From patchwork Fri Sep 20 13:58:16 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ryan Grimm X-Patchwork-Id: 1165211 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [203.11.71.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 46Zb1Z2ScJz9s00 for ; Fri, 20 Sep 2019 23:59:30 +1000 (AEST) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=linux.ibm.com Received: from bilbo.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 46Zb1Z1M7hzF320 for ; Fri, 20 Sep 2019 23:59:30 +1000 (AEST) X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=linux.ibm.com (client-ip=148.163.158.5; helo=mx0a-001b2d01.pphosted.com; envelope-from=grimm@linux.ibm.com; receiver=) Authentication-Results: lists.ozlabs.org; dmarc=none (p=none dis=none) header.from=linux.ibm.com Received: from mx0a-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 46Zb1M2P98zF33J for ; Fri, 20 Sep 2019 23:59:19 +1000 (AEST) Received: from pps.filterd (m0098413.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x8KDqS4R021730 for ; Fri, 20 Sep 2019 09:59:16 -0400 Received: from ppma01dal.us.ibm.com (83.d6.3fa9.ip4.static.sl-reverse.com [169.63.214.131]) by mx0b-001b2d01.pphosted.com with ESMTP id 2v4yja1pce-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 20 Sep 2019 09:59:16 -0400 Received: from pps.filterd (ppma01dal.us.ibm.com [127.0.0.1]) by ppma01dal.us.ibm.com (8.16.0.27/8.16.0.27) with SMTP id x8KDpJJ0009676 for ; Fri, 20 Sep 2019 13:59:15 GMT Received: from b03cxnp08027.gho.boulder.ibm.com (b03cxnp08027.gho.boulder.ibm.com [9.17.130.19]) by ppma01dal.us.ibm.com with ESMTP id 2v3vbu9x9b-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 20 Sep 2019 13:59:15 +0000 Received: from b03ledav002.gho.boulder.ibm.com (b03ledav002.gho.boulder.ibm.com [9.17.130.233]) by b03cxnp08027.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id x8KDxB1G51052876 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 20 Sep 2019 13:59:11 GMT Received: from b03ledav002.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 8441E136060; Fri, 20 Sep 2019 13:59:11 +0000 (GMT) Received: from b03ledav002.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 710B0136055; Fri, 20 Sep 2019 13:59:10 +0000 (GMT) Received: from alain.ibm.com (unknown [9.85.201.128]) by b03ledav002.gho.boulder.ibm.com (Postfix) with ESMTP; Fri, 20 Sep 2019 13:59:10 +0000 (GMT) From: Ryan Grimm To: skiboot@lists.ozlabs.org Date: Fri, 20 Sep 2019 09:58:16 -0400 Message-Id: <20190920135823.471-2-grimm@linux.ibm.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190920135823.471-1-grimm@linux.ibm.com> References: <20190920135823.471-1-grimm@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-09-20_05:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1908290000 definitions=main-1909200135 Subject: [Skiboot] [RFC PATCH v2 1/8] doc/opal-uv-api.rst X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: janani@us.ibm.com, suka@us.ibm.com, Ryan Grimm Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" Signed-off-by: Ryan Grimm --- doc/opal-uv-api.rst | 372 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 372 insertions(+) create mode 100644 doc/opal-uv-api.rst diff --git a/doc/opal-uv-api.rst b/doc/opal-uv-api.rst new file mode 100644 index 00000000..d7151ca6 --- /dev/null +++ b/doc/opal-uv-api.rst @@ -0,0 +1,372 @@ +.. SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +================= +OPAL UV API (RFC) +================= + +.. contents:: + :depth: 3 + +.. sectnum:: + :depth: 3 + +This document describes the function calling interface between OPAL +and the Ultravisor. + +Protected Execution Facility +############################ + +Protected Execution Facility (PEF) is an architectural change for +POWER 9 that enables Secure Virtual Machines (SVMs). When enabled, +PEF adds a new higher privileged mode, called Ultravisor mode, to +POWER architecture. Along with the new mode there is new firmware +called the Protected Execution Ultravisor (or Ultravisor for short). +Ultravisor mode is the highest privileged mode in POWER architecture. + ++------------------+ +| Privilege States | ++==================+ +| Problem | ++------------------+ +| Supervisor | ++------------------+ +| Hypervisor | ++------------------+ +| Ultravisor | ++------------------+ + +PEF protects SVMs from the hypervisor, privileged users, and other +VMs in the system. SVMs are protected while at rest and can only be +executed by an authorized machine. All virtual machines utilize +hypervisor services. The Ultravisor filters calls between the SVMs +and the hypervisor to assure that information does not accidentally +leak. All hypercalls except H_RANDOM are reflected to the hypervisor. +H_RANDOM is not reflected to prevent the hypervisor from influencing +random values in the SVM. + +To support this there is a refactoring of the ownership of resources +in the CPU. Some of the resources which were previously hypervisor +privileged are now ultravisor privileged. + +Hardware +======== + +The hardware changes include the following: + +* There is a new bit in the MSR that determines whether the current + process is running in secure mode, MSR(S) bit 41. MSR(S)=1, process + is in secure mode, MSR(s)=0 process is in normal mode. + +* The MSR(S) bit can only be set by the Ultravisor. + +* HRFID cannot be used to set the MSR(S) bit. If the hypervisor needs + to return to a SVM it must use an ultracall. It can determine if + the VM it is returning to is secure. + +* There is a new Ultravisor privileged register, SMFCTRL, which has an + enable/disable bit SMFCTRL(E). + +* The privilege of a process is now determined by three MSR bits, + MSR(S, HV, PR). In each of the tables below the modes are listed + from least privilege to highest privilege. The higher privilege + modes can access all the resources of the lower privilege modes. + +**Secure Mode MSR Settings** + ++---+---+---+---------------+ +| S | HV| PR|Privilege | ++===+===+===+===============+ +| 1 | 0 | 1 | Problem | ++---+---+---+---------------+ +| 1 | 0 | 0 | Privileged(OS)| ++---+---+---+---------------+ +| 1 | 1 | 0 | Ultravisor | ++---+---+---+---------------+ +| 1 | 1 | 1 | Reserved | ++---+---+---+---------------+ + +**Normal Mode MSR Settings** + ++---+---+---+---------------+ +| S | HV| PR|Privilege | ++===+===+===+===============+ +| 0 | 0 | 1 | Problem | ++---+---+---+---------------+ +| 0 | 0 | 0 | Privileged(OS)| ++---+---+---+---------------+ +| 0 | 1 | 0 | Hypervisor | ++---+---+---+---------------+ +| 0 | 1 | 1 | Problem (HV) | ++---+---+---+---------------+ + +* Memory is partitioned into secure and normal memory. Only processes + that are running in secure mode can access secure memory. + +* The hardware does not allow anything that is not running secure to + access secure memory. This means that the Hypervisor cannot access + the memory of the SVM without using an ultracall (asking the + Ultravisor). The Ultravisor will only allow the hypervisor to see + the SVM memory encrypted. + +* I/O systems are not allowed to directly address secure memory. This + limits the SVMs to virtual I/O only. + +* The architecture allows the SVM to share pages of memory with the + hypervisor that are not protected with encryption. However, this + sharing must be initiated by the SVM. + +* When a process is running in secure mode all hypercalls + (syscall lev=1) are reflected to the Ultravisor. + +* When a process is in secure mode all interrupts go to the + Ultravisor. + +* The following resources have become Ultravisor privileged and + require an Ultravisor interface to manipulate: + + * Processor configurations registers (SCOMs). + + * Stop state information. + + * The debug registers CIABR, DAWR, and DAWRX become Ultravisor + resources when SMFCTRL(D) is set. If SMFCTRL(D) is not set they do + not work in secure mode. When set, reading and writing requires + an Ultravisor call, otherwise that will cause a Hypervisor Emulation + Assistance interrupt. + + * PTCR and partition table entries (partition table is in secure + memory). An attempt to write to PTCR will cause a Hypervisor + Emulation Assitance interrupt. + + * LDBAR (LD Base Address Register) and IMC (In-Memory Collection) + non-architected registers. An attempt to write to them will cause a + Hypervisor Emulation Assistance interrupt. + + * Paging for an SVM, sharing of memory with Hypervisor for an SVM. + (Including Virtual Processor Area (VPA) and virtual I/O). + +Software/Microcode +================== + +The software changes include: + +* When the UV_ESM ultracall is made the Ultravisor copies the VM into + secure memory, decrypts the verification information, and checks the + integrity of the SVM. If the integrity check passes the Ultravisor + passes control in secure mode. + +The Ultravisor offers new services to the hypervisor and SVMs. These +are accessed through ultracalls. + +Terminology +=========== + +* Hypercalls: special system calls used to request services from + Hypervisor. + +* Normal memory: Memory that is accessible to Hypervisor. + +* Normal page: Page backed by normal memory