From nobody Mon Oct 6 04:55:33 2025 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2084.outbound.protection.outlook.com [40.107.223.84]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id ACED526C383; Thu, 24 Jul 2025 21:17:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.223.84 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753391862; cv=fail; b=CnQ/mDZmSiBzhDVR5BRP+hOTefz+WS5LMDbpTA+yl8viwjXIu8JxuaB5KfolowSaYynLqz3x/breQ9QJtAAIbYYgaXXEFxl2e8W6N7FEzT3jlqh5P+s/dznP61mVKkeSz+7vRF7FodVhU05pujQm1fICgYaPWIIQYlKZoXoQ7Uc= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753391862; c=relaxed/simple; bh=+VSfKLp0886wdNrUY/3SLZb8ngrJWri2oKtYlR73qv0=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=tvRM40OipyMZVYQuYzCLi0BzvTv9X6EPF8kzKGAAiRa2q5ev6L2VYsZbK7TiHoSKE+4qkLpZYkpd/ZDczVqaGUt7/KZ4VW656cPUtVxXZqdZhLcYGmYyNBcKF2d69xlgT9K+cGvxHavAtOxTGvS9JaF5qFW5OyeDd1VXq1vaHP0= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=jkOybsqd; arc=fail smtp.client-ip=40.107.223.84 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="jkOybsqd" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=NNteOOGD+u5Psrzj674A7/I23sT+yctkBunh7gpuaXUvez9c6S+gLOWFx8rMC1opCZoSJ6pBjO3Hlcx3GgfHHev4CP/IWgyuUU+xKoPB05y2tuCOSGjbzWG/HGjEIBUKQ3Swf2DLLDZ8Y68+KWrqD+T8x0zO5iH+Yf5izkeir8/IHZI/ItxmQIkYOQDOkz6YEBLoTLmisqG3R8ac4jDYpCJTxHSQG/1+mpubssjI4PDZvN/zs7nB7r9ybGE3X3jdWqI0GcjRO/1jzpYUDewXPLvKRDZ7+N7p3Qmd2qYJ+UdYL/8NGw3mFO6coVUbNR30FPizLJiytw+yXHaviDcecg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=IWrz94P8mXMcKK3Y9EhmGKDrHc8poepe23xWffVOo1Y=; b=pkpBORHtC5gFyJQf7N6iM8c7U5wd+Nk81uj4/mvJuq1vQLZKNA+DjiX8CNHWxjSYjzZ2L5abmn4OD6Kmk1Nf6guJfxxYtZXLQhj1PxUzRvGqGhFxUcRrSSYsYitvDavS3Y8fFeeuXhFeUN41syct9jWydR0fc5I9SddKHDPqYnJTg1vBQhVFwPZspTP6RQRvAYX1NIYyVlBjC8PrgibzVinwqd04gVGiazpjhA3Tk6lBaOpEmp2D/xTBbHMs2ZqsZ4f5EPR1yrTKcDbxhJvLeDi9D+VcOKcN2UDm3hvhFkm9DTzThbYYmA0i7NgnB4kLGyta4JB0gPOK8PZkr5sl4w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=gondor.apana.org.au smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=IWrz94P8mXMcKK3Y9EhmGKDrHc8poepe23xWffVOo1Y=; b=jkOybsqdI0BfmzsYxkVuzPCiIfc3AVwnzIvcQonltZ2RlUyKNyfCT0MyVDZY7ni/AE31OORbuWtx5boZskLrfr8KxDmDaLREgZSTFJQBSoyNwLDhjfQeQiPsDarTtMvXI5YChJFKTl4uotPE7QkKDZ1L6umkcY3p+UIUuYCJ2bs= Received: from PH8PR07CA0035.namprd07.prod.outlook.com (2603:10b6:510:2cf::22) by PH7PR12MB5928.namprd12.prod.outlook.com (2603:10b6:510:1db::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8943.29; Thu, 24 Jul 2025 21:17:37 +0000 Received: from SJ1PEPF000026C7.namprd04.prod.outlook.com (2603:10b6:510:2cf:cafe::f1) by PH8PR07CA0035.outlook.office365.com (2603:10b6:510:2cf::22) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8964.22 via Frontend Transport; Thu, 24 Jul 2025 21:17:37 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SJ1PEPF000026C7.mail.protection.outlook.com (10.167.244.104) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8964.20 via Frontend Transport; Thu, 24 Jul 2025 21:17:36 +0000 Received: from purico-ed09host.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Thu, 24 Jul 2025 16:14:54 -0500 From: Ashish Kalra To: , , , CC: , , , , Subject: [PATCH 1/2] crypto: ccp - Add new API for extending HV_Fixed Pages Date: Thu, 24 Jul 2025 21:14:26 +0000 Message-ID: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SJ1PEPF000026C7:EE_|PH7PR12MB5928:EE_ X-MS-Office365-Filtering-Correlation-Id: 9523f015-b7c2-4821-0213-08ddcaf783ba X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|82310400026|1800799024|36860700013; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?LwQU+6XG8jVbg4pE9AO1mEwJvoqnnH/A/qpViZhN/jmsg1LGAfhwsBV4GI6V?= =?us-ascii?Q?rqpxcMtQc7yY8YrieRubQUQuH45Y+2CxdFJYNz+5CDu4pWTlr3A0PtsiHHrv?= =?us-ascii?Q?mTmI0MlD14knlzOyNEf1c8r0L6D2VIKD+mtPyMOGAb1kln73bS+21mQjIylS?= =?us-ascii?Q?7Oflyuf58XaMXQ4FOzHsmjLWisWD0l4OKWVdJ6VJ1ckrYDCoA7ORqoFm8Nnz?= =?us-ascii?Q?tWrkHaeSawOWaxm/e75pjMOeWM3lEEDAQOu0uhoSy5qQOatcRNP8d+ZPuTTy?= =?us-ascii?Q?dHm5iKeusZPLw8aIlnTgo/U+vH/BzciaVPJnJ9kwq4t9kicncyVDvyMRKvDE?= =?us-ascii?Q?PH2AorFjEMrlBkZfV18g0nl2GP02W1mNZA4YYXoIAxMY4+dwnEy/UIcVu8ar?= =?us-ascii?Q?OUGtHfHw4VqAwWOnL3Kl8Hb4ec5n8d/R+VH5HqcfVXoYPww/4NFTh2N29Z8+?= =?us-ascii?Q?+d5AiWQaW/M96pypMRmgl8H3DN4KkBQHTsK8eP/aj5K3r+e4/eC728H/20a+?