Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp2082876rwb; Sat, 19 Nov 2022 08:37:36 -0800 (PST) X-Google-Smtp-Source: AA0mqf4n8aWMoWBF+m2vC69mDXwvwAgzNb2xNxdAq5ImGLw01z8Jn/2baqhUhYyCI+4y2Tj6PEgi X-Received: by 2002:a17:90a:d34d:b0:218:a0ce:9d5e with SMTP id i13-20020a17090ad34d00b00218a0ce9d5emr1546643pjx.96.1668875855986; Sat, 19 Nov 2022 08:37:35 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668875855; cv=none; d=google.com; s=arc-20160816; b=zG6mNyBQdEuOGwhExtYgc+qU6NedySyPlAD5BDCzpTgnY/W+kXNRSLp64nRWPFvvtC Th6tkMfPvEHDGPrDql/68zXXMssWMPQ9HQsA+ykfHz0BBuG3ZNiRx4JZd9z2/hwWm+0t 9CRzMCxafoL2T4xy9Lc2/3PtjfcdJAbRkwgtDj9Rgr13a39+mLXi1HDXKq8NZ3nX1vXn rguE/jhIMT9skUnmc/ijIQa28JEssYlZnBOYWQuw3i1cSIR2II1abqATCiOPnhgVB22g LNZrq840RjPW5cWDrHM8QJ/QTsfE9oupz6Su/xeUeEo2P8OIe5KQCYTHGDiPt5jmroO/ 7dVg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:robot-unsubscribe :robot-id:message-id:mime-version:references:in-reply-to:cc:subject :to:reply-to:sender:from:dkim-signature:dkim-signature:date; bh=fyJnikY9GMKYnBFCmK3CDnvZiMjmWFeWcWrEGXaklhw=; b=yhGNngJKno17sPt/PQkigDcUDScicX3LczazpzEAUUhKaOuUzBVVgSbXJzwkqSyxMq FNTpwsyXrwZDssvyeMYYr0I6WgOS5Tucjh149kfeRb29xWsQqsuQivNxBbj53OBvFXgA 0buDFrWtiLAViz6s84YSTmTThx/cajaANpUGdmpJ97qG7rHsOTFrQqUPzqyhMc7ffEI6 z5rRPCGMgy2RjsD3PzaqjZ7c8v5jNbi7ZfiYjOw+gV4rw7oVDp018EIljJNzhhxfEZG/ orPfoeLhokV5WbU/xbs6yBDA0nnbPIvVmv3yZNk+r9LtT5pp1AwdSBLyLVzBBl45Uzyq 0p1w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b=WvtkmNps; dkim=neutral (no key) header.i=@linutronix.de header.s=2020e header.b=P6O340c5; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id mi5-20020a17090b4b4500b0020d887ded6esi7548179pjb.120.2022.11.19.08.37.25; Sat, 19 Nov 2022 08:37:35 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b=WvtkmNps; dkim=neutral (no key) header.i=@linutronix.de header.s=2020e header.b=P6O340c5; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234627AbiKSQZC (ORCPT + 90 others); Sat, 19 Nov 2022 11:25:02 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40656 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234165AbiKSQYR (ORCPT ); Sat, 19 Nov 2022 11:24:17 -0500 Received: from galois.linutronix.de (Galois.linutronix.de [IPv6:2a0a:51c0:0:12e:550::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E8C4932BAF; Sat, 19 Nov 2022 08:24:13 -0800 (PST) Date: Sat, 19 Nov 2022 16:24:11 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020; t=1668875052; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=fyJnikY9GMKYnBFCmK3CDnvZiMjmWFeWcWrEGXaklhw=; b=WvtkmNpsutEn8mfcjPiL+KRXvv0jMgJsQo97GQPozaDaixdSJ1Q+JS/CULCO0cDH0SGBk2 BEVWAAnt14PZRjCZxrRb73fQTuqJKxEq3iDYj98EfIADecXIno9ZzO03pXcQU6wHXb/B2T MWxTMCluRoN5rhaWLVzuVj+c5CRa+ouN0lVarX1dxv3BdkdHAMQGeHTyYoLGLqyp1l2F1X lT0B8sz+RPbEmMcHQ5z5RkLR1hOzsd91mBiZyBZQPnzSh2QY7JZsWeGfOTXp2YT2ULDVz1 vX72InJfUTA6dNSEqx25ZJRmrGSe79u5rtHquREBj7EzBbGMf4821wvUrA3HIw== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020e; t=1668875052; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=fyJnikY9GMKYnBFCmK3CDnvZiMjmWFeWcWrEGXaklhw=; b=P6O340c5c7YIZGuVSQm5q6NFQ9v1sHmhPXzXCDvwVQMoopFFpimVoKCHQHgoqA2mV8QFfs aky6jAp2uM/cgiDg== From: "tip-bot2 for Jithu Joseph" Sender: tip-bot2@linutronix.de Reply-to: linux-kernel@vger.kernel.org To: linux-tip-commits@vger.kernel.org Subject: [tip: x86/microcode] platform/x86/intel/ifs: Remove memory allocation from load path Cc: Borislav Petkov , Jithu Joseph , Borislav Petkov , Tony Luck , Hans de Goede , x86@kernel.org, linux-kernel@vger.kernel.org In-Reply-To: <20221117195957.28225-1-jithu.joseph@intel.com> References: <20221117195957.28225-1-jithu.joseph@intel.com> MIME-Version: 1.0 Message-ID: <166887505130.4906.4649425997130682985.tip-bot2@tip-bot2> Robot-ID: Robot-Unsubscribe: Contact to get blacklisted from these emails Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The following commit has been merged into the x86/microcode branch of tip: Commit-ID: cb5eceee816bf05667089869d822b9cbc919465a Gitweb: https://git.kernel.org/tip/cb5eceee816bf05667089869d822b9cbc919465a Author: Jithu Joseph AuthorDate: Thu, 17 Nov 2022 11:59:57 -08:00 Committer: Borislav Petkov CommitterDate: Fri, 18 Nov 2022 21:43:18 +01:00 platform/x86/intel/ifs: Remove memory allocation from load path IFS requires