock);
1543
1544 status = qcom_scm_call(__scm->dev, desc, &scm_res);
1545
1546 res->result = scm_res.result[0];
1547 res->resp_type = scm_res.result[1];
1548 res->data = scm_res.result[2];
1549
1550 if (status)
1551 return status;
1552
1553 return 0;
1554 }
1555
1556 /**
1557 * qcom_scm_qseecom_call() - Perform a QSEECOM SCM call.
1558 * @desc: SCM call descriptor.
1559 * @res: SCM call response (output).
1560 *
1561 * Performs the QSEECOM SCM call described by @desc, returning the response in
1562 * @rsp.
1563 *
1564 * Return: Zero on success, nonzero on failure.
1565 */
qcom_scm_qseecom_call(const struct qcom_scm_desc * desc,struct qcom_scm_qseecom_resp * res)1566 static int qcom_scm_qseecom_call(const struct qcom_scm_desc *desc,
1567 struct qcom_scm_qseecom_resp *res)
1568 {
1569 int status;
1570
1571 /*
1572 * Note: Multiple QSEECOM SCM calls should not be executed same time,
1573 * so lock things here. This needs to be extended to callback/listener
1574 * handling when support for that is implemented.
1575 */
1576
1577 mutex_lock(&qcom_scm_qseecom_call_lock);
1578 status = __qcom_scm_qseecom_call(desc, res);
1579 mutex_unlock(&qcom_scm_qseecom_call_lock);
1580
1581 dev_dbg(__scm->dev, "%s: owner=%x, svc=%x, cmd=%x, result=%lld, type=%llx, data=%llx\n",
1582 __func__, desc->owner, desc->svc, desc->cmd, res->result,
1583 res->resp_type, res->data);
1584
1585 if (status) {
1586 dev_err(__scm->dev, "qseecom: scm call failed with error %d\n", status);
1587 return status;
1588 }
1589
1590 /*
1591 * TODO: Handle incomplete and blocked calls:
1592 *
1593 * Incomplete and blocked calls are not supported yet. Some devices
1594 * and/or commands require those, some don't. Let's warn about them
1595 * prominently in case someone attempts to try these commands with a
1596 * device/command combination that isn't supported yet.
1597 */
1598 WARN_ON(res->result == QSEECOM_RESULT_INCOMPLETE);
1599 WARN_ON(res->result == QSEECOM_RESULT_BLOCKED_ON_LISTENER);
1600
1601 return 0;
1602 }
1603
1604 /**
1605 * qcom_scm_qseecom_get_version() - Query the QSEECOM version.
1606 * @version: Pointer where the QSEECOM version will be stored.
1607 *
1608 * Performs the QSEECOM SCM querying the QSEECOM version currently running in
1609 * the TrustZone.
1610 *
1611 * Return: Zero on success, nonzero on failure.
1612 */
qcom_scm_qseecom_get_version(u32 * version)1613 static int qcom_scm_qseecom_get_version(u32 *version)
1614 {
1615 struct qcom_scm_desc desc = {};
1616 struct qcom_scm_qseecom_resp res = {};
1617 u32 feature = 10;
1618 int ret;
1619
1620 desc.owner = QSEECOM_TZ_OWNER_SIP;
1621 desc.svc = QSEECOM_TZ_SVC_INFO;
1622 desc.cmd = QSEECOM_TZ_CMD_INFO_VERSION;
1623 desc.arginfo = QCOM_SCM_ARGS(1, QCOM_SCM_VAL);
1624 desc.args[0] = feature;
1625
1626 ret = qcom_scm_qseecom_call(&desc, &res);
1627 if (ret)
1628 return ret;
1629
1630 *version = res.result;
1631 return 0;
1632 }
1633
1634 /**
1635 * qcom_scm_qseecom_app_get_id() - Query the app ID for a given QSEE app name.
1636 * @app_name: The name of the app.
1637 * @app_id: The returned app ID.
1638 *
1639 * Query and return the application ID of the SEE app identified by the given
1640 * name. This returned ID is the unique identifier of the app required for
1641 * subsequent communication.
