Received: by 10.192.165.148 with SMTP id m20csp527053imm; Fri, 20 Apr 2018 10:36:14 -0700 (PDT) X-Google-Smtp-Source: AIpwx487ZE3BBRshmH1Cj3/J3QmuOOJMhT95p2k0PQRLaKKJSv1RH7sKAj9lpqCG/7e/2+4vDRca X-Received: by 10.99.114.14 with SMTP id n14mr9096600pgc.384.1524245774642; Fri, 20 Apr 2018 10:36:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1524245774; cv=none; d=google.com; s=arc-20160816; b=o/GolH9FUxizrg0SQNuDUbJjz4UqSkik7jE6be11Ajg1I8bJkG304+ZSKN1EprJW4l 9Z+ge+vumrbIFeab23QQl46FCkdYmZNBWTuewGPWLuRZXKlCXOyZjOhty7I+CdvzZ0FG o9M1b3wfyxO5E83URn39RcMmSC63wIKBTOvlqTCnfK7Mrz+aTfWCBnS+R1OoNz55s7xh CNkJLZEvJTtqkTSsdsWJ3gGMXPydlXs+hs5JefspJ0xfyZlCE0iu7zqYu3uME8d1Ffj3 9Lks7u2+s/gqCCQ2/Otyk/3iVDL0pPOuuYcwnDiioCNTSXc9Pcc35gGAwDL18qrF4ACo Oumg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature:arc-authentication-results; bh=Eq/Q7uYzctJMZTLq4vlZGY2hfkrDRppFOv/68PnjsN8=; b=aroKmpDg4HjVssK3o6j2wwPlyUXMJFjBerXqcopg/gVliQTkqureKI49sqTpNYmIwI KJVVIFswGAeBziYC7WP1HCeZrIH0DEaca+U5nyXiX0MuHYem4rEox0IduRU98L+PEod5 teIm0q72odLI+qSCTqhqh1FWIXb/AwU/9aOt5jDHioZMdK35gPs2Zykc1N7gRdXbt4wP DhmH22wzBq/tXkBxzQDNA1GrmT7cIe1I+b6BS90vcpL+k16Ev8P2FDf1wHL2OMYdJ7kR m1cNqDS07v6Z7N48SIEyRgb6XfgeSQOwhLOfkWdRo85A163plKzLBOjeRzYv9Ny24aHs NcoA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=bXKs53LW; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x189si5263936pgb.384.2018.04.20.10.35.58; Fri, 20 Apr 2018 10:36:14 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=bXKs53LW; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753347AbeDTReT (ORCPT + 99 others); Fri, 20 Apr 2018 13:34:19 -0400 Received: from userp2120.oracle.com ([156.151.31.85]:57332 "EHLO userp2120.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752618AbeDTReQ (ORCPT ); Fri, 20 Apr 2018 13:34:16 -0400 Received: from pps.filterd (userp2120.oracle.com [127.0.0.1]) by userp2120.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w3KHVrYt154677; Fri, 20 Apr 2018 17:34:08 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : to : cc : subject : date : message-id : in-reply-to : references; s=corp-2017-10-26; bh=Eq/Q7uYzctJMZTLq4vlZGY2hfkrDRppFOv/68PnjsN8=; b=bXKs53LWgwfI/gCdutxgtCOh3kjZP2J3NJ1VeLe2t5LGsQMasQP8OW1WeDd15wqFQNrt 5RlSjA19e9pzkLHiaJ0CPgtwdrom1CL+FdbpuX46QW/ARQb26/moy5pvHHWNWgwZO5Sj xpa+k7TJ1Iacu2+Eu87SQF4wPGA+7zW0yCcOPyuiBSoJBf1Mfq4vmTxArWyfa3VFcA54 D9gGJKGOR5n6lUrHVljiKXOO3x5qw/FIPwTo+mK1asLorRV5aYNXaIMSNuxhy3ewiGAX 6r5a03Q+wsSKTuVM0T3Skil5V+qVy1kb8tWpAFKiMOK9Bcq8dMeA5TkhgVQTXko5rGuf Ow== Received: from aserv0021.oracle.com (aserv0021.oracle.com [141.146.126.233]) by userp2120.oracle.com with ESMTP id 2hdrxpdq3h-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 20 Apr 2018 17:34:08 +0000 Received: from brm-t84-02.us.oracle.com (brm-t84-02.us.oracle.com [10.80.150.81]) by aserv0021.oracle.com (8.14.4/8.14.4) with ESMTP id w3KHY63F015039; Fri, 20 Apr 2018 17:34:06 GMT From: Tom Hromatka To: davem@davemloft.net Cc: sparclinux@vger.kernel.org, arnd@arndb.de, gregkh@linuxfoundation.org, linux-kernel@vger.kernel.org, tom.hromatka@oracle.com, shuah@kernel.org, linux-kselftest@vger.kernel.org, allen.pais@oracle.com, khalid.aziz@oracle.com, shannon.nelson@oracle.com, anthony.yznaga@oracle.com Subject: [PATCH v2 1/2] char: sparc64: Add privileged ADI driver Date: Fri, 20 Apr 2018 11:34:05 -0600 Message-Id: <20180420173406.485815-2-tom.hromatka@oracle.com> X-Mailer: git-send-email 2.15.0 In-Reply-To: <20180420173406.485815-1-tom.hromatka@oracle.com> References: <20180420173406.485815-1-tom.hromatka@oracle.com> X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8869 signatures=668698 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=1 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1804200175 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org SPARC M7 and newer processors utilize ADI to version and protect memory. This driver is capable of reading/writing ADI/MCD versions from privileged user space processes. Addresses in the adi file are mapped linearly to physical memory at a ratio of 1:adi_blksz. Thus, a read (or write) of offset K in the file operates upon the ADI version at physical address K * adi_blksz. The version information is encoded as one version per byte. Intended consumers are makedumpfile and crash. Signed-off-by: Tom Hromatka Reviewed-by: Khalid Aziz Reviewed-by: Shannon Nelson Reviewed-by: Anthony Yznaga --- drivers/char/Kconfig | 12 +++ drivers/char/Makefile | 1 + drivers/char/adi.c | 251 ++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 264 insertions(+) create mode 100644 drivers/char/adi.c diff --git a/drivers/char/Kconfig b/drivers/char/Kconfig index 40947a796666..5ecddc95a698 100644 --- a/drivers/char/Kconfig +++ b/drivers/char/Kconfig @@ -540,5 +540,17 @@ source "drivers/s390/char/Kconfig" source "drivers/char/xillybus/Kconfig" +config ADI + tristate "SPARC Privileged ADI driver" + depends on SPARC64 + default m + help + SPARC M7 and newer processors utilize ADI (Application Data + Integrity) to version and protect memory. This driver provides + read/write access to the ADI versions for privileged processes. + This feature is also known as MCD (Memory Corruption Detection) + and SSM (Silicon Secured Memory). Intended consumers of this + driver include crash and makedumpfile. + endmenu diff --git a/drivers/char/Makefile b/drivers/char/Makefile index c97c768cd1dd..b8d42b4e979b 100644 --- a/drivers/char/Makefile +++ b/drivers/char/Makefile @@ -57,3 +57,4 @@ js-rtc-y = rtc.o obj-$(CONFIG_XILLYBUS) += xillybus/ obj-$(CONFIG_POWERNV_OP_PANEL) += powernv-op-panel.o +obj-$(CONFIG_ADI) += adi.o diff --git a/drivers/char/adi.c b/drivers/char/adi.c new file mode 100644 index 000000000000..f94ddba092e8 --- /dev/null +++ b/drivers/char/adi.c @@ -0,0 +1,251 @@ +/* + * Copyright (c) 2017, 2018, Oracle and/or its affiliates. All rights reserved. + * Author: Tom Hromatka + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ +#include +#include +#include +#include +#include +#include +#include + +#define MODULE_NAME "adi" +#define MAX_BUF_SZ 4096 + +static int adi_open(struct inode *inode, struct file *file) +{ + file->f_mode |= FMODE_UNSIGNED_OFFSET; + return 0; +} + +static int read_mcd_tag(unsigned long addr) +{ + long err; + int ver; + + __asm__ __volatile__( + "1: ldxa [%[addr]] %[asi], %[ver]\n" + " mov 0, %[err]\n" + "2:\n" + " .section .fixup,#alloc,#execinstr\n" + " .align 4\n" + "3: sethi %%hi(2b), %%g1\n" + " jmpl %%g1 + %%lo(2b), %%g0\n" + " mov %[invalid], %[err]\n" + " .previous\n" + " .section __ex_table, \"a\"\n" + " .align 4\n" + " .word 1b, 3b\n" + " .previous\n" + : [ver] "=r" (ver), [err] "=r" (err) + : [addr] "r" (addr), [invalid] "i" (EFAULT), + [asi] "i" (ASI_MCD_REAL) + : "memory", "g1" + ); + + if (err) + return -EFAULT; + else + return ver; +} + +static ssize_t adi_read(struct file *file, char __user *buf, + size_t count, loff_t *offp) +{ + size_t