1 // SPDX-License-Identifier: GPL-2.0-only
3 * AMD Secure Encrypted Virtualization (SEV) interface
5 * Copyright (C) 2016,2019 Advanced Micro Devices, Inc.
10 #include <linux/module.h>
11 #include <linux/kernel.h>
12 #include <linux/kthread.h>
13 #include <linux/sched.h>
14 #include <linux/interrupt.h>
15 #include <linux/spinlock.h>
16 #include <linux/spinlock_types.h>
17 #include <linux/types.h>
18 #include <linux/mutex.h>
19 #include <linux/delay.h>
20 #include <linux/hw_random.h>
21 #include <linux/ccp.h>
22 #include <linux/firmware.h>
23 #include <linux/gfp.h>
24 #include <linux/cpufeature.h>
26 #include <linux/fs_struct.h>
33 #define DEVICE_NAME "sev"
34 #define SEV_FW_FILE "amd/sev.fw"
35 #define SEV_FW_NAME_SIZE 64
37 static DEFINE_MUTEX(sev_cmd_mutex);
38 static struct sev_misc_dev *misc_dev;
40 static int psp_cmd_timeout = 100;
41 module_param(psp_cmd_timeout, int, 0644);
42 MODULE_PARM_DESC(psp_cmd_timeout, " default timeout value, in seconds, for PSP commands");
44 static int psp_probe_timeout = 5;
45 module_param(psp_probe_timeout, int, 0644);
46 MODULE_PARM_DESC(psp_probe_timeout, " default timeout value, in seconds, during PSP device probe");
48 static char *init_ex_path;
49 module_param(init_ex_path, charp, 0444);
50 MODULE_PARM_DESC(init_ex_path, " Path for INIT_EX data; if set try INIT_EX");
52 static bool psp_init_on_probe = true;
53 module_param(psp_init_on_probe, bool, 0444);
54 MODULE_PARM_DESC(psp_init_on_probe, " if true, the PSP will be initialized on module init. Else the PSP will be initialized on the first command requiring it");
56 MODULE_FIRMWARE("amd/amd_sev_fam17h_model0xh.sbin"); /* 1st gen EPYC */
57 MODULE_FIRMWARE("amd/amd_sev_fam17h_model3xh.sbin"); /* 2nd gen EPYC */
58 MODULE_FIRMWARE("amd/amd_sev_fam19h_model0xh.sbin"); /* 3rd gen EPYC */
61 static int psp_timeout;
63 /* Trusted Memory Region (TMR):
64 * The TMR is a 1MB area that must be 1MB aligned. Use the page allocator
65 * to allocate the memory, which will return aligned memory for the specified
68 #define SEV_ES_TMR_SIZE (1024 * 1024)
69 static void *sev_es_tmr;
71 /* INIT_EX NV Storage:
72 * The NV Storage is a 32Kb area and must be 4Kb page aligned. Use the page
73 * allocator to allocate the memory, which will return aligned memory for the
74 * specified allocation order.
76 #define NV_LENGTH (32 * 1024)
77 static void *sev_init_ex_buffer;
79 static inline bool sev_version_greater_or_equal(u8 maj, u8 min)
81 struct sev_device *sev = psp_master->sev_data;
83 if (sev->api_major > maj)
86 if (sev->api_major == maj && sev->api_minor >= min)
92 static void sev_irq_handler(int irq, void *data, unsigned int status)
94 struct sev_device *sev = data;
97 /* Check if it is command completion: */
98 if (!(status & SEV_CMD_COMPLETE))
101 /* Check if it is SEV command completion: */
102 reg = ioread32(sev->io_regs + sev->vdata->cmdresp_reg);
103 if (reg & PSP_CMDRESP_RESP) {
105 wake_up(&sev->int_queue);
109 static int sev_wait_cmd_ioc(struct sev_device *sev,
110 unsigned int *reg, unsigned int timeout)
114 ret = wait_event_timeout(sev->int_queue,
115 sev->int_rcvd, timeout * HZ);
119 *reg = ioread32(sev->io_regs + sev->vdata->cmdresp_reg);
124 static int sev_cmd_buffer_len(int cmd)
127 case SEV_CMD_INIT: return sizeof(struct sev_data_init);
128 case SEV_CMD_INIT_EX: return sizeof(struct sev_data_init_ex);
129 case SEV_CMD_PLATFORM_STATUS: return sizeof(struct sev_user_data_status);
130 case SEV_CMD_PEK_CSR: return sizeof(struct sev_data_pek_csr);
131 case SEV_CMD_PEK_CERT_IMPORT: return sizeof(struct sev_data_pek_cert_import);
132 case SEV_CMD_PDH_CERT_EXPORT: return sizeof(struct sev_data_pdh_cert_export);
133 case SEV_CMD_LAUNCH_START: return sizeof(struct sev_data_launch_start);