1642 *
1643 * Return: Zero on success, nonzero on failure, -ENOENT if the app has not been
1644 * loaded or could not be found.
1645 */
qcom_scm_qseecom_app_get_id(const char * app_name,u32 * app_id)1646 int qcom_scm_qseecom_app_get_id(const char *app_name, u32 *app_id)
1647 {
1648 unsigned long name_buf_size = QSEECOM_MAX_APP_NAME_SIZE;
1649 unsigned long app_name_len = strlen(app_name);
1650 struct qcom_scm_desc desc = {};
1651 struct qcom_scm_qseecom_resp res = {};
1652 int status;
1653
1654 if (app_name_len >= name_buf_size)
1655 return -EINVAL;
1656
1657 char *name_buf __free(qcom_tzmem) = qcom_tzmem_alloc(__scm->mempool,
1658 name_buf_size,
1659 GFP_KERNEL);
1660 if (!name_buf)
1661 return -ENOMEM;
1662
1663 memcpy(name_buf, app_name, app_name_len);
1664
1665 desc.owner = QSEECOM_TZ_OWNER_QSEE_OS;
1666 desc.svc = QSEECOM_TZ_SVC_APP_MGR;
1667 desc.cmd = QSEECOM_TZ_CMD_APP_LOOKUP;
1668 desc.arginfo = QCOM_SCM_ARGS(2, QCOM_SCM_RW, QCOM_SCM_VAL);
1669 desc.args[0] = qcom_tzmem_to_phys(name_buf);
1670 desc.args[1] = app_name_len;
1671
1672 status = qcom_scm_qseecom_call(&desc, &res);
1673
1674 if (status)
1675 return status;
1676
1677 if (res.result == QSEECOM_RESULT_FAILURE)
1678 return -ENOENT;
1679
1680 if (res.result != QSEECOM_RESULT_SUCCESS)
1681 return -EINVAL;
1682
1683 if (res.resp_type != QSEECOM_SCM_RES_APP_ID)
1684 return -EINVAL;
1685
1686 *app_id = res.data;
1687 return 0;
1688 }
1689 EXPORT_SYMBOL_GPL(qcom_scm_qseecom_app_get_id);
1690
1691 /**
1692 * qcom_scm_qseecom_app_send() - Send to and receive data from a given QSEE app.
1693 * @app_id: The ID of the target app.
1694 * @req: Request buffer sent to the app (must be TZ memory)
1695 * @req_size: Size of the request buffer.
1696 * @rsp: Response buffer, written to by the app (must be TZ memory)
1697 * @rsp_size: Size of the response buffer.
1698 *
1699 * Sends a request to the QSEE app associated with the given ID and read back
1700 * its response. The caller must provide two DMA memory regions, one for the
1701 * request and one for the response, and fill out the @req region with the
1702 * respective (app-specific) request data. The QSEE app reads this and returns
1703 * its response in the @rsp region.
1704 *
1705 * Return: Zero on success, nonzero on failure.
1706 */
qcom_scm_qseecom_app_send(u32 app_id,void * req,size_t req_size,void * rsp,size_t rsp_size)1707 int qcom_scm_qseecom_app_send(u32 app_id, void *req, size_t req_size,
1708 void *rsp, size_t rsp_size)
1709 {
1710 struct qcom_scm_qseecom_resp res = {};
1711 struct qcom_scm_desc desc = {};
1712 phys_addr_t req_phys;
1713 phys_addr_t rsp_phys;
1714 int status;
1715
1716 req_phys = qcom_tzmem_to_phys(req);
1717 rsp_phys = qcom_tzmem_to_phys(rsp);
1718
1719 desc.owner = QSEECOM_TZ_OWNER_TZ_APPS;
1720 desc.svc = QSEECOM_TZ_SVC_APP_ID_PLACEHOLDER;
1721 desc.cmd = QSEECOM_TZ_CMD_APP_SEND;
1722 desc.arginfo = QCOM_SCM_ARGS(5, QCOM_SCM_VAL,
1723 QCOM_SCM_RW, QCOM_SCM_VAL,
1724 QCOM_SCM_RW, QCOM_SCM_VAL);
1725 desc.args[0] = app_id;
1726 desc.args[1] = req_phys;
1727 desc.args[2] = req_size;
1728 desc.args[3] = rsp_phys;
1729 desc.args[4] = rsp_size;
1730
1731 status = qcom_scm_qseecom_call(&desc, &res);
1732
1733 if (status)
1734 return status;
1735
1736 if (res.result != QSEECOM_RESULT_SUCCESS)
1737 return -EIO;
1738
1739 return 0;
1740 }
1741 EXPORT_SYMBOL_GPL(qcom_scm_qseecom_app_send);
1742
1743 /*
1744 * We do not yet support re-entrant calls via the qseecom interface. To prevent
1745 + any potential issues with this, only allow validated machines for now.