ver_buf_sz, bytes_read = 0; + int ver_buf_idx = 0; + loff_t offset; + u8 *ver_buf; + ssize_t ret; + + ver_buf_sz = min_t(size_t, count, MAX_BUF_SZ); + ver_buf = kmalloc(ver_buf_sz, GFP_KERNEL); + if (!ver_buf) + return -ENOMEM; + + offset = (*offp) * adi_blksize(); + + while (bytes_read < count) { + ret = read_mcd_tag(offset); + if (ret < 0) + goto out; + + ver_buf[ver_buf_idx] = (u8)ret; + ver_buf_idx++; + offset += adi_blksize(); + + if (ver_buf_idx >= ver_buf_sz) { + if (copy_to_user(buf + bytes_read, ver_buf, + ver_buf_sz)) { + ret = -EFAULT; + goto out; + } + + bytes_read += ver_buf_sz; + ver_buf_idx = 0; + + ver_buf_sz = min(count - bytes_read, + (size_t)MAX_BUF_SZ); + } + } + + (*offp) += bytes_read; + ret = bytes_read; +out: + kfree(ver_buf); + return ret; +} + +static int set_mcd_tag(unsigned long addr, u8 ver) +{ + long err; + + __asm__ __volatile__( + "1: stxa %[ver], [%[addr]] %[asi]\n" + " mov 0, %[err]\n" + "2:\n" + " .section .fixup,#alloc,#execinstr\n" + " .align 4\n" + "3: sethi %%hi(2b), %%g1\n" + " jmpl %%g1 + %%lo(2b), %%g0\n" + " mov %[invalid], %[err]\n" + " .previous\n" + " .section __ex_table, \"a\"\n" + " .align 4\n" + " .word 1b, 3b\n" + " .previous\n" + : [err] "=r" (err) + : [ver] "r" (ver), [addr] "r" (addr), + [invalid] "i" (EFAULT), [asi] "i" (ASI_MCD_REAL) + : "memory", "g1" + ); + + if (err) + return -EFAULT; + else + return ver; +} + +static ssize_t adi_write(struct file *file, const char __user *buf, + size_t count, loff_t *offp) +{ + size_t ver_buf_sz, bytes_written = 0; + loff_t offset; + u8 *ver_buf; + ssize_t ret; + int i; + + if (count <= 0) + return -EINVAL; + + ver_buf_sz = min_t(size_t, count, MAX_BUF_SZ); + ver_buf = kmalloc(ver_buf_sz, (size_t)GFP_KERNEL); + if (!ver_buf) + return -ENOMEM; + + offset = (*offp) * adi_blksize(); + + do { + if (copy_from_user(ver_buf, &buf[bytes_written], + ver_buf_sz)) { + ret = -EFAULT; + goto out; + } + + for (i = 0; i < ver_buf_sz; i++) { + ret = set_mcd_tag(offset, ver_buf[i]); + if (ret < 0) + goto out; + + offset += adi_blksize(); + } + + bytes_written += ver_buf_sz; + ver_buf_sz = min(count - bytes_written, (size_t)MAX_BUF_SZ); + } while (bytes_written < count); + + (*offp) += bytes_written; + ret = bytes_written; +out: + __asm__ __volatile__("membar #Sync"); + kfree(ver_buf); + return ret; +} + +static loff_t adi_llseek(struct file *file, loff_t offset, int whence) +{ + loff_t ret = -EINVAL; + + switch (whence) { + case SEEK_END: + case SEEK_DATA: + case SEEK_HOLE: + /* unsupported */ + return -EINVAL; + case SEEK_CUR: + if (offset == 0) + return file->f_pos; + + offset += file->f_pos; + break; + case SEEK_SET: + break; + } + + if (offset != file->f_pos) { + file->f_pos = offset; + file->f_version = 0; + ret = offset; + } + + return ret; +} + +static const struct file_operations adi_fops = { + .owner = THIS_MODULE, + .llseek = adi_llseek, + .open = adi_open, + .read = adi_read, + .write = adi_write, +}; + +static struct miscdevice adi_miscdev = { + .minor = MISC_DYNAMIC_MINOR, + .name = MODULE_NAME, + .fops = &adi_fops, +}; + +static int __init adi_init(void) +{ + if (!adi_capable()) + return -EPERM; + + return misc_register(&adi_miscdev); +} + +static void __exit adi_exit(void) +{ + misc_deregister(&adi_miscdev); +} + +module_init(adi_init); +module_exit(adi_exit); + +MODULE_AUTHOR("Tom Hromatka "); +MODULE_DESCRIPTION("Privileged interface to ADI"); +MODULE_VERSION("1.0"); +MODULE_LICENSE("GPL"); -- 2.15.0