and available to + Hypervisor. + +* Secure memory: Memory that is accessible only to Ultravisor and + SVMs. + +* Secure page: Page backed by secure memory and only available to + Ultravisor and SVM. + +* SVM: Secure Virtual Machine. + +* Ultracalls: special system calls used to request services from + Ultravisor. + +Ultravisor Initialization +######################### + +Loading The Ultravisor +====================== + +Skiboot uses secure and trusted boot to load and verify the compressed UV image +from the PNOR into regular memory. It unpacks the UV into regular memory in +the function ``init_uv``. + +``init_uv`` finds the UV node in the device tree via the "ibm,ultravisor" +compatible property. For example: + +.. code-block:: dts + + ibm,ultravisor { + compatible = "ibm,ultravisor"; + ibm,uv-firmware { + compatible = "ibm,uv-firmware"; + #address-cells = <0x2>; + #size-cells = <0x2>; + secure-memory-ranges = < 0x1003c 0x00000000 0x4 0x00000000 + 0x1203c 0x00000000 0x4 0x00000000 >; + reg = < 0x0 0xc0000000 >; + }; + }; + +In the case of Mambo or BML, skiboot does not load the UV from the PNOR, so the +proprety reg must be provided so skiboot knows where to copy the UV image from, +like the example above. + +Otherwise, on Hostboot, skiboot creates the reg property which it uses to start +the UV. + +``init_uv`` parses secure memory ranges and copies the UV into the start of the +first available secure range. + +Starting The Ultravisor +======================= + +Skiboot starts the UV in ``main_cpu_entry`` before the kernel is loaded and booted. +Skiboot creates a job on all threads and sends them to ``start_uv`` in asm/head.S. +This function's prototype is: + +.. code-block:: c + + /** + * @brief Start UV. + * + * @param uv_load_addr Load address of ultravisor. + * @param uv_opal Pointer to uv_opal strucutre. + * + * @return 0 on success, else a negative error code on failure. + */ + u64 start_uv(u64 uv_load_addr, struct uv_opal *uv_opal); + +The opal ultravisor api, defined in ``struct uv_opal``, allows passing configuration +information to the UV and obtaining a return code from the ultravisor post +initialization. It is defined as: + +.. code-block:: c + + struct uv_opal { + __be32 magic; /**< 'OPUV' 0x4F505556 OPUV_MAGIC */ + __be32 version; /**< uv_opal struct version */ + __be32 uv_ret_code; /**< 0 - Success, <0> : error. */ + __be32 uv_api_ver; /**< Current uv api version. */ + __be64 uv_base_addr; /**< Base address of UV in secure memory. */ + __be64 sys_fdt; /**< System FDT. */ + __be64 uv_fdt; /**< UV FDT in secure memory. */ + __be64 uv_mem; /**< struct memcons */ + }; + +The ``uv_fdt`` is constructed in secure memory. It is allocated after the +ultravisor image at ``uv_base_addr + UV_LOAD_MAX_SIZE``. This allows the +ultravisor to load at start of the first secure memory range and recover the +memory allocated to ``uv_fdt``. + +.. code-block:: dts + + ibm,uv-fdt { + compatible = "ibm,uv-fdt"; + wrapping-key-password = "gUMShz6l2x4O9IeHrvBSuBR0FYANZTYK"; + }; + +The UV parses ``sys_fdt``, creates internal structures, and threads return in +hypervisor privilege mode and 0 in ``uv_ret_code``. + +If successful, skiboot sets a variable named ``uv_present`` to true. Skiboot uses +the macro ``is_uv_present`` to dermine if the UV is initialized and ready to +perform ucalls. + +uv_base_addr is not needed by the UV but is used by ``cpu_start_ultravisor``. This +member could be moved into a separate structure for ``cpu_start_ultravisor``. + +Ultravisor Failed Start Recovery +================================ + +If the Ultravisor fails to start it will return a error code in ``uv_ret_code``. +skiboot will continue to be in ultravisor privilege mode, and will need to +perform a recovery action. + +[**TODO**: Need to describe the steps for Ultravisor load failure recovery action.] + +Ultracalls +########## + +Ultravisor calls API +==================== + +This section describes Ultravisor calls (ultracalls) needed by skiboot. +The ultracalls allow the skiboot to request services from the +Ultravisor such as initializing a chip unit via XSCOM. + +The specific service needed from an ultracall is specified in register +R3 (the first parameter to the ultracall). Other parameters to the +ultracall, if any, are specified in registers R4 through R12. + +Return value of all ultracalls is in register R3. Other output values +from the ultracall, if any, are returned in registers R4 through R12. + +Each ultracall returns specific error codes, applicable in the context +of the ultracall. However, like with the PowerPC Architecture Platform +Reference (PAPR), if no specific error code is defined for a +particular situation, then the ultracall will fallback to an erroneous +parameter-position based code. i.e U_PARAMETER, U_P2, U_P3 etc +depending on the ultracall parameter that may have caused the error. + +For now this only covers ultracalls currently implemented and being used by +skiboot but others can be added here when it makes sense. + +The full specification for all ultracalls will eventually be made available in +the public/OpenPower version of the PAPR specification. + +Ultracalls used by Skiboot +========================== + +UV_READ_SCOM +------------ + +Perform an XSCOM read and put the value in a buffer. + +Syntax +~~~~~~ + +.. code-block:: c + + long ucall(unsigned long UV_READ_SCOM, + unsigned long *retbuf, + u64 partid, + u64 pcb_addr) + +Return values +~~~~~~~~~~~~~ + +* U_SUCCESS on success. +* U_PERMISSION if called from VM context. +* U_PARAMETER if invalid partiton or address. +* U_BUSY if unit is busy. + +UV_WRITE_SCOM +------------- + +Perform an XSCOM write. + +Syntax +~~~~~~ + +.. code-block:: c + + long ucall(unsigned long UV_WRITE_SCOM, + unsigned long *retbuf, + u64 partid, + u64 pcb_addr, + u64 val) + +Return values +~~~~~~~~~~~~~ + +One of the following values: + +* U_SUCCESS on success. +* U_PERMISSION if called from VM context +* U_PARAMETER if invalid partiton +* U_BUSY if unit is busy + +References +########## + +.. [1] `Supporting Protected Computing on IBM Power Architecture `_ From patchwork Fri Sep 20 13:58:17 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ryan Grimm X-Patchwork-Id: 1165212 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [203.11.71.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 46Zb2G57vyz9s00 for ; Sat, 21 Sep 2019 00:00:06 +1000 (AEST) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=linux.ibm.com Received: from bilbo.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 46Zb2F5QhSzDqWw for ; Sat, 21 Sep 2019 00:00:05 +1000 (AEST) X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=linux.ibm.com (client-ip=148.163.158.5; helo=mx0a-001b2d01.pphosted.com; envelope-from=grimm@linux.ibm.com; receiver=) Authentication-Results: lists.ozlabs.org; dmarc=none (p=none dis=none) header.from=linux.ibm.com Received: from mx0a-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 46Zb1v5s6RzF327 for ; Fri, 20 Sep 2019 23:59:47 +1000 (AEST) Received: from pps.filterd (m0098414.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x8KDqUJX049356; Fri, 20 Sep 2019 09:59:44 -0400 Received: from ppma03dal.us.ibm.com (b.bd.3ea9.ip4.static.sl-reverse.com [169.62.189.11]) by mx0b-001b2d01.pphosted.com with ESMTP id 2v4x5ad9fc-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 20 Sep 2019 09:59:44 -0400 Received: from pps.filterd (ppma03dal.us.ibm.com [127.0.0.1]) by ppma03dal.us.ibm.com (8.16.0.27/8.16.0.27) with SMTP id x8KDpJud021322; Fri, 20 Sep 2019 13:59:43 GMT Received: from b03cxnp07029.gho.boulder.ibm.com (b03cxnp07029.gho.boulder.ibm.com [9.17.130.16]) by ppma03dal.us.ibm.com with ESMTP id 2v3vbuswf2-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 20 Sep 2019 13:59:43 +0000 Received: from b03ledav002.gho.boulder.ibm.com (b03ledav002.gho.boulder.ibm.com [9.17.130.233]) by b03cxnp07029.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id x8KDxdtT52953398 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 20 Sep 2019 13:59:40 GMT Received: from b03ledav002.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id DB478136061; Fri, 20 Sep 2019 13:59:39 +0000 (GMT) Received: from b03ledav002.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id AFC9D136051; Fri, 20 Sep 2019 13:59:38 +0000 (GMT) Received: from alain.ibm.com (unknown [9.85.201.128]) by b03ledav002.gho.boulder.ibm.com (Postfix) with ESMTP; Fri, 20 Sep 2019 13:59:38 +0000 (GMT) From: Ryan Grimm To: skiboot@lists.ozlabs.org Date: Fri, 20 Sep 2019 09:58:17 -0400 Message-Id: <20190920135823.471-3-grimm@linux.ibm.