This source file includes following definitions.
- tboot_probe
- switch_to_tboot_pt
- map_tboot_page
- map_tboot_pages
- tboot_create_trampoline
- add_mac_region
- tboot_setup_sleep
- tboot_setup_sleep
- tboot_shutdown
- tboot_copy_fadt
- tboot_sleep
- tboot_extended_sleep
- tboot_wait_for_aps
- tboot_dying_cpu
- tboot_log_read
- tboot_late_init
- tboot_get_dmar_table
- tboot_force_iommu
1
2
3
4
5
6
7
8
9 #include <linux/intel-iommu.h>
10 #include <linux/init_task.h>
11 #include <linux/spinlock.h>
12 #include <linux/export.h>
13 #include <linux/delay.h>
14 #include <linux/sched.h>
15 #include <linux/init.h>
16 #include <linux/dmar.h>
17 #include <linux/cpu.h>
18 #include <linux/pfn.h>
19 #include <linux/mm.h>
20 #include <linux/tboot.h>
21 #include <linux/debugfs.h>
22
23 #include <asm/realmode.h>
24 #include <asm/processor.h>
25 #include <asm/bootparam.h>
26 #include <asm/pgtable.h>
27 #include <asm/pgalloc.h>
28 #include <asm/swiotlb.h>
29 #include <asm/fixmap.h>
30 #include <asm/proto.h>
31 #include <asm/setup.h>
32 #include <asm/e820/api.h>
33 #include <asm/io.h>
34
35 #include "../realmode/rm/wakeup.h"
36
37
38 struct tboot *tboot __read_mostly;
39 EXPORT_SYMBOL(tboot);
40
41
42 #define AP_WAIT_TIMEOUT 1
43
44 #undef pr_fmt
45 #define pr_fmt(fmt) "tboot: " fmt
46
47 static u8 tboot_uuid[16] __initdata = TBOOT_UUID;
48
49 void __init tboot_probe(void)
50 {
51
52 if (!boot_params.tboot_addr)
53 return;
54
55
56
57
58 if (!e820__mapped_any(boot_params.tboot_addr,
59 boot_params.tboot_addr, E820_TYPE_RESERVED)) {
60 pr_warning("non-0 tboot_addr but it is not of type E820_TYPE_RESERVED\n");
61 return;
62 }
63
64
65 set_fixmap(FIX_TBOOT_BASE, boot_params.tboot_addr);
66 tboot = (struct tboot *)fix_to_virt(FIX_TBOOT_BASE);
67 if (memcmp(&tboot_uuid, &tboot->uuid, sizeof(tboot->uuid))) {
68 pr_warning("tboot at 0x%llx is invalid\n",
69 boot_params.tboot_addr);
70 tboot = NULL;
71 return;
72 }
73 if (tboot->version < 5) {
74 pr_warning("tboot version is invalid: %u\n", tboot->version);
75 tboot = NULL;
76 return;
77 }
78
79 pr_info("found shared page at phys addr 0x%llx:\n",
80 boot_params.tboot_addr);
81 pr_debug("version: %d\n", tboot->version);
82 pr_debug("log_addr: 0x%08x\n", tboot->log_addr);
83 pr_debug("shutdown_entry: 0x%x\n", tboot->shutdown_entry);
84 pr_debug("tboot_base: 0x%08x\n", tboot->tboot_base);
85 pr_debug("tboot_size: 0x%x\n", tboot->tboot_size);
86 }
87
88 static pgd_t *tboot_pg_dir;
89 static struct mm_struct tboot_mm = {
90 .mm_rb = RB_ROOT,
91 .pgd = swapper_pg_dir,
92 .mm_users = ATOMIC_INIT(2),
93 .mm_count = ATOMIC_INIT(1),
94 .mmap_sem = __RWSEM_INITIALIZER(init_mm.mmap_sem),
95 .page_table_lock = __SPIN_LOCK_UNLOCKED(init_mm.page_table_lock),
96 .mmlist = LIST_HEAD_INIT(init_mm.mmlist),
97 };
98
99 static inline void switch_to_tboot_pt(void)
100 {
101 write_cr3(virt_to_phys(tboot_pg_dir));
102 }
103
104 static int map_tboot_page(unsigned long vaddr, unsigned long pfn,
105 pgprot_t prot)
106 {
107 pgd_t *pgd;
108 p4d_t *p4d;
109 pud_t *pud;
110 pmd_t *pmd;
111 pte_t *pte;
112
113 pgd = pgd_offset(&tboot_mm, vaddr);
114 p4d = p4d_alloc(&tboot_mm, pgd, vaddr);
115 if (!p4d)
116 return -1;
117 pud = pud_alloc(&tboot_mm, p4d, vaddr);
118 if (!pud)
119 return -1;
120 pmd = pmd_alloc(&tboot_mm, pud, vaddr);
121 if (!pmd)
122 return -1;
123 pte = pte_alloc_map(&tboot_mm, pmd, vaddr);
124 if (!pte)
125 return -1;
126 set_pte_at(&tboot_mm, vaddr, pte, pfn_pte(pfn, prot));
127 pte_unmap(pte);
128
129
130
131
132
133
134
135
136
137 pgd->pgd &= ~_PAGE_NX;
138
139 return 0;
140 }
141
142 static int map_tboot_pages(unsigned long vaddr, unsigned long start_pfn,
143 unsigned long nr)
144 {
145
146 tboot_pg_dir = pgd_alloc(&tboot_mm);
147 if (!tboot_pg_dir)
148 return -1;
149
150 for (; nr > 0; nr--, vaddr += PAGE_SIZE, start_pfn++) {
151 if (map_tboot_page(vaddr, start_pfn, PAGE_KERNEL_EXEC))
152 return -1;
153 }
154
155 return 0;
156 }
157
158 static void tboot_create_trampoline(void)
159 {
160 u32 map_base, map_size;
161
162
163 map_base = PFN_DOWN(tboot->tboot_base);
164 map_size = PFN_UP(tboot->tboot_size);
165 if (map_tboot_pages(map_base << PAGE_SHIFT, map_base, map_size))
166 panic("tboot: Error mapping tboot pages (mfns) @ 0x%x, 0x%x\n",
167 map_base, map_size);
168 }
169
170 #ifdef CONFIG_ACPI_SLEEP
171
172 static void add_mac_region(phys_addr_t start, unsigned long size)
173 {
174 struct tboot_mac_region *mr;
175 phys_addr_t end = start + size;
176
177 if (tboot->num_mac_regions >= MAX_TB_MAC_REGIONS)
178 panic("tboot: Too many MAC regions\n");
179
180 if (start && size) {
181 mr = &tboot->mac_regions[tboot->num_mac_regions++];
182 mr->start = round_down(start, PAGE_SIZE);
183 mr->size = round_up(end, PAGE_SIZE) - mr->start;
184 }
185 }
186
187 static int tboot_setup_sleep(void)
188 {
189 int i;
190
191 tboot->num_mac_regions = 0;
192
193 for (i = 0; i < e820_table->nr_entries; i++) {
194 if ((e820_table->entries[i].type != E820_TYPE_RAM)
195 && (e820_table->entries[i].type != E820_TYPE_RESERVED_KERN))
196 continue;
197
198 add_mac_region(e820_table->entries[i].addr, e820_table->entries[i].size);
199 }
200
201 tboot->acpi_sinfo.kernel_s3_resume_vector =
202 real_mode_header->wakeup_start;
203
204 return 0;
205 }
206
207 #else
208
209 static int tboot_setup_sleep(void)
210 {
211
212 BUG();
213 return -1;
214 }
215
216 #endif
217
218 void tboot_shutdown(u32 shutdown_type)
219 {
220 void (*shutdown)(void);
221
222 if (!tboot_enabled())
223 return;
224
225
226
227
228
229
230 if (!tboot_pg_dir)
231 return;
232
233
234 if (shutdown_type == TB_SHUTDOWN_S3)
235 if (tboot_setup_sleep())
236 return;
237
238 tboot->shutdown_type = shutdown_type;
239
240 switch_to_tboot_pt();
241
242 shutdown = (void(*)(void))(unsigned long)tboot->shutdown_entry;
243 shutdown();
244
245
246 while (1)
247 halt();
248 }
249
250 static void tboot_copy_fadt(const struct acpi_table_fadt *fadt)
251 {
252 #define TB_COPY_GAS(tbg, g) \
253 tbg.space_id = g.space_id; \
254 tbg.bit_width = g.bit_width; \
255 tbg.bit_offset = g.bit_offset; \
256 tbg.access_width = g.access_width; \
257 tbg.address = g.address;
258
259 TB_COPY_GAS(tboot->acpi_sinfo.pm1a_cnt_blk, fadt->xpm1a_control_block);
260 TB_COPY_GAS(tboot->acpi_sinfo.pm1b_cnt_blk, fadt->xpm1b_control_block);
261 TB_COPY_GAS(tboot->acpi_sinfo.pm1a_evt_blk, fadt->xpm1a_event_block);
262 TB_COPY_GAS(tboot->acpi_sinfo.pm1b_evt_blk, fadt->xpm1b_event_block);
263
264
265
266
267
268
269 tboot->acpi_sinfo.wakeup_vector = fadt->facs +
270 offsetof(struct acpi_table_facs, firmware_waking_vector);
271 }
272
273 static int tboot_sleep(u8 sleep_state, u32 pm1a_control, u32 pm1b_control)
274 {
275 static u32 acpi_shutdown_map[ACPI_S_STATE_COUNT] = {
276 -1, -1, -1,
277 TB_SHUTDOWN_S3,
278 TB_SHUTDOWN_S4,
279 TB_SHUTDOWN_S5 };
280
281 if (!tboot_enabled())
282 return 0;
283
284 tboot_copy_fadt(&acpi_gbl_FADT);
285 tboot->acpi_sinfo.pm1a_cnt_val = pm1a_control;
286 tboot->acpi_sinfo.pm1b_cnt_val = pm1b_control;
287
288 tboot->acpi_sinfo.vector_width = 32;
289
290 if (sleep_state >= ACPI_S_STATE_COUNT ||
291 acpi_shutdown_map[sleep_state] == -1) {
292 pr_warning("unsupported sleep state 0x%x\n", sleep_state);
293 return -1;
294 }
295
296 tboot_shutdown(acpi_shutdown_map[sleep_state]);
297 return 0;
298 }
299
300 static int tboot_extended_sleep(u8 sleep_state, u32 val_a, u32 val_b)
301 {
302 if (!tboot_enabled())
303 return 0;
304
305 pr_warning("tboot is not able to suspend on platforms with reduced hardware sleep (ACPIv5)");
306 return -ENODEV;
307 }
308
309 static atomic_t ap_wfs_count;
310
311 static int tboot_wait_for_aps(int num_aps)
312 {
313 unsigned long timeout;
314
315 timeout = AP_WAIT_TIMEOUT*HZ;
316 while (atomic_read((atomic_t *)&tboot->num_in_wfs) != num_aps &&
317 timeout) {
318 mdelay(1);
319 timeout--;
320 }
321
322 if (timeout)
323 pr_warning("tboot wait for APs timeout\n");
324
325 return !(atomic_read((atomic_t *)&tboot->num_in_wfs) == num_aps);
326 }
327
328 static int tboot_dying_cpu(unsigned int cpu)
329 {
330 atomic_inc(&ap_wfs_count);
331 if (num_online_cpus() == 1) {
332 if (tboot_wait_for_aps(atomic_read(&ap_wfs_count)))
333 return -EBUSY;
334 }
335 return 0;
336 }
337
338 #ifdef CONFIG_DEBUG_FS
339
340 #define TBOOT_LOG_UUID { 0x26, 0x25, 0x19, 0xc0, 0x30, 0x6b, 0xb4, 0x4d, \
341 0x4c, 0x84, 0xa3, 0xe9, 0x53, 0xb8, 0x81, 0x74 }
342
343 #define TBOOT_SERIAL_LOG_ADDR 0x60000
344 #define TBOOT_SERIAL_LOG_SIZE 0x08000
345 #define LOG_MAX_SIZE_OFF 16
346 #define LOG_BUF_OFF 24
347
348 static uint8_t tboot_log_uuid[16] = TBOOT_LOG_UUID;
349
350 static ssize_t tboot_log_read(struct file *file, char __user *user_buf, size_t count, loff_t *ppos)
351 {
352 void __iomem *log_base;
353 u8 log_uuid[16];
354 u32 max_size;
355 void *kbuf;
356 int ret = -EFAULT;
357
358 log_base = ioremap_nocache(TBOOT_SERIAL_LOG_ADDR, TBOOT_SERIAL_LOG_SIZE);
359 if (!log_base)
360 return ret;
361
362 memcpy_fromio(log_uuid, log_base, sizeof(log_uuid));
363 if (memcmp(&tboot_log_uuid, log_uuid, sizeof(log_uuid)))
364 goto err_iounmap;
365
366 max_size = readl(log_base + LOG_MAX_SIZE_OFF);
367 if (*ppos >= max_size) {
368 ret = 0;
369 goto err_iounmap;
370 }
371
372 if (*ppos + count > max_size)
373 count = max_size - *ppos;
374
375 kbuf = kmalloc(count, GFP_KERNEL);
376 if (!kbuf) {
377 ret = -ENOMEM;
378 goto err_iounmap;
379 }
380
381 memcpy_fromio(kbuf, log_base + LOG_BUF_OFF + *ppos, count);
382 if (copy_to_user(user_buf, kbuf, count))
383 goto err_kfree;
384
385 *ppos += count;
386
387 ret = count;
388
389 err_kfree:
390 kfree(kbuf);
391
392 err_iounmap:
393 iounmap(log_base);
394
395 return ret;
396 }
397
398 static const struct file_operations tboot_log_fops = {
399 .read = tboot_log_read,
400 .llseek = default_llseek,
401 };
402
403 #endif
404
405 static __init int tboot_late_init(void)
406 {
407 if (!tboot_enabled())
408 return 0;
409
410 tboot_create_trampoline();
411
412 atomic_set(&ap_wfs_count, 0);
413 cpuhp_setup_state(CPUHP_AP_X86_TBOOT_DYING, "x86/tboot:dying", NULL,
414 tboot_dying_cpu);
415 #ifdef CONFIG_DEBUG_FS
416 debugfs_create_file("tboot_log", S_IRUSR,
417 arch_debugfs_dir, NULL, &tboot_log_fops);
418 #endif
419
420 acpi_os_set_prepare_sleep(&tboot_sleep);
421 acpi_os_set_prepare_extended_sleep(&tboot_extended_sleep);
422 return 0;
423 }
424
425 late_initcall(tboot_late_init);
426
427
428
429
430
431 #define TXT_PUB_CONFIG_REGS_BASE 0xfed30000
432 #define TXT_PRIV_CONFIG_REGS_BASE 0xfed20000
433
434
435 #define NR_TXT_CONFIG_PAGES ((TXT_PUB_CONFIG_REGS_BASE - \
436 TXT_PRIV_CONFIG_REGS_BASE) >> PAGE_SHIFT)
437
438
439 #define TXTCR_HEAP_BASE 0x0300
440 #define TXTCR_HEAP_SIZE 0x0308
441
442 #define SHA1_SIZE 20
443
444 struct sha1_hash {
445 u8 hash[SHA1_SIZE];
446 };
447
448 struct sinit_mle_data {
449 u32 version;
450 struct sha1_hash bios_acm_id;
451 u32 edx_senter_flags;
452 u64 mseg_valid;
453 struct sha1_hash sinit_hash;
454 struct sha1_hash mle_hash;
455 struct sha1_hash stm_hash;
456 struct sha1_hash lcp_policy_hash;
457 u32 lcp_policy_control;
458 u32 rlp_wakeup_addr;
459 u32 reserved;
460 u32 num_mdrs;
461 u32 mdrs_off;
462 u32 num_vtd_dmars;
463 u32 vtd_dmars_off;
464 } __packed;
465
466 struct acpi_table_header *tboot_get_dmar_table(struct acpi_table_header *dmar_tbl)
467 {
468 void *heap_base, *heap_ptr, *config;
469
470 if (!tboot_enabled())
471 return dmar_tbl;
472
473
474
475
476
477
478
479 config = ioremap(TXT_PUB_CONFIG_REGS_BASE, NR_TXT_CONFIG_PAGES *
480 PAGE_SIZE);
481 if (!config)
482 return NULL;
483
484
485 heap_base = ioremap(*(u64 *)(config + TXTCR_HEAP_BASE),
486 *(u64 *)(config + TXTCR_HEAP_SIZE));
487 iounmap(config);
488 if (!heap_base)
489 return NULL;
490
491
492
493 heap_ptr = heap_base + *(u64 *)heap_base;
494
495 heap_ptr += *(u64 *)heap_ptr;
496
497 heap_ptr += *(u64 *)heap_ptr;
498
499 heap_ptr += sizeof(u64);
500
501 dmar_tbl = (struct acpi_table_header *)(heap_ptr +
502 ((struct sinit_mle_data *)heap_ptr)->vtd_dmars_off -
503 sizeof(u64));
504
505
506
507 return dmar_tbl;
508 }
509
510 int tboot_force_iommu(void)
511 {
512 if (!tboot_enabled())
513 return 0;
514
515 if (intel_iommu_tboot_noforce)
516 return 1;
517
518 if (no_iommu || swiotlb || dmar_disabled)
519 pr_warning("Forcing Intel-IOMMU to enabled\n");
520
521 dmar_disabled = 0;
522 #ifdef CONFIG_SWIOTLB
523 swiotlb = 0;
524 #endif
525 no_iommu = 0;
526
527 return 1;
528 }