= =?us-ascii?Q?gxsUvuc+LZl5nFTQxr+UIV2DdZ5FL/jHjsyIg4lmabm832VYSH86yyFrAz18?= =?us-ascii?Q?fyAkJbVIhK2hBLnC2Eutv+qmS04Bg95GrjATeqQE3Kz1GXy6btt61OdNi7Zr?= =?us-ascii?Q?k6HrU5sBGKjwV6RQ6Lbd8WiTyk97hM6dYr+fVCHRwhfNba75BgoZIFb9owiv?= =?us-ascii?Q?gaSxUCjpJGSPsYtENviT3Xksf/mh79GuGJs6HvKLgf37BRJbDwm2XMfyaDFA?= =?us-ascii?Q?Pt+UL6eGef1stH1mB96Pl2IF6JoARX1qFfsrOf+gD44JBACWitfrfTwHuBhk?= =?us-ascii?Q?Wfclm3kdru59+C4vU7Oy+poYqrpZk9zkcpXPUMet64LHfyjJ2V6tYJPUip3V?= =?us-ascii?Q?xueJxJxyNv5T0L98rIueipga/9m9uxBdsvV2ANRi+Ab3XeYvcl+A8vvPpUi9?= =?us-ascii?Q?an+P4afgQm2iHdgFOxt7PjFtINXuPZd2jMrHiTQ4C/Juxmoaifb62ux+VtT1?= =?us-ascii?Q?b0CiOLNfSkWm2Ge/J6gLqPO/C4wdzf8fw5xr7Rzcv8V1Kia+U72hQcFAY4Xp?= =?us-ascii?Q?m4Jq6ip78B3p2cb1qm4hPjt2TTP7m35VxoB4c7/iVDpA+6KAhC32cya7KBP2?= =?us-ascii?Q?9a23Iiar8ticlLZDBpUqBpBxT7DPqSZKYzWV+YjVZDEH/bTT5b6FcnHrWpD9?= =?us-ascii?Q?5bn6IYwECIEXuFr+em6YL8qkmnP13fParXMhLNWRdBcri7eOHU3HlPMwQnPl?= =?us-ascii?Q?VGr3+C33/dX2CKSxH5UVU0M8617SJ5GrWyvwvPlgaBHCzJZz//m6HmQkOcNm?= =?us-ascii?Q?RWoKgeiv7Z5MIM4IDBGji6H+N50BnGza+nZ6tTZ8Aal2LZ9jf7DMtWUtWA6B?= =?us-ascii?Q?mdVlZJpS//sAalcFdvGaQvwWC0BqVWwwo6QQMNxTwQfEwC9qO131dh1UdjzX?= =?us-ascii?Q?/aq/ZgFF6lq2Ym/2DisKL0hXHXabxYpEGzjeAdOi2GWJWruGdDkddhiv+ldA?= =?us-ascii?Q?eNh3N+/sSHg63qXWUDejy6AQhhE/awpPRXjJ?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(376014)(82310400026)(1800799024)(36860700013);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 24 Jul 2025 21:17:36.9570 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 9523f015-b7c2-4821-0213-08ddcaf783ba X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SJ1PEPF000026C7.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB5928 Content-Type: text/plain; charset="utf-8" From: Ashish Kalra Implement new API to add support for extending the HV_Fixed pages list passed to SNP_INIT_EX. Adds a simple list based interface to extend the HV_Fixed pages list for PSP sub-devices such as the SFS driver. Suggested-by: Thomas.Lendacky@amd.com Signed-off-by: Ashish Kalra --- drivers/crypto/ccp/sev-dev.c | 88 ++++++++++++++++++++++++++++++++++++ drivers/crypto/ccp/sev-dev.h | 3 ++ 2 files changed, 91 insertions(+) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index e058ba027792..c3ff40cd7a96 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -82,6 +82,14 @@ MODULE_FIRMWARE("amd/amd_sev_fam19h_model1xh.sbin"); /* = 4th gen EPYC */ static bool psp_dead; static int psp_timeout; =20 +struct snp_hv_fixed_pages_entry { + u64 base; + int npages; + struct list_head list; +}; +static LIST_HEAD(snp_hv_fixed_pages); +static DEFINE_SPINLOCK(snp_hv_fixed_pages_lock); + /* Trusted Memory Region (TMR): * The TMR is a 1MB area that must be 1MB aligned. Use the page allocat= or * to allocate the memory, which will return aligned memory for the spec= ified @@ -1073,6 +1081,76 @@ static void snp_set_hsave_pa(void *arg) wrmsrq(MSR_VM_HSAVE_PA, 0); } =20 +int snp_insert_hypervisor_fixed_pages_list(u64 paddr, int npages) +{ + struct snp_hv_fixed_pages_entry *entry; + + spin_lock(&snp_hv_fixed_pages_lock); + + entry =3D kzalloc(sizeof(*entry), GFP_KERNEL); + if (!entry) { + spin_unlock(&snp_hv_fixed_pages_lock); + return -ENOMEM; + } + entry->base =3D paddr; + entry->npages =3D npages; + list_add_tail(&entry->list, &snp_hv_fixed_pages); + + spin_unlock(&snp_hv_fixed_pages_lock); + + return 0; +} + +void snp_delete_hypervisor_fixed_pages_list(u64 paddr) +{ + struct snp_hv_fixed_pages_entry *entry, *nentry; + + spin_lock(&snp_hv_fixed_pages_lock); + list_for_each_entry_safe(entry, nentry, &snp_hv_fixed_pages, list) { + if (entry->base =3D=3D paddr) { + list_del(&entry->list); + kfree(entry); + break; + } + } + spin_unlock(&snp_hv_fixed_pages_lock); +} + +static int snp_extend_hypervisor_fixed_pages(struct sev_data_range_list *r= ange_list) +{ + struct sev_data_range *range =3D &range_list->ranges[range_list->num_elem= ents]; + struct snp_hv_fixed_pages_entry *entry; + int new_element_count, ret =3D 0; + + spin_lock(&snp_hv_fixed_pages_lock); + if (list_empty(&snp_hv_fixed_pages)) + goto out; + + new_element_count =3D list_count_nodes(&snp_hv_fixed_pages) + + range_list->num_elements; + + /* + * Ensure the list of HV_FIXED pages