134 case SEV_CMD_LAUNCH_UPDATE_DATA: return sizeof(struct sev_data_launch_update_data);
135 case SEV_CMD_LAUNCH_UPDATE_VMSA: return sizeof(struct sev_data_launch_update_vmsa);
136 case SEV_CMD_LAUNCH_FINISH: return sizeof(struct sev_data_launch_finish);
137 case SEV_CMD_LAUNCH_MEASURE: return sizeof(struct sev_data_launch_measure);
138 case SEV_CMD_ACTIVATE: return sizeof(struct sev_data_activate);
139 case SEV_CMD_DEACTIVATE: return sizeof(struct sev_data_deactivate);
140 case SEV_CMD_DECOMMISSION: return sizeof(struct sev_data_decommission);
141 case SEV_CMD_GUEST_STATUS: return sizeof(struct sev_data_guest_status);
142 case SEV_CMD_DBG_DECRYPT: return sizeof(struct sev_data_dbg);
143 case SEV_CMD_DBG_ENCRYPT: return sizeof(struct sev_data_dbg);
144 case SEV_CMD_SEND_START: return sizeof(struct sev_data_send_start);
145 case SEV_CMD_SEND_UPDATE_DATA: return sizeof(struct sev_data_send_update_data);
146 case SEV_CMD_SEND_UPDATE_VMSA: return sizeof(struct sev_data_send_update_vmsa);
147 case SEV_CMD_SEND_FINISH: return sizeof(struct sev_data_send_finish);
148 case SEV_CMD_RECEIVE_START: return sizeof(struct sev_data_receive_start);
149 case SEV_CMD_RECEIVE_FINISH: return sizeof(struct sev_data_receive_finish);
150 case SEV_CMD_RECEIVE_UPDATE_DATA: return sizeof(struct sev_data_receive_update_data);
151 case SEV_CMD_RECEIVE_UPDATE_VMSA: return sizeof(struct sev_data_receive_update_vmsa);
152 case SEV_CMD_LAUNCH_UPDATE_SECRET: return sizeof(struct sev_data_launch_secret);
153 case SEV_CMD_DOWNLOAD_FIRMWARE: return sizeof(struct sev_data_download_firmware);
154 case SEV_CMD_GET_ID: return sizeof(struct sev_data_get_id);
155 case SEV_CMD_ATTESTATION_REPORT: return sizeof(struct sev_data_attestation_report);
156 case SEV_CMD_SEND_CANCEL: return sizeof(struct sev_data_send_cancel);
163 static void *sev_fw_alloc(unsigned long len)
167 page = alloc_pages(GFP_KERNEL, get_order(len));
171 return page_address(page);
174 static struct file *open_file_as_root(const char *filename, int flags, umode_t mode)
179 const struct cred *old_cred;
181 task_lock(&init_task);
182 get_fs_root(init_task.fs, &root);
183 task_unlock(&init_task);
185 cred = prepare_creds();
187 return ERR_PTR(-ENOMEM);
188 cred->fsuid = GLOBAL_ROOT_UID;
189 old_cred = override_creds(cred);
191 fp = file_open_root(&root, filename, flags, mode);
194 revert_creds(old_cred);
199 static int sev_read_init_ex_file(void)
201 struct sev_device *sev = psp_master->sev_data;
205 lockdep_assert_held(&sev_cmd_mutex);
207 if (!sev_init_ex_buffer)
210 fp = open_file_as_root(init_ex_path, O_RDONLY, 0);
212 int ret = PTR_ERR(fp);
215 "SEV: could not open %s for read, error %d\n",
220 nread = kernel_read(fp, sev_init_ex_buffer, NV_LENGTH, NULL);
221 if (nread != NV_LENGTH) {
223 "SEV: failed to read %u bytes to non volatile memory area, ret %ld\n",
228 dev_dbg(sev->dev, "SEV: read %ld bytes from NV file\n", nread);
229 filp_close(fp, NULL);
234 static void sev_write_init_ex_file(void)
236 struct sev_device *sev = psp_master->sev_data;
241 lockdep_assert_held(&sev_cmd_mutex);
243 if (!sev_init_ex_buffer)
246 fp = open_file_as_root(init_ex_path, O_CREAT | O_WRONLY, 0600);
249 "SEV: could not open file for write, error %ld\n",
254 nwrite = kernel_write(fp, sev_init_ex_buffer, NV_LENGTH, &offset);
256 filp_close(fp, NULL);
258 if (nwrite != NV_LENGTH) {
260 "SEV: failed to write %u bytes to non volatile memory area, ret %ld\n",
265 dev_dbg(sev->dev, "SEV: write successful to NV file\n");
268 static void sev_write_init_ex_file_if_required(int cmd_id)
270 lockdep_assert_held(&sev_cmd_mutex);
272 if (!sev_init_ex_buffer)
276 * Only a few platform commands modify the SPI/NV area, but none of the
277 * non-platform commands do. Only INIT(_EX), PLATFORM_RESET, PEK_GEN,
278 * PEK_CERT_IMPORT, and PDH_GEN do.
