* Re: [PATCH 2/2] powerpc: expose secure variables via sysfs
From: Greg Kroah-Hartman @ 2019-06-14 6:34 UTC (permalink / raw)
To: Nayna Jain
Cc: linux-efi, Ard Biesheuvel, Eric Ricther, linux-kernel, Mimi Zohar,
Claudio Carvalho, Matthew Garret, linuxppc-dev, Paul Mackerras,
Jeremy Kerr, Elaine Palmer, linux-integrity, George Wilson
In-Reply-To: <1560459027-5248-3-git-send-email-nayna@linux.ibm.com>
On Thu, Jun 13, 2019 at 04:50:27PM -0400, Nayna Jain wrote:
> As part of PowerNV secure boot support, OS verification keys are stored
> and controlled by OPAL as secure variables. These need to be exposed to
> the userspace so that sysadmins can perform key management tasks.
>
> This patch adds the support to expose secure variables via a sysfs
> interface It reuses the the existing efi defined hooks and backend in
> order to maintain the compatibility with the userspace tools.
>
> Though it reuses a great deal of efi, POWER platforms do not use EFI.
> A new config, POWER_SECVAR_SYSFS, is defined to enable this new sysfs
> interface.
>
> Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
> ---
> arch/powerpc/Kconfig | 2 +
> drivers/firmware/Makefile | 1 +
> drivers/firmware/efi/efivars.c | 2 +-
> drivers/firmware/powerpc/Kconfig | 12 +
> drivers/firmware/powerpc/Makefile | 3 +
> drivers/firmware/powerpc/efi_error.c | 46 ++++
> drivers/firmware/powerpc/secvar.c | 326 +++++++++++++++++++++++++++
> 7 files changed, 391 insertions(+), 1 deletion(-)
> create mode 100644 drivers/firmware/powerpc/Kconfig
> create mode 100644 drivers/firmware/powerpc/Makefile
> create mode 100644 drivers/firmware/powerpc/efi_error.c
> create mode 100644 drivers/firmware/powerpc/secvar.c
If you add/remove/modify sysfs files, you also need to update the
relevant Documentation/ABI/ entry as well. Please add something there
to describe your new files when you resend the next version of this
patch series.
> diff --git a/drivers/firmware/powerpc/Kconfig b/drivers/firmware/powerpc/Kconfig
> new file mode 100644
> index 000000000000..e0303fc517d5
> --- /dev/null
> +++ b/drivers/firmware/powerpc/Kconfig
> @@ -0,0 +1,12 @@
> +config POWER_SECVAR_SYSFS
> + tristate "Enable sysfs interface for POWER secure variables"
> + default n
default is always n, no need to list it.
> --- /dev/null
> +++ b/drivers/firmware/powerpc/efi_error.c
> @@ -0,0 +1,46 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/*
> + * Copyright (C) 2019 IBM Corporation
> + * Author: Nayna Jain <nayna@linux.ibm.com>
> + *
> + * efi_error.c
> + * - Error codes as understood by efi based tools
> + * Taken from drivers/firmware/efi/efi.c
Why not just export the symbol from the original file instead of
duplicating it here?
> +static int convert_buffer_to_efi_guid(u8 *buffer, efi_guid_t *guid)
> +{
> + u32 *a1;
> + u16 *a2;
> + u16 *a3;
> +
> + a1 = kzalloc(4, GFP_KERNEL);
No error checking in this function for memory issues at all?
> + memcpy(a1, buffer, 4);
> + *a1 = be32_to_cpu(*a1);
> +
> + a2 = kzalloc(2, GFP_KERNEL);
> + memcpy(a2, buffer+4, 2);
> + *a2 = be16_to_cpu(*a2);
> +
> + a3 = kzalloc(2, GFP_KERNEL);
> + memcpy(a3, buffer+6, 2);
> + *a3 = be16_to_cpu(*a3);
> +
> + *guid = EFI_GUID(*a1, *a2, *a3, *(buffer + 8),
> + *(buffer + 9),
> + *(buffer + 10),
> + *(buffer + 11),
> + *(buffer + 12),
> + *(buffer + 13),
> + *(buffer + 14),
> + *(buffer + 15));
> +
> + kfree(a1);
> + kfree(a2);
> + kfree(a3);
> + return 0;
> +}
> +static efi_status_t powerpc_get_next_variable(unsigned long *name_size,
> + efi_char16_t *name,
> + efi_guid_t *vendor)
> +{
> + int rc;
> + u8 *key;
> + int namesize;
> + unsigned long keylen;
> + unsigned long keysize = 1024;
> + unsigned long *mdsize;
> + u8 *mdata = NULL;
> + efi_guid_t guid;
> +
> + if (ucs2_strnlen(name, 1024) > 0) {
> + createkey(name, &key, &keylen);
> + } else {
> + keylen = 0;
> + key = kzalloc(1024, GFP_KERNEL);
> + }
> +
> + pr_info("%s: powerpc get next variable, key is %s\n", __func__, key);
Don't put debugging info like this in the kernel log of everyone :(
> +
> + rc = opal_get_next_variable(key, &keylen, keysize);
> + if (rc) {
> + kfree(key);
> + return opal_to_efi_status(rc);
> + }
> +
> + mdsize = kzalloc(sizeof(unsigned long), GFP_KERNEL);
No error checking?
> + rc = opal_get_variable_size(key, keylen, mdsize, NULL);
> + if (rc)
> + goto out;
> +
> + if (*mdsize <= 0)
> + goto out;
> +
> + mdata = kzalloc(*mdsize, GFP_KERNEL);
> +
> + rc = opal_get_variable(key, keylen, mdata, mdsize, NULL, NULL);
> + if (rc)
> + goto out;
> +
> + if (*mdsize > 0) {
> + namesize = *mdsize - sizeof(efi_guid_t) - sizeof(u32);
> + if (namesize > 0) {
> + memset(&guid, 0, sizeof(efi_guid_t));
> + convert_buffer_to_efi_guid(mdata + namesize, &guid);
> + memcpy(vendor, &guid, sizeof(efi_guid_t));
> + memset(name, 0, namesize + 2);
> + memcpy(name, mdata, namesize);
> + *name_size = namesize + 2;
> + name[namesize++] = 0;
> + name[namesize] = 0;
> + }
> + }
> +
> +out:
> + kfree(mdsize);
> + kfree(mdata);
> +
> + return opal_to_efi_status(rc);
> +}
> +
> +static efi_status_t powerpc_set_variable(efi_char16_t *name, efi_guid_t *vendor,
> + u32 attr, unsigned long data_size,
> + void *data)
> +{
> + int rc;
> + u8 *key;
> + unsigned long keylen;
> + u8 *metadata;
> + unsigned long mdsize;
> +
> + if (!name)
> + return EFI_INVALID_PARAMETER;
> +
> + if (!vendor)
> + return EFI_INVALID_PARAMETER;
> +
> + createkey(name, &key, &keylen);
> + pr_info("%s: nayna key is %s\n", __func__, key);
Again, please remove all of your debugging code when resending.
> +
> + createmetadata(name, vendor, &attr, &metadata, &mdsize);
> +
> + rc = opal_set_variable(key, keylen, metadata, mdsize, data, data_size);
> +
> + return opal_to_efi_status(rc);
> +}
> +
> +
> +static const struct efivar_operations efivar_ops = {
> + .get_variable = powerpc_get_variable,
> + .set_variable = powerpc_set_variable,
> + .get_next_variable = powerpc_get_next_variable,
> +};
> +
> +
> +static __init int power_secvar_init(void)
> +{
> + int rc = 0;
> + unsigned long ver = 0;
> +
> + rc = opal_variable_version(&ver);
> + if (ver != BACKEND_TC_COMPAT_V1) {
> + pr_info("Compatible backend unsupported\n");
> + return -1;
Do not make up error numbers, use the defined values please.
thanks,
greg k-h
^ permalink raw reply
* Re: [PATCH 3/3] powerpc/pseries/mobility: rebuild cacheinfo hierarchy post-migration
From: Gautham R Shenoy @ 2019-06-14 5:56 UTC (permalink / raw)
To: Nathan Lynch; +Cc: linuxppc-dev
In-Reply-To: <20190612044506.16392-4-nathanl@linux.ibm.com>
On Wed, Jun 12, 2019 at 10:17 AM Nathan Lynch <nathanl@linux.ibm.com> wrote:
>
> It's common for the platform to replace the cache device nodes after a
> migration. Since the cacheinfo code is never informed about this, it
> never drops its references to the source system's cache nodes, causing
> it to wind up in an inconsistent state resulting in warnings and oopses
> as soon as CPU online/offline occurs after the migration, e.g.
>
> cache for /cpus/l3-cache@3113(Unified) refers to cache for /cpus/l2-cache@200d(Unified)
> WARNING: CPU: 15 PID: 86 at arch/powerpc/kernel/cacheinfo.c:176 release_cache+0x1bc/0x1d0
> [...]
> NIP [c00000000002d9bc] release_cache+0x1bc/0x1d0
> LR [c00000000002d9b8] release_cache+0x1b8/0x1d0
> Call Trace:
> [c0000001fc99fa70] [c00000000002d9b8] release_cache+0x1b8/0x1d0 (unreliable)
> [c0000001fc99fb10] [c00000000002ebf4] cacheinfo_cpu_offline+0x1c4/0x2c0
> [c0000001fc99fbe0] [c00000000002ae58] unregister_cpu_online+0x1b8/0x260
> [c0000001fc99fc40] [c000000000165a64] cpuhp_invoke_callback+0x114/0xf40
> [c0000001fc99fcd0] [c000000000167450] cpuhp_thread_fun+0x270/0x310
> [c0000001fc99fd40] [c0000000001a8bb8] smpboot_thread_fn+0x2c8/0x390
> [c0000001fc99fdb0] [c0000000001a1cd8] kthread+0x1b8/0x1c0
> [c0000001fc99fe20] [c00000000000c2d4] ret_from_kernel_thread+0x5c/0x68
>
> Using device tree notifiers won't work since we want to rebuild the
> hierarchy only after all the removals and additions have occurred and
> the device tree is in a consistent state. Call cacheinfo_teardown()
> before processing device tree updates, and rebuild the hierarchy
> afterward.
>
> Fixes: 410bccf97881 ("powerpc/pseries: Partition migration in the kernel")
> Signed-off-by: Nathan Lynch <nathanl@linux.ibm.com>
Reviewed-by: Gautham R. Shenoy <ego@linux.vnet.ibm.com>
> ---
> arch/powerpc/platforms/pseries/mobility.c | 10 ++++++++++
> 1 file changed, 10 insertions(+)
>
> diff --git a/arch/powerpc/platforms/pseries/mobility.c b/arch/powerpc/platforms/pseries/mobility.c
> index edc1ec408589..b8c8096907d4 100644
> --- a/arch/powerpc/platforms/pseries/mobility.c
> +++ b/arch/powerpc/platforms/pseries/mobility.c
> @@ -23,6 +23,7 @@
> #include <asm/machdep.h>
> #include <asm/rtas.h>
> #include "pseries.h"
> +#include "../../kernel/cacheinfo.h"
>
> static struct kobject *mobility_kobj;
>
> @@ -345,11 +346,20 @@ void post_mobility_fixup(void)
> */
> cpus_read_lock();
>
> + /*
> + * It's common for the destination firmware to replace cache
> + * nodes. Release all of the cacheinfo hierarchy's references
> + * before updating the device tree.
> + */
> + cacheinfo_teardown();
> +
> rc = pseries_devicetree_update(MIGRATION_SCOPE);
> if (rc)
> printk(KERN_ERR "Post-mobility device tree update "
> "failed: %d\n", rc);
>
> + cacheinfo_rebuild();
> +
> cpus_read_unlock();
>
> /* Possibly switch to a new RFI flush type */
> --
> 2.20.1
>
--
Thanks and Regards
gautham.
^ permalink raw reply
* Re: [PATCH 1/3] powerpc/cacheinfo: add cacheinfo_teardown, cacheinfo_rebuild
From: Gautham R Shenoy @ 2019-06-14 5:55 UTC (permalink / raw)
To: Nathan Lynch, ego; +Cc: linuxppc-dev
In-Reply-To: <20190612044506.16392-2-nathanl@linux.ibm.com>
On Wed, Jun 12, 2019 at 10:15 AM Nathan Lynch <nathanl@linux.ibm.com> wrote:
>
> Allow external callers to force the cacheinfo code to release all its
> references to cache nodes, e.g. before processing device tree updates
> post-migration, and to rebuild the hierarchy afterward.
>
> CPU online/offline must be blocked by callers; enforce this.
>
> Fixes: 410bccf97881 ("powerpc/pseries: Partition migration in the kernel")
> Signed-off-by: Nathan Lynch <nathanl@linux.ibm.com>
Reviewed-by: Gautham R. Shenoy <ego@linux.vnet.ibm.com>
> ---
> arch/powerpc/kernel/cacheinfo.c | 21 +++++++++++++++++++++
> arch/powerpc/kernel/cacheinfo.h | 4 ++++
> 2 files changed, 25 insertions(+)
>
> diff --git a/arch/powerpc/kernel/cacheinfo.c b/arch/powerpc/kernel/cacheinfo.c
> index 862e2890bd3d..42c559efe060 100644
> --- a/arch/powerpc/kernel/cacheinfo.c
> +++ b/arch/powerpc/kernel/cacheinfo.c
> @@ -896,4 +896,25 @@ void cacheinfo_cpu_offline(unsigned int cpu_id)
> if (cache)
> cache_cpu_clear(cache, cpu_id);
> }
> +
> +void cacheinfo_teardown(void)
> +{
> + unsigned int cpu;
> +
> + lockdep_assert_cpus_held();
> +
> + for_each_online_cpu(cpu)
> + cacheinfo_cpu_offline(cpu);
> +}
> +
> +void cacheinfo_rebuild(void)
> +{
> + unsigned int cpu;
> +
> + lockdep_assert_cpus_held();
> +
> + for_each_online_cpu(cpu)
> + cacheinfo_cpu_online(cpu);
> +}
> +
> #endif /* (CONFIG_PPC_PSERIES && CONFIG_SUSPEND) || CONFIG_HOTPLUG_CPU */
> diff --git a/arch/powerpc/kernel/cacheinfo.h b/arch/powerpc/kernel/cacheinfo.h
> index 955f5e999f1b..52bd3fc6642d 100644
> --- a/arch/powerpc/kernel/cacheinfo.h
> +++ b/arch/powerpc/kernel/cacheinfo.h
> @@ -6,4 +6,8 @@
> extern void cacheinfo_cpu_online(unsigned int cpu_id);
> extern void cacheinfo_cpu_offline(unsigned int cpu_id);
>
> +/* Allow migration/suspend to tear down and rebuild the hierarchy. */
> +extern void cacheinfo_teardown(void);
> +extern void cacheinfo_rebuild(void);
> +
> #endif /* _PPC_CACHEINFO_H */
> --
> 2.20.1
>
--
Thanks and Regards
gautham.