that will be passed to firmware + * do not exceed the page-sized argument buffer. + */ + if (new_element_count * sizeof(struct sev_data_range) + + sizeof(struct sev_data_range_list) > PAGE_SIZE) { + ret =3D -E2BIG; + goto out; + } + + list_for_each_entry(entry, &snp_hv_fixed_pages, list) { + range->base =3D entry->base; + range->page_count =3D entry->npages; + range++; + } + range_list->num_elements =3D new_element_count; +out: + spin_unlock(&snp_hv_fixed_pages_lock); + + return ret; +} + static int snp_filter_reserved_mem_regions(struct resource *rs, void *arg) { struct sev_data_range_list *range_list =3D arg; @@ -1163,6 +1241,16 @@ static int __sev_snp_init_locked(int *error) return rc; } =20 + /* + * Extend the HV_Fixed pages list with HV_Fixed pages added from other + * PSP sub-devices such as SFS. Warn if the list can't be extended + * but continue with SNP_INIT_EX. + */ + rc =3D snp_extend_hypervisor_fixed_pages(snp_range_list); + if (rc) + dev_warn(sev->dev, + "SEV: SNP_INIT_EX extend HV_Fixed pages failed rc =3D %d\n", rc); + memset(&data, 0, sizeof(data)); data.init_rmp =3D 1; data.list_paddr_en =3D 1; diff --git a/drivers/crypto/ccp/sev-dev.h b/drivers/crypto/ccp/sev-dev.h index 3e4e5574e88a..444d7fffd801 100644 --- a/drivers/crypto/ccp/sev-dev.h +++ b/drivers/crypto/ccp/sev-dev.h @@ -65,4 +65,7 @@ void sev_dev_destroy(struct psp_device *psp); void sev_pci_init(void); void sev_pci_exit(void); =20 +int snp_insert_hypervisor_fixed_pages_list(u64 paddr, int npages); +void snp_delete_hypervisor_fixed_pages_list(u64 paddr); + #endif /* __SEV_DEV_H */ --=20 2.34.1 From nobody Mon Oct 6 04:55:33 2025 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2043.outbound.protection.outlook.com [40.107.236.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 837152ECD39; Thu, 24 Jul 2025 21:19:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.236.43 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753391942; cv=fail; b=P9yqtRFyqUtP4nm1ouVRAbA0l+sYJrEydak7tZN5SJeKlsmzmg5K7ZtKHdErLgyFf0NEaLXx9hSwLCLuvCY/+qt8a5jyJTpMOFicsbztv6ApfyMl0c1li7xRi8BOdDyT70oZG9QWFZ/WV94xnAryCUq3KygEgTu7MJRdksKCJHs= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753391942; c=relaxed/simple; bh=IH3TsbbuFS7c/JWx1GMv93WQCFHEWCZs9iZS4pMIAec=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=ZPBmpb76wMcdVgHsuiw6mCn1Bf8To+94PZlhQN0ATkbTLvHYID3mWqpeYaoPZk570Vo/DEFHpsE2YRczrIw+o2GnpJMxsYc1kB+ZAlFLv9xcs2DNgLFINNRTZQVf1w3pnPx30zDpUhM1E/w3A5RZwzUwRp6G+5krxM26aMUI2Gk= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=zbxliPql; arc=fail smtp.client-ip=40.107.236.43 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="zbxliPql" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=ln1AmmOzNHzedoqM3oTR6NeYBlCfJCyNF55tYxA7AlF9k41wDVehS3+Lin974mPfsfXsYXAju2mWvhvJhak3JVEdMGJlLmuPxHtc8GTSqoSPrTvkQRDLw6pww3BQWIlUD6LxcJfVO8htWrnwPTbKUnxJE9I52fcNTTGYO7OXfGSlpPdWYDasQoUIc1LCic1xHwbOkKSXiuvfTMfv+wdDKCGE4wmkm4XwMBVuhqKeI6gP+gR0fz06H+GLpXjnyBt4mwR3V8hFGpqRKw8ghdVP9WO+4YuwO0GpFnMZv6Q+32rkFjgpVoRDLhQt1sCTmRkEe55tdu+r7tGYjT0Ubzr//w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=LDZ7dkw1sMwEBp28UPLalIasHkeJZjISeWLiKbKHqqs=; b=AIQJHJX6ieZQnuuV8Rx0OL94+RRip8VM0GoK/lVPW+//gm/qvhQZDzok0XNJyeExBRKbhOlorBrHPaqYknD04RLH4c0E2wAi1XBsEyudQzwO0KAmiykaCLK5+dc6eq6R8dXzqTVk4bsoGFsC9l+80CCYfPeqziv9n49+s7b/oc6gpm32DJWeYNOSe1zxQ/gU3dXTt3pucD+vd2EP3Hmic98/LBbuow0vpwaAHpceNOHzKgCp3Y1Ih/0LI/ZbVsMFesTfoNLti1fw5PPaVfZc83bo8l9qNV5tItbVjkuRNpK3goJblrGToDt9Rq66AG/u5pxzxTilK+sYidg5ofNbOg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=gondor.apana.org.au smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LDZ7dkw1sMwEBp28UPLalIasHkeJZjISeWLiKbKHqqs=; b=zbxliPqlKASyzShfoeR44u3KngxKIO8wOHcTGtvGfMEJBuD8fcDbG/Uuf52NNeXQzuvaJlzJwetc2yS6sXwxbbfTgIESY99l3UO3K6NkiJZxBXxq42rqlTTOP20sGR+Ji8TU1ZmlOw4yr1OcYzEy49UR/Un6xRo9vp5n3xkP2zU= Received: from PH8PR07CA0029.namprd07.prod.outlook.com (2603:10b6:510:2cf::27) by IA0PR12MB8304.namprd12.prod.outlook.com (2603:10b6:208:3dc::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8943.30; Thu, 24 Jul 2025 21:18:54 +0000 Received: from SJ1PEPF000026C7.namprd04.prod.outlook.com (2603:10b6:510:2cf:cafe::9f) by PH8PR07CA0029.outlook.office365.com (2603:10b6:510:2cf::27) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8964.22 via Frontend Transport; Thu, 24 Jul 2025 21:18:53 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SJ1PEPF000026C7.mail.protection.outlook.com (10.167.244.104) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8964.20 via Frontend Transport; Thu, 24 Jul 2025 21:18:53 +0000 Received: from purico-ed09host.