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190920135823.471-1-grimm@linux.ibm.com> References: <20190920135823.471-1-grimm@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-09-20_05:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=3 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1908290000 definitions=main-1909200135 Subject: [Skiboot] [RFC PATCH v2 2/8] Add ultravisor support in OPAL X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: janani@us.ibm.com, suka@us.ibm.com, Ryan Grimm Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" From: Madhavan Srinivasan Ultravisor is the firmware which runs in the new privelege mode called ultravisor mode, which was introduced in Power 9. Ultravisor enables running of secure virtual machines on the host. Protected execution facility in Power 9 uses special memory areas designated as secure memory, which can be accessed only in the ultravisor mode. This protection is provided by the hardware. These designated memory areas are used by the guests running as secure virtual machines. The secure memory ranges are provided by the hostboot through HDATA. Get secure memory ranges from HDATA and add to device tree for ultravisor firmware. Ultravisor firmware is present as a lid file or as 'UVISOR' partition. Use flash resource load helper to load ultravisor firmware into secure memory area pointed by the hdata. The ultravisor image after is start on each CPU after being loaded from the flash/fsp. It is copied to secure memory and run. Signed-off-by: Madhavan Srinivasan Signed-off-by: Santosh Sivaraj [ grimm: Add init_uv comments, logging, and logic cleanups ] [ grimm: Increase UV image max size to 2MB ] [ grimm: Redfine the OPAL UV shared data structure ] [ grimm: Remove Hostboot regions from secure range 0 ] [ grimm: SPDX licensing ] [ grimm: clean up allocation and freeing ] [ grimm: DT bindings fixups ] [ grimm: Define load identifiers for ultra.lid.xz ] [ grimm: Improve error logging ] [ grimm: Fix secure-memory-ranges for multiple ranges ] [ grimm: hdata: Dont ignore range if SMF is enbaled ] [ grimm: use cleanup_addr on secure mem ranges ] [ grimm: ret code checks, various cleanups for BML ] Signed-off-by: Ryan Grimm [ andmike: Split init and start of ultravisor ] Signed-off-by: Michael Anderson --- asm/head.S | 22 ++ core/flash.c | 1 + core/init.c | 11 + hdata/memory.c | 17 +- hw/Makefile.inc | 1 + hw/fsp/fsp.c | 2 + hw/ultravisor.c | 487 +++++++++++++++++++++++++++++++++++++++ include/platform.h | 1 + include/processor.h | 12 + include/ultravisor-api.h | 18 ++ include/ultravisor.h | 27 +++ 11 files changed, 597 insertions(+), 2 deletions(-) create mode 100644 hw/ultravisor.c create mode 100644 include/ultravisor-api.h create mode 100644 include/ultravisor.h diff --git a/asm/head.S b/asm/head.S index e78dc520..18ce3044 100644 --- a/asm/head.S +++ b/asm/head.S @@ -1065,3 +1065,25 @@ start_kernel_secondary: mtctr %r3 mfspr %r3,SPR_PIR bctr + +.global start_uv +start_uv: + mflr %r0 + std %r0,16(%r1) + sync + icbi 0,%r3 + sync + isync + mtctr %r3 + mr %r3,%r4 + LOAD_IMM64(%r8,SKIBOOT_BASE); + LOAD_IMM32(%r10, opal_entry - __head) + add %r9,%r8,%r10 + LOAD_IMM32(%r6, EPAPR_MAGIC) + addi %r7,%r5,1 + li %r4,0 + li %r5,0 + bctrl + ld %r0,16(%r1) + mtlr %r0 + blr diff --git a/core/flash.c b/core/flash.c index 203b695d..a9c25486 100644 --- a/core/flash.c +++ b/core/flash.c @@ -42,6 +42,7 @@ static struct { { RESOURCE_ID_INITRAMFS,RESOURCE_SUBID_NONE, "ROOTFS" }, { RESOURCE_ID_CAPP, RESOURCE_SUBID_SUPPORTED, "CAPP" }, { RESOURCE_ID_IMA_CATALOG, RESOURCE_SUBID_SUPPORTED, "IMA_CATALOG" }, + { RESOURCE_ID_UV_IMAGE, RESOURCE_SUBID_NONE, "UVISOR" }, { RESOURCE_ID_VERSION, RESOURCE_SUBID_NONE, "VERSION" }, { RESOURCE_ID_KERNEL_FW, RESOURCE_SUBID_NONE, "BOOTKERNFW" }, }; diff --git a/core/init.c b/core/init.c index 25d827f2..ca83df7e 100644 --- a/core/init.c +++ b/core/init.c @@ -44,6 +44,7 @@ #include #include #include +#include enum proc_gen proc_gen; unsigned int pcie_max_link_speed; @@ -1203,6 +1204,11 @@ void __noreturn __nomcount main_cpu_entry(const void *fdt) pci_nvram_init(); preload_capp_ucode(); + + /* preload and decompress ultravisor image */ + uv_preload_image(); + uv_decompress_image(); + start_preload_kernel(); /* Catalog decompression routine */ @@ -1258,6 +1264,9 @@ void __noreturn __nomcount main_cpu_entry(const void *fdt) /* Add the list of interrupts going to OPAL */ add_opal_interrupts(); + /* Init uiltravisor software */ + init_uv(); + /* Now release parts of memory nodes we haven't used ourselves... */ mem_region_release_unused(); @@ -1275,6 +1284,8 @@ void __noreturn __nomcount main_cpu_entry(const void *fdt) checksum_romem(); + start_ultravisor(); + load_and_boot_kernel(false); } diff --git a/hdata/memory.c b/hdata/memory.c index 9af7ae71..25b8088d 100644 --- a/hdata/memory.c +++ b/hdata/memory.c @@ -10,6 +10,7 @@ #include #include #include +#include #include "spira.h" #include "hdata.h" @@ -59,6 +60,8 @@ struct HDIF_ms_area_address_range { #define MS_CONTROLLER_MCS_ID(id) GETFIELD(PPC_BITMASK32(4, 7), id) #define MS_CONTROLLER_MCA_ID(id) GETFIELD(PPC_BITMASK32(8, 15), id) +#define MS_ATTR_SMF (PPC_BIT32(23)) + struct HDIF_ms_area_id { __be16 id; #define MS_PTYPE_RISER_CARD 0x8000 @@ -163,6 +166,16 @@ static bool add_address_range(struct dt_node *root, return false; } + if (arange->mirror_attr & MS_ATTR_SMF) { + prlog(PR_DEBUG, "Found secure memory"); + if (!uv_add_mem_range(reg[0], cleanup_addr(be64_to_cpu(arange->end)))) { + prlog(PR_INFO, "Failed to add secure memory range to DT\n"); + mem_reserve_fw(name, reg[0], reg[1]); + return false; + } else + return true; + } + if (be16_to_cpu(id->flags) & MS_AREA_SHARED) { mem = dt_find_by_name_addr(dt_root, name, reg[0]); if (mem) { @@ -676,9 +689,9 @@ static void get_hb_reserved_mem(struct HDIF_common_hdr *ms_vpd) /* * Workaround broken HDAT reserve regions which are - * bigger than 512MB + * bigger than 512MB and not secure memory */ - if ((end_addr - start_addr) > 0x20000000) { + if (((end_addr - start_addr) > 0x20000000) && !(start_addr & UV_SECURE_MEM_BIT)) { prlog(PR_ERR, "MEM: Ignoring Bad HDAT reserve: too big\n"); continue; } diff --git a/hw/Makefile.inc b/hw/Makefile.inc index b708bdfe..848898b9 100644 --- a/hw/Makefile.inc +++ b/hw/Makefile.inc @@ -9,6 +9,7 @@ HW_OBJS += fake-nvram.o lpc-mbox.o npu2.o npu2-hw-procedures.o HW_OBJS += npu2-common.o npu2-opencapi.o phys-map.o sbe-p9.o capp.o HW_OBJS += occ-sensor.o vas.o sbe-p8.o dio-p9.o lpc-port80h.o cache-p9.o HW_OBJS += npu-opal.o npu3.o npu3-nvlink.o npu3-hw-procedures.o +HW_OBJS += ultravisor.o HW=hw/built-in.a include $(SRC)/hw/fsp/Makefile.inc diff --git a/hw/fsp/fsp.c b/hw/fsp/fsp.c index 6fa6534f..829e56f4 100644 --- a/hw/fsp/fsp.c +++ b/hw/fsp/fsp.c @@ -114,6 +114,7 @@ static u64 fsp_hir_timeout; #define KERNEL_LID_PHYP 0x80a00701 #define KERNEL_LID_OPAL 0x80f00101 #define INITRAMFS_LID_OPAL 0x80f00102 +#define ULTRA_LID_OPAL 0x80f00105 /* * We keep track on last logged values for some things to print only on @@ -2375,6 +2376,7 @@ static struct { } fsp_lid_map[] = { { RESOURCE_ID_KERNEL, RESOURCE_SUBID_NONE, KERNEL_LID_OPAL }, { RESOURCE_ID_INITRAMFS,RESOURCE_SUBID_NONE, INITRAMFS_LID_OPAL }, + { RESOURCE_ID_UV_IMAGE, RESOURCE_SUBID_NONE, ULTRA_LID_OPAL }, { RESOURCE_ID_IMA_CATALOG,IMA_CATALOG_NIMBUS, 0x80f00103 }, { RESOURCE_ID_CAPP, CAPP_IDX_MURANO_DD20, 0x80a02002 }, { RESOURCE_ID_CAPP, CAPP_IDX_MURANO_DD21, 0x80a02001 }, diff --git a/hw/ultravisor.c b/hw/ultravisor.c new file mode 100644 index 00000000..8e3cceb4 --- /dev/null +++ b/hw/ultravisor.c @@ -0,0 +1,487 @@ +// SPDX-License-Identifier: Apache-2.0 +/* Copyright 2018-2019 IBM Corp. */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +static char *uv_image = NULL; +static size_t uv_image_size; +struct xz_decompress *uv_xz = NULL; +static struct uv_opal *uv_opal; + +static struct dt_node *add_uv_dt_node(void) +{ + struct dt_node *dev, *uv; + + dev = dt_new_check(dt_root, "ibm,ultravisor"); + if (!dev) + return NULL; + + dt_add_property_string(dev, "compatible", "ibm,ultravisor"); + uv = dt_new_check(dev, "firmware"); + if (!uv) { + dt_free(dev); + return NULL; + } + + dt_add_property_string(uv, "compatible", "firmware"); + return dev; +} + +static struct dt_node *find_uv_node(void) +{ + struct dt_node *uv_node, *dt; + + uv_node = dt_find_compatible_node(dt_root, NULL, "ibm,uv-firmware"); + if (!uv_node) { + prlog(PR_DEBUG, "ibm,uv-firmware compatible node not found, creating"); + dt = add_uv_dt_node(); + if (!dt) + return NULL; + uv_node = dt_find_compatible_node(dt_root, NULL, "ibm,uv-firmware"); + } + + return uv_node; +} + +static bool find_secure_mem_to_copy(uint64_t *target, uint64_t *sz) +{ + struct dt_node *uv_node = find_uv_node(); + const struct dt_property *ranges; + uint64_t uv_pef_reg; + uint64_t *range, sm_size, img_size = UV_LOAD_MAX_SIZE; + + /* + * "uv-secure-memory" property could have multiple + * secure memory blocks. Pick first to load + * ultravisor in it. + */ + ranges = dt_find_property(uv_node, "secure-memory-ranges"); + if (!ranges) + return false; + + range = (void *)ranges->prop; + do { + uv_pef_reg = dt_get_number(range, 2); + if (!uv_pef_reg) + return false; + + sm_size = dt_get_number(range + 1, 2); + if (sm_size > img_size) + break; + range += 2; + } while (range); + + *target = uv_pef_reg; + *sz = sm_size; + return true; +} + +static uint64_t find_uv_fw_base_addr(struct dt_node *uv_node) +{ + uint64_t base_addr = 0; + + if (dt_has_node_property(uv_node, "reg", NULL)) + base_addr = dt_prop_get_u64(uv_node, "reg"); + + return