Commit b93566f1 authored by Rijo Thomas's avatar Rijo Thomas Committed by Herbert Xu

crypto: ccp - create a generic psp-dev file

The PSP (Platform Security Processor) provides support for key management
commands in Secure Encrypted Virtualization (SEV) mode, along with
software-based Trusted Execution Environment (TEE) to enable third-party
Trusted Applications.

Therefore, introduce psp-dev.c and psp-dev.h files, which can invoke
SEV (or TEE) initialization based on platform feature support.

TEE interface support will be introduced in a later patch.

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Co-developed-by: default avatarDevaraj Rangasamy <Devaraj.Rangasamy@amd.com>
Signed-off-by: default avatarDevaraj Rangasamy <Devaraj.Rangasamy@amd.com>
Signed-off-by: default avatarRijo Thomas <Rijo-john.Thomas@amd.com>
Acked-by: default avatarGary R Hook <gary.hook@amd.com>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 9b67d08d
...@@ -8,7 +8,8 @@ ccp-$(CONFIG_CRYPTO_DEV_SP_CCP) += ccp-dev.o \ ...@@ -8,7 +8,8 @@ ccp-$(CONFIG_CRYPTO_DEV_SP_CCP) += ccp-dev.o \
ccp-dmaengine.o ccp-dmaengine.o
ccp-$(CONFIG_CRYPTO_DEV_CCP_DEBUGFS) += ccp-debugfs.o ccp-$(CONFIG_CRYPTO_DEV_CCP_DEBUGFS) += ccp-debugfs.o
ccp-$(CONFIG_PCI) += sp-pci.o ccp-$(CONFIG_PCI) += sp-pci.o
ccp-$(CONFIG_CRYPTO_DEV_SP_PSP) += sev-dev.o ccp-$(CONFIG_CRYPTO_DEV_SP_PSP) += psp-dev.o \
sev-dev.o
obj-$(CONFIG_CRYPTO_DEV_CCP_CRYPTO) += ccp-crypto.o obj-$(CONFIG_CRYPTO_DEV_CCP_CRYPTO) += ccp-crypto.o
ccp-crypto-objs := ccp-crypto-main.o \ ccp-crypto-objs := ccp-crypto-main.o \
......
// SPDX-License-Identifier: GPL-2.0-only
/*
* AMD Platform Security Processor (PSP) interface
*
* Copyright (C) 2016,2019 Advanced Micro Devices, Inc.
*
* Author: Brijesh Singh <brijesh.singh@amd.com>
*/
#include <linux/kernel.h>
#include <linux/irqreturn.h>
#include "sp-dev.h"
#include "psp-dev.h"
#include "sev-dev.h"
struct psp_device *psp_master;
static struct psp_device *psp_alloc_struct(struct sp_device *sp)
{
struct device *dev = sp->dev;
struct psp_device *psp;
psp = devm_kzalloc(dev, sizeof(*psp), GFP_KERNEL);
if (!psp)
return NULL;
psp->dev = dev;
psp->sp = sp;
snprintf(psp->name, sizeof(psp->name), "psp-%u", sp->ord);
return psp;
}
static irqreturn_t psp_irq_handler(int irq, void *data)
{
struct psp_device *psp = data;
unsigned int status;
/* Read the interrupt status: */
status = ioread32(psp->io_regs + psp->vdata->intsts_reg);
/* invoke subdevice interrupt handlers */
if (status) {
if (psp->sev_irq_handler)
psp->sev_irq_handler(irq, psp->sev_irq_data, status);
}
/* Clear the interrupt status by writing the same value we read. */
iowrite32(status, psp->io_regs + psp->vdata->intsts_reg);
return IRQ_HANDLED;
}
static int psp_check_sev_support(struct psp_device *psp)
{
unsigned int val = ioread32(psp->io_regs + psp->vdata->feature_reg);
/*
* Check for a access to the registers. If this read returns
* 0xffffffff, it's likely that the system is running a broken
* BIOS which disallows access to the device. Stop here and
* fail the PSP initialization (but not the load, as the CCP
* could get properly initialized).
*/
if (val == 0xffffffff) {
dev_notice(psp->dev, "psp: unable to access the device: you might be running a broken BIOS.\n");
return -ENODEV;
}
if (!(val & 1)) {
/* Device does not support the SEV feature */
dev_dbg(psp->dev, "psp does not support SEV\n");
return -ENODEV;
}
return 0;
}
int psp_dev_init(struct sp_device *sp)
{
struct device *dev = sp->dev;
struct psp_device *psp;
int ret;
ret = -ENOMEM;
psp = psp_alloc_struct(sp);
if (!psp)
goto e_err;
sp->psp_data = psp;
psp->vdata = (struct psp_vdata *)sp->dev_vdata->psp_vdata;
if (!psp->vdata) {
ret = -ENODEV;
dev_err(dev, "missing driver data\n");
goto e_err;
}
psp->io_regs = sp->io_map;
ret = psp_check_sev_support(psp);
if (ret)
goto e_disable;
/* Disable and clear interrupts until ready */
iowrite32(0, psp->io_regs + psp->vdata->inten_reg);
iowrite32(-1, psp->io_regs + psp->vdata->intsts_reg);
/* Request an irq */
ret = sp_request_psp_irq(psp->sp, psp_irq_handler, psp->name, psp);