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Thu, 24 Jul 2025 16:17:17 -0500 From: Ashish Kalra To: , , , CC: , , , , Subject: [PATCH 2/2] crypto: ccp - Add AMD Seamless Firmware Servicing (SFS) driver Date: Thu, 24 Jul 2025 21:16:28 +0000 Message-ID: <82acbf87e782c482ebd8d80092b5ad47d1f4b854.1753389962.git.ashish.kalra@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SJ1PEPF000026C7:EE_|IA0PR12MB8304:EE_ X-MS-Office365-Filtering-Correlation-Id: 27c797f4-5668-4d0a-e1b5-08ddcaf7b156 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|1800799024|82310400026|36860700013|13003099007; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?7/ULLg8EuaqOFhD+XnAWJT/UCDrZP2jxWWVSOvqX1hLltF4mZglcNJXRjtnF?= =?us-ascii?Q?HbXpyJSGHWgsWpuOW5cuunQj7nXqFTbJtRdJnnMmeFH06IXvRUhhS33sxIeh?= =?us-ascii?Q?eDNWjocnWv3INdzNy9DNfpNTC7o75UDq00y15AourE5zWGkhPGkt6NC7ISiF?= =?us-ascii?Q?JUwpxlv69yIWmmK9v+BMSbfVjkLe5pLo3syy0QbhxJU3uFjFuGvuq1X7xKxf?= =?us-ascii?Q?IoApzS4FVf4lSiLoLVBRlN8jdzSTWGMrPxVMbH9nPt9Fbyd/A4pmfujI0PRd?= =?us-ascii?Q?hDfWxXD98YxhbSsbDCxY4Tbh+ABr5pKzEybI3mrw9cnUED3T6RIluarh9Y38?= =?us-ascii?Q?LI9idyVEME4Km3756skBkxV4aW75Q6Ep8DM4uNlidR5HMsquh6P6SPr53jtn?= =?us-ascii?Q?KZKZk+/HKn9aIHEuMpaOdvWoy2iq/FOW1Vd6Ub4Jdzbt9x1yWJPr8Ta99AdL?= =?us-ascii?Q?RwntK3LAgXh21HfEpAt5JzdgZpDSOdz8Dj20J8BvJlXlntgwmhfckZJ8U5hZ?= =?us-ascii?Q?tbpONgaBOS9AabtU6x+2scR1mqKNdjzjvLRWYxt1T68P7U3UJGcmT49bZogP?= =?us-ascii?Q?JZE/hYxHENjQ1eSteiW49SM4WSqUMf2xqFF+0pp1rClxKepQZreuJGoSlc8M?= =?us-ascii?Q?GVZg9X1KlHT+0t27x6ofTlFqBFcjRxCz8N1yqmsd2oZQG4fAhtiXLcbWgRLp?= =?us-ascii?Q?C/4Dzsh5qDCfh7LPvVRuHasDdKc/ZVUw6n0skC13IFkoBvTkLCPfEbG7GsGR?= =?us-ascii?Q?FXgVPLcObXgNN/bjy+mC19l5gRtRA8QwlrrIgT+hcEhlHcERAAKt8hFIWL/Y?= =?us-ascii?Q?STN6QvRgDXTIKRVCbEUy8+Rw/e8gQZuG31e2MvswpXYu+SwoeSqNo6i5sOco?= =?us-ascii?Q?fG+4OWYFARW1pq7GL13ton4qq7UFb/WoRz4ciTG976bMaLET/bVhZhXE4M/+?= =?us-ascii?Q?veFAPBC6tluxVcXZUfiNbspuWm/gDGjf/x3CX2BG+/MFRBf4oiRSCHvRHxUm?= =?us-ascii?Q?lLAG0enCohNz6Kq/YUpUcaAMmff52+GcL8Kv64E3jXwUy4ws8cUgbXgVE9mB?= =?us-ascii?Q?+wR6EP44fGsZFvqpBdQOxVScCrKaNNhZyiXEfNuf0KzwUlWShkXpB8brzGio?= =?us-ascii?Q?UVnqYbzE3D6br1P+35rNSNilAmSDwue7+mEbMWVCwg/M1JVFmeT9jk51lLdu?= =?us-ascii?Q?If6URFj9jFSPd0VZfd+Mg5+3ZtaGOnCe9n+nV2SCEs6neS4JnIbhdFhXrjj7?= =?us-ascii?Q?b6lXvPz1r3kmyanPD29XYEeINUYuPSv+4jfm3jCjrGJvTWviwNT03o8opXT0?= =?us-ascii?Q?jzv0oY9Jrh9+iJ/z3bbquAuZBOOQ18iL+W1g+hnboK9tGNG7C357Y/JQ0V7T?= =?us-ascii?Q?m81WDua9NptcWsb5lWJhnm6jBmDzIjH5iAG3a/2p2fiMjWejr55c/roSk9vk?= =?us-ascii?Q?g/HzVWIYxR7JUrlgfMOtj0XWTqlWtCDseVrdPmIaI/ZxhP6kCueIF4X92jTp?= =?us-ascii?Q?oNEgPYb7ZA8P9ZFnJCVj1tk/OeGr0Ga60L8OJ81wkVvG5KpSjiSYPvcdcA?= =?us-ascii?Q?=3D=3D?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(376014)(1800799024)(82310400026)(36860700013)(13003099007);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 24 Jul 2025 21:18:53.6138 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 27c797f4-5668-4d0a-e1b5-08ddcaf7b156 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SJ1PEPF000026C7.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA0PR12MB8304 Content-Type: text/plain; charset="utf-8" From: Ashish Kalra AMD Seamless Firmware Servicing (SFS) is a secure method to allow non-persistent updates to running firmware and settings without requiring BIOS reflash and/or system reset. SFS does not address anything that runs on the x86 processors and it can be used to update ASP firmware, modules, register settings and update firmware for other microprocessors like TMPM, etc. SFS driver support adds ioctl support to communicate the SFS commands to the ASP/PSP by using the TEE mailbox interface. The Seamless Firmware Servicing (SFS) driver is added as a PSP sub-device. For detailed information, please look at the SFS specifications: https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specif= ications/58604.pdf