281 case SEV_CMD_FACTORY_RESET:
282 case SEV_CMD_INIT_EX:
283 case SEV_CMD_PDH_GEN:
284 case SEV_CMD_PEK_CERT_IMPORT:
285 case SEV_CMD_PEK_GEN:
291 sev_write_init_ex_file();
294 static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret)
296 struct psp_device *psp = psp_master;
297 struct sev_device *sev;
298 unsigned int phys_lsb, phys_msb;
299 unsigned int reg, ret = 0;
302 if (!psp || !psp->sev_data)
310 buf_len = sev_cmd_buffer_len(cmd);
311 if (WARN_ON_ONCE(!data != !buf_len))
315 * Copy the incoming data to driver's scratch buffer as __pa() will not
316 * work for some memory, e.g. vmalloc'd addresses, and @data may not be
317 * physically contiguous.
320 memcpy(sev->cmd_buf, data, buf_len);
322 /* Get the physical address of the command buffer */
323 phys_lsb = data ? lower_32_bits(__psp_pa(sev->cmd_buf)) : 0;
324 phys_msb = data ? upper_32_bits(__psp_pa(sev->cmd_buf)) : 0;
326 dev_dbg(sev->dev, "sev command id %#x buffer 0x%08x%08x timeout %us\n",
327 cmd, phys_msb, phys_lsb, psp_timeout);
329 print_hex_dump_debug("(in): ", DUMP_PREFIX_OFFSET, 16, 2, data,
332 iowrite32(phys_lsb, sev->io_regs + sev->vdata->cmdbuff_addr_lo_reg);
333 iowrite32(phys_msb, sev->io_regs + sev->vdata->cmdbuff_addr_hi_reg);
338 reg <<= SEV_CMDRESP_CMD_SHIFT;
339 reg |= SEV_CMDRESP_IOC;
340 iowrite32(reg, sev->io_regs + sev->vdata->cmdresp_reg);
342 /* wait for command completion */
343 ret = sev_wait_cmd_ioc(sev, ®, psp_timeout);
348 dev_err(sev->dev, "sev command %#x timed out, disabling PSP\n", cmd);
354 psp_timeout = psp_cmd_timeout;
357 *psp_ret = reg & PSP_CMDRESP_ERR_MASK;
359 if (reg & PSP_CMDRESP_ERR_MASK) {
360 dev_dbg(sev->dev, "sev command %#x failed (%#010x)\n",
361 cmd, reg & PSP_CMDRESP_ERR_MASK);
364 sev_write_init_ex_file_if_required(cmd);
367 print_hex_dump_debug("(out): ", DUMP_PREFIX_OFFSET, 16, 2, data,
371 * Copy potential output from the PSP back to data. Do this even on
372 * failure in case the caller wants to glean something from the error.
375 memcpy(data, sev->cmd_buf, buf_len);
380 static int sev_do_cmd(int cmd, void *data, int *psp_ret)
384 mutex_lock(&sev_cmd_mutex);
385 rc = __sev_do_cmd_locked(cmd, data, psp_ret);
386 mutex_unlock(&sev_cmd_mutex);
391 static int __sev_init_locked(int *error)
393 struct sev_data_init data;
395 memset(&data, 0, sizeof(data));
398 * Do not include the encryption mask on the physical
399 * address of the TMR (firmware should clear it anyway).
401 data.tmr_address = __pa(sev_es_tmr);
403 data.flags |= SEV_INIT_FLAGS_SEV_ES;
404 data.tmr_len = SEV_ES_TMR_SIZE;
407 return __sev_do_cmd_locked(SEV_CMD_INIT, &data, error);
410 static int __sev_init_ex_locked(int *error)
412 struct sev_data_init_ex data;
415 memset(&data, 0, sizeof(data));
416 data.length = sizeof(data);
417 data.nv_address = __psp_pa(sev_init_ex_buffer);
418 data.nv_len = NV_LENGTH;
420 ret = sev_read_init_ex_file();
426 * Do not include the encryption mask on the physical
427 * address of the TMR (firmware should clear it anyway).
