Received: by 2002:a05:6a10:a852:0:0:0:0 with SMTP id d18csp3077073pxy; Mon, 3 May 2021 14:39:57 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx5jWDx8m8nvtk5LXOs9a7/Pg4WRraAN2njzWpn5dRsR/Je6kSUCPxqcEb5QHMUVGc6DgB7 X-Received: by 2002:a17:906:1701:: with SMTP id c1mr7377703eje.425.1620077997411; Mon, 03 May 2021 14:39:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1620077997; cv=none; d=google.com; s=arc-20160816; b=JE+VraAKaBclWhDJHe2rbSgdtjuuM3924Apvgyz8BDoz+FByaumRaSkAHauw1N4xsF z9mvkWtBMEfly+wsJIPd9+X9K2XdPOU9+M3L6S0pCQzl3vN174b95y2N0PePLHIBQybZ Mixdtam/6r342BryqUTQhqAxqNSNStVNJEHHLbVu1aItCwCPL4f8OgeiUnzPpEjM0njh vHUR0oZcBaT4CZv5Vragf97zc1DVA15S08zgVWgHY2diOl8ahup1yIdCqOqxJyg791lp XIxfeuG1nHzc7DA26Tut7DbaozRKla610bFfq1HbrIyK9KFsWz2vNdvvTJZJaXaakbcl USxA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :ironport-sdr:ironport-sdr; bh=1u3rrxIl2l3sKiQyOx6ITzNdtoNSGXt4RCYUgMp23Gw=; b=aKHwBm+ZAWh9aM+IVXfkRzpwlet+aYuq1gHx50rJBmCISZQ3idNA0eXec8PONXmX8u sZ5cjbwRmO8iDysQ9K1qUDzCQZzICoiTqbd3/qp7L/WootuKpD6rndYCkffrks5SRRD8 RThh/ZDLAkCydeaqimmr3pVeqC2g2VyWAbEh0kHUZ7nG+PJTKztg6lKFiGPAFJ/Wccdn Xw+ftffThEtHMy2a20obMyoH5IdU1/OqHVyzh67fdBNS+mSVQPCFxwd4fLpdYav1XCVu 9P4eZWnSyCwDbbLOEysYLlpKEnYhwz5Suq8y+x61X7hnDMYqx7SYtMPzaQ3nmV3Espyk 1XmA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id u14si942044ejb.680.2021.05.03.14.39.33; Mon, 03 May 2021 14:39:57 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229948AbhECVhJ (ORCPT + 99 others); Mon, 3 May 2021 17:37:09 -0400 Received: from mga18.intel.com ([134.134.136.126]:6737 "EHLO mga18.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229811AbhECVgy (ORCPT ); Mon, 3 May 2021 17:36:54 -0400 IronPort-SDR: W+VjOAUM3Y+4OtqRZ5LzyOm4/3/N+VNiGiFxv7sZz9MlTFu+eJC61pZ9VFCzwW6Xa5g1u5pagQ Y/JYyNjwPS3A== X-IronPort-AV: E=McAfee;i="6200,9189,9973"; a="185312178" X-IronPort-AV: E=Sophos;i="5.82,271,1613462400"; d="scan'208";a="185312178" Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 03 May 2021 14:36:00 -0700 IronPort-SDR: FKuEZvYAedH8IysQoHIwRCTnR3JsGWNO6uUETeFxK2LsJNqGDuN/GJiZgm6fbNyMGKI0QqDgLY uWgpJghpQbjw== X-IronPort-AV: E=Sophos;i="5.82,271,1613462400"; d="scan'208";a="428548831" Received: from rhweight-mobl2.amr.corp.intel.com (HELO rhweight-mobl2.ra.intel.com) ([10.212.218.202]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 03 May 2021 14:35:59 -0700 From: Russ Weight To: mdf@kernel.org, linux-fpga@vger.kernel.org, linux-kernel@vger.kernel.org Cc: trix@redhat.com, lgoncalv@redhat.com, yilun.xu@intel.com, hao.wu@intel.com, matthew.gerlach@intel.com, richard.gong@intel.com, Russ Weight Subject: [PATCH v12 7/7] fpga: sec-mgr: expose hardware error info Date: Mon, 3 May 2021 14:35:46 -0700 Message-Id: <20210503213546.316439-8-russell.h.weight@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210503213546.316439-1-russell.h.weight@intel.com> References: <20210503213546.316439-1-russell.h.weight@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Extend the FPGA Security Manager class driver to include an optional update/hw_errinfo sysfs node that can be used to retrieve 64 bits of device specific error information following a secure update failure. The underlying driver must provide a get_hw_errinfo() callback function to enable this feature. This data is treated as opaque by the class driver. It is left to user-space software or support personnel to interpret this data. Signed-off-by: Russ Weight Reviewed-by: Tom Rix --- v12: - Updated Date and KernelVersion fields in ABI documentation v11: - No change v10: - Rebased to 5.12-rc2 next - Updated Date and KernelVersion in ABI documentation v9: - Updated Date and KernelVersion in ABI documentation v8: - No change v7: - Changed Date in documentation file to December 2020 v6: - No change v5: - No change v4: - Changed from "Intel FPGA Security Manager" to FPGA Security Manager" and removed unnecessary references to "Intel". - Changed: iops -> sops, imgr -> smgr, IFPGA_ -> FPGA_, ifpga_ to fpga_ v3: - No change v2: - Bumped documentation date and version --- .../ABI/testing/sysfs-class-fpga-sec-mgr | 14 +++++++ drivers/fpga/fpga-sec-mgr.c | 38 +++++++++++++++++++ include/linux/fpga/fpga-sec-mgr.h | 5 +++ 3 files changed, 57 insertions(+) diff --git a/Documentation/ABI/testing/sysfs-class-fpga-sec-mgr b/Documentation/ABI/testing/sysfs-class-fpga-sec-mgr index 749f2d4c78d3..f1881ce39c63 100644 --- a/Documentation/ABI/testing/sysfs-class-fpga-sec-mgr +++ b/Documentation/ABI/testing/sysfs-class-fpga-sec-mgr @@ -65,3 +65,17 @@ Description: Read-only. Returns a string describing the failure idle state. If this file is read while a secure update is in progress, then the read will fail with EBUSY. + +What: /sys/class/fpga_sec_mgr/fpga_secX/update/hw_errinfo +Date: June 2021 +KernelVersion: 5.14 +Contact: Russ Weight +Description: Read-only. Returns a 64 bit error value providing + hardware specific information that may be useful in + debugging errors that occur during FPGA image updates. + This file is only visible if the underlying device + supports it. The hw_errinfo value is only accessible + when the secure update engine is in the idle state. + If this file is read while a secure update is in + progress, then the read will fail with EBUSY. + Format: "0x%llx". diff --git a/drivers/fpga/fpga-sec-mgr.c b/drivers/fpga/fpga-sec-mgr.c index 35bd419bd3b9..3c59b142291d 100644 --- a/drivers/fpga/fpga-sec-mgr.c +++ b/drivers/fpga/fpga-sec-mgr.c @@ -36,10 +36,17 @@ static void set_error(struct fpga_sec_mgr *smgr, enum fpga_sec_err err_code) smgr->err_code = err_code; } +static void set_hw_errinfo(struct fpga_sec_mgr *smgr) +{ + if (smgr->sops->get_hw_errinfo) + smgr->hw_errinfo = smgr->sops->get_hw_errinfo(smgr); +} + static void fpga_sec_dev_error(struct fpga_sec_mgr *smgr, enum fpga_sec_err err_code) { set_error(smgr, err_code); + set_hw_errinfo(smgr); smgr->sops->cancel(smgr); } @@ -221,6 +228,23 @@ error_show(struct device *dev, struct device_attribute *attr, char *buf) } static DEVICE_ATTR_RO(error); +static ssize_t +hw_errinfo_show(struct device *dev, struct device_attribute *attr, char *buf) +{ + struct fpga_sec_mgr *smgr = to_sec_mgr(dev); + int ret; + + mutex_lock(&smgr->lock); + if (smgr->progress != FPGA_SEC_PROG_IDLE) + ret = -EBUSY; + else + ret = sysfs_emit(buf, "0x%llx\n", smgr->hw_errinfo); + mutex_unlock(&smgr->lock); + + return ret; +} +static DEVICE_ATTR_RO(hw_errinfo); + static ssize_t remaining_size_show(struct device *dev, struct device_attribute *attr, char *buf) { @@ -252,6 +276,7 @@ static ssize_t filename_store(struct device *dev, struct device_attribute *attr, } smgr->err_code = FPGA_SEC_ERR_NONE; + smgr->hw_errinfo = 0; smgr->request_cancel = false; smgr->progress = FPGA_SEC_PROG_READING; reinit_completion(&smgr->update_done); @@ -286,18 +311,31 @@ static ssize_t cancel_store(struct device *dev, struct device_attribute *attr, } static DEVICE_ATTR_WO(cancel); +static umode_t +sec_mgr_update_visible(struct kobject *kobj, struct attribute *attr, int n) +{ + struct fpga_sec_mgr *smgr = to_sec_mgr(kobj_to_dev(kobj)); + + if (attr == &dev_attr_hw_errinfo.attr && !smgr->sops->get_hw_errinfo) + return 0; + + return attr->mode; +} + static struct attribute *sec_mgr_update_attrs[] = { &dev_attr_filename.attr, &dev_attr_cancel.attr, &dev_attr_status.attr, &dev_attr_error.attr, &dev_attr_remaining_size.attr, + &dev_attr_hw_errinfo.attr, NULL, }; static struct attribute_group sec_mgr_update_attr_group = { .name = "update", .attrs = sec_mgr_update_attrs, + .is_visible = sec_mgr_update_visible, }; static ssize_t name_show(struct device *dev, diff --git a/include/linux/fpga/fpga-sec-mgr.h b/include/linux/fpga/fpga-sec-mgr.h index 0e1f50434024..a99bfd28f38c 100644 --- a/include/linux/fpga/fpga-sec-mgr.h +++ b/include/linux/fpga/fpga-sec-mgr.h @@ -40,6 +40,9 @@ enum fpga_sec_err { * function and is called at the completion * of the update, whether success or failure, * if the prepare function succeeded. + * @get_hw_errinfo: Optional: Return u64 hw specific error info. + * The software err_code may used to determine + * whether the hw error info is applicable. */ struct fpga_sec_mgr_ops { enum fpga_sec_err (*prepare)(struct fpga_sec_mgr *smgr); @@ -47,6 +50,7 @@ struct fpga_sec_mgr_ops { enum fpga_sec_err (*poll_complete)(struct fpga_sec_mgr *smgr); enum fpga_sec_err (*cancel)(struct fpga_sec_mgr *smgr); void (*cleanup)(struct fpga_sec_mgr *smgr); + u64 (*get_hw_errinfo)(struct fpga_sec_mgr *smgr); }; /* Update progress codes */ @@ -72,6 +76,7 @@ struct fpga_sec_mgr { enum fpga_sec_prog progress; enum fpga_sec_prog err_state; /* progress state at time of failure */ enum fpga_sec_err err_code; /* security manager error code */ + u64 hw_errinfo; /* 64 bits of HW specific error info */ bool request_cancel; bool driver_unload; void *priv; -- 2.25.1