base_addr; +} + +static void reserve_secure_memory_region(void) +{ + struct dt_node *uv_node = find_uv_node(); + const struct dt_property *ranges; + uint64_t *range, *rangesp, sm_size, addr; + char buf[128]; + int i=0; + + ranges = dt_find_property(uv_node, "secure-memory-ranges"); + if (!ranges) + return; + + for (rangesp = (uint64_t *)(ranges->prop + ranges->len), + range = (uint64_t *)ranges->prop; + range < rangesp; + range += 2) { + addr = dt_get_number(range, 2); + if (!addr) + break; + + sm_size = dt_get_number(range + 1, 2); + if (!sm_size) + break; + + /* Remove Hostboot regions from secure memory 0 so we don't abort + * on overlapping regions */ + if (i == 0) { + prlog(PR_INFO, "Secure region 0, removing HB region\n"); + /* TODO: Check with Hostboot for memory map */ + sm_size = sm_size - UV_HB_RESERVE_SIZE; + } + + snprintf(buf, 128, "ibm,secure-region-%d",i++); + mem_reserve_fw(strdup(buf), addr, sm_size); + } + + return; +} + +static void reserve_uv_memory(struct uv_opal *uv_opal) +{ + if (uv_opal->uv_base_addr == UV_LOAD_BASE) { + mem_reserve_fw("ibm,uv-code", UV_LOAD_BASE, UV_LOAD_MAX_SIZE); + } else { + reserve_secure_memory_region(); + } +} + +static void cpu_start_ultravisor(void *data) +{ + struct uv_opal *ptr = (struct uv_opal *)data; + start_uv(ptr->uv_base_addr, ptr); +} + +int start_ultravisor(void) +{ + struct cpu_thread *cpu; + struct cpu_job **jobs; + int i=0; + + prlog(PR_NOTICE, "UV: Starting Ultravisor at 0x%llx sys_fdt 0x%llx uv_fdt 0x%0llx\n", + uv_opal->uv_base_addr, uv_opal->sys_fdt, uv_opal->uv_fdt); + + /* Alloc memory for Jobs */ + jobs = zalloc(sizeof(struct cpu_job*) * cpu_max_pir); + + for_each_available_cpu(cpu) { + if (cpu == this_cpu()) + continue; + jobs[i++] = cpu_queue_job(cpu, "start_ultravisor", + cpu_start_ultravisor, (void *)uv_opal); + } + + cpu_start_ultravisor((void *)uv_opal); + + /* wait for everyone to sync back */ + while (i > 0) { + cpu_wait_job(jobs[--i], true); + } + + /* free used stuff */ + free(jobs); + + /* Check everything is fine */ + if (uv_opal->uv_ret_code) { + return OPAL_HARDWARE; + } + + return OPAL_SUCCESS; +} + +static int create_dtb_uv(void *uv_fdt) +{ + if (fdt_create(uv_fdt, UV_FDT_MAX_SIZE)) { + prerror("UV: Failed to create uv_fdt\n"); + return 1; + } + + fdt_finish_reservemap(uv_fdt); + fdt_begin_node(uv_fdt, ""); + fdt_property_string(uv_fdt, "description", "Ultravisor fdt"); + fdt_begin_node(uv_fdt, "ibm,uv-fdt"); + fdt_property_string(uv_fdt, "compatible", "ibm,uv-fdt"); + fdt_end_node(uv_fdt); + fdt_end_node(uv_fdt); + fdt_finish(uv_fdt); + + return OPAL_SUCCESS; +} + +static void free_uv(void) +{ + struct mem_region *region = find_mem_region("ibm,firmware-allocs-memory@0"); + + lock(®ion->free_list_lock); + mem_free(region, uv_image, __location__); + unlock(®ion->free_list_lock); +} + +static bool alloc_uv(void) +{ + struct proc_chip *chip = next_chip(NULL); + + uv_image_size = MAX_COMPRESSED_UV_IMAGE_SIZE; + if (!(uv_image = local_alloc(chip->id, uv_image_size, uv_image_size))) + return false; + memset(uv_image, 0, uv_image_size); + return true; +} + +/* We could be running on Mambo, Cronus, or Hostboot + * + * Detect Mambo via chip quirk. Mambo writes the uncompressed UV images + * directly to secure memory and passes secure memory location via device tree. + * + * Detect Cronus when HB decompress fails. Cronus writes the uncompressed UV + * image to insecure memory and init_uv will copy from insecure to secure. + * + * Assume HB by waiting for decompress. UV should have been loaded from FSP + * and decompressed earlier via uv_preload_image and uv_decompress_image. The + * secure location of the UV provided by those functions in xz struct. */ +void init_uv() +{ + struct dt_node *node; + const struct dt_property *base; + uint64_t uv_src_addr, uv_pef_reg, uv_pef_size; + void *uv_fdt; + + prlog(PR_DEBUG, "UV: Init starting\n"); + + if (!is_msr_bit_set(MSR_S)) { + prerror("UV: S bit not set\n"); + goto load_error; + } + + if (!(uv_opal = zalloc(sizeof(struct uv_opal)))) { + prerror("UV: Failed to allocate uv_opal\n"); + goto load_error; + } + + + if (!(node = find_uv_node())) { + prerror("UV: Device tree node not found\n"); + goto load_error; + } + + if (proc_chip_quirks & QUIRK_MAMBO_CALLOUTS) { + prlog(PR_INFO, "UV: Mambo simulator detected\n"); + + if (!find_secure_mem_to_copy(&uv_pef_reg, &uv_pef_size)) { + prerror("UV: No secure memory configured, exiting\n"); + goto load_error; + } + + goto start; + } + + /* This would be null in case we are on Cronus */ + if (!uv_xz) { + + prlog(PR_INFO, "UV: Platform load failed, detecting UV image via device tree\n"); + + if (!find_secure_mem_to_copy(&uv_pef_reg, &uv_pef_size)) { + prerror("UV: No secure memory configured, exiting\n"); + goto load_error; + } + + if (!(uv_src_addr = find_uv_fw_base_addr(node))) { + prerror("UV: Couldn't find UV base address in device tree\n"); + goto load_error; + } + + prlog(PR_INFO, "UV: Copying Ultravisor to protected memory 0x%llx from 0x%llx\n", uv_pef_reg, uv_src_addr); + + memcpy((void *)uv_pef_reg, (void *)uv_src_addr, UV_LOAD_MAX_SIZE); + + goto start; + } + + /* Hostboot path */ + wait_xz_decompress(uv_xz); + if (uv_xz->status) { + prerror("UV: Compressed Ultravisor image failed to decompress"); + goto load_error; + } + + /* the uncompressed location will be the base address of ultravisor + * so fix up if it's already there */ + base = dt_find_property(node, "reg"); + if (base) + dt_del_property(node, (struct dt_property *)base); + + dt_add_property_u64(node, "reg", (uint64_t)uv_xz->dst); + + uv_pef_reg = (uint64_t)uv_xz->dst; + uv_pef_size = (uint64_t)uv_xz->dst_size; + +start: + uv_opal->uv_base_addr = uv_pef_reg; + + uv_opal->sys_fdt = (__be64)create_dtb(dt_root, false); + if (!uv_opal->sys_fdt) { + prerror("UV: Failed to create system fdt\n"); + goto load_error; + } + + uv_fdt = (void *)(uv_pef_reg + UV_LOAD_MAX_SIZE); + if (create_dtb_uv(uv_fdt)) { + prerror("UV: Failed to create uv fdt\n"); + goto load_error; + } + uv_opal->uv_fdt = (__be64)uv_fdt; + + reserve_uv_memory(uv_opal); + +load_error: + free_uv(); + free(uv_xz); +} + +static bool dt_append_memory_range(struct dt_node *node, __be64 start, + __be64 len) +{ + const struct dt_property *ranges; + size_t size; + u32 *new_ranges; + int i; + + /* for Cronus boot the BML script creates secure-memory-ranges + * for Mambo boot the ultra.tcl script create secure-memory ranges + * for HostBoot, skiboot parses HDAT in hdata/memory.c and creates it here */ + ranges = dt_find_property(node, "secure-memory-ranges"); + if (!ranges) { + prlog(PR_DEBUG, "Creating secure-memory-ranges.\n"); + ranges = dt_add_property_cells(node, "secure-memory-ranges", + hi32(start), lo32(start), + hi32(len), lo32(len)); + return true; + } + + prlog(PR_DEBUG, "Adding secure memory range range at 0x%llx of size: 0x%llx\n", start, len); + /* Calculate the total size in bytes of the new property */ + size = ranges->len + 16; + new_ranges = (u32 *)malloc(size); + memcpy(new_ranges, ranges->prop, ranges->len); + + i = ranges->len / 4; + /* The ranges property will be of type */ + new_ranges[i++] = hi32(start); + new_ranges[i++] = lo32(start); + new_ranges[i++] = hi32(len); + new_ranges[i] = lo32(len); + + /* Update our node with the new set of ranges */ + dt_del_property(node, (struct dt_property *)ranges); + dt_add_property(node, "secure-memory-ranges", (void *)new_ranges, size); + + return true; +} + +/* + * This code returns false on invalid memory ranges and in no-secure mode. + * It is the caller's responsibility of moving the memory to appropriate + * reserved areas. + */ +bool uv_add_mem_range(__be64 start, __be64 end) +{ + struct dt_node *uv_node; + bool ret = false; + + if (!is_msr_bit_set(MSR_S)) + return ret; + + /* Check if address range is secure */ + if (!((start & UV_SECURE_MEM_BIT) && (end & UV_SECURE_MEM_BIT))) { + prlog(PR_DEBUG, "Invalid secure address range.\n"); + return ret; + } + + uv_node = find_uv_node(); + if (!uv_node) { + prlog(PR_ERR, "Could not create uv node\n"); + return false; + } + + ret = dt_append_memory_range(uv_node, start, end - start + 1); + + if (ret) + prlog(PR_NOTICE, "Secure memory range added [0x%016llx..0x%015llx]\n", start, end); + + return ret; +} + +/* + * Preload the UV image from PNOR partition + */ +void uv_preload_image(void) +{ + int ret; + + prlog(PR_INFO, "UV: Preload starting\n"); + + if (!alloc_uv()) { + prerror("UV: Memory allocation failed\n"); + return; + } + + ret = start_preload_resource(RESOURCE_ID_UV_IMAGE, RESOURCE_SUBID_NONE, + uv_image, &uv_image_size); + + if (ret != OPAL_SUCCESS) { + prerror("UV: platform load failed: %d\n", ret); + } +} + +/* + * Decompress the UV image + * + * This function modifies the uv_image variable to point to the decompressed + * image location. + */ +void uv_decompress_image(void) +{ + const struct dt_property *ranges; + struct dt_node *uv_node; + uint64_t *range; + + if (uv_image == NULL) { + prerror("UV: Preload hasn't started yet! Aborting.