429 data.tmr_address = __pa(sev_es_tmr);
431 data.flags |= SEV_INIT_FLAGS_SEV_ES;
432 data.tmr_len = SEV_ES_TMR_SIZE;
435 return __sev_do_cmd_locked(SEV_CMD_INIT_EX, &data, error);
438 static int __sev_platform_init_locked(int *error)
440 struct psp_device *psp = psp_master;
441 struct sev_device *sev;
442 int rc, psp_ret = -1;
443 int (*init_function)(int *error);
445 if (!psp || !psp->sev_data)
450 if (sev->state == SEV_STATE_INIT)
453 init_function = sev_init_ex_buffer ? __sev_init_ex_locked :
455 rc = init_function(&psp_ret);
456 if (rc && psp_ret == SEV_RET_SECURE_DATA_INVALID) {
458 * Initialization command returned an integrity check failure
459 * status code, meaning that firmware load and validation of SEV
460 * related persistent data has failed. Retrying the
461 * initialization function should succeed by replacing the state
462 * with a reset state.
464 dev_err(sev->dev, "SEV: retrying INIT command because of SECURE_DATA_INVALID error. Retrying once to reset PSP SEV state.");
465 rc = init_function(&psp_ret);
473 sev->state = SEV_STATE_INIT;
475 /* Prepare for first SEV guest launch after INIT */
476 wbinvd_on_all_cpus();
477 rc = __sev_do_cmd_locked(SEV_CMD_DF_FLUSH, NULL, error);
481 dev_dbg(sev->dev, "SEV firmware initialized\n");
483 dev_info(sev->dev, "SEV API:%d.%d build:%d\n", sev->api_major,
484 sev->api_minor, sev->build);
489 int sev_platform_init(int *error)
493 mutex_lock(&sev_cmd_mutex);
494 rc = __sev_platform_init_locked(error);
495 mutex_unlock(&sev_cmd_mutex);
499 EXPORT_SYMBOL_GPL(sev_platform_init);
501 static int __sev_platform_shutdown_locked(int *error)
503 struct sev_device *sev = psp_master->sev_data;
506 if (!sev || sev->state == SEV_STATE_UNINIT)
509 ret = __sev_do_cmd_locked(SEV_CMD_SHUTDOWN, NULL, error);
513 sev->state = SEV_STATE_UNINIT;
514 dev_dbg(sev->dev, "SEV firmware shutdown\n");
519 static int sev_platform_shutdown(int *error)
523 mutex_lock(&sev_cmd_mutex);
524 rc = __sev_platform_shutdown_locked(NULL);
525 mutex_unlock(&sev_cmd_mutex);
530 static int sev_get_platform_state(int *state, int *error)
532 struct sev_user_data_status data;
535 rc = __sev_do_cmd_locked(SEV_CMD_PLATFORM_STATUS, &data, error);
543 static int sev_ioctl_do_reset(struct sev_issue_cmd *argp, bool writable)
551 * The SEV spec requires that FACTORY_RESET must be issued in
552 * UNINIT state. Before we go further lets check if any guest is
555 * If FW is in WORKING state then deny the request otherwise issue
556 * SHUTDOWN command do INIT -> UNINIT before issuing the FACTORY_RESET.