Signed-off-by: Ashish Kalra --- drivers/crypto/ccp/Makefile | 3 +- drivers/crypto/ccp/psp-dev.c | 20 ++ drivers/crypto/ccp/psp-dev.h | 8 +- drivers/crypto/ccp/sfs.c | 316 ++++++++++++++++++++++++++++ drivers/crypto/ccp/sfs.h | 53 +++++ include/linux/psp-platform-access.h | 2 + include/uapi/linux/psp-sfs.h | 87 ++++++++ 7 files changed, 487 insertions(+), 2 deletions(-) create mode 100644 drivers/crypto/ccp/sfs.c create mode 100644 drivers/crypto/ccp/sfs.h create mode 100644 include/uapi/linux/psp-sfs.h diff --git a/drivers/crypto/ccp/Makefile b/drivers/crypto/ccp/Makefile index 394484929dae..9b876bfb1289 100644 --- a/drivers/crypto/ccp/Makefile +++ b/drivers/crypto/ccp/Makefile @@ -13,7 +13,8 @@ ccp-$(CONFIG_CRYPTO_DEV_SP_PSP) +=3D psp-dev.o \ tee-dev.o \ platform-access.o \ dbc.o \ - hsti.o + hsti.o \ + sfs.o =20 obj-$(CONFIG_CRYPTO_DEV_CCP_CRYPTO) +=3D ccp-crypto.o ccp-crypto-objs :=3D ccp-crypto-main.o \ diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c index 1c5a7189631e..8c4ad225ad67 100644 --- a/drivers/crypto/ccp/psp-dev.c +++ b/drivers/crypto/ccp/psp-dev.c @@ -17,6 +17,7 @@ #include "psp-dev.h" #include "sev-dev.h" #include "tee-dev.h" +#include "sfs.h" #include "platform-access.h" #include "dbc.h" #include "hsti.h" @@ -182,6 +183,17 @@ static int psp_check_tee_support(struct psp_device *ps= p) return 0; } =20 +static int psp_check_sfs_support(struct psp_device *psp) +{ + /* Check if device supports SFS feature */ + if (!psp->capability.sev) { + dev_dbg(psp->dev, "psp does not support SFS\n"); + return -ENODEV; + } + + return 0; +} + static int psp_init(struct psp_device *psp) { int ret; @@ -198,6 +210,12 @@ static int psp_init(struct psp_device *psp) return ret; } =20 + if (!psp_check_sfs_support(psp)) { + ret =3D sfs_dev_init(psp); + if (ret) + return ret; + } + if (psp->vdata->platform_access) { ret =3D platform_access_dev_init(psp); if (ret) @@ -302,6 +320,8 @@ void psp_dev_destroy(struct sp_device *sp) =20 tee_dev_destroy(psp); =20 + sfs_dev_destroy(psp); + dbc_dev_destroy(psp); =20 platform_access_dev_destroy(psp); diff --git a/drivers/crypto/ccp/psp-dev.h b/drivers/crypto/ccp/psp-dev.h index e43ce87ede76..268c83f298cb 100644 --- a/drivers/crypto/ccp/psp-dev.h +++ b/drivers/crypto/ccp/psp-dev.h @@ -32,7 +32,8 @@ union psp_cap_register { unsigned int sev :1, tee :1, dbc_thru_ext :1, - rsvd1 :4, + sfs :1, + rsvd1 :3, security_reporting :1, fused_part :1, rsvd2 :1, @@ -68,6 +69,7 @@ struct psp_device { void *tee_data; void *platform_access_data; void *dbc_data; + void *sfs_data; =20 union psp_cap_register capability; }; @@ -118,12 +120,16 @@ struct psp_ext_request { * @PSP_SUB_CMD_DBC_SET_UID: Set UID for DBC * @PSP_SUB_CMD_DBC_GET_PARAMETER: Get parameter from DBC * @PSP_SUB_CMD_DBC_SET_PARAMETER: Set parameter for DBC + * @PSP_SUB_CMD_SFS_GET_FW_VERS: Get firmware versions for ASP and other MP + * @PSP_SUB_CMD_SFS_UPDATE: Command to load, verify and execute SFS packa= ge */ enum psp_sub_cmd { PSP_SUB_CMD_DBC_GET_NONCE =3D PSP_DYNAMIC_BOOST_GET_NONCE, PSP_SUB_CMD_DBC_SET_UID =3D PSP_DYNAMIC_BOOST_SET_UID, PSP_SUB_CMD_DBC_GET_PARAMETER =3D PSP_DYNAMIC_BOOST_GET_PARAMETER, PSP_SUB_CMD_DBC_SET_PARAMETER =3D PSP_DYNAMIC_BOOST_SET_PARAMETER, + PSP_SUB_CMD_SFS_GET_FW_VERS =3D PSP_SFS_GET_FW_VERSIONS, + PSP_SUB_CMD_SFS_UPDATE =3D PSP_SFS_UPDATE, }; =20 int psp_extended_mailbox_cmd(struct psp_device *psp, unsigned int timeout_= msecs, diff --git a/drivers/crypto/ccp/sfs.c b/drivers/crypto/ccp/sfs.c new file mode 100644 index 000000000000..cbca01a884e1 --- /dev/null +++ b/drivers/crypto/ccp/sfs.c @@ -0,0 +1,316 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * AMD Secure Processor Seamless Firmware Servicing support. + * + * Copyright (C) 2023-2025 Advanced Micro Devices, Inc. + * + * Author: Ashish Kalra + */ + +#include + +#include "sfs.h" +#include "sev-dev.h" + +#define SFS_DEFAULT_TIMEOUT (10 * MSEC_PER_SEC) +#define SFS_MAX_PAYLOAD_SIZE (2 * 1024 * 1024) +#define ORDER_2MB 9 + +/* SFS Status values */ +#define SFS_SUCCESS 0x00 +#define SFS_INVALID_TOTAL_SIZE 0x02 +#define SFS_INVALID_PKG_SIZE 0x04 +#define SFS_DISABLED 0x05 +#define SFS_INVALID_CUST_SIGN 0x06 +#define SFS_INVALID_AMD_SIGN 0x07 +#define SFS_INTERNAL_ERROR 