^ permalink raw reply
* [PATCH v2] powerpc/mm: Implement STRICT_MODULE_RWX
From: Russell Currey @ 2019-06-14 5:50 UTC (permalink / raw)
To: linuxppc-dev; +Cc: Russell Currey, kernel-hardening
Strict module RWX is just like strict kernel RWX, but for modules - so
loadable modules aren't marked both writable and executable at the same
time. This is handled by the generic code in kernel/module.c, and
simply requires the architecture to implement the set_memory() set of
functions, declared with ARCH_HAS_SET_MEMORY.
There's nothing other than these functions required to turn
ARCH_HAS_STRICT_MODULE_RWX on, so turn that on too.
With STRICT_MODULE_RWX enabled, there are as many W+X pages at runtime
as there are with CONFIG_MODULES=n (none), so in Russel's testing it works
well on both Hash and Radix book3s64.
There's a TODO in the code for also applying the page permission changes
to the backing pages in the linear mapping: this is pretty simple for
Radix and (seemingly) a lot harder for Hash, so I've left it for now
since there's still a notable security benefit for the patch as-is.
Technically can be enabled without STRICT_KERNEL_RWX, but
that doesn't gets you a whole lot, so we should leave it off by default
until we can get STRICT_KERNEL_RWX to the point where it's enabled by
default.
Signed-off-by: Russell Currey <ruscur@russell.cc>
Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
---
Changes from v1 (sent by Christophe):
- return if VM_FLUSH_RESET_PERMS is set
arch/powerpc/Kconfig | 2 +
arch/powerpc/include/asm/set_memory.h | 32 ++++++++++
arch/powerpc/mm/Makefile | 2 +-
arch/powerpc/mm/pageattr.c | 85 +++++++++++++++++++++++++++
4 files changed, 120 insertions(+), 1 deletion(-)
create mode 100644 arch/powerpc/include/asm/set_memory.h
create mode 100644 arch/powerpc/mm/pageattr.c
diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig
index 8c1c636308c8..3d98240ce965 100644
--- a/arch/powerpc/Kconfig
+++ b/arch/powerpc/Kconfig
@@ -131,7 +131,9 @@ config PPC
select ARCH_HAS_PTE_SPECIAL
select ARCH_HAS_MEMBARRIER_CALLBACKS
select ARCH_HAS_SCALED_CPUTIME if VIRT_CPU_ACCOUNTING_NATIVE && PPC64
+ select ARCH_HAS_SET_MEMORY
select ARCH_HAS_STRICT_KERNEL_RWX if ((PPC_BOOK3S_64 || PPC32) && !RELOCATABLE && !HIBERNATION)
+ select ARCH_HAS_STRICT_MODULE_RWX if PPC_BOOK3S_64 || PPC32
select ARCH_HAS_TICK_BROADCAST if GENERIC_CLOCKEVENTS_BROADCAST
select ARCH_HAS_UACCESS_FLUSHCACHE if PPC64
select ARCH_HAS_UBSAN_SANITIZE_ALL
diff --git a/arch/powerpc/include/asm/set_memory.h b/arch/powerpc/include/asm/set_memory.h
new file mode 100644
index 000000000000..4b9683f3b3dd
--- /dev/null
+++ b/arch/powerpc/include/asm/set_memory.h
@@ -0,0 +1,32 @@
+/* SPDX-License-Identifier: GPL-2.0+ */
+#ifndef _ASM_POWERPC_SET_MEMORY_H
+#define _ASM_POWERPC_SET_MEMORY_H
+
+#define SET_MEMORY_RO 1
+#define SET_MEMORY_RW 2
+#define SET_MEMORY_NX 3
+#define SET_MEMORY_X 4
+
+int change_memory(unsigned long addr, int numpages, int action);
+
+static inline int set_memory_ro(unsigned long addr, int numpages)
+{
+ return change_memory(addr, numpages, SET_MEMORY_RO);
+}
+
+static inline int set_memory_rw(unsigned long addr, int numpages)
+{
+ return change_memory(addr, numpages, SET_MEMORY_RW);
+}
+
+static inline int set_memory_nx(unsigned long addr, int numpages)
+{
+ return change_memory(addr, numpages, SET_MEMORY_NX);
+}
+
+static inline int set_memory_x(unsigned long addr, int numpages)
+{
+ return change_memory(addr, numpages, SET_MEMORY_X);
+}
+
+#endif
diff --git a/arch/powerpc/mm/Makefile b/arch/powerpc/mm/Makefile
index 0f499db315d6..b683d1c311b3 100644
--- a/arch/powerpc/mm/Makefile
+++ b/arch/powerpc/mm/Makefile
@@ -7,7 +7,7 @@ ccflags-$(CONFIG_PPC64) := $(NO_MINIMAL_TOC)
obj-y := fault.o mem.o pgtable.o mmap.o \
init_$(BITS).o pgtable_$(BITS).o \
- pgtable-frag.o \
+ pgtable-frag.o pageattr.o \
init-common.o mmu_context.o drmem.o
obj-$(CONFIG_PPC_MMU_NOHASH) += nohash/
obj-$(CONFIG_PPC_BOOK3S_32) += book3s32/
diff --git a/arch/powerpc/mm/pageattr.c b/arch/powerpc/mm/pageattr.c
new file mode 100644
index 000000000000..41baf92f632b
--- /dev/null
+++ b/arch/powerpc/mm/pageattr.c
@@ -0,0 +1,85 @@
+// SPDX-License-Identifier: GPL-2.0+
+
+/*
+ * Page attribute and set_memory routines
+ *
+ * Derived from the arm64 implementation.
+ *
+ * Author: Russell Currey <ruscur@russell.cc>
+ *
+ * Copyright 2019, IBM Corporation.
+ *
+ */
+
+#include <linux/mm.h>
+#include <linux/set_memory.h>
+#include <linux/vmalloc.h>
+
+#include <asm/mmu.h>
+#include <asm/page.h>
+#include <asm/pgtable.h>
+
+static int change_page_ro(pte_t *ptep, pgtable_t token, unsigned long addr, void *data)
+{
+ set_pte_at(&init_mm, addr, ptep, pte_wrprotect(READ_ONCE(*ptep)));
+ return 0;
+}
+
+static int change_page_rw(pte_t *ptep, pgtable_t token, unsigned long addr, void *data)
+{
+ set_pte_at(&init_mm, addr, ptep, pte_mkwrite(READ_ONCE(*ptep)));
+ return 0;
+}
+
+static int change_page_nx(pte_t *ptep, pgtable_t token, unsigned long addr, void *data)
+{
+ set_pte_at(&init_mm, addr, ptep, pte_exprotect(READ_ONCE(*ptep)));
+ return 0;
+}
+
+static int change_page_x(pte_t *ptep, pgtable_t token, unsigned long addr, void *data)
+{
+ set_pte_at(&init_mm, addr, ptep, pte_mkexec(READ_ONCE(*ptep)));
+ return 0;
+}
+
+int change_memory(unsigned long addr, int numpages, int action)
+{
+ unsigned long size = numpages * PAGE_SIZE;
+ unsigned long start = ALIGN_DOWN(addr, PAGE_SIZE);
+ unsigned long end = start + size;
+ struct vm_struct *area;
+ int ret;
+
+ if (!numpages)
+ return 0;
+
+ // only operate on VM areas for now
+ area = find_vm_area((void *)addr);
+ if (!area || end > (unsigned long)area->addr + area->size ||
+ !(area->flags & VM_ALLOC) || (area->flags & VM_FLUSH_RESET_PERMS))
+ return -EINVAL;
+
+ // TODO: also apply change to the backing pages in the linear mapping
+
+ switch (action) {
+ case SET_MEMORY_RO:
+ ret = apply_to_page_range(&init_mm, start, size, change_page_ro, NULL);
+ break;
+ case SET_MEMORY_RW:
+ ret = apply_to_page_range(&init_mm, start, size, change_page_rw, NULL);
+ break;
+ case SET_MEMORY_NX:
+ ret = apply_to_page_range(&init_mm, start, size, change_page_nx, NULL);
+ break;
+ case SET_MEMORY_X:
+ ret = apply_to_page_range(&init_mm, start, size, change_page_x, NULL);
+ break;
+ default:
+ WARN_ON(true);
+ return -EINVAL;
+ }
+
+ flush_tlb_kernel_range(start, end);
+ return ret;
+}
--
2.22.0
^ permalink raw reply related
* Re: [PATCH] mm: Generalize and rename notify_page_fault() as kprobe_page_fault()
From: Anshuman Khandual @ 2019-06-14 5:15 UTC (permalink / raw)
To: Andrew Morton
Cc: Mark Rutland, Michal Hocko, linux-ia64, linux-sh, Peter Zijlstra,
Catalin Marinas, Dave Hansen, Will Deacon, linux-mips, linux-mm,
Paul Mackerras, sparclinux, linux-s390, Yoshinori Sato, x86,
Russell King, Matthew Wilcox, Ingo Molnar, James Hogan,
linux-snps-arc, Fenghua Yu, Stephen Rothwell, Andrey Konovalov,
Andy Lutomirski, Thomas Gleixner, linux-arm-kernel, Tony Luck,
Heiko Carstens, Vineet Gupta, linux-kernel, Ralf Baechle,
Paul Burton, Martin Schwidefsky, linuxppc-dev, David S. Miller
In-Reply-To: <20190613130408.3091869d8e50d0524157523f@linux-foundation.org>
On 06/14/2019 01:34 AM, Andrew Morton wrote:
> On Thu, 13 Jun 2019 15:37:24 +0530 Anshuman Khandual <anshuman.khandual@arm.com> wrote:
>
>> Architectures which support kprobes have very similar boilerplate around
>> calling kprobe_fault_handler(). Use a helper function in kprobes.h to unify
>> them, based on the x86 code.
>>
>> This changes the behaviour for other architectures when preemption is
>> enabled. Previously, they would have disabled preemption while calling the
>> kprobe handler. However, preemption would be disabled if this fault was
>> due to a kprobe, so we know the fault was not due to a kprobe handler and
>> can simply return failure.
>>
>> This behaviour was introduced in the commit a980c0ef9f6d ("x86/kprobes:
>> Refactor kprobes_fault() like kprobe_exceptions_notify()")
>>
>> ...
>>
>> --- a/arch/arm/mm/fault.c
>> +++ b/arch/arm/mm/fault.c
>> @@ -30,28 +30,6 @@
>>
>> #ifdef CONFIG_MMU
>>
>> -#ifdef CONFIG_KPROBES
>> -static inline int notify_page_fault(struct pt_regs *regs, unsigned int fsr)
>
> Some architectures make this `static inline'. Others make it
> `nokprobes_inline', others make it `static inline __kprobes'. The
> latter seems weird - why try to put an inline function into
> .kprobes.text?
>
> So.. what's the best thing to do here? You chose `static
> nokprobe_inline' - is that the best approach, if so why? Does
> kprobe_page_fault() actually need to be inlined?
Matthew had suggested that (nokprobe_-inline) based on current x86
implementation. But every architecture already had an inlined definition
which I did not want to deviate from.
>
> Also, some architectures had notify_page_fault returning int, others
> bool. You chose bool and that seems appropriate and all callers are OK
> with that.
I would believe so. No one has complained yet :)
^ permalink raw reply
* Re: [PATCH kernel] powerpc/pci/of: Parse unassigned resources
From: Alexey Kardashevskiy @ 2019-06-14 3:18 UTC (permalink / raw)
To: linuxppc-dev
Cc: Sam Bobroff, Alistair Popple, kvm-ppc, Oliver O'Halloran,
David Gibson
In-Reply-To: <20190614025916.123589-1-aik@ozlabs.ru>
On 14/06/2019 12:59, Alexey Kardashevskiy wrote:
> The pseries platform uses the PCI_PROBE_DEVTREE method of PCI probing
> which is basically reading "assigned-addresses" of every PCI device.
> However if the property is missing or zero sized, then there is
> no fallback of any kind and the PCI resources remain undiscovered, i.e.
> pdev->resource[] array is empty.
>
> This adds a fallback which parses the "reg" property in pretty much same
> way except it marks resources as "unset" which later makes Linux assign
> those resources with proper addresses.
>
> Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
> ---
>
> This is an attempts to boot linux directly under QEMU without slof/rtas;
> the aim is to use petitboot instead and let the guest kernel configure
> devices.
>
> QEMU does not allocate resources, it creates correct "reg" and zero length
> "assigned-addresses" (which is probably a bug on its own) which is
> normally populated by SLOF later but not during this exercise.
>
> ---
> arch/powerpc/kernel/pci_of_scan.c | 10 ++++++++++
> 1 file changed, 10 insertions(+)
>
> diff --git a/arch/powerpc/kernel/pci_of_scan.c b/arch/powerpc/kernel/pci_of_scan.c
> index 64ad92016b63..cfe6ec3c6aaf 100644
> --- a/arch/powerpc/kernel/pci_of_scan.c
> +++ b/arch/powerpc/kernel/pci_of_scan.c
> @@ -82,10 +82,18 @@ static void of_pci_parse_addrs(struct device_node *node, struct pci_dev *dev)
> const __be32 *addrs;
> u32 i;
> int proplen;
> + bool unset = false;
>
> addrs = of_get_property(node, "assigned-addresses", &proplen);
> if (!addrs)
> return;
Ah. Of course, these 2 lines above should go, my bad. I'll repost if
there are no other (and bigger) problems with this.
> + if (!addrs || !proplen) {
> + addrs = of_get_property(node, "reg", &proplen);
> + if (!addrs || !proplen)
> + return;
> + unset = true;
> + }
> +
> pr_debug(" parse addresses (%d bytes) @ %p\n", proplen, addrs);
> for (; proplen >= 20; proplen -= 20, addrs += 5) {
> flags = pci_parse_of_flags(of_read_number(addrs, 1), 0);
> @@ -110,6 +118,8 @@ static void of_pci_parse_addrs(struct device_node *node, struct pci_dev *dev)
> continue;
> }
> res->flags = flags;
> + if (unset)
> + res->flags |= IORESOURCE_UNSET;
> res->name = pci_name(dev);
> region.start = base;
> region.end = base + size - 1;
>
--
Alexey
^ permalink raw reply
* [PATCH kernel] powerpc/pci/of: Parse unassigned resources
From: Alexey Kardashevskiy @ 2019-06-14 2:59 UTC (permalink / raw)
To: linuxppc-dev
Cc: Alexey Kardashevskiy, Alistair Popple, kvm-ppc, Sam Bobroff,
Oliver O'Halloran, David Gibson
The pseries platform uses the PCI_PROBE_DEVTREE method of PCI probing
which is basically reading "assigned-addresses" of every PCI device.
However if the property is missing or zero sized, then there is
no fallback of any kind and the PCI resources remain undiscovered, i.e.
pdev->resource[] array is empty.