559 rc = sev_get_platform_state(&state, &argp->error);
563 if (state == SEV_STATE_WORKING)
566 if (state == SEV_STATE_INIT) {
567 rc = __sev_platform_shutdown_locked(&argp->error);
572 return __sev_do_cmd_locked(SEV_CMD_FACTORY_RESET, NULL, &argp->error);
575 static int sev_ioctl_do_platform_status(struct sev_issue_cmd *argp)
577 struct sev_user_data_status data;
580 memset(&data, 0, sizeof(data));
582 ret = __sev_do_cmd_locked(SEV_CMD_PLATFORM_STATUS, &data, &argp->error);
586 if (copy_to_user((void __user *)argp->data, &data, sizeof(data)))
592 static int sev_ioctl_do_pek_pdh_gen(int cmd, struct sev_issue_cmd *argp, bool writable)
594 struct sev_device *sev = psp_master->sev_data;
600 if (sev->state == SEV_STATE_UNINIT) {
601 rc = __sev_platform_init_locked(&argp->error);
606 return __sev_do_cmd_locked(cmd, NULL, &argp->error);
609 static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp, bool writable)
611 struct sev_device *sev = psp_master->sev_data;
612 struct sev_user_data_pek_csr input;
613 struct sev_data_pek_csr data;
614 void __user *input_address;
621 if (copy_from_user(&input, (void __user *)argp->data, sizeof(input)))
624 memset(&data, 0, sizeof(data));
626 /* userspace wants to query CSR length */
627 if (!input.address || !input.length)
630 /* allocate a physically contiguous buffer to store the CSR blob */
631 input_address = (void __user *)input.address;
632 if (input.length > SEV_FW_BLOB_MAX_SIZE)
635 blob = kzalloc(input.length, GFP_KERNEL);
639 data.address = __psp_pa(blob);
640 data.len = input.length;
643 if (sev->state == SEV_STATE_UNINIT) {
644 ret = __sev_platform_init_locked(&argp->error);
649 ret = __sev_do_cmd_locked(SEV_CMD_PEK_CSR, &data, &argp->error);
651 /* If we query the CSR length, FW responded with expected data. */
652 input.length = data.len;
654 if (copy_to_user((void __user *)argp->data, &input, sizeof(input))) {
660 if (copy_to_user(input_address, blob, input.length))
669 void *psp_copy_user_blob(u64 uaddr, u32 len)
672 return ERR_PTR(-EINVAL);
674 /* verify that blob length does not exceed our limit */
675 if (len > SEV_FW_BLOB_MAX_SIZE)
676 return ERR_PTR(-EINVAL);
678 return memdup_user((void __user *)uaddr, len);
680 EXPORT_SYMBOL_GPL(psp_copy_user_blob);
682 static int sev_get_api_version(void)
684 struct sev_device *sev = psp_master->sev_data;
685 struct sev_user_data_status status;
688 ret = sev_platform_status(&status, &error);
691 "SEV: failed to get status. Error: %#x\n", error);
695 sev->api_major = status.api_major;
696 sev->api_minor = status.api_minor;
697 sev->build = status.build;
698 sev->state = status.state;
703 static int sev_get_firmware(struct device *dev,
704 const struct firmware **firmware)
706 char fw_name_specific[SEV_FW_NAME_SIZE];
707 char fw_name_subset[SEV_FW_NAME_SIZE];
709 snprintf(fw_name_specific, sizeof(fw_name_specific),
710 "amd/amd_sev_fam%.2xh_model%.2xh.sbin",
711 boot_cpu_data.x86, boot_cpu_data.x86_model);
713 snprintf(fw_name_subset, sizeof(fw_name_subset),
714 "amd/amd_sev_fam%.2xh_model%.1xxh.sbin",
715 boot_cpu_data.x86, (boot_cpu_data.x86_model & 0xf0) >> 4);
717 /* Check for SEV FW for a particular model.
718 * Ex. amd_sev_fam17h_model00h.sbin for Family 17h Model 00h
722 * Check for SEV FW common to a subset of models.
723 * Ex. amd_sev_fam17h_model0xh.sbin for
724 * Family 17h Model 00h -- Family 17h Model 0Fh
728 * Fall-back to using generic name: sev.fw
730 if ((firmware_request_nowarn(firmware, fw_name_specific, dev) >= 0) ||
731 (firmware_request_nowarn(firmware, fw_name_subset, dev) >= 0) ||
732 (firmware_request_nowarn(firmware, SEV_FW_FILE, dev) >= 0))
738 /* Don't fail if SEV FW couldn't be updated. Continue with existing SEV FW */
739 static int sev_update_firmware(struct device *dev)
741 struct sev_data_download_firmware *data;
742 const struct firmware *firmware;
743 int ret, error, order;
747 if (sev_get_firmware(dev, &firmware) == -ENOENT) {
748 dev_dbg(dev, "No SEV firmware file present\n");
753 * SEV FW expects the physical address given to it to be 32
754 * byte aligned. Memory allocated has structure placed at the
755 * beginning followed by the firmware being passed to the SEV
756 * FW. Allocate enough memory for data structure + alignment
759 data_size = ALIGN(sizeof(struct sev_data_download_firmware), 32);
761 order = get_order(firmware->size + data_size);
762 p = alloc_pages(GFP_KERNEL, order);
769 * Copy firmware data to a kernel allocated contiguous
772 data = page_address(p);
773 memcpy(page_address(p) + data_size, firmware->data, firmware->size);
775 data->address = __psp_pa(page_address(p) + data_size);
776 data->len = firmware->size;
778 ret = sev_do_cmd(SEV_CMD_DOWNLOAD_FIRMWARE, data, &error);
780 dev_dbg(dev, "Failed to update SEV firmware: %#x\n", error);
782 dev_info(dev, "SEV firmware update successful\n");
784 __free_pages(p, order);
787 release_firmware(firmware);
792 static int sev_ioctl_do_pek_import(struct sev_issue_cmd *argp, bool writable)
794 struct sev_device *sev = psp_master->sev_data;
795 struct sev_user_data_pek_cert_import input;
796 struct sev_data_pek_cert_import data;
797 void *pek_blob, *oca_blob;
803 if (copy_from_user(&input, (void __user *)argp->data, sizeof(input)))
806 /* copy PEK certificate blobs from userspace */
807 pek_blob = psp_copy_user_blob(input.pek_cert_address, input.pek_cert_len);
808 if (IS_ERR(pek_blob))
809 return PTR_ERR(pek_blob);
812 data.pek_cert_address = __psp_pa(pek_blob);
813 data.pek_cert_len = input.pek_cert_len;
815 /* copy PEK certificate blobs from userspace */
816 oca_blob = psp_copy_user_blob(input.oca_cert_address, input.oca_cert_len);
817 if (IS_ERR(oca_blob)) {
818 ret = PTR_ERR(oca_blob);
822 data.oca_cert_address = __psp_pa(oca_blob);
823 data.oca_cert_len = input.oca_cert_len;
825 /* If platform is not in INIT state then transition it to INIT */
826 if (sev->state != SEV_STATE_INIT) {
827 ret = __sev_platform_init_locked(&argp->error);
832 ret = __sev_do_cmd_locked(SEV_CMD_PEK_CERT_IMPORT, &data, &argp->error);
841 static int sev_ioctl_do_get_id2(struct sev_issue_cmd *argp)
843 struct sev_user_data_get_id2 input;
844 struct sev_data_get_id data;
845 void __user *input_address;
846 void *id_blob = NULL;
849 /* SEV GET_ID is available from SEV API v0.16 and up */
850 if (!sev_version_greater_or_equal(0, 16))
853 if (copy_from_user(&input, (void __user *)argp->data, sizeof(input)))
856 input_address = (void __user *)input.address;
858 if (input.address && input.length) {
859 id_blob = kzalloc(input.length, GFP_KERNEL);
863 data.address = __psp_pa(id_blob);
864 data.len = input.length;
870 ret = __sev_do_cmd_locked(SEV_CMD_GET_ID, &data, &argp->error);
873 * Firmware will return the length of the ID value (either the minimum
874 * required length or the actual length written), return it to the user.
876 input.length = data.len;
878 if (copy_to_user((void __user *)argp->data, &input, sizeof(input))) {
884 if (copy_to_user(input_address, id_blob, data.len)) {
896 static int sev_ioctl_do_get_id(struct sev_issue_cmd *argp)
898 struct sev_data_get_id *data;
899 u64 data_size, user_size;
903 /* SEV GET_ID available from SEV API v0.16 and up */
904 if (!sev_version_greater_or_equal(0, 16))
907 /* SEV FW expects the buffer it fills with the ID to be
908 * 8-byte aligned. Memory allocated should be enough to
909 * hold data structure + alignment padding + memory
910 * where SEV FW writes the ID.
912 data_size = ALIGN(sizeof(struct sev_data_get_id), 8);
913 user_size = sizeof(struct sev_user_data_get_id);
915 mem = kzalloc(data_size + user_size, GFP_KERNEL);
920 id_blob = mem + data_size;
922 data->address = __psp_pa(id_blob);
923 data->len = user_size;
925 ret = __sev_do_cmd_locked(SEV_CMD_GET_ID, data, &argp->error);
927 if (copy_to_user((void __user *)argp->data, id_blob, data->len))
936 static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable)
938 struct sev_device *sev = psp_master->sev_data;
939 struct sev_user_data_pdh_cert_export input;
940 void *pdh_blob = NULL, *cert_blob = NULL;
941 struct sev_data_pdh_cert_export data;
942 void __user *input_cert_chain_address;
943 void __user *input_pdh_cert_address;
946 /* If platform is not in INIT state then transition it to INIT. */