1746 */
1747 static const struct of_device_id qcom_scm_qseecom_allowlist[] __maybe_unused = {
1748 { .compatible = "dell,xps13-9345" },
1749 { .compatible = "lenovo,flex-5g" },
1750 { .compatible = "lenovo,thinkpad-t14s" },
1751 { .compatible = "lenovo,thinkpad-x13s", },
1752 { .compatible = "lenovo,yoga-slim7x" },
1753 { .compatible = "microsoft,romulus13", },
1754 { .compatible = "microsoft,romulus15", },
1755 { .compatible = "qcom,sc8180x-primus" },
1756 { .compatible = "qcom,x1e80100-crd" },
1757 { .compatible = "qcom,x1e80100-qcp" },
1758 { }
1759 };
1760
qcom_scm_qseecom_machine_is_allowed(void)1761 static bool qcom_scm_qseecom_machine_is_allowed(void)
1762 {
1763 struct device_node *np;
1764 bool match;
1765
1766 np = of_find_node_by_path("/");
1767 if (!np)
1768 return false;
1769
1770 match = of_match_node(qcom_scm_qseecom_allowlist, np);
1771 of_node_put(np);
1772
1773 return match;
1774 }
1775
qcom_scm_qseecom_free(void * data)1776 static void qcom_scm_qseecom_free(void *data)
1777 {
1778 struct platform_device *qseecom_dev = data;
1779
1780 platform_device_del(qseecom_dev);
1781 platform_device_put(qseecom_dev);
1782 }
1783
qcom_scm_qseecom_init(struct qcom_scm * scm)1784 static int qcom_scm_qseecom_init(struct qcom_scm *scm)
1785 {
1786 struct platform_device *qseecom_dev;
1787 u32 version;
1788 int ret;
1789
1790 /*
1791 * Note: We do two steps of validation here: First, we try to query the
1792 * QSEECOM version as a check to see if the interface exists on this
1793 * device. Second, we check against known good devices due to current
1794 * driver limitations (see comment in qcom_scm_qseecom_allowlist).
1795 *
1796 * Note that we deliberately do the machine check after the version
1797 * check so that we can log potentially supported devices. This should
1798 * be safe as downstream sources indicate that the version query is
1799 * neither blocking nor reentrant.
1800 */
1801 ret = qcom_scm_qseecom_get_version(&version);
1802 if (ret)
1803 return 0;
1804
1805 dev_info(scm->dev, "qseecom: found qseecom with version 0x%x\n", version);
1806
1807 if (!qcom_scm_qseecom_machine_is_allowed()) {
1808 dev_info(scm->dev, "qseecom: untested machine, skipping\n");
1809 return 0;
1810 }
1811
1812 /*
1813 * Set up QSEECOM interface device. All application clients will be
1814 * set up and managed by the corresponding driver for it.