This adds a fallback which parses the "reg" property in pretty much same
way except it marks resources as "unset" which later makes Linux assign
those resources with proper addresses.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
---
This is an attempts to boot linux directly under QEMU without slof/rtas;
the aim is to use petitboot instead and let the guest kernel configure
devices.
QEMU does not allocate resources, it creates correct "reg" and zero length
"assigned-addresses" (which is probably a bug on its own) which is
normally populated by SLOF later but not during this exercise.
---
arch/powerpc/kernel/pci_of_scan.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/arch/powerpc/kernel/pci_of_scan.c b/arch/powerpc/kernel/pci_of_scan.c
index 64ad92016b63..cfe6ec3c6aaf 100644
--- a/arch/powerpc/kernel/pci_of_scan.c
+++ b/arch/powerpc/kernel/pci_of_scan.c
@@ -82,10 +82,18 @@ static void of_pci_parse_addrs(struct device_node *node, struct pci_dev *dev)
const __be32 *addrs;
u32 i;
int proplen;
+ bool unset = false;
addrs = of_get_property(node, "assigned-addresses", &proplen);
if (!addrs)
return;
+ if (!addrs || !proplen) {
+ addrs = of_get_property(node, "reg", &proplen);
+ if (!addrs || !proplen)
+ return;
+ unset = true;
+ }
+
pr_debug(" parse addresses (%d bytes) @ %p\n", proplen, addrs);
for (; proplen >= 20; proplen -= 20, addrs += 5) {
flags = pci_parse_of_flags(of_read_number(addrs, 1), 0);
@@ -110,6 +118,8 @@ static void of_pci_parse_addrs(struct device_node *node, struct pci_dev *dev)
continue;
}
res->flags = flags;
+ if (unset)
+ res->flags |= IORESOURCE_UNSET;
res->name = pci_name(dev);
region.start = base;
region.end = base + size - 1;
--
2.17.1
^ permalink raw reply related
* [PATCH 01/14] ABI: fix some syntax issues at the ABI database
From: Mauro Carvalho Chehab @ 2019-06-14 2:04 UTC (permalink / raw)
To: Linux Doc Mailing List, Greg Kroah-Hartman
Cc: Tony Luck, Lars-Peter Clausen, Andrew Donnellan, Jonathan Corbet,
linux-iio, Sebastian Reichel, Anton Vorontsov, linux-kernel,
Mauro Carvalho Chehab, Mauro Carvalho Chehab,
Mauro Carvalho Chehab, Colin Cross, linux-pm, Andreas Klinger,
Peter Meerwald-Stadler, Hartmut Knaack, Frederic Barrat,
linuxppc-dev, Jonathan Cameron, Kees Cook
In-Reply-To: <cover.1560477540.git.mchehab+samsung@kernel.org>
From: Mauro Carvalho Chehab <mchehab@s-opensource.com>
On those three files, the ABI representation described at
README are violated.
- at sysfs-bus-iio-proximity-as3935:
a ':' character is missing after "What"
- at sysfs-class-devfreq:
there's a typo at Description
- at sysfs-class-cxl, it is using the ":" character at a
file preamble, causing it to be misinterpreted as a
tag.
- On the other files, instead of "What", they use "Where".
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
Signed-off-by: Mauro Carvalho Chehab <mchehab+samsung@kernel.org>
---
Documentation/ABI/testing/pstore | 2 +-
.../sysfs-bus-event_source-devices-format | 2 +-
.../ABI/testing/sysfs-bus-i2c-devices-hm6352 | 6 ++---
.../ABI/testing/sysfs-bus-iio-distance-srf08 | 4 ++--
.../testing/sysfs-bus-iio-proximity-as3935 | 4 ++--
.../ABI/testing/sysfs-bus-pci-devices-cciss | 22 +++++++++----------
.../testing/sysfs-bus-usb-devices-usbsevseg | 12 +++++-----
Documentation/ABI/testing/sysfs-class-cxl | 6 ++---
Documentation/ABI/testing/sysfs-class-devfreq | 2 +-
.../ABI/testing/sysfs-class-powercap | 2 +-
Documentation/ABI/testing/sysfs-kernel-fscaps | 2 +-
.../ABI/testing/sysfs-kernel-vmcoreinfo | 2 +-
12 files changed, 33 insertions(+), 33 deletions(-)
diff --git a/Documentation/ABI/testing/pstore b/Documentation/ABI/testing/pstore
index 5fca9f5e10a3..8d6e48f4e8ef 100644
--- a/Documentation/ABI/testing/pstore
+++ b/Documentation/ABI/testing/pstore
@@ -1,4 +1,4 @@
-Where: /sys/fs/pstore/... (or /dev/pstore/...)
+What: /sys/fs/pstore/... (or /dev/pstore/...)
Date: March 2011
Kernel Version: 2.6.39
Contact: tony.luck@intel.com
diff --git a/Documentation/ABI/testing/sysfs-bus-event_source-devices-format b/Documentation/ABI/testing/sysfs-bus-event_source-devices-format
index 77f47ff5ee02..b6f8748e0200 100644
--- a/Documentation/ABI/testing/sysfs-bus-event_source-devices-format
+++ b/Documentation/ABI/testing/sysfs-bus-event_source-devices-format
@@ -1,4 +1,4 @@
-Where: /sys/bus/event_source/devices/<dev>/format
+What: /sys/bus/event_source/devices/<dev>/format
Date: January 2012
Kernel Version: 3.3
Contact: Jiri Olsa <jolsa@redhat.com>
diff --git a/Documentation/ABI/testing/sysfs-bus-i2c-devices-hm6352 b/Documentation/ABI/testing/sysfs-bus-i2c-devices-hm6352
index feb2e4a87075..29bd447e50a0 100644
--- a/Documentation/ABI/testing/sysfs-bus-i2c-devices-hm6352
+++ b/Documentation/ABI/testing/sysfs-bus-i2c-devices-hm6352
@@ -1,18 +1,18 @@
-Where: /sys/bus/i2c/devices/.../heading0_input
+What: /sys/bus/i2c/devices/.../heading0_input
Date: April 2010
Kernel Version: 2.6.36?
Contact: alan.cox@intel.com
Description: Reports the current heading from the compass as a floating
point value in degrees.
-Where: /sys/bus/i2c/devices/.../power_state
+What: /sys/bus/i2c/devices/.../power_state
Date: April 2010
Kernel Version: 2.6.36?
Contact: alan.cox@intel.com
Description: Sets the power state of the device. 0 sets the device into
sleep mode, 1 wakes it up.
-Where: /sys/bus/i2c/devices/.../calibration
+What: /sys/bus/i2c/devices/.../calibration
Date: April 2010
Kernel Version: 2.6.36?
Contact: alan.cox@intel.com
diff --git a/Documentation/ABI/testing/sysfs-bus-iio-distance-srf08 b/Documentation/ABI/testing/sysfs-bus-iio-distance-srf08
index 0a1ca1487fa9..a133fd8d081a 100644
--- a/Documentation/ABI/testing/sysfs-bus-iio-distance-srf08
+++ b/Documentation/ABI/testing/sysfs-bus-iio-distance-srf08
@@ -1,4 +1,4 @@
-What /sys/bus/iio/devices/iio:deviceX/sensor_sensitivity
+What: /sys/bus/iio/devices/iio:deviceX/sensor_sensitivity
Date: January 2017
KernelVersion: 4.11
Contact: linux-iio@vger.kernel.org
@@ -6,7 +6,7 @@ Description:
Show or set the gain boost of the amp, from 0-31 range.
default 31
-What /sys/bus/iio/devices/iio:deviceX/sensor_max_range
+What: /sys/bus/iio/devices/iio:deviceX/sensor_max_range
Date: January 2017
KernelVersion: 4.11
Contact: linux-iio@vger.kernel.org
diff --git a/Documentation/ABI/testing/sysfs-bus-iio-proximity-as3935 b/Documentation/ABI/testing/sysfs-bus-iio-proximity-as3935
index 9a17ab5036a4..c59d95346341 100644
--- a/Documentation/ABI/testing/sysfs-bus-iio-proximity-as3935
+++ b/Documentation/ABI/testing/sysfs-bus-iio-proximity-as3935
@@ -1,4 +1,4 @@
-What /sys/bus/iio/devices/iio:deviceX/in_proximity_input
+What: /sys/bus/iio/devices/iio:deviceX/in_proximity_input
Date: March 2014
KernelVersion: 3.15
Contact: Matt Ranostay <matt.ranostay@konsulko.com>
@@ -6,7 +6,7 @@ Description:
Get the current distance in meters of storm (1km steps)
1000-40000 = distance in meters
-What /sys/bus/iio/devices/iio:deviceX/sensor_sensitivity
+What: /sys/bus/iio/devices/iio:deviceX/sensor_sensitivity
Date: March 2014
KernelVersion: 3.15
Contact: Matt Ranostay <matt.ranostay@konsulko.com>
diff --git a/Documentation/ABI/testing/sysfs-bus-pci-devices-cciss b/Documentation/ABI/testing/sysfs-bus-pci-devices-cciss
index 53d99edd1d75..eb449169c30b 100644
--- a/Documentation/ABI/testing/sysfs-bus-pci-devices-cciss
+++ b/Documentation/ABI/testing/sysfs-bus-pci-devices-cciss
@@ -1,66 +1,66 @@
-Where: /sys/bus/pci/devices/<dev>/ccissX/cXdY/model
+What: /sys/bus/pci/devices/<dev>/ccissX/cXdY/model
Date: March 2009
Kernel Version: 2.6.30
Contact: iss_storagedev@hp.com
Description: Displays the SCSI INQUIRY page 0 model for logical drive
Y of controller X.
-Where: /sys/bus/pci/devices/<dev>/ccissX/cXdY/rev
+What: /sys/bus/pci/devices/<dev>/ccissX/cXdY/rev
Date: March 2009
Kernel Version: 2.6.30
Contact: iss_storagedev@hp.com
Description: Displays the SCSI INQUIRY page 0 revision for logical
drive Y of controller X.
-Where: /sys/bus/pci/devices/<dev>/ccissX/cXdY/unique_id
+What: /sys/bus/pci/devices/<dev>/ccissX/cXdY/unique_id
Date: March 2009
Kernel Version: 2.6.30
Contact: iss_storagedev@hp.com
Description: Displays the SCSI INQUIRY page 83 serial number for logical
drive Y of controller X.
-Where: /sys/bus/pci/devices/<dev>/ccissX/cXdY/vendor
+What: /sys/bus/pci/devices/<dev>/ccissX/cXdY/vendor
Date: March 2009
Kernel Version: 2.6.30
Contact: iss_storagedev@hp.com
Description: Displays the SCSI INQUIRY page 0 vendor for logical drive
Y of controller X.
-Where: /sys/bus/pci/devices/<dev>/ccissX/cXdY/block:cciss!cXdY
+What: /sys/bus/pci/devices/<dev>/ccissX/cXdY/block:cciss!cXdY
Date: March 2009
Kernel Version: 2.6.30
Contact: iss_storagedev@hp.com
Description: A symbolic link to /sys/block/cciss!cXdY
-Where: /sys/bus/pci/devices/<dev>/ccissX/rescan
+What: /sys/bus/pci/devices/<dev>/ccissX/rescan
Date: August 2009
Kernel Version: 2.6.31
Contact: iss_storagedev@hp.com
Description: Kicks of a rescan of the controller to discover logical
drive topology changes.
-Where: /sys/bus/pci/devices/<dev>/ccissX/cXdY/lunid
+What: /sys/bus/pci/devices/<dev>/ccissX/cXdY/lunid
Date: August 2009
Kernel Version: 2.6.31
Contact: iss_storagedev@hp.com
Description: Displays the 8-byte LUN ID used to address logical
drive Y of controller X.
-Where: /sys/bus/pci/devices/<dev>/ccissX/cXdY/raid_level
+What: /sys/bus/pci/devices/<dev>/ccissX/cXdY/raid_level
Date: August 2009
Kernel Version: 2.6.31
Contact: iss_storagedev@hp.com
Description: Displays the RAID level of logical drive Y of
controller X.
-Where: /sys/bus/pci/devices/<dev>/ccissX/cXdY/usage_count
+What: /sys/bus/pci/devices/<dev>/ccissX/cXdY/usage_count
Date: August 2009
Kernel Version: 2.6.31
Contact: iss_storagedev@hp.com
Description: Displays the usage count (number of opens) of logical drive Y
of controller X.
-Where: /sys/bus/pci/devices/<dev>/ccissX/resettable
+What: /sys/bus/pci/devices/<dev>/ccissX/resettable
Date: February 2011
Kernel Version: 2.6.38
Contact: iss_storagedev@hp.com
@@ -71,7 +71,7 @@ Description: Value of 1 indicates the controller can honor the reset_devices
a dump device, as kdump requires resetting the device in order
to work reliably.
-Where: /sys/bus/pci/devices/<dev>/ccissX/transport_mode
+What: /sys/bus/pci/devices/<dev>/ccissX/transport_mode
Date: July 2011
Kernel Version: 3.0
Contact: iss_storagedev@hp.com
diff --git a/Documentation/ABI/testing/sysfs-bus-usb-devices-usbsevseg b/Documentation/ABI/testing/sysfs-bus-usb-devices-usbsevseg
index 70d00dfa443d..f6199b314196 100644
--- a/Documentation/ABI/testing/sysfs-bus-usb-devices-usbsevseg
+++ b/Documentation/ABI/testing/sysfs-bus-usb-devices-usbsevseg
@@ -1,12 +1,12 @@
-Where: /sys/bus/usb/.../powered
+What: /sys/bus/usb/.../powered
Date: August 2008
Kernel Version: 2.6.26
Contact: Harrison Metzger <harrisonmetz@gmail.com>
Description: Controls whether the device's display will powered.
A value of 0 is off and a non-zero value is on.
-Where: /sys/bus/usb/.../mode_msb
-Where: /sys/bus/usb/.../mode_lsb
+What: /sys/bus/usb/.../mode_msb
+What: /sys/bus/usb/.../mode_lsb
Date: August 2008
Kernel Version: 2.6.26
Contact: Harrison Metzger <harrisonmetz@gmail.com>
@@ -16,7 +16,7 @@ Description: Controls the devices display mode.
for an 8 character display the values are
MSB 0x08; LSB 0xFF.
-Where: /sys/bus/usb/.../textmode
+What: /sys/bus/usb/.../textmode
Date: August 2008
Kernel Version: 2.6.26
Contact: Harrison Metzger <harrisonmetz@gmail.com>
@@ -25,13 +25,13 @@ Description: Controls the way the device interprets its text buffer.
hex: each character is between 0-15
ascii: each character is between '0'-'9' and 'A'-'F'.