947 if (sev->state != SEV_STATE_INIT) {
951 ret = __sev_platform_init_locked(&argp->error);
956 if (copy_from_user(&input, (void __user *)argp->data, sizeof(input)))
959 memset(&data, 0, sizeof(data));
961 /* Userspace wants to query the certificate length. */
962 if (!input.pdh_cert_address ||
963 !input.pdh_cert_len ||
964 !input.cert_chain_address)
967 input_pdh_cert_address = (void __user *)input.pdh_cert_address;
968 input_cert_chain_address = (void __user *)input.cert_chain_address;
970 /* Allocate a physically contiguous buffer to store the PDH blob. */
971 if (input.pdh_cert_len > SEV_FW_BLOB_MAX_SIZE)
974 /* Allocate a physically contiguous buffer to store the cert chain blob. */
975 if (input.cert_chain_len > SEV_FW_BLOB_MAX_SIZE)
978 pdh_blob = kzalloc(input.pdh_cert_len, GFP_KERNEL);
982 data.pdh_cert_address = __psp_pa(pdh_blob);
983 data.pdh_cert_len = input.pdh_cert_len;
985 cert_blob = kzalloc(input.cert_chain_len, GFP_KERNEL);
991 data.cert_chain_address = __psp_pa(cert_blob);
992 data.cert_chain_len = input.cert_chain_len;
995 ret = __sev_do_cmd_locked(SEV_CMD_PDH_CERT_EXPORT, &data, &argp->error);
997 /* If we query the length, FW responded with expected data. */
998 input.cert_chain_len = data.cert_chain_len;
999 input.pdh_cert_len = data.pdh_cert_len;
1001 if (copy_to_user((void __user *)argp->data, &input, sizeof(input))) {
1007 if (copy_to_user(input_pdh_cert_address,
1008 pdh_blob, input.pdh_cert_len)) {
1015 if (copy_to_user(input_cert_chain_address,
1016 cert_blob, input.cert_chain_len))
1027 static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg)
1029 void __user *argp = (void __user *)arg;
1030 struct sev_issue_cmd input;
1032 bool writable = file->f_mode & FMODE_WRITE;
1034 if (!psp_master || !psp_master->sev_data)
1037 if (ioctl != SEV_ISSUE_CMD)
1040 if (copy_from_user(&input, argp, sizeof(struct sev_issue_cmd)))
1043 if (input.cmd > SEV_MAX)
1046 mutex_lock(&sev_cmd_mutex);
1048 switch (input.cmd) {
1050 case SEV_FACTORY_RESET:
1051 ret = sev_ioctl_do_reset(&input, writable);
1053 case SEV_PLATFORM_STATUS:
1054 ret = sev_ioctl_do_platform_status(&input);
1057 ret = sev_ioctl_do_pek_pdh_gen(SEV_CMD_PEK_GEN, &input, writable);
1060 ret = sev_ioctl_do_pek_pdh_gen(SEV_CMD_PDH_GEN, &input, writable);
1063 ret = sev_ioctl_do_pek_csr(&input, writable);
1065 case SEV_PEK_CERT_IMPORT:
1066 ret = sev_ioctl_do_pek_import(&input, writable);
1068 case SEV_PDH_CERT_EXPORT:
1069 ret = sev_ioctl_do_pdh_export(&input, writable);
1072 pr_warn_once("SEV_GET_ID command is deprecated, use SEV_GET_ID2\n");
1073 ret = sev_ioctl_do_get_id(&input);
1076 ret = sev_ioctl_do_get_id2(&input);
1083 if (copy_to_user(argp, &input, sizeof(struct sev_issue_cmd)))
1086 mutex_unlock(&sev_cmd_mutex);
1091 static const struct file_operations sev_fops = {
1092 .owner = THIS_MODULE,
1093 .unlocked_ioctl = sev_ioctl,
1096 int sev_platform_status(struct sev_user_data_status *data, int *error)
1098 return sev_do_cmd(SEV_CMD_PLATFORM_STATUS, data, error);
1100 EXPORT_SYMBOL_GPL(sev_platform_status);
1102 int sev_guest_deactivate(struct sev_data_deactivate *data, int *error)
1104 return sev_do_cmd(SEV_CMD_DEACTIVATE, data, error);
1106 EXPORT_SYMBOL_GPL(sev_guest_deactivate);
1108 int sev_guest_activate(struct sev_data_activate *data, int *error)
1110 return sev_do_cmd(SEV_CMD_ACTIVATE, data, error);
1112 EXPORT_SYMBOL_GPL(sev_guest_activate);
1114 int sev_guest_decommission(struct sev_data_decommission *data, int *error)
1116 return sev_do_cmd(SEV_CMD_DECOMMISSION, data, error);
1118 EXPORT_SYMBOL_GPL(sev_guest_decommission);
1120 int sev_guest_df_flush(int *error)
1122 return sev_do_cmd(SEV_CMD_DF_FLUSH, NULL, error);
1124 EXPORT_SYMBOL_GPL(sev_guest_df_flush);
1126 static void sev_exit(struct kref *ref)
1128 misc_deregister(&misc_dev->misc);
1133 static int sev_misc_init(struct sev_device *sev)
1135 struct device *dev = sev->dev;
1139 * SEV feature support can be detected on multiple devices but the SEV
1140 * FW commands must be issued on the master. During probe, we do not
1141 * know the master hence we create /dev/sev on the first device probe.