tests to be authenticated once for each CPU socket on a system. scan_chunks_sanity_check() was dynamically allocating memory to store the state of whether tests have been authenticated on each socket for every load operation. Move the memory allocation to init path and store the pointer in ifs_data struct. Also rearrange the adjacent error checking in init for a more simplified and natural flow. Suggested-by: Borislav Petkov Signed-off-by: Jithu Joseph Signed-off-by: Borislav Petkov Reviewed-by: Tony Luck Reviewed-by: Hans de Goede Link: https://lore.kernel.org/r/20221117195957.28225-1-jithu.joseph@intel.com --- drivers/platform/x86/intel/ifs/core.c | 20 ++++++++++++++++---- drivers/platform/x86/intel/ifs/ifs.h | 2 ++ drivers/platform/x86/intel/ifs/load.c | 14 ++++---------- 3 files changed, 22 insertions(+), 14 deletions(-) diff --git a/drivers/platform/x86/intel/ifs/core.c b/drivers/platform/x86/intel/ifs/core.c index 5fb7f65..943eb2a 100644 --- a/drivers/platform/x86/intel/ifs/core.c +++ b/drivers/platform/x86/intel/ifs/core.c @@ -4,6 +4,7 @@ #include #include #include +#include #include @@ -34,6 +35,7 @@ static int __init ifs_init(void) { const struct x86_cpu_id *m; u64 msrval; + int ret; m = x86_match_cpu(ifs_cpu_ids); if (!m) @@ -50,16 +52,26 @@ static int __init ifs_init(void) ifs_device.misc.groups = ifs_get_groups(); - if ((msrval & BIT(ifs_device.data.integrity_cap_bit)) && - !misc_register(&ifs_device.misc)) - return 0; + if (!(msrval & BIT(ifs_device.data.integrity_cap_bit))) + return -ENODEV; + + ifs_device.data.pkg_auth = kmalloc_array(topology_max_packages(), sizeof(bool), GFP_KERNEL); + if (!ifs_device.data.pkg_auth) + return -ENOMEM; + + ret = misc_register(&ifs_device.misc); + if (ret) { + kfree(ifs_device.data.pkg_auth); + return ret; + } - return -ENODEV; + return 0; } static void __exit ifs_exit(void) { misc_deregister(&ifs_device.misc); + kfree(ifs_device.data.pkg_auth); } module_init(ifs_init); diff --git a/drivers/platform/x86/intel/ifs/ifs.h b/drivers/platform/x86/intel/ifs/ifs.h index 3ff1d9a..8de1952 100644 --- a/drivers/platform/x86/intel/ifs/ifs.h +++ b/drivers/platform/x86/intel/ifs/ifs.h @@ -191,6 +191,7 @@ union ifs_status { * struct ifs_data - attributes related to intel IFS driver * @integrity_cap_bit: MSR_INTEGRITY_CAPS bit enumerating this test * @loaded_version: stores the currently loaded ifs image version. + * @pkg_auth: array of bool storing per package auth status * @loaded: If a valid test binary has been loaded into the memory * @loading_error: Error occurred on another CPU while loading image * @valid_chunks: number of chunks which could be validated. @@ -199,6 +200,7 @@ union ifs_status { */ struct ifs_data { int integrity_cap_bit; + bool *pkg_auth; int loaded_version; bool loaded; bool loading_error; diff --git a/drivers/platform/x86/intel/ifs/load.c b/drivers/platform/x86/intel/ifs/load.c index 89ce265..8423c48 100644 --- a/drivers/platform/x86/intel/ifs/load.c +++ b/drivers/platform/x86/intel/ifs/load.c @@ -3,7 +3,6 @@ #include #include -#include #include #include "ifs.h" @@ -118,16 +117,12 @@ done: */ static int scan_chunks_sanity_check(struct device *dev) { - int metadata_size, curr_pkg, cpu, ret = -ENOMEM; + int metadata_size, curr_pkg, cpu, ret; struct ifs_data *ifsd = ifs_get_data(dev); - bool *package_authenticated; struct ifs_work local_work; char *test_ptr; - package_authenticated = kcalloc(topology_max_packages(), sizeof(bool), GFP_KERNEL); - if (!package_authenticated) - return ret; - + memset(ifsd->pkg_auth, 0, (topology_max_packages() * sizeof(bool))); metadata_size = ifs_header_ptr->metadata_size; /* Spec says that if the Meta Data Size = 0 then it should be treated as 2000 */ @@ -150,7 +145,7 @@ static int scan_chunks_sanity_check(struct device *dev) cpus_read_lock(); for_each_online_cpu(cpu) { curr_pkg = topology_physical_package_id(cpu); - if (package_authenticated[curr_pkg]) + if (ifsd->pkg_auth[curr_pkg]) continue; reinit_completion(&ifs_done); local_work.dev = dev; @@ -161,12 +156,11 @@ static int scan_chunks_sanity_check(struct device *dev) ret = -EIO; goto out; } - package_authenticated[curr_pkg] = 1; + ifsd->pkg_auth[curr_pkg] = 1; } ret = 0; out: cpus_read_unlock(); - kfree(package_authenticated); return ret; }