-Where: /sys/bus/usb/.../text
+What: /sys/bus/usb/.../text
Date: August 2008
Kernel Version: 2.6.26
Contact: Harrison Metzger <harrisonmetz@gmail.com>
Description: The text (or data) for the device to display
-Where: /sys/bus/usb/.../decimals
+What: /sys/bus/usb/.../decimals
Date: August 2008
Kernel Version: 2.6.26
Contact: Harrison Metzger <harrisonmetz@gmail.com>
diff --git a/Documentation/ABI/testing/sysfs-class-cxl b/Documentation/ABI/testing/sysfs-class-cxl
index bbbabffc682a..fc7c6f7c21b3 100644
--- a/Documentation/ABI/testing/sysfs-class-cxl
+++ b/Documentation/ABI/testing/sysfs-class-cxl
@@ -1,6 +1,6 @@
-Note: Attributes that are shared between devices are stored in the directory
-pointed to by the symlink device/.
-Example: The real path of the attribute /sys/class/cxl/afu0.0s/irqs_max is
+Please notice that attributes that are shared between devices are stored in
+the directory pointed to by the symlink device/.
+For example, the real path of the attribute /sys/class/cxl/afu0.0s/irqs_max is
/sys/class/cxl/afu0.0s/device/irqs_max, i.e. /sys/class/cxl/afu0.0/irqs_max.
diff --git a/Documentation/ABI/testing/sysfs-class-devfreq b/Documentation/ABI/testing/sysfs-class-devfreq
index ee39acacf6f8..01196e19afca 100644
--- a/Documentation/ABI/testing/sysfs-class-devfreq
+++ b/Documentation/ABI/testing/sysfs-class-devfreq
@@ -47,7 +47,7 @@ Description:
What: /sys/class/devfreq/.../trans_stat
Date: October 2012
Contact: MyungJoo Ham <myungjoo.ham@samsung.com>
-Descrtiption:
+Description:
This ABI shows the statistics of devfreq behavior on a
specific device. It shows the time spent in each state and
the number of transitions between states.
diff --git a/Documentation/ABI/testing/sysfs-class-powercap b/Documentation/ABI/testing/sysfs-class-powercap
index db3b3ff70d84..f333a0ccc29b 100644
--- a/Documentation/ABI/testing/sysfs-class-powercap
+++ b/Documentation/ABI/testing/sysfs-class-powercap
@@ -147,6 +147,6 @@ What: /sys/class/powercap/.../<power zone>/enabled
Date: September 2013
KernelVersion: 3.13
Contact: linux-pm@vger.kernel.org
-Description
+Description:
This allows to enable/disable power capping at power zone level.
This applies to current power zone and its children.
diff --git a/Documentation/ABI/testing/sysfs-kernel-fscaps b/Documentation/ABI/testing/sysfs-kernel-fscaps
index 50a3033b5e15..bcff34665192 100644
--- a/Documentation/ABI/testing/sysfs-kernel-fscaps
+++ b/Documentation/ABI/testing/sysfs-kernel-fscaps
@@ -2,7 +2,7 @@ What: /sys/kernel/fscaps
Date: February 2011
KernelVersion: 2.6.38
Contact: Ludwig Nussel <ludwig.nussel@suse.de>
-Description
+Description:
Shows whether file system capabilities are honored
when executing a binary
diff --git a/Documentation/ABI/testing/sysfs-kernel-vmcoreinfo b/Documentation/ABI/testing/sysfs-kernel-vmcoreinfo
index 7bd81168e063..1f1087a5f075 100644
--- a/Documentation/ABI/testing/sysfs-kernel-vmcoreinfo
+++ b/Documentation/ABI/testing/sysfs-kernel-vmcoreinfo
@@ -4,7 +4,7 @@ KernelVersion: 2.6.24
Contact: Ken'ichi Ohmichi <oomichi@mxs.nes.nec.co.jp>
Kexec Mailing List <kexec@lists.infradead.org>
Vivek Goyal <vgoyal@redhat.com>
-Description
+Description:
Shows physical address and size of vmcoreinfo ELF note.
First value contains physical address of note in hex and
second value contains the size of note in hex. This ELF
--
2.21.0
^ permalink raw reply related
* [PATCH 00/14] Add support to generate ABI documentation at admin-guide
From: Mauro Carvalho Chehab @ 2019-06-14 2:04 UTC (permalink / raw)
To: Linux Doc Mailing List, Greg Kroah-Hartman
Cc: Lars-Peter Clausen, Andrew Donnellan, Kees Cook, Jonathan Corbet,
linux-iio, linux-pm, Anton Vorontsov, linux-kernel,
Andreas Klinger, Mauro Carvalho Chehab, Frederic Barrat,
Tony Luck, Sebastian Reichel, Peter Meerwald-Stadler, Colin Cross,
Mauro Carvalho Chehab, linuxppc-dev, Stefan Achatz,
Jonathan Cameron, Hartmut Knaack
Greg,
As promised, I'm resending the patch series with adds the Kernel ABI to
Documentation/admin-guide.
Those patches are basically the version 3 patchset I sent back in 2017,
rebased on the top of linux-next (next-20190613), and with some fixes
in order for it to work.
- The 4 initial patches to fix some ABI descriptions that are violating
the syntax described at Documentation/ABI/README;
- The next 6 patches are the ones originally written in 2017 with a
script with parses the ABI files;
- The 11th patch is a new one: it relaxes a little bit the parser in
order to parse file headers that contains colons on it;
- The 12th patch adds the new script to the documentation build
system, together with a new python Sphinx extension with calls it;
- The 13th patch fixes the python script when running with newer
Sphinx versions (1.7 and upper);
- The final patch fixes an UTF-8 trouble. I noticed it only with Sphinx
1.4, but it could affect other versions too. So, I ended by changing
the UTF-8 encoding logit to work version-independent, just like
what happens with kerneldoc.py extension.
Mauro Carvalho Chehab (14):
ABI: fix some syntax issues at the ABI database
ABI: sysfs-driver-hid: the "What" field doesn't parse fine
ABI: sysfs-class-uwb_rc: remove a duplicated incomplete entry
ABI: better identificate tables
scripts: add an script to parse the ABI files
scripts/get_abi.pl: parse files with text at beginning
scripts/get_abi.pl: avoid use literal blocks when not needed
scripts/get_abi.pl: split label naming from xref logic
scripts/get_abi.pl: add support for searching for ABI symbols
scripts/get_abi.pl: represent what in tables
scripts/get_abi.pl: fix parse issues with some files
doc-rst: add ABI documentation to the admin-guide book
sphinx/kernel_abi.py: make it compatible with Sphinx 1.7+
docs: sphinx/kernel_abi.py: fix UTF-8 support
.../ABI/obsolete/sysfs-driver-hid-roccat-pyra | 2 +-
Documentation/ABI/testing/pstore | 2 +-
.../sysfs-bus-event_source-devices-format | 2 +-
.../ABI/testing/sysfs-bus-i2c-devices-hm6352 | 6 +-
.../ABI/testing/sysfs-bus-iio-distance-srf08 | 4 +-
.../testing/sysfs-bus-iio-proximity-as3935 | 4 +-
.../ABI/testing/sysfs-bus-pci-devices-cciss | 22 +-
.../testing/sysfs-bus-usb-devices-usbsevseg | 12 +-
.../sysfs-class-backlight-driver-lm3533 | 6 +-
Documentation/ABI/testing/sysfs-class-cxl | 6 +-
Documentation/ABI/testing/sysfs-class-devfreq | 2 +-
.../ABI/testing/sysfs-class-led-driver-lm3533 | 8 +-
.../ABI/testing/sysfs-class-leds-gt683r | 4 +-
.../ABI/testing/sysfs-class-powercap | 2 +-
Documentation/ABI/testing/sysfs-class-uwb_rc | 6 -
Documentation/ABI/testing/sysfs-driver-hid | 12 +-
.../ABI/testing/sysfs-driver-hid-roccat-kone | 2 +-
Documentation/ABI/testing/sysfs-kernel-fscaps | 2 +-
.../ABI/testing/sysfs-kernel-vmcoreinfo | 2 +-
Documentation/admin-guide/abi-obsolete.rst | 10 +
Documentation/admin-guide/abi-removed.rst | 4 +
Documentation/admin-guide/abi-stable.rst | 13 +
Documentation/admin-guide/abi-testing.rst | 19 +
Documentation/admin-guide/abi.rst | 11 +
Documentation/admin-guide/index.rst | 1 +
Documentation/conf.py | 2 +-
Documentation/sphinx/kernel_abi.py | 172 +++++++
scripts/get_abi.pl | 450 ++++++++++++++++++
28 files changed, 731 insertions(+), 57 deletions(-)
create mode 100644 Documentation/admin-guide/abi-obsolete.rst
create mode 100644 Documentation/admin-guide/abi-removed.rst
create mode 100644 Documentation/admin-guide/abi-stable.rst
create mode 100644 Documentation/admin-guide/abi-testing.rst
create mode 100644 Documentation/admin-guide/abi.rst
create mode 100644 Documentation/sphinx/kernel_abi.py
create mode 100755 scripts/get_abi.pl
--
2.21.0
^ permalink raw reply
* RE: [EXT] Re: [PATCH 1/3] dt-bindings: pci: layerscape-pci: add compatible strings "fsl,ls1028a-pcie"
From: Xiaowei Bao @ 2019-06-14 1:21 UTC (permalink / raw)
To: Rob Herring
Cc: mark.rutland@arm.com, Roy Zang, lorenzo.pieralisi@arm.com,
arnd@arndb.de, devicetree@vger.kernel.org,
gregkh@linuxfoundation.org, kstewart@linuxfoundation.org,
linuxppc-dev@lists.ozlabs.org, linux-pci@vger.kernel.org,
linux-kernel@vger.kernel.org, kishon@ti.com, M.h. Lian,
robh+dt@kernel.org, linux-arm-kernel@lists.infradead.org,
pombredanne@nexb.com, bhelgaas@google.com, Leo Li,
shawnguo@kernel.org, shawn.lin@rock-chips.com, Mingkai Hu
In-Reply-To: <20190613205930.GA9003@bogus>
> -----Original Message-----
> From: Rob Herring <robh@kernel.org>
> Sent: 2019年6月14日 5:00
> To: Xiaowei Bao <xiaowei.bao@nxp.com>
> Cc: bhelgaas@google.com; robh+dt@kernel.org; mark.rutland@arm.com;
> shawnguo@kernel.org; Leo Li <leoyang.li@nxp.com>; kishon@ti.com;
> lorenzo.pieralisi@arm.com; arnd@arndb.de; gregkh@linuxfoundation.org;
> M.h. Lian <minghuan.lian@nxp.com>; Mingkai Hu <mingkai.hu@nxp.com>;
> Roy Zang <roy.zang@nxp.com>; kstewart@linuxfoundation.org;
> pombredanne@nexb.com; shawn.lin@rock-chips.com;
> linux-pci@vger.kernel.org; devicetree@vger.kernel.org;
> linux-kernel@vger.kernel.org; linux-arm-kernel@lists.infradead.org;
> linuxppc-dev@lists.ozlabs.org; Xiaowei Bao <xiaowei.bao@nxp.com>
> Subject: [EXT] Re: [PATCH 1/3] dt-bindings: pci: layerscape-pci: add
> compatible strings "fsl,ls1028a-pcie"
>
> Caution: EXT Email
>
> On Wed, 15 May 2019 15:27:45 +0800, Xiaowei Bao wrote:
> > Add the PCIe compatible string for LS1028A
> >
> > Signed-off-by: Xiaowei Bao <xiaowei.bao@nxp.com>
> > ---
> > .../devicetree/bindings/pci/layerscape-pci.txt | 1 +
> > 1 files changed, 1 insertions(+), 0 deletions(-)
> >
>
> Reviewed-by: Rob Herring <robh@kernel.org>
[Xiaowei Bao] thanks a lot for your review.
^ permalink raw reply
* Re: [PATCH] powerpc/pseries: fix oops in hotplug memory notifier
From: Nathan Lynch @ 2019-06-14 1:05 UTC (permalink / raw)
To: Tyrel Datwyler; +Cc: linuxppc-dev
In-Reply-To: <8736klm0cc.fsf@linux.ibm.com>
Nathan Lynch <nathanl@linux.ibm.com> writes:
> Tyrel Datwyler <tyreld@linux.vnet.ibm.com> writes:
>
>> Maybe we are ok with this behavior as I haven't dug deep enough into the memory
>> subsystem here to really understand what the memory code is updating, but it is
>> concerning that we are doing it in some cases, but not all.
>
> I hope I've made a good case above that the notifier does not do any
> useful work, and a counterpart for the v2 format isn't needed. Do you
> agree?
>
> If so, I'll send a patch later to remove the notifier altogether. In the
> near term I would still like this minimal fix to go in.
Tyrel, ack?
^ permalink raw reply
* Re: [PATCH v4 2/3] Documentation: dt: binding: fsl: Add 'little-endian' and update Chassis define
From: Rob Herring @ 2019-06-13 23:03 UTC (permalink / raw)
To: Ran Wang
Cc: Mark Rutland, Len Brown, devicetree, Greg Kroah-Hartman, linux-pm,
Rafael J . Wysocki, linux-kernel, Li Yang, Pavel Machek, Ran Wang,
linuxppc-dev, linux-arm-kernel
In-Reply-To: <20190520095238.29210-2-ran.wang_1@nxp.com>
On Mon, 20 May 2019 17:52:37 +0800, Ran Wang wrote:
> By default, QorIQ SoC's RCPM register block is Big Endian. But
> there are some exceptions, such as LS1088A and LS2088A, are Little
> Endian. So add this optional property to help identify them.
>
> Actually LS2021A and other Layerscapes won't totally follow Chassis
> 2.1, so separate them from powerpc SoC.
>
> Signed-off-by: Ran Wang <ran.wang_1@nxp.com>
> ---
> Change in v4:
> - Adjust indectation of 'ls1021a, ls1012a, ls1043a, ls1046a'.
>
> Change in v3:
> - None.
>
> Change in v2:
> - None.
>
> Documentation/devicetree/bindings/soc/fsl/rcpm.txt | 8 +++++++-
> 1 files changed, 7 insertions(+), 1 deletions(-)
>
Reviewed-by: Rob Herring <robh@kernel.org>
^ permalink raw reply
* Re: [PATCH 2/3] Documentation: dt: binding: fsl: Add 'little-endian' and update Chassis define
From: Rob Herring @ 2019-06-13 22:07 UTC (permalink / raw)
To: Ran Wang
Cc: Mark Rutland, Len Brown, devicetree, Greg Kroah-Hartman, linux-pm,
Rafael J . Wysocki, linux-kernel, Li Yang, Pavel Machek, Ran Wang,
linuxppc-dev, linux-arm-kernel
In-Reply-To: <20190517024748.15534-2-ran.wang_1@nxp.com>
On Fri, 17 May 2019 10:47:47 +0800, Ran Wang wrote:
> By default, QorIQ SoC's RCPM register block is Big Endian. But
> there are some exceptions, such as LS1088A and LS2088A, are Little
> Endian. So add this optional property to help identify them.