1142 * sev_do_cmd() finds the right master device to which to issue the
1143 * command to the firmware.
1146 struct miscdevice *misc;
1148 misc_dev = kzalloc(sizeof(*misc_dev), GFP_KERNEL);
1152 misc = &misc_dev->misc;
1153 misc->minor = MISC_DYNAMIC_MINOR;
1154 misc->name = DEVICE_NAME;
1155 misc->fops = &sev_fops;
1157 ret = misc_register(misc);
1161 kref_init(&misc_dev->refcount);
1163 kref_get(&misc_dev->refcount);
1166 init_waitqueue_head(&sev->int_queue);
1167 sev->misc = misc_dev;
1168 dev_dbg(dev, "registered SEV device\n");
1173 int sev_dev_init(struct psp_device *psp)
1175 struct device *dev = psp->dev;
1176 struct sev_device *sev;
1179 if (!boot_cpu_has(X86_FEATURE_SEV)) {
1180 dev_info_once(dev, "SEV: memory encryption not enabled by BIOS\n");
1184 sev = devm_kzalloc(dev, sizeof(*sev), GFP_KERNEL);
1188 sev->cmd_buf = (void *)devm_get_free_pages(dev, GFP_KERNEL, 0);
1192 psp->sev_data = sev;
1197 sev->io_regs = psp->io_regs;
1199 sev->vdata = (struct sev_vdata *)psp->vdata->sev;
1202 dev_err(dev, "sev: missing driver data\n");
1206 psp_set_sev_irq_handler(psp, sev_irq_handler, sev);
1208 ret = sev_misc_init(sev);
1212 dev_notice(dev, "sev enabled\n");
1217 psp_clear_sev_irq_handler(psp);
1219 devm_free_pages(dev, (unsigned long)sev->cmd_buf);
1221 devm_kfree(dev, sev);
1223 psp->sev_data = NULL;
1225 dev_notice(dev, "sev initialization failed\n");
1230 static void sev_firmware_shutdown(struct sev_device *sev)
1232 sev_platform_shutdown(NULL);
1235 /* The TMR area was encrypted, flush it from the cache */
1236 wbinvd_on_all_cpus();
1238 free_pages((unsigned long)sev_es_tmr,
1239 get_order(SEV_ES_TMR_SIZE));
1243 if (sev_init_ex_buffer) {
1244 free_pages((unsigned long)sev_init_ex_buffer,
1245 get_order(NV_LENGTH));
1246 sev_init_ex_buffer = NULL;
1250 void sev_dev_destroy(struct psp_device *psp)
1252 struct sev_device *sev = psp->sev_data;
1257 sev_firmware_shutdown(sev);
1260 kref_put(&misc_dev->refcount, sev_exit);
1262 psp_clear_sev_irq_handler(psp);
1265 int sev_issue_cmd_external_user(struct file *filep, unsigned int cmd,
1266 void *data, int *error)
1268 if (!filep || filep->f_op != &sev_fops)
1271 return sev_do_cmd(cmd, data, error);
1273 EXPORT_SYMBOL_GPL(sev_issue_cmd_external_user);
1275 void sev_pci_init(void)
1277 struct sev_device *sev = psp_master->sev_data;
1283 psp_timeout = psp_probe_timeout;
1285 if (sev_get_api_version())
1288 if (sev_version_greater_or_equal(0, 15) &&
1289 sev_update_firmware(sev->dev) == 0)
1290 sev_get_api_version();
1292 /* If an init_ex_path is provided rely on INIT_EX for PSP initialization
1296 sev_init_ex_buffer = sev_fw_alloc(NV_LENGTH);
1297 if (!sev_init_ex_buffer) {
1299 "SEV: INIT_EX NV memory allocation failed\n");
1304 /* Obtain the TMR memory area for SEV-ES use */
1305 sev_es_tmr = sev_fw_alloc(SEV_ES_TMR_SIZE);
1308 "SEV: TMR allocation failed, SEV-ES support unavailable\n");
1310 if (!psp_init_on_probe)
1313 /* Initialize the platform */
1314 rc = sev_platform_init(&error);
1316 dev_err(sev->dev, "SEV: failed to INIT error %#x, rc %d\n",
1322 psp_master->sev_data = NULL;
1325 void sev_pci_exit(void)
1327 struct sev_device *sev = psp_master->sev_data;
1332 sev_firmware_shutdown(sev);
projects / linux.git / blob