1815 */
1816 qseecom_dev = platform_device_alloc("qcom_qseecom", -1);
1817 if (!qseecom_dev)
1818 return -ENOMEM;
1819
1820 qseecom_dev->dev.parent = scm->dev;
1821
1822 ret = platform_device_add(qseecom_dev);
1823 if (ret) {
1824 platform_device_put(qseecom_dev);
1825 return ret;
1826 }
1827
1828 return devm_add_action_or_reset(scm->dev, qcom_scm_qseecom_free, qseecom_dev);
1829 }
1830
1831 #else /* CONFIG_QCOM_QSEECOM */
1832
qcom_scm_qseecom_init(struct qcom_scm * scm)1833 static int qcom_scm_qseecom_init(struct qcom_scm *scm)
1834 {
1835 return 0;
1836 }
1837
1838 #endif /* CONFIG_QCOM_QSEECOM */
1839
1840 /**
1841 * qcom_scm_is_available() - Checks if SCM is available
1842 */
qcom_scm_is_available(void)1843 bool qcom_scm_is_available(void)
1844 {
1845 /* Paired with smp_store_release() in qcom_scm_probe */
1846 return !!smp_load_acquire(&__scm);
1847 }
1848 EXPORT_SYMBOL_GPL(qcom_scm_is_available);
1849
qcom_scm_assert_valid_wq_ctx(u32 wq_ctx)1850 static int qcom_scm_assert_valid_wq_ctx(u32 wq_ctx)
1851 {
1852 /* FW currently only supports a single wq_ctx (zero).
1853 * TODO: Update this logic to include dynamic allocation and lookup of
1854 * completion structs when FW supports more wq_ctx values.
1855 */
1856 if (wq_ctx != 0) {
1857 dev_err(__scm->dev, "Firmware unexpectedly passed non-zero wq_ctx\n");
1858 return -EINVAL;
1859 }
1860
1861 return 0;
1862 }
1863
qcom_scm_wait_for_wq_completion(u32 wq_ctx)1864 int qcom_scm_wait_for_wq_completion(u32 wq_ctx)
1865 {
1866 int ret;
1867
1868 ret = qcom_scm_assert_valid_wq_ctx(wq_ctx);
1869 if (ret)
1870 return ret;
1871
1872 wait_for_completion(&__scm->waitq_comp);
1873
1874 return 0;
1875 }
1876
qcom_scm_waitq_wakeup(unsigned int wq_ctx)1877 static int qcom_scm_waitq_wakeup(unsigned int wq_ctx)
1878 {
1879 int ret;
1880
1881 ret = qcom_scm_assert_valid_wq_ctx(wq_ctx);
1882 if (ret)
1883 return ret;
1884
1885 complete(&__scm->waitq_comp);
1886
1887 return 0;
1888 }
1889
qcom_scm_irq_handler(int irq,void * data)1890 static irqreturn_t qcom_scm_irq_handler(int irq, void *data)
1891 {
1892 int ret;
1893 struct qcom_scm *scm = data;
1894 u32 wq_ctx, flags, more_pending = 0;
1895
1896 do {
1897 ret = scm_get_wq_ctx(&wq_ctx, &flags, &more_pending);
1898 if (ret) {
1899 dev_err(scm->dev, "GET_WQ_CTX SMC call failed: %d\n", ret);
1900 goto out;
1901 }
1902
1903 if (flags != QCOM_SMC_WAITQ_FLAG_WAKE_ONE) {
1904 dev_err(scm->dev, "Invalid flags received for wq_ctx: %u\n", flags);
1905 goto out;
1906 }
1907
1908 ret = qcom_scm_waitq_wakeup(wq_ctx);
1909 if (ret)
1910 goto out;
1911 } while (more_pending);
1912
1913 out:
1914 return IRQ_HANDLED;
1915 }
1916
get_download_mode(char * buffer,const struct kernel_param * kp)1917 static int get_download_mode(char *buffer, const struct kernel_param *kp)
1918 {
1919 if (download_mode >= ARRAY_SIZE(download_mode_name))
1920 return sysfs_emit(buffer, "unknown mode\n");
1921
1922 return sysfs_emit(buffer, "%s\n", download_mode_name[download_mode]);
1923 }
1924
set_download_mode(const char * val,const struct kernel_param * kp)1925 static int set_download_mode(const char *val, const struct kernel_param *kp)