if (ret) {
dev_err(dev, "psp: unable to allocate an IRQ\n");
goto e_err;
}
ret = sev_dev_init(psp);
if (ret)
goto e_irq;
if (sp->set_psp_master_device)
sp->set_psp_master_device(sp);
/* Enable interrupt */
iowrite32(-1, psp->io_regs + psp->vdata->inten_reg);
dev_notice(dev, "psp enabled\n");
return 0;
e_irq:
sp_free_psp_irq(psp->sp, psp);
e_err:
sp->psp_data = NULL;
dev_notice(dev, "psp initialization failed\n");
return ret;
e_disable:
sp->psp_data = NULL;
return ret;
}
void psp_dev_destroy(struct sp_device *sp)
{
struct psp_device *psp = sp->psp_data;
if (!psp)
return;
sev_dev_destroy(psp);
sp_free_psp_irq(sp, psp);
}
void psp_set_sev_irq_handler(struct psp_device *psp, psp_irq_handler_t handler,
void *data)
{
psp->sev_irq_data = data;
psp->sev_irq_handler = handler;
}
void psp_clear_sev_irq_handler(struct psp_device *psp)
{
psp_set_sev_irq_handler(psp, NULL, NULL);
}
struct psp_device *psp_get_master_device(void)
{
struct sp_device *sp = sp_get_psp_master_device();
return sp ? sp->psp_data : NULL;
}
void psp_pci_init(void)
{
psp_master = psp_get_master_device();
if (!psp_master)
return;
sev_pci_init();
}
void psp_pci_exit(void)
{
if (!psp_master)
return;
sev_pci_exit();
}
/* SPDX-License-Identifier: GPL-2.0-only */
/*
* AMD Platform Security Processor (PSP) interface driver
*
* Copyright (C) 2017-2019 Advanced Micro Devices, Inc.
*
* Author: Brijesh Singh <brijesh.singh@amd.com>
*/
#ifndef __PSP_DEV_H__
#define __PSP_DEV_H__
#include <linux/device.h>
#include <linux/list.h>
#include <linux/bits.h>
#include <linux/interrupt.h>
#include "sp-dev.h"
#define PSP_CMDRESP_RESP BIT(31)
#define PSP_CMDRESP_ERR_MASK 0xffff
#define MAX_PSP_NAME_LEN 16
extern struct psp_device *psp_master;
typedef void (*psp_irq_handler_t)(int, void *, unsigned int);
struct psp_device {
struct list_head entry;
struct psp_vdata *vdata;
char name[MAX_PSP_NAME_LEN];
struct device *dev;
struct sp_device *sp;
void __iomem *io_regs;
psp_irq_handler_t sev_irq_handler;
void *sev_irq_data;
void *sev_data;
};
void psp_set_sev_irq_handler(struct psp_device *psp, psp_irq_handler_t handler,
void *data);
void psp_clear_sev_irq_handler(struct psp_device *psp);
struct psp_device *psp_get_master_device(void);
#endif /* __PSP_DEV_H */
This diff is collapsed.
...@@ -25,37 +25,25 @@ ...@@ -25,37 +25,25 @@
#include <linux/miscdevice.h> #include <linux/miscdevice.h>
#include <linux/capability.h> #include <linux/capability.h>
#include "sp-dev.h" #define SEV_CMD_COMPLETE BIT(1)
#define SEV_CMDRESP_CMD_SHIFT 16
#define PSP_CMD_COMPLETE BIT(1) #define SEV_CMDRESP_IOC BIT(0)
#define PSP_CMDRESP_CMD_SHIFT 16
#define PSP_CMDRESP_IOC BIT(0)
#define PSP_CMDRESP_RESP BIT(31)
#define PSP_CMDRESP_ERR_MASK 0xffff
#define MAX_PSP_NAME_LEN 16
struct sev_misc_dev { struct sev_misc_dev {
struct kref refcount; struct kref refcount;
struct miscdevice misc; struct miscdevice misc;
}; };
struct psp_device { struct sev_device {
struct list_head entry;
struct psp_vdata *vdata;
char name[MAX_PSP_NAME_LEN];
struct device *dev; struct device *dev;
struct sp_device *sp; struct psp_device *psp;
void __iomem *io_regs; void __iomem *io_regs;
int sev_state; int state;
unsigned int sev_int_rcvd; unsigned int int_rcvd;
wait_queue_head_t sev_int_queue; wait_queue_head_t int_queue;
struct sev_misc_dev *sev_misc; struct sev_misc_dev *misc;
struct sev_user_data_status status_cmd_buf; struct sev_user_data_status status_cmd_buf;
struct sev_data_init init_cmd_buf; struct sev_data_init init_cmd_buf;
...@@ -64,4 +52,10 @@ struct psp_device { ...@@ -64,4 +52,10 @@ struct psp_device {
u8 build; u8 build;
}; };
int sev_dev_init(struct psp_device *psp);
void sev_dev_destroy(struct psp_device *psp);
void sev_pci_init(void);
void sev_pci_exit(void);
#endif /* __SEV_DEV_H */ #endif /* __SEV_DEV_H */
...@@ -22,7 +22,7 @@ ...@@ -22,7 +22,7 @@
#include <linux/ccp.h> #include <linux/ccp.h>
#include "ccp-dev.h" #include "ccp-dev.h"
#include "sev-dev.h" #include "psp-dev.h"
#define MSIX_VECTORS 2 #define MSIX_VECTORS 2
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment