platform/x86/amd/pmf: Update PMF Driver for Compatibility with new PMF-TA

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

The PMF driver allocates a shared memory buffer using
tee_shm_alloc_kernel_buf() for communication with the PMF-TA.

The latest PMF-TA version introduces new structures with OEM debug
information and additional policy input conditions for evaluating the
policy binary. Consequently, the shared memory size must be increased to
ensure compatibility between the PMF driver and the updated PMF-TA.

To do so, introduce the new PMF-TA UUID and update the PMF shared memory
configuration to ensure compatibility with the latest PMF-TA version.
Additionally, export the TA UUID.

These updates will result in modifications to the prototypes of
amd_pmf_tee_init() and amd_pmf_ta_open_session().

Link: https://lore.kernel.org/all/55ac865f-b1c7-fa81-51c4-d211c7963e7e@linux.intel.com/
Reviewed-by: Mario Limonciello <mario.limonciello@amd.com>
Co-developed-by: Patil Rajesh Reddy <Patil.Reddy@amd.com>
Signed-off-by: Patil Rajesh Reddy <Patil.Reddy@amd.com>
Signed-off-by: Shyam Sundar S K <Shyam-sundar.S-k@amd.com>
Link: https://lore.kernel.org/r/20250305045842.4117767-2-Shyam-sundar.S-k@amd.com
Reviewed-by: Ilpo Järvinen <ilpo.jarvinen@linux.intel.com>
Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@linux.intel.com>

authored by

Shyam Sundar S K and committed by

Ilpo Järvinen 1 year ago 376a8c2a 9ba93cb8

+40 -15

2 changed files

expand all

drivers

platform

x86

amd

pmf

pmf.h

tee-if.c

+4 -1

drivers/platform/x86/amd/pmf/pmf.h

··· 106 106 #define PMF_TA_IF_VERSION_MAJOR 1 107 107 #define TA_PMF_ACTION_MAX 32 108 108 #define TA_PMF_UNDO_MAX 8 109 - #define TA_OUTPUT_RESERVED_MEM 906 109 + #define TA_OUTPUT_RESERVED_MEM 922 110 110 #define MAX_OPERATION_PARAMS 4 111 + 112 + #define TA_ERROR_CRYPTO_INVALID_PARAM 0x20002 113 + #define TA_ERROR_CRYPTO_BIN_TOO_LARGE 0x2000d 111 114 112 115 #define PMF_IF_V1 1 113 116 #define PMF_IF_V2 2

+36 -14

drivers/platform/x86/amd/pmf/tee-if.c

··· 27 27 MODULE_PARM_DESC(pb_side_load, "Sideload policy binaries debug policy failures"); 28 28 #endif 29 29 30 - static const uuid_t amd_pmf_ta_uuid = UUID_INIT(0x6fd93b77, 0x3fb8, 0x524d, 31 - 0xb1, 0x2d, 0xc5, 0x29, 0xb1, 0x3d, 0x85, 0x43); 30 + static const uuid_t amd_pmf_ta_uuid[] = { UUID_INIT(0xd9b39bf2, 0x66bd, 0x4154, 0xaf, 0xb8, 0x8a, 31 + 0xcc, 0x2b, 0x2b, 0x60, 0xd6), 32 + UUID_INIT(0x6fd93b77, 0x3fb8, 0x524d, 0xb1, 0x2d, 0xc5, 33 + 0x29, 0xb1, 0x3d, 0x85, 0x43), 34 + }; 32 35 33 36 static const char *amd_pmf_uevent_as_str(unsigned int state) 34 37 { ··· 324 321 */ 325 322 schedule_delayed_work(&dev->pb_work, msecs_to_jiffies(pb_actions_ms * 3)); 326 323 } else { 327 - dev_err(dev->dev, "ta invoke cmd init failed err: %x\n", res); 324 + dev_dbg(dev->dev, "ta invoke cmd init failed err: %x\n", res); 328 325 dev->smart_pc_enabled = false; 329 326 return res; 330 327 } ··· 393 390 return ver->impl_id == TEE_IMPL_ID_AMDTEE; 394 391 } 395 392 396 - static int amd_pmf_ta_open_session(struct tee_context *ctx, u32 *id) 393 + static int amd_pmf_ta_open_session(struct tee_context *ctx, u32 *id, const uuid_t *uuid) 397 394 { 398 395 struct tee_ioctl_open_session_arg sess_arg = {}; 399 396 int rc; 400 397 401 - export_uuid(sess_arg.uuid, &amd_pmf_ta_uuid); 398 + export_uuid(sess_arg.uuid, uuid); 402 399 sess_arg.clnt_login = TEE_IOCTL_LOGIN_PUBLIC; 403 400 sess_arg.num_params = 0; 404 401 ··· 437 434 return 0; 438 435 } 439 436 440 - static int amd_pmf_tee_init(struct amd_pmf_dev *dev) 437 + static int amd_pmf_tee_init(struct amd_pmf_dev *dev, const uuid_t *uuid) 441 438 { 442 439 u32 size; 443 440 int ret; ··· 448 445 return PTR_ERR(dev->tee_ctx); 449 446 } 450 447 451 - ret = amd_pmf_ta_open_session(dev->tee_ctx, &dev->session_id); 448 + ret = amd_pmf_ta_open_session(dev->tee_ctx, &dev->session_id, uuid); 452 449 if (ret) { 453 450 dev_err(dev->dev, "Failed to open TA session (%d)\n", ret); 454 451 ret = -EINVAL; ··· 492 489 493 490 int amd_pmf_init_smart_pc(struct amd_pmf_dev *dev) 494 491 { 495 - int ret; 492 + bool status; 493 + int ret, i; 496 494 497 495 ret = apmf_check_smart_pc(dev); 498 496 if (ret) { ··· 505 501 dev_info(dev->dev, "PMF Smart PC not advertised in BIOS!:%d\n", ret); 506 502 return -ENODEV; 507 503 } 508 - 509 - ret = amd_pmf_tee_init(dev); 510 - if (ret) 511 - return ret; 512 504 513 505 INIT_DELAYED_WORK(&dev->pb_work, amd_pmf_invoke_cmd); 514 506 ··· 534 534 goto error; 535 535 } 536 536 537 - ret = amd_pmf_start_policy_engine(dev); 538 - if (ret) 537 + for (i = 0; i < ARRAY_SIZE(amd_pmf_ta_uuid); i++) { 538 + ret = amd_pmf_tee_init(dev, &amd_pmf_ta_uuid[i]); 539 + if (ret) 540 + return ret; 541 + 542 + ret = amd_pmf_start_policy_engine(dev); 543 + switch (ret) { 544 + case TA_PMF_TYPE_SUCCESS: 545 + status = true; 546 + break; 547 + case TA_ERROR_CRYPTO_INVALID_PARAM: 548 + case TA_ERROR_CRYPTO_BIN_TOO_LARGE: 549 + amd_pmf_tee_deinit(dev); 550 + status = false; 551 + break; 552 + default: 553 + goto error; 554 + } 555 + 556 + if (status) 557 + break; 558 + } 559 + 560 + if (!status && !pb_side_load) 539 561 goto error; 540 562 541 563 if (pb_side_load)