0x08 +#define SFS_CUST_SIGN_NOT_ALLOWED 0x09 +#define SFS_INVALID_BASE_PATCH_LVL 0x0A +#define SFS_INVALID_CURR_PATCH_LVL 0x0B +#define SFS_INVALID_NEW_PATCH_LVL 0x0C +#define SFS_INVALID_SUBCOMMAND 0x0D +#define SFS_PROTECTION_FAIL 0x0E +#define SFS_BUSY 0x0F +#define SFS_FW_VERSION_MISMATCH 0x10 +#define SFS_SYS_VERSION_MISMATCH 0x11 +#define SFS_SEV_STILL_INITIALIZED 0x12 + +static bool sfs_initialized; + +static int send_sfs_cmd(struct psp_sfs_device *sfs_dev, int msg) +{ + int ret; + + *sfs_dev->result =3D 0; + sfs_dev->command_hdr->ext_req.header.sub_cmd_id =3D msg; + + ret =3D psp_extended_mailbox_cmd(sfs_dev->psp, + SFS_DEFAULT_TIMEOUT, + (struct psp_ext_request *)sfs_dev->command_hdr); + if (ret =3D=3D -EIO) { + dev_dbg(sfs_dev->dev, + "msg 0x%x failed with PSP error: 0x%x\n", + msg, *sfs_dev->result); + dev_dbg(sfs_dev->dev, + "msg 0x%x extended status: 0x%x\n", + msg, *(u32 *)sfs_dev->payload); + } + + return ret; +} + +static int send_sfs_get_fw_versions(struct psp_sfs_device *sfs_dev) +{ + int ret; + + sfs_dev->payload_size =3D &sfs_dev->command_hdr->ext_req.header.payload_s= ize; + sfs_dev->result =3D &sfs_dev->command_hdr->ext_req.header.status; + sfs_dev->payload =3D &sfs_dev->command_hdr->ext_req.buf; + sfs_dev->pkg_hdr =3D (void *)sfs_dev->command_hdr + PAGE_SIZE; + sfs_dev->header_size =3D sizeof(struct psp_ext_req_buffer_hdr); + + /* + * SFS_GET_FW_VERSIONS command needs the output buffer to be + * initialized to 0xC7 in every byte. + */ + memset(sfs_dev->pkg_hdr, 0xc7, PAGE_SIZE); + *sfs_dev->payload_size =3D 2 * PAGE_SIZE; + + ret =3D send_sfs_cmd(sfs_dev, PSP_SFS_GET_FW_VERSIONS); + + return ret; +} + +static int send_sfs_update_package(struct psp_sfs_device *sfs_dev, char *p= ayload_name) +{ + char payload_path[PAYLOAD_NAME_SIZE]; + const struct firmware *firmware; + unsigned long package_size; + int ret; + + sprintf(payload_path, "amd/%s", payload_name); + + ret =3D firmware_request_nowarn(&firmware, payload_path, sfs_dev->dev); + if (ret < 0) { + dev_warn(sfs_dev->dev, "firmware request fail %d\n", ret); + return -ENOENT; + } + + /* SFS Update Package should be 64KB aligned */ + package_size =3D ALIGN(firmware->size + PAGE_SIZE, 0x10000U); + + /* + * SFS command buffer is a pre-allocated 2MB buffer, fail update package + * if SFS payload is larger than the pre-allocated command buffer. + */ + if (package_size > SFS_MAX_PAYLOAD_SIZE) { + dev_warn(sfs_dev->dev, + "SFS payload size %ld larger than maximum supported payload size of 2M= B\n", + package_size); + return -ENOMEM; + } + + sfs_dev->payload_size =3D &sfs_dev->command_hdr->ext_req.header.payload_s= ize; + sfs_dev->result =3D &sfs_dev->command_hdr->ext_req.header.status; + sfs_dev->payload =3D &sfs_dev->command_hdr->ext_req.buf; + sfs_dev->pkg_hdr =3D (void *)sfs_dev->command_hdr + PAGE_SIZE; + sfs_dev->header_size =3D sizeof(struct psp_ext_req_buffer_hdr); + + /* + * Copy firmware data to a kernel allocated contiguous + * memory region. + */ + memcpy(sfs_dev->pkg_hdr, firmware->data, firmware->size); + *sfs_dev->payload_size =3D package_size; + + ret =3D send_sfs_cmd(sfs_dev, PSP_SFS_UPDATE); + + release_firmware(firmware); + return ret; +} + +static long sfs_ioctl(struct file *filp, unsigned int cmd, unsigned long a= rg) +{ + struct psp_device *psp_master =3D psp_get_master_device(); + void __user *argp =3D (void __user *)arg; + char payload_name[PAYLOAD_NAME_SIZE]; + struct psp_sfs_device *sfs_dev; + int ret; + + if (!psp_master || !psp_master->sfs_data) + return -ENODEV; + sfs_dev =3D psp_master->sfs_data; + + if (!sfs_initialized) + return -EINVAL; + + mutex_lock(&sfs_dev->ioctl_mutex); + + switch (cmd) { + case SFSIOCFWVERS: + dev_dbg(sfs_dev->dev, "in SFSIOCFWVERS\n"); + + ret =3D send_sfs_get_fw_versions(sfs_dev); + if (ret && ret !=3D -EIO) + goto unlock; + /* + * return SFS status and extended status back to userspace + * if PSP status indicated command error. + */ + if (copy_to_user(argp, sfs_dev->pkg_hdr, PAGE_SIZE)) + ret =3D -EFAULT; + if (copy_to_user(argp + PAGE_SIZE, sfs_dev->result, sizeof(u32))) + ret =3D -EFAULT; + if (copy_to_user(argp + PAGE_SIZE + sizeof(u32), sfs_dev->payload, sizeo= f(u32))) + ret =3D -EFAULT; + break; + case SFSIOCUPDATEPKG: + dev_dbg(sfs_dev->dev, "in SFSIOCUPDATEPKG\n"); + + if (copy_from_user(payload_name, argp, PAYLOAD_NAME_SIZE)) { + ret =3D -EFAULT; + goto unlock; + } + + ret =3D send_sfs_update_package(sfs_dev, payload_name); + if (ret && ret !