>
> Actually LS2021A and other Layerscapes won't totally follow Chassis
> 2.1, so separate them from powerpc SoC.
>
> Signed-off-by: Ran Wang <ran.wang_1@nxp.com>
> ---
> Documentation/devicetree/bindings/soc/fsl/rcpm.txt | 8 +++++++-
> 1 files changed, 7 insertions(+), 1 deletions(-)
>
Reviewed-by: Rob Herring <robh@kernel.org>
^ permalink raw reply
* sys_exit: NR 0 (was "sys_exit: NR -1")
From: Paul Clarke @ 2019-06-13 21:56 UTC (permalink / raw)
To: Naveen N. Rao, linux-perf-users@vger.kernel.org; +Cc: linuxppc-dev
In-Reply-To: <96a869bd-c7c5-2f9e-856f-b3b4c0fdf89a@us.ibm.com>
I'm seeing another asymmetry, this one is on powerpc:
--
perf 30179 [001] 10374622.667436: raw_syscalls:sys_enter: NR 11 (3fffe16ef55e, [...])
ls 30179 [002] 10374622.667921: raw_syscalls:sys_exit: NR 0 = 0
--
Syscall "11" is "execve", but is it expected that the sys_exit will report the ID as 0? Is that because of the nature of "execve", to overlay the entire contents of the process?
This does not seem to occur on x86.
PC
^ permalink raw reply
* Re: [PATCH 0/2] powerpc/bpf: DIV64 instruction fix
From: Daniel Borkmann @ 2019-06-13 21:11 UTC (permalink / raw)
To: Naveen N. Rao, Alexei Starovoitov; +Cc: netdev, bpf, linuxppc-dev
In-Reply-To: <cover.1560364574.git.naveen.n.rao@linux.vnet.ibm.com>
On 06/12/2019 08:51 PM, Naveen N. Rao wrote:
> The first patch updates DIV64 overflow tests to properly detect error
> conditions. The second patch fixes powerpc64 JIT to generate the proper
> unsigned division instruction for BPF_ALU64.
>
> - Naveen
>
> Naveen N. Rao (2):
> bpf: fix div64 overflow tests to properly detect errors
> powerpc/bpf: use unsigned division instruction for 64-bit operations
>
> arch/powerpc/include/asm/ppc-opcode.h | 1 +
> arch/powerpc/net/bpf_jit.h | 2 +-
> arch/powerpc/net/bpf_jit_comp64.c | 8 ++++----
> .../testing/selftests/bpf/verifier/div_overflow.c | 14 ++++++++++----
> 4 files changed, 16 insertions(+), 9 deletions(-)
>
LGTM, applied to bpf, thanks!
^ permalink raw reply
* Re: sys_exit: NR -1
From: Paul Clarke @ 2019-06-13 21:11 UTC (permalink / raw)
To: Naveen N. Rao, linux-perf-users@vger.kernel.org; +Cc: linuxppc-dev
In-Reply-To: <b3d497ac-6e87-c675-3bd3-def0baddf53e@us.ibm.com>
On 6/13/19 4:00 PM, Paul Clarke wrote:
> On 6/12/19 1:32 AM, Naveen N. Rao wrote:
>> Paul Clarke wrote:
>>> What are the circumstances in which raw_syscalls:sys_exit reports "-1" for the syscall ID?
>>>
>>> perf 5375 [007] 59632.478528: raw_syscalls:sys_enter: NR 1 (3, 9fb888, 8, 2d83740, 1, 7ffff)
>>> perf 5375 [007] 59632.478532: raw_syscalls:sys_exit: NR 1 = 8
>>> perf 5375 [007] 59632.478538: raw_syscalls:sys_enter: NR 15 (11, 7ffffca734b0, 7ffffca73380, 2d83740, 1, 7ffff)
>>> perf 5375 [007] 59632.478539: raw_syscalls:sys_exit: NR -1 = 8
>>> perf 5375 [007] 59632.478543: raw_syscalls:sys_enter: NR 16 (4, 2401, 0, 2d83740, 1, 0)
>>> perf 5375 [007] 59632.478551: raw_syscalls:sys_exit: NR 16 = 0
>>
>> Which architecture?
>> For powerpc, see:
>>
>> static inline int syscall_get_nr(struct task_struct *task, struct pt_regs *regs)
>> {
>> /*
>> * Note that we are returning an int here. That means 0xffffffff, ie.
>> * 32-bit negative 1, will be interpreted as -1 on a 64-bit kernel.
>> * This is important for seccomp so that compat tasks can set r0 = -1
>> * to reject the syscall.
>> */
>> return TRAP(regs) == 0xc00 ? regs->gpr[0] : -1;
>> }
>
> So, that's intentional? And has some special meaning? (I confess I don't understand what the comment is saying exactly.)
>
> Is this documented? Does something depend on this ABI?
>
> To me, it just makes parsing more difficult, both by humans and machines.
I should've noted that the instance I encountered was on x86.
PC
^ permalink raw reply
* Re: sys_exit: NR -1
From: Paul Clarke @ 2019-06-13 21:00 UTC (permalink / raw)
To: Naveen N. Rao, linux-perf-users@vger.kernel.org; +Cc: linuxppc-dev
In-Reply-To: <1560320989.8h9se8cb9p.naveen@linux.ibm.com>
On 6/12/19 1:32 AM, Naveen N. Rao wrote:
> Paul Clarke wrote:
>> What are the circumstances in which raw_syscalls:sys_exit reports "-1" for the syscall ID?
>>
>> perf 5375 [007] 59632.478528: raw_syscalls:sys_enter: NR 1 (3, 9fb888, 8, 2d83740, 1, 7ffff)
>> perf 5375 [007] 59632.478532: raw_syscalls:sys_exit: NR 1 = 8
>> perf 5375 [007] 59632.478538: raw_syscalls:sys_enter: NR 15 (11, 7ffffca734b0, 7ffffca73380, 2d83740, 1, 7ffff)
>> perf 5375 [007] 59632.478539: raw_syscalls:sys_exit: NR -1 = 8
>> perf 5375 [007] 59632.478543: raw_syscalls:sys_enter: NR 16 (4, 2401, 0, 2d83740, 1, 0)
>> perf 5375 [007] 59632.478551: raw_syscalls:sys_exit: NR 16 = 0
>
> Which architecture?
> For powerpc, see:
>
> static inline int syscall_get_nr(struct task_struct *task, struct pt_regs *regs)
> {
> /*
> * Note that we are returning an int here. That means 0xffffffff, ie.
> * 32-bit negative 1, will be interpreted as -1 on a 64-bit kernel.
> * This is important for seccomp so that compat tasks can set r0 = -1
> * to reject the syscall.
> */
> return TRAP(regs) == 0xc00 ? regs->gpr[0] : -1;
> }
So, that's intentional? And has some special meaning? (I confess I don't understand what the comment is saying exactly.)
Is this documented? Does something depend on this ABI?
To me, it just makes parsing more difficult, both by humans and machines.
PC
^ permalink raw reply
* Re: [PATCH 1/3] dt-bindings: pci: layerscape-pci: add compatible strings "fsl,ls1028a-pcie"
From: Rob Herring @ 2019-06-13 20:59 UTC (permalink / raw)
To: Xiaowei Bao
Cc: mark.rutland, roy.zang, lorenzo.pieralisi, Xiaowei Bao, arnd,
devicetree, gregkh, kstewart, linuxppc-dev, linux-pci,
linux-kernel, kishon, minghuan.Lian, robh+dt, linux-arm-kernel,
pombredanne, bhelgaas, leoyang.li, shawnguo, shawn.lin,
mingkai.hu
In-Reply-To: <20190515072747.39941-1-xiaowei.bao@nxp.com>
On Wed, 15 May 2019 15:27:45 +0800, Xiaowei Bao wrote:
> Add the PCIe compatible string for LS1028A
>
> Signed-off-by: Xiaowei Bao <xiaowei.bao@nxp.com>
> ---
> .../devicetree/bindings/pci/layerscape-pci.txt | 1 +
> 1 files changed, 1 insertions(+), 0 deletions(-)
>
Reviewed-by: Rob Herring <robh@kernel.org>
^ permalink raw reply
* [PATCH 2/2] powerpc: expose secure variables via sysfs
From: Nayna Jain @ 2019-06-13 20:50 UTC (permalink / raw)
To: linuxppc-dev, linux-efi
Cc: Ard Biesheuvel, Eric Ricther, Nayna Jain, linux-kernel,
Mimi Zohar, Claudio Carvalho, Matthew Garret, Greg Kroah-Hartman,
Paul Mackerras, Jeremy Kerr, Elaine Palmer, linux-integrity,
George Wilson
In-Reply-To: <1560459027-5248-1-git-send-email-nayna@linux.ibm.com>
As part of PowerNV secure boot support, OS verification keys are stored
and controlled by OPAL as secure variables. These need to be exposed to
the userspace so that sysadmins can perform key management tasks.
This patch adds the support to expose secure variables via a sysfs
interface It reuses the the existing efi defined hooks and backend in
order to maintain the compatibility with the userspace tools.
Though it reuses a great deal of efi, POWER platforms do not use EFI.
A new config, POWER_SECVAR_SYSFS, is defined to enable this new sysfs
interface.
Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
---
arch/powerpc/Kconfig | 2 +
drivers/firmware/Makefile | 1 +
drivers/firmware/efi/efivars.c | 2 +-
drivers/firmware/powerpc/Kconfig | 12 +
drivers/firmware/powerpc/Makefile | 3 +
drivers/firmware/powerpc/efi_error.c | 46 ++++
drivers/firmware/powerpc/secvar.c | 326 +++++++++++++++++++++++++++
7 files changed, 391 insertions(+), 1 deletion(-)
create mode 100644 drivers/firmware/powerpc/Kconfig
create mode 100644 drivers/firmware/powerpc/Makefile
create mode 100644 drivers/firmware/powerpc/efi_error.c
create mode 100644 drivers/firmware/powerpc/secvar.c
diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig
index 9de77bb14f54..1548dd8cf1a0 100644
--- a/arch/powerpc/Kconfig
+++ b/arch/powerpc/Kconfig
@@ -916,6 +916,8 @@ config PPC_SECURE_BOOT
allows user to enable OS Secure Boot on PowerPC systems that
have firmware secure boot support.
+source "drivers/firmware/powerpc/Kconfig"
+
endmenu
config ISA_DMA_API
diff --git a/drivers/firmware/Makefile b/drivers/firmware/Makefile
index 3fa0b34eb72f..8cfaf7e6769d 100644
--- a/drivers/firmware/Makefile
+++ b/drivers/firmware/Makefile
@@ -33,3 +33,4 @@ obj-$(CONFIG_UEFI_CPER) += efi/
obj-y += imx/
obj-y += tegra/
obj-y += xilinx/
+obj-$(CONFIG_POWER_SECVAR_SYSFS) += powerpc/
diff --git a/drivers/firmware/efi/efivars.c b/drivers/firmware/efi/efivars.c
index 7576450c8254..30ef53003c24 100644
--- a/drivers/firmware/efi/efivars.c
+++ b/drivers/firmware/efi/efivars.c
@@ -664,7 +664,7 @@ int efivars_sysfs_init(void)
struct kobject *parent_kobj = efivars_kobject();
int error = 0;
- if (!efi_enabled(EFI_RUNTIME_SERVICES))
+ if (IS_ENABLED(CONFIG_EFI) && !efi_enabled(EFI_RUNTIME_SERVICES))
return -ENODEV;
/* No efivars has been registered yet */
diff --git a/drivers/firmware/powerpc/Kconfig b/drivers/firmware/powerpc/Kconfig
new file mode 100644
index 000000000000..e0303fc517d5
--- /dev/null
+++ b/drivers/firmware/powerpc/Kconfig
@@ -0,0 +1,12 @@
+config POWER_SECVAR_SYSFS
+ tristate "Enable sysfs interface for POWER secure variables"
+ default n
+ depends on PPC_SECURE_BOOT
+ select UCS2_STRING
+ help
+ POWER secure variables are managed and controlled by OPAL.
+ These variables are exposed to userspace via sysfs to allow
+ user to read/write these variables. Say Y if you have secure
+ boot enabled and want to expose variables to userspace.