\n"); + return; + } + + if (wait_for_resource_loaded(RESOURCE_ID_UV_IMAGE, + RESOURCE_SUBID_NONE) != OPAL_SUCCESS) { + prerror("UV: Ultravisor image load failed\n"); + return; + } + + uv_node = dt_find_by_name(dt_root, "ibm,uv-firmware"); + if (!uv_node) { + prerror("UV: Cannot find ibm,uv-firmware node\n"); + return; + } + + ranges = dt_find_property(uv_node, "secure-memory-ranges"); + if (!ranges) { + prerror("UV: Cannot find secure-memory-ranges"); + return; + } + + uv_xz = malloc(sizeof(struct xz_decompress)); + if (!uv_xz) { + prerror("UV: Cannot allocate memory for decompression of UV\n"); + return; + } + + /* the load area is the first secure memory range */ + range = (void *)ranges->prop; + uv_xz->dst = (void *)dt_get_number(range, 2); + uv_xz->dst_size = dt_get_number(range + 1, 2); + uv_xz->src = uv_image; + uv_xz->src_size = uv_image_size; + + /* TODO security and integrity checks? */ + xz_start_decompress(uv_xz); + if ((uv_xz->status != OPAL_PARTIAL) && (uv_xz->status != OPAL_SUCCESS)) + prerror("UV: XZ decompression failed status 0x%x\n", uv_xz->status); +} diff --git a/include/platform.h b/include/platform.h index 0b043856..259550d4 100644 --- a/include/platform.h +++ b/include/platform.h @@ -17,6 +17,7 @@ enum resource_id { RESOURCE_ID_INITRAMFS, RESOURCE_ID_CAPP, RESOURCE_ID_IMA_CATALOG, + RESOURCE_ID_UV_IMAGE, RESOURCE_ID_VERSION, RESOURCE_ID_KERNEL_FW, }; diff --git a/include/processor.h b/include/processor.h index 352fd1ec..0a552998 100644 --- a/include/processor.h +++ b/include/processor.h @@ -11,6 +11,7 @@ #define MSR_HV PPC_BIT(3) /* Hypervisor mode */ #define MSR_VEC PPC_BIT(38) /* VMX enable */ #define MSR_VSX PPC_BIT(40) /* VSX enable */ +#define MSR_S PPC_BIT(41) /* Secure Mode enable */ #define MSR_EE PPC_BIT(48) /* External Int. Enable */ #define MSR_PR PPC_BIT(49) /* Problem state */ #define MSR_FP PPC_BIT(50) /* Floating Point Enable */ @@ -368,6 +369,17 @@ static inline void st_le32(uint32_t *addr, uint32_t val) asm volatile("stwbrx %0,0,%1" : : "r"(val), "r"(addr), "m"(*addr)); } +/* + * MSR bit check + */ +static inline bool is_msr_bit_set(uint64_t bit) +{ + if (mfmsr() & bit) + return true; + + return false; +} + #endif /* __TEST__ */ #endif /* __ASSEMBLY__ */ diff --git a/include/ultravisor-api.h b/include/ultravisor-api.h new file mode 100644 index 00000000..8a99b7c4 --- /dev/null +++ b/include/ultravisor-api.h @@ -0,0 +1,18 @@ +// SPDX-License-Identifier: Apache-2.0 +/* Copyright 2018-2019 IBM Corp. */ + +#ifndef __ULTRAVISOR_API_H +#define __ULTRAVISOR_API_H + +struct uv_opal { + __be32 magic; /**< 'OPUV' 0x4F505556 OPUV_MAGIC */ + __be32 version; /**< uv_opal struct version */ + __be32 uv_ret_code; /**< 0 - Success, <0> : error. */ + __be32 uv_api_ver; /**< Current uv api version. */ + __be64 uv_base_addr; /**< Base address of UV in secure memory. */ + __be64 sys_fdt; /**< System FDT. */ + __be64 uv_fdt; /**< UV FDT in secure memory. */ + __be64 uv_mem; /**< struct memcons */ +}; + +#endif /* __ULTRAVISOR_API_H */ diff --git a/include/ultravisor.h b/include/ultravisor.h new file mode 100644 index 00000000..b49121ce --- /dev/null +++ b/include/ultravisor.h @@ -0,0 +1,27 @@ +// SPDX-License-Identifier: Apache-2.0 +/* Copyright 2018-2019 IBM Corp. */ + +#ifndef __ULTRAVISOR_H +#define __ULTRAVISOR_H + +#include + +/* Bit 15 of an address should be set for it to be used as a secure memory area + * for the secure virtual machines */ +#define UV_SECURE_MEM_BIT (PPC_BIT(15)) +#define MAX_COMPRESSED_UV_IMAGE_SIZE 0x40000 /* 256 Kilobytes */ +#define UV_ACCESS_BIT 0x1ULL << 48 +/* Address at which the Ultravisor is loaded for BML and Mambo */ +#define UV_LOAD_BASE 0xC0000000 +#define UV_LOAD_MAX_SIZE 0x200000 +#define UV_FDT_MAX_SIZE 0x100000 +#define UV_HB_RESERVE_SIZE 0x4000000; + +extern int start_uv(uint64_t entry, struct uv_opal *uv_opal); +extern bool uv_add_mem_range(__be64 start, __be64 end); +extern void uv_preload_image(void); +extern void uv_decompress_image(void); +extern void init_uv(void); +extern int start_ultravisor(void); + +#endif /* __ULTRAVISOR_H */ From patchwork Fri Sep 20 13:58:18 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ryan Grimm X-Patchwork-Id: 1165214 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 46Zb2p6gDBz9s7T for ; Sat, 21 Sep 2019 00:00:34 +1000 (AEST) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=linux.ibm.com Received: from bilbo.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 46Zb2n4xdqzDr30 for ; Sat, 21 Sep 2019 00:00:33 +1000 (AEST) X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=linux.ibm.com (client-ip=148.163.156.1; helo=mx0a-001b2d01.pphosted.com; envelope-from=grimm@linux.ibm.com; receiver=) Authentication-Results: lists.ozlabs.org; dmarc=none (p=none dis=none) header.from=linux.ibm.com Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 46Zb2500ThzDqBs for ; Fri, 20 Sep 2019 23:59:56 +1000 (AEST) Received: from pps.filterd (m0098393.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x8KDqwc2011152; Fri, 20 Sep 2019 09:59:53 -0400 Received: from ppma03dal.us.ibm.com (b.bd.3ea9.ip4.static.sl-reverse.com [169.62.189.11]) by mx0a-001b2d01.pphosted.com with ESMTP id 2v4xqgc0u0-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 20 Sep 2019 09:59:53 -0400 Received: from pps.filterd (ppma03dal.us.ibm.com [127.0.0.1]) by ppma03dal.us.ibm.com (8.16.0.27/8.16.0.27) with SMTP id x8KDpJbD021325; Fri, 20 Sep 2019 13:59:52 GMT Received: from b03cxnp08027.gho.boulder.ibm.com (b03cxnp08027.gho.boulder.ibm.com [9.17.130.19]) by ppma03dal.us.ibm.com with ESMTP id 2v3vbuswg9-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 20 Sep 2019 13:59:52 +0000 Received: from b03ledav002.gho.boulder.ibm.com (b03ledav002.gho.boulder.ibm.com [9.17.130.233]) by b03cxnp08027.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id x8KDxnHi58392918 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 20 Sep 2019 13:59:49 GMT Received: from b03ledav002.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 9D4DD136055; Fri, 20 Sep 2019 13:59:49 +0000 (GMT) Received: from b03ledav002.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 9031B136051; Fri, 20 Sep 2019 13:59:48 +0000 (GMT) Received: from alain.ibm.com (unknown [9.85.201.128]) by b03ledav002.gho.boulder.ibm.com (Postfix) with ESMTP; Fri, 20 Sep 2019 13:59:48 +0000 (GMT) From: Ryan Grimm To: skiboot@lists.ozlabs.org Date: Fri, 20 Sep 2019 09:58:18 -0400 Message-Id: <20190920135823.471-4-grimm@linux.ibm.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190920135823.471-1-grimm@linux.ibm.com> References: <20190920135823.471-1-grimm@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-09-20_05:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=3 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1908290000 definitions=main-1909200135 Subject: [Skiboot] [RFC PATCH v2 3/8] pef: Add memcons support for ultravisor X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: janani@us.ibm.com, suka@us.ibm.com Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" From: Madhavan Srinivasan The ultravisor console buffer is provided at offset 0x01100000 from the skiboot base. Signed-off-by: Madhavan Srinivasan Signed-off-by: Santosh Sivaraj --- hw/ultravisor.c | 13 +++++++++++++ include/console.h | 3 +++ include/debug_descriptor.h | 1 + include/mem-map.h | 16 ++++++++++------ 4 files changed, 27 insertions(+), 6 deletions(-) diff --git a/hw/ultravisor.c b/hw/ultravisor.c index 8e3cceb4..c9e837ac 100644 --- a/hw/ultravisor.c +++ b/hw/ultravisor.c @@ -11,6 +11,8 @@ #include #include #include +#include +#include #include #include @@ -19,6 +21,14 @@ static size_t uv_image_size; struct xz_decompress *uv_xz = NULL; static struct uv_opal *uv_opal; +struct memcons uv_memcons __section(".data.memcons") = { + .magic = MEMCONS_MAGIC, + .obuf_phys = INMEM_UV_CON_START, + .ibuf_phys = INMEM_UV_CON_START + INMEM_UV_CON_OUT_LEN, + .obuf_size = INMEM_UV_CON_OUT_LEN, + .ibuf_size = INMEM_UV_CON_IN_LEN, +}; + static struct dt_node *add_uv_dt_node(void) { struct dt_node *dev, *uv; @@ -316,6 +326,7 @@ void init_uv() start: uv_opal->uv_base_addr = uv_pef_reg; + uv_opal->uv_mem = (__be64)&uv_memcons; uv_opal->sys_fdt = (__be64)create_dtb(dt_root, false); if (!uv_opal->sys_fdt) { @@ -332,6 +343,8 @@ start: reserve_uv_memory(uv_opal); + dt_add_property_u64(opal_node, "memcons", (u64) &uv_memcons); + debug_descriptor.uv_memcons_phys = (u64)&uv_memcons; load_error: free_uv(); free(uv_xz); diff --git a/include/console.h b/include/console.h index 26602b7a..0ce95ff9 100644 --- a/include/console.h +++ b/include/console.h @@ -28,9 +28,12 @@ struct memcons { }; extern struct memcons memcons; +extern struct memcons uv_memcons; #define INMEM_CON_IN_LEN 16 #define INMEM_CON_OUT_LEN (INMEM_CON_LEN - INMEM_CON_IN_LEN) +#define INMEM_UV_CON_IN_LEN 16 +#define INMEM_UV_CON_OUT_LEN (INMEM_UV_CON_LEN - INMEM_UV_CON_IN_LEN) /* Console driver */ struct con_ops { diff --git a/include/debug_descriptor.h b/include/debug_descriptor.h index 774c3607..ab6df0b8 100644 --- a/include/debug_descriptor.h +++ b/include/debug_descriptor.h @@ -20,6 +20,7 @@ struct debug_descriptor { /* Memory console */ u64 memcons_phys; + u64 