=3D -EIO) + goto unlock; + /* + * return SFS status and extended status back to userspace + * if PSP status indicated command error. + */ + if (copy_to_user(argp + PAYLOAD_NAME_SIZE, sfs_dev->result, sizeof(u32))) + ret =3D -EFAULT; + if (copy_to_user(argp + PAYLOAD_NAME_SIZE + sizeof(u32), sfs_dev->payloa= d, + sizeof(u32))) + ret =3D -EFAULT; + break; + default: + ret =3D -EINVAL; + } + +unlock: + mutex_unlock(&sfs_dev->ioctl_mutex); + + return ret; +} + +static const struct file_operations sfs_fops =3D { + .owner =3D THIS_MODULE, + .unlocked_ioctl =3D sfs_ioctl, +}; + +void sfs_dev_destroy(struct psp_device *psp) +{ + struct psp_sfs_device *sfs_dev =3D psp->sfs_data; + int ret; + + if (!sfs_dev) + return; + + /* + * TODO: free pre-allocated 2MB command buffer, + * if SEV-SNP is initialized the command buffer has + * been marked HV_Fixed and HV_Fixed pages remain + * in that state till system reset, they cannot be + * released back to the page allocator. + * + */ + snp_delete_hypervisor_fixed_pages_list(page_to_pfn(sfs_dev->page) << PAGE= _SHIFT); + + ret =3D set_memory_wb((unsigned long)page_address(sfs_dev->page), 512); + if (ret) + dev_dbg(sfs_dev->dev, "set memory wb failed\n"); + + sfs_initialized =3D false; + misc_deregister(&sfs_dev->char_dev); + mutex_destroy(&sfs_dev->ioctl_mutex); + psp->sfs_data =3D NULL; +} + +int sfs_dev_init(struct psp_device *psp) +{ + struct device *dev =3D psp->dev; + struct psp_sfs_device *sfs_dev; + struct page *page; + u64 cmd_buf_paddr; + int ret; + + /* + * SFS feature support can be detected on multiple devices but the SFS + * FW commands must be issued on the master. During probe, we do not + * know the master hence we create /dev/sfs on the first device probe. + */ + if (sfs_initialized) + return 0; + + sfs_dev =3D devm_kzalloc(dev, sizeof(*sfs_dev), GFP_KERNEL); + if (!sfs_dev) + return -ENOMEM; + + BUILD_BUG_ON(sizeof(struct sfs_command) > PAGE_SIZE); + + /* + * Pre-allocate static 2MB command buffer for all SFS commands. + */ + page =3D alloc_pages(GFP_KERNEL | __GFP_ZERO, ORDER_2MB); + if (!page) + return -ENOMEM; + sfs_dev->page =3D page; + sfs_dev->command_hdr =3D page_address(page); + cmd_buf_paddr =3D page_to_pfn(sfs_dev->page) << PAGE_SHIFT; + + /* + * If SEV-SNP is enabled the SFS command buffer needs to + * transitioned to HV_Fixed page state. + */ + dev_dbg(sfs_dev->dev, "cmdbuf page pa 0x%llx to be marked as HV_Fixed\n", + cmd_buf_paddr); + + ret =3D snp_insert_hypervisor_fixed_pages_list(cmd_buf_paddr, 512); + if (ret) { + dev_dbg(sfs_dev->dev, "cmdbuf page failed insertion in HV-Fixed page lis= t\n"); + goto cleanup_cmd_buf; + } + + /* + * Buffers used for communication with different processors, x86 to ASP + * in this case must be mapped as non-cacheable. + */ + ret =3D set_memory_uc((unsigned long)page_address(page), 512); + if (ret) { + dev_dbg(sfs_dev->dev, "set memory uc failed\n"); + goto cleanup_cmd_buf_after_hv_fixed; + } + + dev_dbg(sfs_dev->dev, "cmdbuf page va 0x%lx marked as UnCacheable\n", + (unsigned long)sfs_dev->command_hdr); + + psp->sfs_data =3D sfs_dev; + sfs_dev->dev =3D dev; + sfs_dev->psp =3D psp; + + dev_dbg(sfs_dev->dev, "seamless firmware serviving support is available\n= "); + + sfs_dev->char_dev.minor =3D MISC_DYNAMIC_MINOR; + sfs_dev->char_dev.name =3D "sfs"; + sfs_dev->char_dev.fops =3D &sfs_fops; + sfs_dev->char_dev.mode =3D 0600; + ret =3D misc_register(&sfs_dev->char_dev); + if (ret) + goto cleanup_cmd_buf_after_hv_fixed; + + mutex_init(&sfs_dev->ioctl_mutex); + sfs_initialized =3D true; + + return 0; + +cleanup_cmd_buf_after_hv_fixed: + snp_delete_hypervisor_fixed_pages_list(cmd_buf_paddr); +cleanup_cmd_buf: + __free_pages(page, ORDER_2MB); + psp->sfs_data =3D NULL; + devm_kfree(dev, sfs_dev); + + return ret; +} diff --git a/drivers/crypto/ccp/sfs.h b/drivers/crypto/ccp/sfs.h new file mode 100644 index 000000000000..89b7792af076 --- /dev/null +++ b/drivers/crypto/ccp/sfs.h @@ -0,0 +1,53 