1926 {
1927 bool tmp;
1928 int ret;
1929
1930 ret = sysfs_match_string(download_mode_name, val);
1931 if (ret < 0) {
1932 ret = kstrtobool(val, &tmp);
1933 if (ret < 0) {
1934 pr_err("qcom_scm: err: %d\n", ret);
1935 return ret;
1936 }
1937
1938 ret = tmp ? 1 : 0;
1939 }
1940
1941 download_mode = ret;
1942 if (__scm)
1943 qcom_scm_set_download_mode(download_mode);
1944
1945 return 0;
1946 }
1947
1948 static const struct kernel_param_ops download_mode_param_ops = {
1949 .get = get_download_mode,
1950 .set = set_download_mode,
1951 };
1952
1953 module_param_cb(download_mode, &download_mode_param_ops, NULL, 0644);
1954 MODULE_PARM_DESC(download_mode, "download mode: off/0/N for no dump mode, full/on/1/Y for full dump mode, mini for minidump mode and full,mini for both full and minidump mode together are acceptable values");
1955
qcom_scm_probe(struct platform_device * pdev)1956 static int qcom_scm_probe(struct platform_device *pdev)
1957 {
1958 struct qcom_tzmem_pool_config pool_config;
1959 struct qcom_scm *scm;
1960 int irq, ret;
1961
1962 scm = devm_kzalloc(&pdev->dev, sizeof(*scm), GFP_KERNEL);
1963 if (!scm)
1964 return -ENOMEM;
1965
1966 scm->dev = &pdev->dev;
1967 ret = qcom_scm_find_dload_address(&pdev->dev, &scm->dload_mode_addr);
1968 if (ret < 0)
1969 return ret;
1970
1971 init_completion(&scm->waitq_comp);
1972 mutex_init(&scm->scm_bw_lock);
1973
1974 scm->path = devm_of_icc_get(&pdev->dev, NULL);
1975 if (IS_ERR(scm->path))
1976 return dev_err_probe(&pdev->dev, PTR_ERR(scm->path),
1977 "failed to acquire interconnect path\n");
1978
1979 scm->core_clk = devm_clk_get_optional(&pdev->dev, "core");
1980 if (IS_ERR(scm->core_clk))
1981 return PTR_ERR(scm->core_clk);
1982
1983 scm->iface_clk = devm_clk_get_optional(&pdev->dev, "iface");
1984 if (IS_ERR(scm->iface_clk))
1985 return PTR_ERR(scm->iface_clk);
1986
1987 scm->bus_clk = devm_clk_get_optional(&pdev->dev, "bus");
1988 if (IS_ERR(scm->bus_clk))
1989 return PTR_ERR(scm->bus_clk);
1990
1991 scm->reset.ops = &qcom_scm_pas_reset_ops;
1992 scm->reset.nr_resets = 1;
1993 scm->reset.of_node = pdev->dev.of_node;
1994 ret = devm_reset_controller_register(&pdev->dev, &scm->reset);
1995 if (ret)
1996 return ret;
1997
1998 /* vote for max clk rate for highest performance */
1999 ret = clk_set_rate(scm->core_clk, INT_MAX);
2000 if (ret)
2001 return ret;
2002
2003 /* Paired with smp_load_acquire() in qcom_scm_is_available(). */
2004 smp_store_release(&__scm, scm);
2005
2006 irq = platform_get_irq_optional(pdev, 0);
2007 if (irq < 0) {
2008 if (irq != -ENXIO) {
2009 ret = irq;
2010 goto err;
2011 }
2012 } else {
2013 ret = devm_request_threaded_irq(__scm->dev, irq, NULL, qcom_scm_irq_handler,
2014 IRQF_ONESHOT, "qcom-scm", __scm);
2015 if (ret < 0) {
2016 dev_err_probe(scm->dev, ret, "Failed to request qcom-scm irq\n");
2017 goto err;
2018 }
2019 }
2020
2021 __get_convention();
2022
2023 /*
2024 * If "download mode" is requested, from this point on warmboot
2025 * will cause the boot stages to enter download mode, unless
2026 * disabled below by a clean shutdown/reboot.