+
+source "drivers/firmware/efi/Kconfig"
diff --git a/drivers/firmware/powerpc/Makefile b/drivers/firmware/powerpc/Makefile
new file mode 100644
index 000000000000..d5fa3b007315
--- /dev/null
+++ b/drivers/firmware/powerpc/Makefile
@@ -0,0 +1,3 @@
+# SPDX-License-Identifier: GPL-2.0
+
+obj-$(CONFIG_POWER_SECVAR_SYSFS) += ../efi/efivars.o efi_error.o ../efi/vars.o secvar.o
diff --git a/drivers/firmware/powerpc/efi_error.c b/drivers/firmware/powerpc/efi_error.c
new file mode 100644
index 000000000000..b5cabd52e6b4
--- /dev/null
+++ b/drivers/firmware/powerpc/efi_error.c
@@ -0,0 +1,46 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) 2019 IBM Corporation
+ * Author: Nayna Jain <nayna@linux.ibm.com>
+ *
+ * efi_error.c
+ * - Error codes as understood by efi based tools
+ * Taken from drivers/firmware/efi/efi.c
+ */
+#include<linux/efi.h>
+
+int efi_status_to_err(efi_status_t status)
+{
+ int err;
+
+ switch (status) {
+ case EFI_SUCCESS:
+ err = 0;
+ break;
+ case EFI_INVALID_PARAMETER:
+ err = -EINVAL;
+ break;
+ case EFI_OUT_OF_RESOURCES:
+ err = -ENOSPC;
+ break;
+ case EFI_DEVICE_ERROR:
+ err = -EIO;
+ break;
+ case EFI_WRITE_PROTECTED:
+ err = -EROFS;
+ break;
+ case EFI_SECURITY_VIOLATION:
+ err = -EACCES;
+ break;
+ case EFI_NOT_FOUND:
+ err = -ENOENT;
+ break;
+ case EFI_ABORTED:
+ err = -EINTR;
+ break;
+ default:
+ err = -EINVAL;
+ }
+
+ return err;
+}
diff --git a/drivers/firmware/powerpc/secvar.c b/drivers/firmware/powerpc/secvar.c
new file mode 100644
index 000000000000..f1f134a0bb7c
--- /dev/null
+++ b/drivers/firmware/powerpc/secvar.c
@@ -0,0 +1,326 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) 2019 IBM Corporation
+ * Author: Nayna Jain <nayna@linux.ibm.com>
+ *
+ * secvar.c
+ * - wrappers to expose secure variables to userspace
+ */
+#include <linux/kernel.h>
+#include <linux/init.h>
+#include <linux/types.h>
+#include <linux/errno.h>
+#include <linux/string.h>
+#include <linux/spinlock.h>
+#include <linux/fs.h>
+#include <linux/slab.h>
+#include <linux/ioctl.h>
+#include <linux/uaccess.h>
+#include <linux/kdebug.h>
+#include <linux/efi.h>
+#include <linux/module.h>
+#include <linux/ucs2_string.h>
+#include <asm/opal-secvar.h>
+#include <asm/opal.h>
+
+static struct efivars efivars;
+struct kobject *powerpc_kobj;
+
+efi_status_t opal_to_efi_status_log(int rc, const char *func_name)
+{
+ efi_status_t status;
+
+ switch (rc) {
+ case OPAL_EMPTY:
+ status = EFI_NOT_FOUND;
+ break;
+ case OPAL_HARDWARE:
+ status = EFI_DEVICE_ERROR;
+ break;
+ case OPAL_NO_MEM:
+ pr_err("%s: No space in the volatile storage\n", func_name);
+ status = EFI_OUT_OF_RESOURCES;
+ break;
+ case OPAL_PARAMETER:
+ status = EFI_INVALID_PARAMETER;
+ break;
+ case OPAL_PARTIAL:
+ status = EFI_BUFFER_TOO_SMALL;
+ break;
+ case OPAL_PERMISSION:
+ status = EFI_WRITE_PROTECTED;
+ break;
+ case OPAL_RESOURCE:
+ pr_err("%s: No space in the non-volatile storage\n", func_name);
+ status = EFI_OUT_OF_RESOURCES;
+ break;
+ case OPAL_SUCCESS:
+ status = EFI_SUCCESS;
+ break;
+ default:
+ pr_err("%s: Unknown OPAL error %d\n", func_name, rc);
+ status = EFI_DEVICE_ERROR;
+ break;
+ }
+
+ return status;
+}
+
+#define opal_to_efi_status(rc) opal_to_efi_status_log(rc, __func__)
+
+static void createkey(efi_char16_t *name, u8 **key, unsigned long *keylen)
+{
+ *keylen = ucs2_utf8size(name) + 1;
+
+ *key = kzalloc(*keylen, GFP_KERNEL);
+ if (!*key) {
+ *keylen = 0;
+ *key = NULL;
+ return;
+ }
+
+ ucs2_as_utf8(*key, name, *keylen);
+}
+
+static void createmetadata(efi_char16_t *name, efi_guid_t *vendor, u32 *attr,
+ u8 **mdata, unsigned long *mdsize)
+{
+ int size = 0;
+
+ *mdsize = ucs2_strsize(name, 1024) + sizeof(efi_guid_t) + sizeof(u32);
+ *mdata = kzalloc(*mdsize, GFP_KERNEL);
+
+ memcpy(*mdata, name, ucs2_strsize(name, 1024));
+ size = ucs2_strsize(name, 1024);
+
+ memcpy(*mdata + size, vendor, sizeof(efi_guid_t));
+ size += sizeof(efi_guid_t);
+
+ if (attr != NULL)
+ memcpy(*mdata + size, attr, sizeof(u32));
+ else
+ memset(*mdata + size, 0, sizeof(u32));
+}
+
+static int convert_buffer_to_efi_guid(u8 *buffer, efi_guid_t *guid)
+{
+ u32 *a1;
+ u16 *a2;
+ u16 *a3;
+
+ a1 = kzalloc(4, GFP_KERNEL);
+ memcpy(a1, buffer, 4);
+ *a1 = be32_to_cpu(*a1);
+
+ a2 = kzalloc(2, GFP_KERNEL);
+ memcpy(a2, buffer+4, 2);
+ *a2 = be16_to_cpu(*a2);
+
+ a3 = kzalloc(2, GFP_KERNEL);
+ memcpy(a3, buffer+6, 2);
+ *a3 = be16_to_cpu(*a3);
+
+ *guid = EFI_GUID(*a1, *a2, *a3, *(buffer + 8),
+ *(buffer + 9),
+ *(buffer + 10),
+ *(buffer + 11),
+ *(buffer + 12),
+ *(buffer + 13),
+ *(buffer + 14),
+ *(buffer + 15));
+
+ kfree(a1);
+ kfree(a2);
+ kfree(a3);
+ return 0;
+}
+
+static efi_status_t powerpc_get_variable(efi_char16_t *name, efi_guid_t *vendor,
+ u32 *attr, unsigned long *data_size,
+ void *data)
+{
+ int rc;
+ u8 *key;
+ unsigned long keylen;
+ u8 *metadata;
+ unsigned long mdsize;
+ unsigned long dsize;
+ unsigned long namesize;
+
+ if (!name)
+ return EFI_INVALID_PARAMETER;
+
+ if (!vendor)
+ return EFI_INVALID_PARAMETER;
+
+ if (*data_size == 0) {
+ /* If *data_size is zero, it implies data size is being asked */
+ createkey(name, &key, &keylen);
+ rc = opal_get_variable_size(key, keylen, &mdsize, &dsize);
+ *data_size = dsize;
+ kfree(key);
+ return opal_to_efi_status(rc);
+ }
+
+ createkey(name, &key, &keylen);
+ createmetadata(name, vendor, attr, &metadata, &mdsize);
+
+ rc = opal_get_variable(key, keylen, metadata, &mdsize, data, data_size);
+
+ if (rc)
+ return opal_to_efi_status(rc);
+
+ if (mdsize > 0) {
+ namesize = mdsize - sizeof(efi_guid_t) - sizeof(u32);
+ if (!attr)
+ return opal_to_efi_status(rc);
+ memset(attr, 0, sizeof(u32));
+ memcpy(attr, metadata + namesize + sizeof(efi_guid_t),
+ sizeof(u32));
+ *attr = be32_to_cpu(*attr);
+ }
+
+ kfree(key);
+ kfree(metadata);
+
+ return opal_to_efi_status(rc);
+}
+
+
+static efi_status_t powerpc_get_next_variable(unsigned long *name_size,
+ efi_char16_t *name,
+ efi_guid_t *vendor)
+{
+ int rc;
+ u8 *key;
+ int namesize;
+ unsigned long keylen;
+ unsigned long keysize = 1024;
+ unsigned long *mdsize;
+ u8 *mdata = NULL;
+ efi_guid_t guid;
+
+ if (ucs2_strnlen(name, 1024) > 0) {
+ createkey(name, &key, &keylen);
+ } else {
+ keylen = 0;
+ key = kzalloc(1024, GFP_KERNEL);
+ }
+
+ pr_info("%s: powerpc get next variable, key is %s\n", __func__, key);
+
+ rc = opal_get_next_variable(key, &keylen, keysize);
+ if (rc) {
+ kfree(key);
+ return opal_to_efi_status(rc);
+ }
+
+ mdsize = kzalloc(sizeof(unsigned long), GFP_KERNEL);
+ rc = opal_get_variable_size(key, keylen, mdsize, NULL);
+ if (rc)
+ goto out;
+
+ if (*mdsize <= 0)
+ goto out;
+
+ mdata = kzalloc(*mdsize, GFP_KERNEL);
+
+ rc = opal_get_variable(key, keylen, mdata, mdsize, NULL, NULL);
+ if (rc)
+ goto out;
+
+ if (*mdsize > 0) {
+ namesize = *mdsize - sizeof(efi_guid_t) - sizeof(u32);
+ if (namesize > 0) {
+ memset(&guid, 0, sizeof(efi_guid_t));
+ convert_buffer_to_efi_guid(mdata + namesize, &guid);
+ memcpy(vendor, &guid, sizeof(efi_guid_t));
+ memset(name, 0, namesize + 2);
+ memcpy(name, mdata, namesize);
+ *name_size = namesize + 2;
+ name[namesize++] = 0;
+ name[namesize] = 0;
+ }
+ }
+
+out:
+ kfree(mdsize);
+ kfree(mdata);
+
+ return opal_to_efi_status(rc);
+}
+
+static efi_status_t powerpc_set_variable(efi_char16_t *name, efi_guid_t *vendor,
+ u32 attr, unsigned long data_size,
+ void *data)
+{
+ int rc;
+ u8 *key;
+ unsigned long keylen;
+ u8 *metadata;
+ unsigned long mdsize;
+
+ if (!name)
+ return EFI_INVALID_PARAMETER;
+
+ if (!vendor)
+ return EFI_INVALID_PARAMETER;
+
+ createkey(name, &key, &keylen);
+ pr_info("%s: nayna key is %s\n", __func__, key);
+
+ createmetadata(name, vendor, &attr, &metadata, &mdsize);
+
+ rc = opal_set_variable(key, keylen, metadata, mdsize, data, data_size);
+
+ return opal_to_efi_status(rc);
+}
+
+
+static const struct efivar_operations efivar_ops = {
+ .get_variable = powerpc_get_variable,
+ .set_variable = powerpc_set_variable,
+ .get_next_variable = powerpc_get_next_variable,
+};
+
+
+static __init int power_secvar_init(void)
+{
+ int rc = 0;
+ unsigned long ver = 0;
+
+ rc = opal_variable_version(&ver);
+ if (ver != BACKEND_TC_COMPAT_V1) {
+ pr_info("Compatible backend unsupported\n");
+ return -1;
+ }
+
+ powerpc_kobj = kobject_create_and_add("secvar", firmware_kobj);
+ if (!powerpc_kobj) {
+ pr_info("secvar: Failed to create firmware kobj\n");
+ goto out_err;
+ }
+
+ rc = efivars_register(&efivars, &efivar_ops, powerpc_kobj);
+ if (rc) {
+ pr_info("powerpc: Failed to register efivars\n");
+ return rc;
+ }
+
+ return 0;
+out_err:
+ kobject_put(powerpc_kobj);
+ pr_info("powerpc: failed to load: %d\n", rc);
+ return rc;
+}
+arch_initcall(power_secvar_init);
+
+static void __exit power_secvar_exit(void)
+{
+ efivars_unregister(&efivars);
+ kobject_put(powerpc_kobj);
+}
+module_exit(power_secvar_exit);
+
+MODULE_AUTHOR("Nayna Jain");
+MODULE_LICENSE("GPL");
--
2.20.1
^ permalink raw reply related
* [PATCH 1/2] powerpc/powernv: add OPAL APIs for secure variables
From: Nayna Jain @ 2019-06-13 20:50 UTC (permalink / raw)
To: linuxppc-dev, linux-efi
Cc: Ard Biesheuvel, Eric Ricther, Nayna Jain, linux-kernel,
Mimi Zohar, Claudio Carvalho, Matthew Garret, Greg Kroah-Hartman,
Paul Mackerras, Jeremy Kerr, Elaine Palmer, linux-integrity,
George Wilson
In-Reply-To: <1560459027-5248-1-git-send-email-nayna@linux.ibm.com>
From: Claudio Carvalho <cclaudio@linux.ibm.com>
The X.509 certificates trusted by the platform and other information
required to secure boot the OS kernel are wrapped in secure variables,
which are controlled by OPAL. These variables are manipulated by
userspace tools using filesystem interface. This patch adds support
for the OPAL APIs required to expose variables to userspace.
OPAL_SECVAR_GET_NEXT:
For a given secure variable, it returns the name and vendor GUID
of the next variable.
OPAL_SECVAR_ENQUEUE_UPDATE:
Enqueue the supplied secure variable update so that it can be processed
by OPAL in the next boot. Variable updates cannot be be processed right
away because the variable storage is write locked at runtime.
OPAL_SECVAR_GET_SIZE:
Returns size information about the variable.