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * AMD Platform Security Processor (PSP) Seamless Firmware (SFS) Support. + * + * Copyright (C) 2023-2025 Advanced Micro Devices, Inc. + * + * Author: Ashish Kalra + */ + +#ifndef __SFS_H__ +#define __SFS_H__ + +#include + +#include +#include +#include +#include +#include + +#include + +#include "psp-dev.h" + +struct psp_sfs_device { + struct device *dev; + struct psp_device *psp; + + struct sfs_command *command_hdr; + + struct mutex ioctl_mutex; + + struct miscdevice char_dev; + + struct page *page; + + /* used to abstract communication path */ + u32 header_size; + u32 *payload_size; + u32 *result; + void *payload; + void *pkg_hdr; +}; + +struct sfs_command { + struct psp_ext_request ext_req; +}; + +void sfs_dev_destroy(struct psp_device *psp); +int sfs_dev_init(struct psp_device *psp); +void sfs_pci_init(void); + +#endif /* __SFS_H__ */ diff --git a/include/linux/psp-platform-access.h b/include/linux/psp-platfo= rm-access.h index 1504fb012c05..540abf7de048 100644 --- a/include/linux/psp-platform-access.h +++ b/include/linux/psp-platform-access.h @@ -7,6 +7,8 @@ =20 enum psp_platform_access_msg { PSP_CMD_NONE =3D 0x0, + PSP_SFS_GET_FW_VERSIONS, + PSP_SFS_UPDATE, PSP_CMD_HSTI_QUERY =3D 0x14, PSP_I2C_REQ_BUS_CMD =3D 0x64, PSP_DYNAMIC_BOOST_GET_NONCE, diff --git a/include/uapi/linux/psp-sfs.h b/include/uapi/linux/psp-sfs.h new file mode 100644 index 000000000000..e752fa041683 --- /dev/null +++ b/include/uapi/linux/psp-sfs.h @@ -0,0 +1,87 @@ +/* SPDX-License-Identifier: GPL-2.0-only WITH Linux-syscall-note */ +/* + * Userspace interface for AMD Seamless Firmware Servicing (SFS) + * + * Copyright (C) 2023-2025 Advanced Micro Devices, Inc. + * + * Author: Ashish Kalra + */ + +#ifndef __PSP_SFS_USER_H__ +#define __PSP_SFS_USER_H__ + +#include + +/** + * SFS: AMD Seamless Firmware Support (SFS) interface + */ + +#define PAYLOAD_NAME_SIZE 64 +#define TEE_EXT_CMD_BUFFER_SIZE 4096 + +/** + * struct sfs_user_get_fw_versions - get current level of base firmware (o= utput). + * @blob: current level of base firmware for ASP and patc= h levels (input/output). + * @sfs_status: 32-bit SFS status value (output). + * @sfs_extended_status: 32-bit SFS extended status value (output). + */ +struct sfs_user_get_fw_versions { + __u8 blob[TEE_EXT_CMD_BUFFER_SIZE]; + __u32 sfs_status; + __u32 sfs_extended_status; +} __packed; + +/** + * struct sfs_user_update_package - update SFS package (input). + * @payload_name: name of SFS package to load, verify and execute= (input). + * @sfs_status: 32-bit SFS status value (output). + * @sfs_extended_status: 32-bit SFS extended status value (output). + */ +struct sfs_user_update_package { + char payload_name[PAYLOAD_NAME_SIZE]; + __u32 sfs_status; + __u32 sfs_extended_status; +} __packed; + +/** + * Seamless Firmware Support (SFS) IOC + * + * possible return codes for all SFS IOCTLs: + * 0: success + * -EINVAL: invalid input + * -E2BIG: excess data passed + * -EFAULT: failed to copy to/from userspace + * -EBUSY: mailbox in recovery or in use + * -ENODEV: driver not bound with PSP device + * -EACCES: request isn't authorized + * -EINVAL: invalid parameter + * -ETIMEDOUT: request timed out + * -EAGAIN: invalid request for state machine + * -ENOENT: not implemented + * -ENFILE: overflow + * -EPERM: invalid signature + * -EIO: unknown error + */ +#define SFS_IOC_TYPE 'S' + +/** + * SFSIOCFWVERS - returns blob containing FW versions + * ASP provides the current level of Base Firmware for the = ASP + * and the other microprocessors as well as current patch + * level(s). + */ +#define SFSIOCFWVERS _IOWR(SFS_IOC_TYPE, 0x1, struct sfs_user_get_fw_versi= ons) + +/** + * SFSIOCUPDATEPKG - updates package/payload + * ASP loads, verifies and executes the SFS package. + * By default, the SFS package/payload is loaded from + * /lib/firmware/amd, but alternative firmware loading + * path can be specified using kernel parameter + * firmware_class.path or the firmware loading path + * can be customized using sysfs file: + * /sys/module/firmware_class/parameters/path. + */ +#define SFSIOCUPDATEPKG _IOWR(SFS_IOC_TYPE, 0x2, struct sfs_user_update_pa= ckage) + +#endif /* __PSP_SFS_USER_H__ */ --=20 2.34.1