2027 */
2028 qcom_scm_set_download_mode(download_mode);
2029
2030 /*
2031 * Disable SDI if indicated by DT that it is enabled by default.
2032 */
2033 if (of_property_read_bool(pdev->dev.of_node, "qcom,sdi-enabled") || !download_mode)
2034 qcom_scm_disable_sdi();
2035
2036 ret = of_reserved_mem_device_init(__scm->dev);
2037 if (ret && ret != -ENODEV) {
2038 dev_err_probe(__scm->dev, ret,
2039 "Failed to setup the reserved memory region for TZ mem\n");
2040 goto err;
2041 }
2042
2043 ret = qcom_tzmem_enable(__scm->dev);
2044 if (ret) {
2045 dev_err_probe(__scm->dev, ret,
2046 "Failed to enable the TrustZone memory allocator\n");
2047 goto err;
2048 }
2049
2050 memset(&pool_config, 0, sizeof(pool_config));
2051 pool_config.initial_size = 0;
2052 pool_config.policy = QCOM_TZMEM_POLICY_ON_DEMAND;
2053 pool_config.max_size = SZ_256K;
2054
2055 __scm->mempool = devm_qcom_tzmem_pool_new(__scm->dev, &pool_config);
2056 if (IS_ERR(__scm->mempool)) {
2057 ret = dev_err_probe(__scm->dev, PTR_ERR(__scm->mempool),
2058 "Failed to create the SCM memory pool\n");
2059 goto err;
2060 }
2061
2062 /*
2063 * Initialize the QSEECOM interface.
2064 *
2065 * Note: QSEECOM is fairly self-contained and this only adds the
2066 * interface device (the driver of which does most of the heavy
2067 * lifting). So any errors returned here should be either -ENOMEM or
2068 * -EINVAL (with the latter only in case there's a bug in our code).
2069 * This means that there is no need to bring down the whole SCM driver.
2070 * Just log the error instead and let SCM live.
2071 */
2072 ret = qcom_scm_qseecom_init(scm);
2073 WARN(ret < 0, "failed to initialize qseecom: %d\n", ret);
2074
2075 return 0;
2076
2077 err:
2078 /* Paired with smp_load_acquire() in qcom_scm_is_available(). */
2079 smp_store_release(&__scm, NULL);
2080
2081 return ret;
2082 }
2083
qcom_scm_shutdown(struct platform_device * pdev)2084 static void qcom_scm_shutdown(struct platform_device *pdev)
2085 {
2086 /* Clean shutdown, disable download mode to allow normal restart */
2087 qcom_scm_set_download_mode(QCOM_DLOAD_NODUMP);
2088 }
2089
2090 static const struct of_device_id qcom_scm_dt_match[] = {
2091 { .compatible = "qcom,scm" },
2092
2093 /* Legacy entries kept for backwards compatibility */
2094 { .compatible = "qcom,scm-apq8064" },
2095 { .compatible = "qcom,scm-apq8084" },
2096 { .compatible = "qcom,scm-ipq4019" },
2097 { .compatible = "qcom,scm-msm8953" },
2098 { .compatible = "qcom,scm-msm8974" },
2099 { .compatible = "qcom,scm-msm8996" },
2100 {}
2101 };
2102 MODULE_DEVICE_TABLE(of, qcom_scm_dt_match);
2103
2104 static struct platform_driver qcom_scm_driver = {
2105 .driver = {
2106 .name = "qcom_scm",
2107 .of_match_table = qcom_scm_dt_match,
2108 .suppress_bind_attrs = true,
2109 },
2110 .probe = qcom_scm_probe,
2111 .shutdown = qcom_scm_shutdown,
2112 };
2113
qcom_scm_init(void)2114 static int __init qcom_scm_init(void)
2115 {
2116 return platform_driver_register(&qcom_scm_driver);
2117 }
2118 subsys_initcall(qcom_scm_init);
2119
2120 MODULE_DESCRIPTION("Qualcomm Technologies, Inc. SCM driver");
2121 MODULE_LICENSE("GPL v2");
2122