uv_memcons_phys; u32 memcons_tce; u32 memcons_obuf_tce; u32 memcons_ibuf_tce; diff --git a/include/mem-map.h b/include/mem-map.h index 4d06b64b..000781e1 100644 --- a/include/mem-map.h +++ b/include/mem-map.h @@ -73,23 +73,27 @@ #define INMEM_CON_START (SKIBOOT_BASE + 0x01000000) #define INMEM_CON_LEN 0x100000 -/* This is the location of HBRT console buffer at base + 17M */ -#define HBRT_CON_START (SKIBOOT_BASE + 0x01100000) +/* This is the location of our ultravisor console buffer at base + 17M */ +#define INMEM_UV_CON_START (SKIBOOT_BASE + 0x01100000) +#define INMEM_UV_CON_LEN 0x100000 + +/* This is the location of HBRT console buffer at base + 18M */ +#define HBRT_CON_START (SKIBOOT_BASE + 0x01200000) #define HBRT_CON_LEN 0x100000 -/* Tell FSP to put the init data at base + 20M, allocate 8M */ -#define SPIRA_HEAP_BASE (SKIBOOT_BASE + 0x01200000) +/* Tell FSP to put the init data at base + 19M, allocate 8M */ +#define SPIRA_HEAP_BASE (SKIBOOT_BASE + 0x01300000) #define SPIRA_HEAP_SIZE 0x00800000 /* This is our PSI TCE table. It's 256K entries on P8 */ -#define PSI_TCE_TABLE_BASE (SKIBOOT_BASE + 0x01a00000) +#define PSI_TCE_TABLE_BASE (SKIBOOT_BASE + 0x01c00000) #define PSI_TCE_TABLE_SIZE_P8 0x00200000UL /* Total size of the above area * * (Ensure this has at least a 64k alignment) */ -#define SKIBOOT_SIZE 0x01c00000 +#define SKIBOOT_SIZE 0x01e00000 /* We start laying out the CPU stacks from here, indexed by PIR * each stack is STACK_SIZE in size (naturally aligned power of From patchwork Fri Sep 20 13:58:19 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ryan Grimm X-Patchwork-Id: 1165215 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [203.11.71.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 46Zb3p72szz9s00 for ; Sat, 21 Sep 2019 00:01:26 +1000 (AEST) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=linux.ibm.com Received: from bilbo.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 46Zb3n4tsgzF0dD for ; Sat, 21 Sep 2019 00:01:25 +1000 (AEST) X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=linux.ibm.com (client-ip=148.163.156.1; helo=mx0a-001b2d01.pphosted.com; envelope-from=grimm@linux.ibm.com; receiver=) Authentication-Results: lists.ozlabs.org; dmarc=none (p=none dis=none) header.from=linux.ibm.com Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 46Zb2J5PyvzDqXv for ; Sat, 21 Sep 2019 00:00:08 +1000 (AEST) Received: from pps.filterd (m0098394.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x8KDr78g007618; Fri, 20 Sep 2019 10:00:05 -0400 Received: from ppma01dal.us.ibm.com (83.d6.3fa9.ip4.static.sl-reverse.com [169.63.214.131]) by mx0a-001b2d01.pphosted.com with ESMTP id 2v4yrs8y6f-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 20 Sep 2019 10:00:05 -0400 Received: from pps.filterd (ppma01dal.us.ibm.com [127.0.0.1]) by ppma01dal.us.ibm.com (8.16.0.27/8.16.0.27) with SMTP id x8KDpJJj009676; Fri, 20 Sep 2019 14:00:04 GMT Received: from b03cxnp08025.gho.boulder.ibm.com (b03cxnp08025.gho.boulder.ibm.com [9.17.130.17]) by ppma01dal.us.ibm.com with ESMTP id 2v3vbu9xev-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 20 Sep 2019 14:00:04 +0000 Received: from b03ledav002.gho.boulder.ibm.com (b03ledav002.gho.boulder.ibm.com [9.17.130.233]) by b03cxnp08025.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id x8KDxxV552167046 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 20 Sep 2019 13:59:59 GMT Received: from b03ledav002.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id A3BD0136060; Fri, 20 Sep 2019 13:59:59 +0000 (GMT) Received: from b03ledav002.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 6ECEE13604F; Fri, 20 Sep 2019 13:59:58 +0000 (GMT) Received: from alain.ibm.com (unknown [9.85.201.128]) by b03ledav002.gho.boulder.ibm.com (Postfix) with ESMTP; Fri, 20 Sep 2019 13:59:58 +0000 (GMT) From: Ryan Grimm To: skiboot@lists.ozlabs.org Date: Fri, 20 Sep 2019 09:58:19 -0400 Message-Id: <20190920135823.471-5-grimm@linux.ibm.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190920135823.471-1-grimm@linux.ibm.com> References: <20190920135823.471-1-grimm@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-09-20_05:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=13 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=785 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1908290000 definitions=main-1909200135 Subject: [Skiboot] [RFC PATCH v2 4/8] pef: ultra-call support for skiboot X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: janani@us.ibm.com, suka@us.ibm.com, Ryan Grimm Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" From: Madhavan Srinivasan A new type of system call called the ultra call is used to get the services of the ultravisor. This ultracall support is needed in skiboot to access the xscoms which are in the secure memory area. Signed-off-by: Madhavan Srinivasan Signed-off-by: Santosh Sivaraj [ andmike: ABI hange to switch from r0 to r3 ] Signed-off-by: Michael Anderson [ grimm: Comments to start_uv for register usage ] Signed-off-by: Ryan Grimm --- asm/head.S | 34 +++++++++++++++++++++++++++++++++- include/ultravisor.h | 1 + 2 files changed, 34 insertions(+), 1 deletion(-) diff --git a/asm/head.S b/asm/head.S index 18ce3044..f8808b08 100644 --- a/asm/head.S +++ b/asm/head.S @@ -1066,6 +1066,11 @@ start_kernel_secondary: mfspr %r3,SPR_PIR bctr +/* start_uv register usage: + * + * r3 is base address of UV + * r4 is ptr to struct uv_opal + */ .global start_uv start_uv: mflr %r0 @@ -1083,7 +1088,34 @@ start_uv: addi %r7,%r5,1 li %r4,0 li %r5,0 - bctrl + bctrl /* branch to UV here */ ld %r0,16(%r1) mtlr %r0 blr + +.global ucall +ucall: + mflr %r0 + stdu %r1,-STACK_FRAMESIZE(%r1) + std %r0,STACK_LR(%r1) + mfcr %r0 + stw %r0,STACK_CR(%r1) + std %r4,STACK_GPR4(%r1) /* Save ret buffer */ + mr %r4,%r5 + mr %r5,%r6 + mr %r6,%r7 + mr %r7,%r8 + mr %r8,%r9 + mr %r9,%r10 + sc 2 /* invoke the ultravisor */ + ld %r12,STACK_GPR4(%r1) + std %r4, 0(%r12) + std %r5, 8(%r12) + std %r6, 16(%r12) + std %r7, 24(%r12) + lwz %r0,STACK_CR(%r1) + mtcrf 0xff,%r0 + ld %r0,STACK_LR(%r1) + mtlr %r0 + addi %r1,%r1,STACK_FRAMESIZE + blr /* return r3 = status */ diff --git a/include/ultravisor.h b/include/ultravisor.h index b49121ce..67be743f 100644 --- a/include/ultravisor.h +++ b/include/ultravisor.h @@ -23,5 +23,6 @@ extern void uv_preload_image(void); extern void uv_decompress_image(void); extern void init_uv(void); extern int start_ultravisor(void); +extern long ucall(unsigned long opcode, unsigned long *retbuf, ...); #endif /* __ULTRAVISOR_H */ From patchwork Fri Sep 20 13:58:20 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ryan Grimm X-Patchwork-Id: 1165216 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 46Zb4Q6jHKz9sNf for ; Sat, 21 Sep 2019 00:01:58 +1000 (AEST) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=linux.ibm.com Received: from bilbo.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 46Zb4Q3bLGzF16M for ; Sat, 21 Sep 2019 00:01:58 +1000 (AEST) X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=linux.ibm.com (client-ip=148.163.158.5; helo=mx0a-001b2d01.pphosted.com; envelope-from=grimm@linux.ibm.com; receiver=) Authentication-Results: lists.ozlabs.org; dmarc=none (p=none dis=none) header.from=linux.ibm.com Received: from mx0a-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 46Zb2T0HbwzDqmh for ; Sat, 21 Sep 2019 00:00:16 +1000 (AEST) Received: from pps.filterd (m0098416.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x8KDqXdD139931; Fri, 20 Sep 2019 10:00:11 -0400 Received: from ppma01dal.us.ibm.com (83.d6.3fa9.ip4.static.sl-reverse.com [169.63.214.131]) by mx0b-001b2d01.pphosted.com with ESMTP id 2v4wjtet60-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 20 Sep 2019 10:00:11 -0400 Received: from pps.filterd (ppma01dal.us.ibm.com [127.0.0.1]) by ppma01dal.us.ibm.com (8.16.0.27/8.16.0.27) with SMTP id x8KDpJMv009677; Fri, 20 Sep 2019 14:00:09 GMT Received: from b03cxnp08026.gho.boulder.ibm.com (b03cxnp08026.gho.boulder.ibm.com [9.17.130.18]) by ppma01dal.us.ibm.com with ESMTP id 2v3vbu9xgm-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 20 Sep 2019 14:00:09 +0000 Received: from b03ledav002.gho.boulder.ibm.com (b03ledav002.gho.boulder.ibm.com [9.17.130.233]) by b03cxnp08026.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id x8KE06I612255618 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 20 Sep 2019 14:00:06 GMT Received: from b03ledav002.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 18757136066; Fri, 20 Sep 2019 14:00:06 +0000 (GMT) Received: from b03ledav002.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id EFC8A13606A; Fri, 20 Sep 2019 14:00:04 +0000 (GMT) Received: from alain.ibm.com (unknown [9.85.201.128]) by b03ledav002.gho.boulder.ibm.com (Postfix) with ESMTP; Fri, 20 Sep 2019 14:00:04 +0000 (GMT) From: Ryan Grimm To: skiboot@lists.ozlabs.org Date: Fri, 20 Sep 2019 09:58:20 -0400 Message-Id: <20190920135823.471-6-grimm@linux.ibm.