Signed-off-by: Claudio Carvalho <cclaudio@linux.ibm.com>
Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
---
arch/powerpc/include/asm/opal-api.h | 3 +
arch/powerpc/include/asm/opal-secvar.h | 9 +++
arch/powerpc/include/asm/opal.h | 8 +++
arch/powerpc/platforms/powernv/opal-call.c | 3 +
arch/powerpc/platforms/powernv/opal-secvar.c | 60 +++++++++++++++++++-
5 files changed, 82 insertions(+), 1 deletion(-)
diff --git a/arch/powerpc/include/asm/opal-api.h b/arch/powerpc/include/asm/opal-api.h
index a505e669b4b6..fa3083966efc 100644
--- a/arch/powerpc/include/asm/opal-api.h
+++ b/arch/powerpc/include/asm/opal-api.h
@@ -213,6 +213,9 @@
#define OPAL_NX_COPROC_INIT 167
#define OPAL_XIVE_GET_VP_STATE 170
#define OPAL_SECVAR_GET 173
+#define OPAL_SECVAR_GET_SIZE 174
+#define OPAL_SECVAR_GET_NEXT 175
+#define OPAL_SECVAR_ENQUEUE_UPDATE 176
#define OPAL_SECVAR_BACKEND 177
#define OPAL_LAST 177
diff --git a/arch/powerpc/include/asm/opal-secvar.h b/arch/powerpc/include/asm/opal-secvar.h
index b677171a0368..26ebbc63dd70 100644
--- a/arch/powerpc/include/asm/opal-secvar.h
+++ b/arch/powerpc/include/asm/opal-secvar.h
@@ -20,4 +20,13 @@ extern int opal_get_variable(u8 *key, unsigned long ksize,
extern int opal_variable_version(unsigned long *backend);
+extern int opal_get_variable_size(u8 *key, unsigned long ksize,
+ unsigned long *mdsize, unsigned long *dsize);
+
+extern int opal_get_next_variable(u8 *key, unsigned long *keylen,
+ unsigned long keysize);
+
+extern int opal_set_variable(u8 *key, unsigned long ksize, u8 *metadata,
+ unsigned long mdsize, u8 *data,
+ unsigned long dsize);
#endif
diff --git a/arch/powerpc/include/asm/opal.h b/arch/powerpc/include/asm/opal.h
index 57d2c2356eda..a6fcb59c91cc 100644
--- a/arch/powerpc/include/asm/opal.h
+++ b/arch/powerpc/include/asm/opal.h
@@ -399,6 +399,14 @@ extern int opal_secvar_get(uint64_t k_key, uint64_t k_key_len,
uint64_t k_data, uint64_t k_data_size);
extern int opal_secvar_backend(uint64_t k_backend);
+extern int opal_secvar_get_size(uint64_t k_key, uint64_t k_key_len,
+ uint64_t k_metadata_size, uint64_t k_data_size);
+extern int opal_secvar_get_next(uint64_t k_key, uint64_t k_key_len,
+ uint64_t k_key_size);
+extern int opal_secvar_enqueue_update(uint64_t k_key, uint64_t k_key_len,
+ uint64_t k_metadata,
+ uint64_t k_metadata_size,
+ uint64_t k_data, uint64_t k_data_size);
#endif /* __ASSEMBLY__ */
diff --git a/arch/powerpc/platforms/powernv/opal-call.c b/arch/powerpc/platforms/powernv/opal-call.c
index 0445980f294f..dda3a4c5bb79 100644
--- a/arch/powerpc/platforms/powernv/opal-call.c
+++ b/arch/powerpc/platforms/powernv/opal-call.c
@@ -290,3 +290,6 @@ OPAL_CALL(opal_sensor_group_enable, OPAL_SENSOR_GROUP_ENABLE);
OPAL_CALL(opal_nx_coproc_init, OPAL_NX_COPROC_INIT);
OPAL_CALL(opal_secvar_get, OPAL_SECVAR_GET);
OPAL_CALL(opal_secvar_backend, OPAL_SECVAR_BACKEND);
+OPAL_CALL(opal_secvar_get_size, OPAL_SECVAR_GET_SIZE);
+OPAL_CALL(opal_secvar_get_next, OPAL_SECVAR_GET_NEXT);
+OPAL_CALL(opal_secvar_enqueue_update, OPAL_SECVAR_ENQUEUE_UPDATE);
diff --git a/arch/powerpc/platforms/powernv/opal-secvar.c b/arch/powerpc/platforms/powernv/opal-secvar.c
index dba441dd5af1..afa67b87ad7a 100644
--- a/arch/powerpc/platforms/powernv/opal-secvar.c
+++ b/arch/powerpc/platforms/powernv/opal-secvar.c
@@ -30,7 +30,10 @@ static bool is_opal_secvar_supported(void)
return opal_secvar_supported;
if (!opal_check_token(OPAL_SECVAR_GET)
- || !opal_check_token(OPAL_SECVAR_BACKEND)) {
+ || !opal_check_token(OPAL_SECVAR_BACKEND)
+ || !opal_check_token(OPAL_SECVAR_GET_SIZE)
+ || !opal_check_token(OPAL_SECVAR_GET_NEXT)
+ || !opal_check_token(OPAL_SECVAR_ENQUEUE_UPDATE)) {
pr_err("OPAL doesn't support secure variables\n");
opal_secvar_supported = false;
} else {
@@ -83,3 +86,58 @@ int opal_variable_version(unsigned long *backend)
return rc;
}
+
+int opal_get_variable_size(u8 *key, unsigned long ksize, unsigned long *mdsize,
+ unsigned long *dsize)
+{
+ int rc;
+
+ if (!is_opal_secvar_supported())
+ return OPAL_UNSUPPORTED;
+
+ if (mdsize)
+ *mdsize = cpu_to_be64(*mdsize);
+ if (dsize)
+ *dsize = cpu_to_be64(*dsize);
+
+ rc = opal_secvar_get_size(__pa(key), ksize, __pa(mdsize), __pa(dsize));
+
+ if (mdsize)
+ *mdsize = be64_to_cpu(*mdsize);
+ if (dsize)
+ *dsize = be64_to_cpu(*dsize);
+ return rc;
+}
+
+int opal_get_next_variable(u8 *key, unsigned long *keylen,
+ unsigned long keysize)
+{
+ int rc;
+
+ if (!is_opal_secvar_supported())
+ return OPAL_UNSUPPORTED;
+
+ if (!keylen)
+ return OPAL_PARAMETER;
+ *keylen = cpu_to_be64(*keylen);
+
+ rc = opal_secvar_get_next(__pa(key), __pa(keylen), keysize);
+
+ *keylen = be64_to_cpu(*keylen);
+
+ return rc;
+}
+
+int opal_set_variable(u8 *key, unsigned long ksize, u8 *metadata,
+ unsigned long mdsize, u8 *data, unsigned long dsize)
+{
+ int rc;
+
+ if (!is_opal_secvar_supported())
+ return OPAL_UNSUPPORTED;
+
+ rc = opal_secvar_enqueue_update(__pa(key), ksize, __pa(metadata),
+ mdsize, __pa(data), dsize);
+
+ return rc;
+}
--
2.20.1
^ permalink raw reply related
* [PATCH 0/2] powerpc/powernv: expose secure variables to userspace
From: Nayna Jain @ 2019-06-13 20:50 UTC (permalink / raw)
To: linuxppc-dev, linux-efi
Cc: Ard Biesheuvel, Eric Ricther, Nayna Jain, linux-kernel,
Mimi Zohar, Claudio Carvalho, Matthew Garret, Greg Kroah-Hartman,
Paul Mackerras, Jeremy Kerr, Elaine Palmer, linux-integrity,
George Wilson
This patch set is part of a series that implements secure boot on PowerNV
systems[1]. The original series had been split into two patchsets:
1. powerpc: enable ima arch specific policies[2]
2. powerpc/powernv: expose secure variables to userspace, which is this
patchset.
Since there are major changes in this patchset compared to the previous
one[1], I am posting it as new series rather than v2.
As part of PowerNV secure boot support, NV OS verification keys are stored
and controlled by OPAL as secure variables. However, to allow users to
manage these keys, the secure variables need to be exposed to userspace.
OPAL provides the runtime services for the kernel to be able to access the
secure variables[3]. This patchset defines the kernel interface for the
OPAL APIs. These APIs are used by the hooks, which expose these variables
to userspace for reading/writing.
In order to reuse the existing tools, we currently use the efi hooks to
expose the secure variables via sysfs. Keeping the usability and
maintainability in mind, we are starting with this scheme as simple sysfs
implementation. We expect to refine it over time as we incorporate the
feedback.
The patchset makes substantial reuse of drivers/firmware/efi/efivars.c and
drivers/firmware/efi/vars.c, however because POWER platforms do not use
EFI, a new config, POWER_SECVAR_SYSFS, is defined to enable this sysfs
interface in POWER.
This patchset has a pre-requisiste of other OPAL APIs which are posted as
part of ima arch specific patches[2].
[1]https://patchwork.kernel.org/cover/10882149/
[2]https://lkml.org/lkml/2019/6/11/868
[3]https://patchwork.ozlabs.org/project/skiboot/list/?series=112868
Claudio Carvalho (1):
powerpc/powernv: add OPAL APIs for secure variables
Nayna Jain (1):
powerpc: expose secure variables via sysfs
arch/powerpc/Kconfig | 2 +
arch/powerpc/include/asm/opal-api.h | 3 +
arch/powerpc/include/asm/opal-secvar.h | 9 +
arch/powerpc/include/asm/opal.h | 8 +
arch/powerpc/platforms/powernv/opal-call.c | 3 +
arch/powerpc/platforms/powernv/opal-secvar.c | 60 +++-
drivers/firmware/Makefile | 1 +
drivers/firmware/efi/efivars.c | 2 +-
drivers/firmware/powerpc/Kconfig | 12 +
drivers/firmware/powerpc/Makefile | 3 +
drivers/firmware/powerpc/efi_error.c | 46 +++
drivers/firmware/powerpc/secvar.c | 326 +++++++++++++++++++
12 files changed, 473 insertions(+), 2 deletions(-)
create mode 100644 drivers/firmware/powerpc/Kconfig
create mode 100644 drivers/firmware/powerpc/Makefile
create mode 100644 drivers/firmware/powerpc/efi_error.c
create mode 100644 drivers/firmware/powerpc/secvar.c
--
2.20.1
^ permalink raw reply
* Re: [RFC PATCH] Replaces long number representation by BIT() macro
From: Leonardo Bras @ 2019-06-13 20:24 UTC (permalink / raw)
To: Michael Ellerman; +Cc: linuxppc-dev, Paul Mackerras, linux-kernel
In-Reply-To: <20190613180227.29558-1-leonardo@linux.ibm.com>
[-- Attachment #1: Type: text/plain, Size: 4767 bytes --]
Sorry, there is a typo on my commit message.
's/BIT_MASK/BIT/'
On Thu, 2019-06-13 at 15:02 -0300, Leonardo Bras wrote:
> The main reason of this change is to make these bitmasks more readable.
>
> The macro ASM_CONST() just appends an UL to it's parameter, so it can be
> easily replaced by BIT_MASK, that already uses a UL representation.
>
> ASM_CONST() in this file may behave different if __ASSEMBLY__ is defined,
> as it is used on .S files, just leaving the parameter as is.
>
> However, I have noticed no difference in the generated binary after this
> change.
>
> Signed-off-by: Leonardo Bras <leonardo@linux.ibm.com>
> ---
> arch/powerpc/include/asm/firmware.h | 75 ++++++++++++++---------------
> 1 file changed, 37 insertions(+), 38 deletions(-)
>
> diff --git a/arch/powerpc/include/asm/firmware.h b/arch/powerpc/include/asm/firmware.h
> index 00bc42d95679..7a5b0cc0bc85 100644
> --- a/arch/powerpc/include/asm/firmware.h
> +++ b/arch/powerpc/include/asm/firmware.h
> @@ -14,46 +14,45 @@
>
> #ifdef __KERNEL__
>
> -#include <asm/asm-const.h>
> -
> +#include <linux/bits.h>
> /* firmware feature bitmask values */
>
> -#define FW_FEATURE_PFT ASM_CONST(0x0000000000000001)
> -#define FW_FEATURE_TCE ASM_CONST(0x0000000000000002)
> -#define FW_FEATURE_SPRG0 ASM_CONST(0x0000000000000004)
> -#define FW_FEATURE_DABR ASM_CONST(0x0000000000000008)
> -#define FW_FEATURE_COPY ASM_CONST(0x0000000000000010)
> -#define FW_FEATURE_ASR ASM_CONST(0x0000000000000020)
> -#define FW_FEATURE_DEBUG ASM_CONST(0x0000000000000040)
> -#define FW_FEATURE_TERM ASM_CONST(0x0000000000000080)
> -#define FW_FEATURE_PERF ASM_CONST(0x0000000000000100)
> -#define FW_FEATURE_DUMP ASM_CONST(0x0000000000000200)
> -#define FW_FEATURE_INTERRUPT ASM_CONST(0x0000000000000400)
> -#define FW_FEATURE_MIGRATE ASM_CONST(0x0000000000000800)
> -#define FW_FEATURE_PERFMON ASM_CONST(0x0000000000001000)
> -#define FW_FEATURE_CRQ ASM_CONST(0x0000000000002000)
> -#define FW_FEATURE_VIO ASM_CONST(0x0000000000004000)
> -#define FW_FEATURE_RDMA ASM_CONST(0x0000000000008000)
> -#define FW_FEATURE_LLAN ASM_CONST(0x0000000000010000)
> -#define FW_FEATURE_BULK_REMOVE ASM_CONST(0x0000000000020000)
> -#define FW_FEATURE_XDABR ASM_CONST(0x0000000000040000)
> -#define FW_FEATURE_MULTITCE ASM_CONST(0x0000000000080000)
> -#define FW_FEATURE_SPLPAR ASM_CONST(0x0000000000100000)
> -#define FW_FEATURE_LPAR ASM_CONST(0x0000000000400000)
> -#define FW_FEATURE_PS3_LV1 ASM_CONST(0x0000000000800000)
> -#define FW_FEATURE_HPT_RESIZE ASM_CONST(0x0000000001000000)
> -#define FW_FEATURE_CMO ASM_CONST(0x0000000002000000)
> -#define FW_FEATURE_VPHN ASM_CONST(0x0000000004000000)
> -#define FW_FEATURE_XCMO ASM_CONST(0x0000000008000000)
> -#define FW_FEATURE_OPAL ASM_CONST(0x0000000010000000)
> -#define FW_FEATURE_SET_MODE ASM_CONST(0x0000000040000000)
> -#define FW_FEATURE_BEST_ENERGY ASM_CONST(0x0000000080000000)
> -#define FW_FEATURE_TYPE1_AFFINITY ASM_CONST(0x0000000100000000)
> -#define FW_FEATURE_PRRN ASM_CONST(0x0000000200000000)
> -#define FW_FEATURE_DRMEM_V2 ASM_CONST(0x0000000400000000)
> -#define FW_FEATURE_DRC_INFO ASM_CONST(0x0000000800000000)
> -#define FW_FEATURE_BLOCK_REMOVE ASM_CONST(0x0000001000000000)
> -#define FW_FEATURE_PAPR_SCM ASM_CONST(0x0000002000000000)
> +#define FW_FEATURE_PFT BIT(0)
> +#define FW_FEATURE_TCE BIT(1)
> +#define FW_FEATURE_SPRG0 BIT(2)
> +#define FW_FEATURE_DABR BIT(3)
> +#define FW_FEATURE_COPY BIT(4)
> +#define FW_FEATURE_ASR BIT(5)
> +#define FW_FEATURE_DEBUG BIT(6)
> +#define FW_FEATURE_TERM BIT(7)
> +#define FW_FEATURE_PERF BIT(8)
> +#define FW_FEATURE_DUMP BIT(9)
> +#define FW_FEATURE_INTERRUPT BIT(10)
> +#define FW_FEATURE_MIGRATE BIT(11)
> +#define FW_FEATURE_PERFMON BIT(12)
> +#define FW_FEATURE_CRQ BIT(13)
> +#define FW_FEATURE_VIO BIT(14)
> +#define FW_FEATURE_RDMA BIT(15)
> +#define FW_FEATURE_LLAN BIT(16)
> +#define FW_FEATURE_BULK_REMOVE BIT(17)
> +#define FW_FEATURE_XDABR BIT(18)
> +#define FW_FEATURE_MULTITCE BIT(19)
> +#define FW_FEATURE_SPLPAR BIT(20)
> +#define FW_FEATURE_LPAR BIT(22)
> +#define FW_FEATURE_PS3_LV1 BIT(23)
> +#define FW_FEATURE_HPT_RESIZE BIT(24)
> +#define FW_FEATURE_CMO BIT(25)
> +#define FW_FEATURE_VPHN BIT(26)
> +#define FW_FEATURE_XCMO BIT(27)
> +#define FW_FEATURE_OPAL BIT(28)
> +#define FW_FEATURE_SET_MODE BIT(30)
> +#define FW_FEATURE_BEST_ENERGY BIT(31)
> +#define FW_FEATURE_TYPE1_AFFINITY BIT(32)
> +#define FW_FEATURE_PRRN BIT(33)
> +#define FW_FEATURE_DRMEM_V2 BIT(34)
> +#define FW_FEATURE_DRC_INFO BIT(35)
> +#define FW_FEATURE_BLOCK_REMOVE BIT(36)
> +#define FW_FEATURE_PAPR_SCM BIT(37)
>
> #ifndef __ASSEMBLY__
>
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply
* Re: [PATCH] mm: Generalize and rename notify_page_fault() as kprobe_page_fault()
From: Andrew Morton @ 2019-06-13 20:04 UTC (permalink / raw)
To: Anshuman Khandual
Cc: Mark Rutland, Michal Hocko, linux-ia64, linux-sh, Peter Zijlstra,
Catalin Marinas, Dave Hansen, Will Deacon, linux-mips, linux-mm,
Paul Mackerras, sparclinux, linux-s390, Yoshinori Sato, x86,
Russell King, Matthew Wilcox, Ingo Molnar, James Hogan,
linux-snps-arc, Fenghua Yu, Stephen Rothwell, Andrey Konovalov,
Andy Lutomirski, Thomas Gleixner, linux-arm-kernel, Tony Luck,
Heiko Carstens, Vineet Gupta, linux-kernel, Ralf Baechle,
Paul Burton, Martin Schwidefsky, linuxppc-dev, David S. Miller
In-Reply-To: <1560420444-25737-1-git-send-email-anshuman.khandual@arm.com>
On Thu, 13 Jun 2019 15:37:24 +0530 Anshuman Khandual <anshuman.khandual@arm.com> wrote:
> Architectures which support kprobes have very similar boilerplate around
> calling kprobe_fault_handler(). Use a helper function in kprobes.h to unify
> them, based on the x86 code.