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190920135823.471-1-grimm@linux.ibm.com> References: <20190920135823.471-1-grimm@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-09-20_05:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=1 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=965 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1908290000 definitions=main-1909200135 Subject: [Skiboot] [RFC PATCH v2 5/8] xscoms: read/write xscoms using ucall X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: janani@us.ibm.com, suka@us.ibm.com Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" From: Madhavan Srinivasan xscom registers are in the secure memory area when secure mode is enabled. These registers cannot be accessed directly and need to use ultravisor services using ultracall. Signed-off-by: Madhavan Srinivasan Signed-off-by: Santosh Sivaraj [ linuxram: Set uv_present just after starting UV ] Signed-off-by: Ram Pai --- hw/ultravisor.c | 8 ++++++++ include/ultravisor.h | 28 ++++++++++++++++++++++++++++ include/xscom.h | 11 +++++++++-- 3 files changed, 45 insertions(+), 2 deletions(-) diff --git a/hw/ultravisor.c b/hw/ultravisor.c index c9e837ac..63629de2 100644 --- a/hw/ultravisor.c +++ b/hw/ultravisor.c @@ -16,6 +16,7 @@ #include #include +bool uv_present = false; static char *uv_image = NULL; static size_t uv_image_size; struct xz_decompress *uv_xz = NULL; @@ -163,6 +164,7 @@ static void cpu_start_ultravisor(void *data) int start_ultravisor(void) { + struct proc_chip *chip = get_chip(this_cpu()->chip_id); struct cpu_thread *cpu; struct cpu_job **jobs; int i=0; @@ -182,6 +184,12 @@ int start_ultravisor(void) cpu_start_ultravisor((void *)uv_opal); + /* + * From now on XSCOM must go through Ultravisor via ucall, indicate that + */ + if (chip->xscom_base & UV_ACCESS_BIT) + uv_present = true; + /* wait for everyone to sync back */ while (i > 0) { cpu_wait_job(jobs[--i], true); diff --git a/include/ultravisor.h b/include/ultravisor.h index 67be743f..7e403c8c 100644 --- a/include/ultravisor.h +++ b/include/ultravisor.h @@ -10,6 +10,9 @@ * for the secure virtual machines */ #define UV_SECURE_MEM_BIT (PPC_BIT(15)) #define MAX_COMPRESSED_UV_IMAGE_SIZE 0x40000 /* 256 Kilobytes */ +#define UV_READ_SCOM 0xF114 +#define UV_WRITE_SCOM 0xF118 +#define UCALL_BUFSIZE 4 #define UV_ACCESS_BIT 0x1ULL << 48 /* Address at which the Ultravisor is loaded for BML and Mambo */ #define UV_LOAD_BASE 0xC0000000 @@ -17,6 +20,9 @@ #define UV_FDT_MAX_SIZE 0x100000 #define UV_HB_RESERVE_SIZE 0x4000000; +extern bool uv_present; +#define is_uv_present() uv_present + extern int start_uv(uint64_t entry, struct uv_opal *uv_opal); extern bool uv_add_mem_range(__be64 start, __be64 end); extern void uv_preload_image(void); @@ -25,4 +31,26 @@ extern void init_uv(void); extern int start_ultravisor(void); extern long ucall(unsigned long opcode, unsigned long *retbuf, ...); +static inline bool can_access_xscom(void) +{ + return (is_msr_bit_set(MSR_S) || !is_uv_present()); +} + +static inline int uv_xscom_read(u64 partid, u64 pcb_addr, u64 *val) +{ + long rc; + unsigned long retbuf[UCALL_BUFSIZE]; + + rc = ucall(UV_READ_SCOM, retbuf, partid, pcb_addr); + *val = retbuf[0]; + return rc; +} + +static inline int uv_xscom_write(u64 partid, u64 pcb_addr, u64 val) +{ + unsigned long retbuf[UCALL_BUFSIZE]; + + return ucall(UV_WRITE_SCOM, retbuf, partid, pcb_addr, val); +} + #endif /* __ULTRAVISOR_H */ diff --git a/include/xscom.h b/include/xscom.h index 1f89ba9b..595161c5 100644 --- a/include/xscom.h +++ b/include/xscom.h @@ -7,6 +7,7 @@ #include #include #include +#include /* * SCOM "partID" definitions: @@ -215,10 +216,16 @@ extern void _xscom_unlock(void); /* Targeted SCOM access */ static inline int xscom_read(uint32_t partid, uint64_t pcb_addr, uint64_t *val) { - return _xscom_read(partid, pcb_addr, val, true); + if (can_access_xscom()) + return _xscom_read(partid, pcb_addr, val, true); + + return uv_xscom_read(partid, pcb_addr, val); } static inline int xscom_write(uint32_t partid, uint64_t pcb_addr, uint64_t val) { - return _xscom_write(partid, pcb_addr, val, true); + if (can_access_xscom()) + return _xscom_write(partid, pcb_addr, val, true); + + return uv_xscom_write(partid, pcb_addr, val); } extern int xscom_write_mask(uint32_t partid, uint64_t pcb_addr, uint64_t val, uint64_t mask); From patchwork Fri Sep 20 13:58:21 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ryan Grimm X-Patchwork-Id: 1165217 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 46Zb5P65rkz9sCJ for ; Sat, 21 Sep 2019 00:02:49 +1000 (AEST) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=linux.ibm.com Received: from bilbo.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 46Zb5P40m8zF1RW for ; Sat, 21 Sep 2019 00:02:49 +1000 (AEST) X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=linux.ibm.com (client-ip=148.163.156.1; helo=mx0a-001b2d01.pphosted.com; envelope-from=grimm@linux.ibm.com; receiver=) Authentication-Results: lists.ozlabs.org; dmarc=none (p=none dis=none) header.from=linux.ibm.com Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 46Zb2c58JvzDqXS for ; Sat, 21 Sep 2019 00:00:24 +1000 (AEST) Received: from pps.filterd (m0098394.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x8KDr9cN007829 for ; Fri, 20 Sep 2019 10:00:23 -0400 Received: from ppma01dal.us.ibm.com (83.d6.3fa9.ip4.static.sl-reverse.com [169.63.214.131]) by mx0a-001b2d01.pphosted.com with ESMTP id 2v4yrs8yuq-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 20 Sep 2019 10:00:22 -0400 Received: from pps.filterd (ppma01dal.us.ibm.com [127.0.0.1]) by ppma01dal.us.ibm.com (8.16.0.27/8.16.0.27) with SMTP id x8KDpJNR009677 for ; Fri, 20 Sep 2019 14:00:21 GMT Received: from b03cxnp08025.gho.boulder.ibm.com (b03cxnp08025.gho.boulder.ibm.com [9.17.130.17]) by ppma01dal.us.ibm.com with ESMTP id 2v3vbu9xna-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 20 Sep 2019 14:00:21 +0000 Received: from b03ledav002.gho.boulder.ibm.com (b03ledav002.gho.boulder.ibm.com [9.17.130.233]) by b03cxnp08025.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id x8KE0GS933751470 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 20 Sep 2019 14:00:16 GMT Received: from b03ledav002.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 8948E136055; Fri, 20 Sep 2019 14:00:16 +0000 (GMT) Received: from b03ledav002.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 8FAD2136071; Fri, 20 Sep 2019 14:00:15 +0000 (GMT) Received: from alain.ibm.com (unknown [9.85.201.128]) by b03ledav002.gho.boulder.ibm.com (Postfix) with ESMTP; Fri, 20 Sep 2019 14:00:15 +0000 (GMT) From: Ryan Grimm To: skiboot@lists.ozlabs.org Date: Fri, 20 Sep 2019 09:58:21 -0400 Message-Id: <20190920135823.471-7-grimm@linux.ibm.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190920135823.471-1-grimm@linux.ibm.com> References: <20190920135823.471-1-grimm@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-09-20_05:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=13 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=923 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1908290000 definitions=main-1909200135 Subject: [Skiboot] [RFC PATCH v2 6/8] skiboot/imc: Disable IMC node when UV enabled X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: janani@us.ibm.com, suka@us.ibm.com Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" From: Madhavan Srinivasan Remove the IMC nodes when the ultravisor is enabled, since both HOMER and IMC scoms are not accessable in hypervisor state. Signed-off-by: Madhavan Srinivasan --- hw/imc.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/hw/imc.c b/hw/imc.c index 46b93001..737ea843 100644 --- a/hw/imc.c +++ b/hw/imc.c @@ -603,6 +603,17 @@ imc_mambo: if (pause_microcode_at_boot()) goto err; + /* + * If MSR(S) bit is set, disable IMC nodes. + * IMC nodes need access to specific scom and HOMER region + * which are not accessible from hypervisor. + * + * At this point is_uv_present() cant be used since uv_init() + * is called much later. Hencing checking for the MSR bit here. + */ + if (is_msr_bit_set(MSR_S)) + goto err; + /* * If the dt_attach_root() fails, "imc-counters" node will not be * seen in the device-tree and hence OS should not make any From patchwork Fri Sep 20 13:58:22 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ryan Grimm X-Patchwork-Id: 1165218 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [203.11.71.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 46Zb6N4Zygz9s7T for ; Sat, 21 Sep 2019 00:03:40 +1000 (AEST) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=linux.ibm.com Received: from bilbo.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 46Zb6M6HSVzDrfJ for ; Sat, 21 Sep 2019 00:03:39 +1000 (AEST) X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=linux.ibm.com (client-ip=148.163.156.1; helo=mx0a-001b2d01.pphosted.com; envelope-from=grimm@linux.ibm.com; receiver=) Authentication-Results: lists.ozlabs.org; dmarc=none (p=none dis=none) header.from=linux.ibm.com Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 46Zb332DC2zDqWS for ; Sat, 21 Sep 2019 00:00:47 +1000 (AEST) Received: from pps.filterd (m0098396.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x8KDqRgp045784 for ; Fri, 20 Sep 2019 10:00:44 -0400 Received: from ppma03dal.us.ibm.com (b.bd.3ea9.ip4.static.sl-reverse.com [169.62.189.11]) by mx0a-001b2d01.pphosted.com with ESMTP id 2v4wjd6fqb-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 20 Sep 2019 10:00:43 -0400 Received: from pps.filterd (ppma03dal.us.ibm.com [127.0.0.1]) by ppma03dal.us.ibm.com (8.16.0.27/8.16.0.27) with SMTP id x8KDpJ1p021334 for ; Fri, 20 Sep 2019 14:00:42 GMT Received: from b03cxnp07029.gho.boulder.ibm.com (b03cxnp07029.gho.boulder.ibm.com [9.17.130.16]) by ppma03dal.us.ibm.com with ESMTP id 2v3vbuswwn-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 20 Sep 2019 14:00:42 +0000 Received: from b03ledav002.gho.boulder.ibm.com (b03ledav002.gho.boulder.ibm.com [9.17.130.233]) by b03cxnp07029.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id x8KE0dpg53870894 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 20 Sep 2019 14:00:39 GMT Received: from b03ledav002.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id B992213605D; Fri, 20 Sep 2019 14:00:39 +0000 (GMT) Received: from b03ledav002.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 803AF136067; Fri, 20 Sep 2019 14:00:38 +0000 (GMT) Received: from alain.ibm.com (unknown [9.85.201.128]) by b03ledav002.gho.boulder.ibm.com (Postfix) with ESMTP; Fri, 20 Sep 2019 14:00:38 +0000 (GMT) From: Ryan Grimm To: skiboot@lists.ozlabs.org Date: Fri, 20 Sep 2019 09:58:22 -0400 Message-Id: <20190920135823.471-8-grimm@linux.ibm.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190920135823.471-1-grimm@linux.ibm.com> References: <20190920135823.471-1-grimm@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-09-20_05:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=1 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=842 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1908290000 definitions=main-1909200135 Subject: [Skiboot] [RFC PATCH v2 7/8] occ: Disable OCC on UV systems X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: janani@us.ibm.com, "Gautham R . Shenoy" , suka@us.ibm.com, Ryan Grimm Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" On Ultravisor enabled system, temporarily disable OCC irq paths for shared memory updates when OCC is up, so as to boot the system. We also disable the OPAL-OCC command response interface which is required for Sensors. This will be enabled at a later point when we can read the OCC Common area residing in secure memory region. Disable stop levels if they are enabled in the SPIRA. Skip pstates_init and occ_sensor_init as well. Signed-off-by: Shilpasri G Bhat Signed-off-by: Gautham R. Shenoy Signed-off-by: Ryan Grimm --- hdata/spira.c | 4 ++++ hw/occ-sensor.c | 6 ++++++ hw/occ.c | 25 ++++++++++++++++++++++++- 3 files changed, 34 insertions(+), 1 deletion(-) diff --git a/hdata/spira.c b/hdata/spira.c index f6003ea0..5c65b139 100644 --- a/hdata/spira.c +++ b/hdata/spira.c @@ -1281,6 +1281,10 @@ static void add_stop_levels(void) if (proc_gen < proc_gen_p9) return; + if (is_msr_bit_set(MSR_S)) { + prlog(PR_INFO, "SPIRA: Skipping stop levels because S BIT set\n"); + } + /* * OPAL only exports a single set of flags to indicate the supported * STOP modes while the HDAT descibes the support top levels *per chip* diff --git a/hw/occ-sensor.c b/hw/occ-sensor.c index d06ca725..a0f47610 100644 --- a/hw/occ-sensor.c +++ b/hw/occ-sensor.c @@ -12,6 +12,7 @@ #include #include #include +#include enum sensor_attr { SENSOR_SAMPLE, @@ -492,6 +493,11 @@ bool occ_sensors_init(void) int occ_num = 0, i; bool has_gpu = false; + if (is_uv_present()) { + prlog(PR_DEBUG, "UV HACK: Skipping %s because MSR_S set\n", __func__); + return false; + } + /* OCC inband sensors is only supported in P9 */ if (proc_gen != proc_gen_p9) return false; diff --git a/hw/occ.c b/hw/occ.c index db2744ff..35582c89 100644 --- a/hw/occ.c +++ b/hw/occ.c @@ -872,6 +872,11 @@ static void occ_throttle_poll(void *data __unused) struct opal_occ_msg occ_msg; int rc; + if (is_uv_present()) { + prlog(PR_DEBUG, "OCC: %s currently unsupported on ultravisor\n", __func__); + return; + } + if (!try_lock(&occ_lock)) return; if (occ_reset) { @@ -1185,6 +1190,11 @@ static void handle_occ_rsp(uint32_t chip_id) struct opal_command_buffer *cmd; struct occ_response_buffer *rsp; + if (is_uv_present()) { + prlog(PR_DEBUG, "OCC: %s currently unsupported on ultravisor\n", __func__); + return; + } + chip = get_chip_cmd_interface(chip_id); if (!chip) return; @@ -1719,6 +1729,11 @@ void occ_pstates_init(void) u8 domain_runs_at; static bool occ_pstates_initialized; + if (is_msr_bit_set(MSR_S)) { + prlog(PR_DEBUG, "UV HACK: Skipping %s because UV is present\n", __func__); + return; + } + /* OCC is supported in P8 and P9 */ if (proc_gen < proc_gen_p8) return; @@ -1810,9 +1825,17 @@ void occ_pstates_init(void) /* Add opal_poller to poll OCC throttle status of each chip */ for_each_chip(chip) chip->throttle = 0; - opal_add_poller(occ_throttle_poll, NULL); occ_pstates_initialized = true; + /* + * On Ultravisor systems, we don't yet support + * OCC Poller and OPAL-OCC command-response interface. + */ + if (is_uv_present()) { + prlog(PR_DEBUG, "OCC: Skipping throttle-poll,CMD-RSP interface on UV\n"); + return; + } + opal_add_poller(occ_throttle_poll, NULL); /* Init OPAL-OCC command-response interface */ occ_cmd_interface_init(); From patchwork Fri Sep 20 13:58:23 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ryan Grimm X-Patchwork-Id: 1165219 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [203.11.71.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 46Zb7M1gFMz9sPP for ; Sat, 21 Sep 2019 00:04:31 +1000 (AEST) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=linux.ibm.com Received: from bilbo.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 46Zb7L6X7DzF1Cl for ; Sat, 21 Sep 2019 00:04:30 +1000 (AEST) X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=linux.ibm.com (client-ip=148.163.158.5; helo=mx0a-001b2d01.pphosted.com; envelope-from=grimm@linux.ibm.com; receiver=) Authentication-Results: lists.ozlabs.org; dmarc=none (p=none dis=none) header.from=linux.ibm.com Received: from mx0a-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 46Zb391bFxzDrN0 for ; Sat, 21 Sep 2019 00:00:52 +1000 (AEST) Received: from pps.filterd (m0098417.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x8KDqQrd033133 for ; Fri, 20 Sep 2019 10:00:50 -0400 Received: from ppma05wdc.us.ibm.com (1b.90.2fa9.ip4.static.sl-reverse.com [169.47.144.27]) by mx0a-001b2d01.pphosted.com with ESMTP id 2v4ybetcnd-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 20 Sep 2019 10:00:49 -0400 Received: from pps.filterd (ppma05wdc.us.ibm.com [127.0.0.1]) by ppma05wdc.us.ibm.com (8.16.0.27/8.16.0.27) with SMTP id x8KDpLek005617 for ; Fri, 20 Sep 2019 14:00:49 GMT Received: from b03cxnp08028.gho.boulder.ibm.com (b03cxnp08028.gho.boulder.ibm.com [9.17.130.20]) by ppma05wdc.us.ibm.com with ESMTP id 2v3vbu6b46-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 20 Sep 2019 14:00:49 +0000 Received: from b03ledav002.gho.boulder.ibm.com (b03ledav002.gho.boulder.ibm.com [9.17.130.233]) by b03cxnp08028.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id x8KE0iZD61866416 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 20 Sep 2019 14:00:44 GMT Received: from b03ledav002.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id BB2FE136060; Fri, 20 Sep 2019 14:00:44 +0000 (GMT) Received: from b03ledav002.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id D4C29136055; Fri, 20 Sep 2019 14:00:43 +0000 (GMT) Received: from alain.ibm.com (unknown [9.85.201.128]) by b03ledav002.gho.boulder.ibm.com (Postfix) with ESMTP; Fri, 20 Sep 2019 14:00:43 +0000 (GMT) From: Ryan Grimm To: skiboot@lists.ozlabs.org Date: Fri, 20 Sep 2019 09:58:23 -0400 Message-Id: <20190920135823.471-9-grimm@linux.ibm.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190920135823.471-1-grimm@linux.ibm.com> References: <20190920135823.471-1-grimm@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-09-20_05:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=1 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=951 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1908290000 definitions=main-1909200135 Subject: [Skiboot] [RFC PATCH v2 8/8] libstb/trustedboot: Map UV image measurement to PCR6 X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: janani@us.ibm.com, suka@us.ibm.com Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" From: Claudio Carvalho This maps the ultravisor image to be measured to PCR6. The image is automatically verified and measured hen it is loaded from PNOR. Signed-off-by: Claudio Carvalho --- libstb/trustedboot.c | 1 + 1 file changed, 1 insertion(+) diff --git a/libstb/trustedboot.c b/libstb/trustedboot.c index 3f977de1..23b671b1 100644 --- a/libstb/trustedboot.c +++ b/libstb/trustedboot.c @@ -45,6 +45,7 @@ static struct { { RESOURCE_ID_KERNEL, PCR_4}, { RESOURCE_ID_CAPP, PCR_4}, { RESOURCE_ID_VERSION, PCR_4}, /* Also data for Hostboot */ + { RESOURCE_ID_UV_IMAGE, PCR_6}, }; /*