>
> This changes the behaviour for other architectures when preemption is
> enabled. Previously, they would have disabled preemption while calling the
> kprobe handler. However, preemption would be disabled if this fault was
> due to a kprobe, so we know the fault was not due to a kprobe handler and
> can simply return failure.
>
> This behaviour was introduced in the commit a980c0ef9f6d ("x86/kprobes:
> Refactor kprobes_fault() like kprobe_exceptions_notify()")
>
> ...
>
> --- a/arch/arm/mm/fault.c
> +++ b/arch/arm/mm/fault.c
> @@ -30,28 +30,6 @@
>
> #ifdef CONFIG_MMU
>
> -#ifdef CONFIG_KPROBES
> -static inline int notify_page_fault(struct pt_regs *regs, unsigned int fsr)
Some architectures make this `static inline'. Others make it
`nokprobes_inline', others make it `static inline __kprobes'. The
latter seems weird - why try to put an inline function into
.kprobes.text?
So.. what's the best thing to do here? You chose `static
nokprobe_inline' - is that the best approach, if so why? Does
kprobe_page_fault() actually need to be inlined?
Also, some architectures had notify_page_fault returning int, others
bool. You chose bool and that seems appropriate and all callers are OK
with that.
^ permalink raw reply
* Re: [PATCH v3 2/4] crypto: talitos - fix hash on SEC1.
From: Horia Geanta @ 2019-06-13 19:07 UTC (permalink / raw)
To: Christophe Leroy, Herbert Xu, David S. Miller
Cc: linuxppc-dev@lists.ozlabs.org, linux-crypto@vger.kernel.org,
linux-kernel@vger.kernel.org
In-Reply-To: <732ca0ff440bf4cd589d844cfda71d96efd500f5.1560429844.git.christophe.leroy@c-s.fr>
On 6/13/2019 3:48 PM, Christophe Leroy wrote:
> On SEC1, hash provides wrong result when performing hashing in several
> steps with input data SG list has more than one element. This was
> detected with CONFIG_CRYPTO_MANAGER_EXTRA_TESTS:
>
> [ 44.185947] alg: hash: md5-talitos test failed (wrong result) on test vector 6, cfg="random: may_sleep use_finup src_divs=[<reimport>25.88%@+8063, <flush>24.19%@+9588, 28.63%@+16333, <reimport>4.60%@+6756, 16.70%@+16281] dst_divs=[71.61%@alignmask+16361, 14.36%@+7756, 14.3%@+"
> [ 44.325122] alg: hash: sha1-talitos test failed (wrong result) on test vector 3, cfg="random: inplace use_final src_divs=[<flush,nosimd>16.56%@+16378, <reimport>52.0%@+16329, 21.42%@alignmask+16380, 10.2%@alignmask+16380] iv_offset=39"
> [ 44.493500] alg: hash: sha224-talitos test failed (wrong result) on test vector 4, cfg="random: use_final nosimd src_divs=[<reimport>52.27%@+7401, <reimport>17.34%@+16285, <flush>17.71%@+26, 12.68%@+10644] iv_offset=43"
> [ 44.673262] alg: hash: sha256-talitos test failed (wrong result) on test vector 4, cfg="random: may_sleep use_finup src_divs=[<reimport>60.6%@+12790, 17.86%@+1329, <reimport>12.64%@alignmask+16300, 8.29%@+15, 0.40%@+13506, <reimport>0.51%@+16322, <reimport>0.24%@+16339] dst_divs"
>
> This is due to two issues:
> - We have an overlap between the buffer used for copying the input
> data (SEC1 doesn't do scatter/gather) and the chained descriptor.
> - Data copy is wrong when the previous hash left less than one
> blocksize of data to hash, implying a complement of the previous
> block with a few bytes from the new request.
>
I fail to spot these issues.
IIUC in case of SEC1, the variable part of talitos_edesc structure contains
a 2nd "chained" descriptor (talitos_desc struct) followed by an area
dedicated to linearizing the input (in case input is scattered).
Where is the overlap?
> Fix it by:
> - Moving the second descriptor after the buffer, as moving the buffer
> after the descriptor would make it more complex for other cipher
> operations (AEAD, ABLKCIPHER)
> - Rebuiding a new data SG list without the bytes taken from the new
> request to complete the previous one.
>
> Preceding patch ("crypto: talitos - move struct talitos_edesc into
> talitos.h") as required for this change to build properly.
>
> Fixes: 37b5e8897eb5 ("crypto: talitos - chain in buffered data for ahash on SEC1")
> Cc: stable@vger.kernel.org
> Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
> ---
> drivers/crypto/talitos.c | 63 ++++++++++++++++++++++++++++++------------------
> 1 file changed, 40 insertions(+), 23 deletions(-)
>
> diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
> index 5b401aec6c84..4f03baef952b 100644
> --- a/drivers/crypto/talitos.c
> +++ b/drivers/crypto/talitos.c
> @@ -336,15 +336,18 @@ static void flush_channel(struct device *dev, int ch, int error, int reset_ch)
> tail = priv->chan[ch].tail;
> while (priv->chan[ch].fifo[tail].desc) {
> __be32 hdr;
> + struct talitos_edesc *edesc;
>
> request = &priv->chan[ch].fifo[tail];
> + edesc = container_of(request->desc, struct talitos_edesc, desc);
>
> /* descriptors with their done bits set don't get the error */
> rmb();
> if (!is_sec1)
> hdr = request->desc->hdr;
> else if (request->desc->next_desc)
> - hdr = (request->desc + 1)->hdr1;
> + hdr = ((struct talitos_desc *)
> + (edesc->buf + edesc->dma_len))->hdr1;
> else
> hdr = request->desc->hdr1;
>
> @@ -476,8 +479,14 @@ static u32 current_desc_hdr(struct device *dev, int ch)
> }
> }
>
> - if (priv->chan[ch].fifo[iter].desc->next_desc == cur_desc)
> - return (priv->chan[ch].fifo[iter].desc + 1)->hdr;
> + if (priv->chan[ch].fifo[iter].desc->next_desc == cur_desc) {
> + struct talitos_edesc *edesc;
> +
> + edesc = container_of(priv->chan[ch].fifo[iter].desc,
> + struct talitos_edesc, desc);
> + return ((struct talitos_desc *)
> + (edesc->buf + edesc->dma_len))->hdr;
> + }
>
> return priv->chan[ch].fifo[iter].desc->hdr;
> }
> @@ -1402,15 +1411,11 @@ static struct talitos_edesc *talitos_edesc_alloc(struct device *dev,
> edesc->dst_nents = dst_nents;
> edesc->iv_dma = iv_dma;
> edesc->dma_len = dma_len;
> - if (dma_len) {
> - void *addr = &edesc->link_tbl[0];
> -
> - if (is_sec1 && !dst)
> - addr += sizeof(struct talitos_desc);
> - edesc->dma_link_tbl = dma_map_single(dev, addr,
> + if (dma_len)
> + edesc->dma_link_tbl = dma_map_single(dev, &edesc->link_tbl[0],
> edesc->dma_len,
> DMA_BIDIRECTIONAL);
> - }
> +
> return edesc;
> }
>
> @@ -1722,14 +1727,16 @@ static void common_nonsnoop_hash_unmap(struct device *dev,
> struct talitos_private *priv = dev_get_drvdata(dev);
> bool is_sec1 = has_ftr_sec1(priv);
> struct talitos_desc *desc = &edesc->desc;
> - struct talitos_desc *desc2 = desc + 1;
> + struct talitos_desc *desc2 = (struct talitos_desc *)
> + (edesc->buf + edesc->dma_len);
>
> unmap_single_talitos_ptr(dev, &edesc->desc.ptr[5], DMA_FROM_DEVICE);
> if (desc->next_desc &&
> desc->ptr[5].ptr != desc2->ptr[5].ptr)
> unmap_single_talitos_ptr(dev, &desc2->ptr[5], DMA_FROM_DEVICE);
>
> - talitos_sg_unmap(dev, edesc, req_ctx->psrc, NULL, 0, 0);
> + if (req_ctx->psrc)
> + talitos_sg_unmap(dev, edesc, req_ctx->psrc, NULL, 0, 0);
>
> /* When using hashctx-in, must unmap it. */
> if (from_talitos_ptr_len(&edesc->desc.ptr[1], is_sec1))
> @@ -1796,7 +1803,6 @@ static void talitos_handle_buggy_hash(struct talitos_ctx *ctx,
>
> static int common_nonsnoop_hash(struct talitos_edesc *edesc,
> struct ahash_request *areq, unsigned int length,
> - unsigned int offset,
> void (*callback) (struct device *dev,
> struct talitos_desc *desc,
> void *context, int error))
> @@ -1835,9 +1841,7 @@ static int common_nonsnoop_hash(struct talitos_edesc *edesc,
>
> sg_count = edesc->src_nents ?: 1;
> if (is_sec1 && sg_count > 1)
> - sg_pcopy_to_buffer(req_ctx->psrc, sg_count,
> - edesc->buf + sizeof(struct talitos_desc),
> - length, req_ctx->nbuf);
> + sg_copy_to_buffer(req_ctx->psrc, sg_count, edesc->buf, length);
> else if (length)
> sg_count = dma_map_sg(dev, req_ctx->psrc, sg_count,
> DMA_TO_DEVICE);
> @@ -1850,7 +1854,7 @@ static int common_nonsnoop_hash(struct talitos_edesc *edesc,
> DMA_TO_DEVICE);
> } else {
> sg_count = talitos_sg_map(dev, req_ctx->psrc, length, edesc,
> - &desc->ptr[3], sg_count, offset, 0);
> + &desc->ptr[3], sg_count, 0, 0);
> if (sg_count > 1)
> sync_needed = true;
> }
> @@ -1874,7 +1878,8 @@ static int common_nonsnoop_hash(struct talitos_edesc *edesc,
> talitos_handle_buggy_hash(ctx, edesc, &desc->ptr[3]);
>
> if (is_sec1 && req_ctx->nbuf && length) {
> - struct talitos_desc *desc2 = desc + 1;
> + struct talitos_desc *desc2 = (struct talitos_desc *)
> + (edesc->buf + edesc->dma_len);
> dma_addr_t next_desc;
>
> memset(desc2, 0, sizeof(*desc2));
> @@ -1895,7 +1900,7 @@ static int common_nonsnoop_hash(struct talitos_edesc *edesc,
> DMA_TO_DEVICE);
> copy_talitos_ptr(&desc2->ptr[2], &desc->ptr[2], is_sec1);
> sg_count = talitos_sg_map(dev, req_ctx->psrc, length, edesc,
> - &desc2->ptr[3], sg_count, offset, 0);
> + &desc2->ptr[3], sg_count, 0, 0);
> if (sg_count > 1)
> sync_needed = true;
> copy_talitos_ptr(&desc2->ptr[5], &desc->ptr[5], is_sec1);
> @@ -2006,7 +2011,6 @@ static int ahash_process_req(struct ahash_request *areq, unsigned int nbytes)
> struct device *dev = ctx->dev;
> struct talitos_private *priv = dev_get_drvdata(dev);
> bool is_sec1 = has_ftr_sec1(priv);
> - int offset = 0;
> u8 *ctx_buf = req_ctx->buf[req_ctx->buf_idx];
>
> if (!req_ctx->last && (nbytes + req_ctx->nbuf <= blocksize)) {
> @@ -2046,6 +2050,9 @@ static int ahash_process_req(struct ahash_request *areq, unsigned int nbytes)
> sg_chain(req_ctx->bufsl, 2, areq->src);
> req_ctx->psrc = req_ctx->bufsl;
> } else if (is_sec1 && req_ctx->nbuf && req_ctx->nbuf < blocksize) {
> + int offset;
> + struct scatterlist *sg;
> +
> if (nbytes_to_hash > blocksize)
> offset = blocksize - req_ctx->nbuf;
> else
> @@ -2058,7 +2065,18 @@ static int ahash_process_req(struct ahash_request *areq, unsigned int nbytes)
> sg_copy_to_buffer(areq->src, nents,
> ctx_buf + req_ctx->nbuf, offset);
> req_ctx->nbuf += offset;
> - req_ctx->psrc = areq->src;
> + for (sg = areq->src; sg && offset >= sg->length;
> + offset -= sg->length, sg = sg_next(sg))
> + ;
> + if (offset) {
> + sg_init_table(req_ctx->bufsl, 2);
> + sg_set_buf(req_ctx->bufsl, sg_virt(sg) + offset,
> + sg->length - offset);
> + sg_chain(req_ctx->bufsl, 2, sg_next(sg));
> + req_ctx->psrc = req_ctx->bufsl;
> + } else {
> + req_ctx->psrc = sg;
> + }
> } else
> req_ctx->psrc = areq->src;
>
> @@ -2098,8 +2116,7 @@ static int ahash_process_req(struct ahash_request *areq, unsigned int nbytes)
> if (ctx->keylen && (req_ctx->first || req_ctx->last))
> edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_HMAC;
>
> - return common_nonsnoop_hash(edesc, areq, nbytes_to_hash, offset,
> - ahash_done);
> + return common_nonsnoop_hash(edesc, areq, nbytes_to_hash, ahash_done);
> }
>
> static int ahash_update(struct ahash_request *areq)
>
^ permalink raw reply
* Re: [PATCH] powerpc: enable a 30-bit ZONE_DMA for 32-bit pmac
From: Larry Finger @ 2019-06-13 18:51 UTC (permalink / raw)
To: Christoph Hellwig, benh, paulus, mpe
Cc: linuxppc-dev, linux-kernel, aaro.koskinen
In-Reply-To: <20190613082446.18685-1-hch@lst.de>
On 6/13/19 3:24 AM, Christoph Hellwig wrote:
> With the strict dma mask checking introduced with the switch to
> the generic DMA direct code common wifi chips on 32-bit powerbooks
> stopped working. Add a 30-bit ZONE_DMA to the 32-bit pmac builds
> to allow them to reliably allocate dma coherent memory.
>
> Fixes: 65a21b71f948 ("powerpc/dma: remove dma_nommu_dma_supported")
> Reported-by: Aaro Koskinen <aaro.koskinen@iki.fi>
> Signed-off-by: Christoph Hellwig <hch@lst.de>
As expected, it works. The patch needs
Cc: Stable <stable*vger.kernel.org> # v5.1+
Tested-by: Larry Finger <Larry.Finger@lwfinger.net>
Acked-by: Larry Finger <Larry.Finger@lwfinger.net>
Thanks for the help, and the patience with my debugging problems with u64 variables.
Larry
^ permalink raw reply
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox