Received: by 2002:a05:6358:9144:b0:117:f937:c515 with SMTP id r4csp2365407rwr; Fri, 28 Apr 2023 09:21:07 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ5Z7G1lCEHel6Ec6oMdN4wctdJ5delRnrwbucvlEo4/tzF7ZE4rF2gKfsGIzFtbTQ17LJil X-Received: by 2002:a05:6a20:8f08:b0:ee:454f:11d8 with SMTP id b8-20020a056a208f0800b000ee454f11d8mr7483434pzk.40.1682698866317; Fri, 28 Apr 2023 09:21:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682698866; cv=none; d=google.com; s=arc-20160816; b=sbuIp+neuIuh8lQZ9JG36SxzNr6kdSLPHJxTRjtPGezLMm1pF6RGzXyg5cQHnfY1NE ZbLowrjhXKs3eXOb2Fx9a0o4+9a8GddMUv8h0gl7k9/Lgqei0g0xKa0z+JC+nOXxTWs6 C4TllqGqF564z6EYb8UH3vqCY+GjwX1+Twof8mD9v56PnKfoNoomZniWqZml2rlTLWaw ZFlBQY1TXGXqFhc8L+Dcsxu5V1f76LvHZ4Lm3EaC5cVl9cNzNvpp6Wxli3NGSVPnrq2r L2gPHuz+x0dZBy/Q9o8CeZdVEUWkNT/NDIAT4AI68w6wlZCTPQdQAh1H5WgJ+KBylkFg 5MRA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=h6HpevGuSeKVYRWiHzaC5C3PvoQ9zXlfTGqpoJB0Fpo=; b=v21T64aXvq1xJq7seFCvf4O4jzD2FBM7UmGlZn83b3IEdTEeIyUAafF/qqbged31Mg yfLCnRMgQ+cjRNMugyWRE7mJe+F9sO4IYuh+XCF8Oi9PquyUQeku6cpZa8FH0nWtoZHM MREuq0xIsnicSad3STtmd8RcVGLdDu1wGW4PcOmVjWsbxOEznuAgVtIrTwonl3SmMEw5 fA2joho+3xBSagBftxLXTfvI9u47NbvUFG1hxOabbCg5V/hz1UquARk6tW7ss4KPUpwN EVewAd5g66MLgFrz5pFKtTXf0aHRtEnZEYqpY490JALghjK5XmLg0jw9rNQPxFwWFiaV clBA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=QFnSbPBq; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id 5-20020a630605000000b00508cd5d9f65si21210520pgg.607.2023.04.28.09.20.51; Fri, 28 Apr 2023 09:21:06 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=QFnSbPBq; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229901AbjD1QN3 (ORCPT + 99 others); Fri, 28 Apr 2023 12:13:29 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43508 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229453AbjD1QN2 (ORCPT ); Fri, 28 Apr 2023 12:13:28 -0400 Received: from mail-lf1-x135.google.com (mail-lf1-x135.google.com [IPv6:2a00:1450:4864:20::135]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 389972D61; Fri, 28 Apr 2023 09:13:27 -0700 (PDT) Received: by mail-lf1-x135.google.com with SMTP id 2adb3069b0e04-4efe8991bafso104962e87.0; Fri, 28 Apr 2023 09:13:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1682698405; x=1685290405; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=h6HpevGuSeKVYRWiHzaC5C3PvoQ9zXlfTGqpoJB0Fpo=; b=QFnSbPBqc8rULLiYh43yU6s3POFfVoXpcuFaDGA4dotETjtDC3qnydjfG2NycpeCAg SOTAvfpRdoD7zDCuwHd2L4qmHQ1cYxiqG/pHlkDKk2i1WFNdlgnY178CGUwUYLwRo3FB PJpMgwhw799Jvffz/Wl6eYqkW+i0G76n2zRQWHIltS+QWMlv1L3IfDHT52hEHHWTOuMf kNZag1PGG/nd4Pa8fCvuE9lXlc9X3AmjV9ME/Ue2Hw417Uh60c2cFvxG3Sh3JZ8kMQxa NvpR8PvEz5xGer+rVAFAg0a+u5VGxqodtiux9tIfAGUYDD4WPZUit6hdJmPJBwJTBSdX s3Tw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1682698405; x=1685290405; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=h6HpevGuSeKVYRWiHzaC5C3PvoQ9zXlfTGqpoJB0Fpo=; b=USYHsHkXkK5OQYtenbbat8+w5ROC2IPtb53WAQUr9RHFndzNTzrexj0tLuzATb9Op5 iny0ORe9+Git5d2S66rR9cxWkDa9aZS87a+MgbJRU6kQ1OGCcsveMi9xZAim1tWO4k90 vCdvwXfRNBnQhW8ai4pno4W6FU7BvQ0mUKlVm/tlse8jLMLybykG2k2e639VeUi/IiqS 1vB1kWWo366ZjN+ho4VTuTQMOoAjH51wfYO8U54w3tCgO07su+2bG6I7ZuxWX9w7ZTEC D8hhy8ngODDXo2xybTz71K5LGNXq9yBaLdvwpeqUTbWpVQIE62gK+DCyn54JIfGC9aGS J04Q== X-Gm-Message-State: AC+VfDzHwlmtLeMcJd70KQrRfamwcJryL8Y0NLCp6hG+PkqVhaHa2RjR ZX3DZtC/FaE8cZgyIo9nEzQZVeSY4f09DOrZ41c= X-Received: by 2002:ac2:5549:0:b0:4ed:b818:48ae with SMTP id l9-20020ac25549000000b004edb81848aemr1577073lfk.21.1682698405140; Fri, 28 Apr 2023 09:13:25 -0700 (PDT) MIME-Version: 1.0 References: <20230420165454.9517-1-jorge.lopez2@hp.com> <20230420165454.9517-13-jorge.lopez2@hp.com> <479b18e3-a35b-45c7-8c8a-cd30af646977@t-8ch.de> <7bdac640-cf61-429f-acd0-f8aa40b41e73@t-8ch.de> <52554657-2902-454b-b2af-ed632dd2f081@t-8ch.de> In-Reply-To: <52554657-2902-454b-b2af-ed632dd2f081@t-8ch.de> From: Jorge Lopez Date: Fri, 28 Apr 2023 11:12:59 -0500 Message-ID: Subject: Re: [PATCH v11 12/14] HP BIOSCFG driver - surestart-attributes To: =?UTF-8?Q?Thomas_Wei=C3=9Fschuh?= Cc: hdegoede@redhat.com, platform-driver-x86@vger.kernel.org, linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Apr 28, 2023 at 11:06=E2=80=AFAM Thomas Wei=C3=9Fschuh wrote: > > On 2023-04-28 10:40:59-0500, Jorge Lopez wrote: > > On Fri, Apr 28, 2023 at 10:21=E2=80=AFAM Thomas Wei=C3=9Fschuh wrote: > > > > > > On 2023-04-28 09:58:01-0500, Jorge Lopez wrote: > > > > On Fri, Apr 28, 2023 at 1:03=E2=80=AFAM Thomas Wei=C3=9Fschuh wrote: > > > > > > > > > > On 2023-04-27 17:17:57-0500, Jorge Lopez wrote: > > > > > > On Sun, Apr 23, 2023 at 7:16=E2=80=AFAM Thomas Wei=C3=9Fschuh <= thomas@t-8ch.de> wrote: > > > > > > > > > > > > > > On 2023-04-20 11:54:52-0500, Jorge Lopez wrote: > > > > > > > > .../x86/hp/hp-bioscfg/surestart-attributes.c | 130 ++++++= ++++++++++++ > > > > > > > > 1 file changed, 130 insertions(+) > > > > > > > > create mode 100644 drivers/platform/x86/hp/hp-bioscfg/sure= start-attributes.c > > > > > > > > > > > > > > > > diff --git a/drivers/platform/x86/hp/hp-bioscfg/surestart-a= ttributes.c b/drivers/platform/x86/hp/hp-bioscfg/surestart-attributes.c > > > > > > > > new file mode 100644 > > > > > > > > > > > > > > > > Instead of not returning any data, why not show as many resul= ts as > > > > > > > possible? > > > > > > > > > > > > > > > > > > > if count * LOG_ENTRY_SIZE > PAGE_SIZE then I prefer to return a= n error. > > > > > > if the count is correct but a failure occurs while reading indi= vidual > > > > > > audit logs then we will return a partial list of all audit logs > > > > > > This changes will be included in Version 12 > > > > > > > > > > What prevents the firmware from having more log entries? > > > > > Wouldn't these audit log entries not accumulate for each logged > > > > > operation over the lifetime of the device / boot? > > > > > > > > > > This would make the interface unusable as soon as there are more > > > > > entries. > > > > > > > > BIOS stores a max number of audit logs appropriate to the current > > > > audit log size.The first audit logs are kept in a FIFO queue by BIO= S > > > > so when the queue is full and a new audit log arrives, then the fi= rst > > > > audit log will be deleted. > > > > > > How does it determine "appropriate"? > > > This would also be great in a comment. > > > > > > If the BIOS is just using FIFO the driver could return the first > > > LOG_MAX_ENTRIES entries. > > > This would avoid trusting the firmware for a reasonable definition of > > > "appropriate". > > > > > > > > > > > > > > > > + > > > > > > > > + if (ret < 0) > > > > > > > > + return ret; > > > > > > > > > > And this should first validate ret and then count. > > > > > > > > Done! > > > > > > > > > > > > > > > > > + > > > > > > > > + /* > > > > > > > > + * We are guaranteed the buffer is 4KB so today all t= he event > > > > > > > > + * logs will fit > > > > > > > > + */ > > > > > > > > + > > > > > > > > + for (i =3D 0; ((i < count) & (ret >=3D 0)); i++) { > > > > > > > > > > > > > > && > > > > > > > > > > > > > > Better yet, pull the condition ret >=3D 0 into the body, as a= n else-branch > > > > > > > for the existing check. > > > > > > > > > > > > > > > > > > > Done! > > > > > > > > > > > > > > + *buf =3D (i + 1); > > > > > > > > > > > > > > Isn't this directly overwritten by the query below? > > > > > > > > > > > > buf input value indicates the audit log to be read hence the re= ason > > > > > > why it is overwritten. > > > > > > This is an expected behavior. > > > > > > > > > > So this is read by the HPWMI_SURESTART_GET_LOG method in the firm= ware? > > > > > > > > > > Make sense but need a comment. > > > > > > > > Done! > > > > > > > > > > > > > > > > > > > > > > > > + ret =3D hp_wmi_perform_query(HPWMI_SURESTART_= GET_LOG, > > > > > > > > + HPWMI_SURESTART, > > > > > > > > + buf, 1, 128); > > > > > > > > + if (ret >=3D 0) > > > > > > > > + buf +=3D LOG_ENTRY_SIZE; > > > > > > > > > > > > > > So 128 bytes are read but only the first 16 bytes are preserv= ed? > > > > > > > > > > > > > > The documentation says that each entry has 128 bytes in the f= ile. > > > > > > > And that they are separated by ";", which is not implemented. > > > > > > > > > > > > The statement will be removed from documentation (separated by= ";") > > > > > > audit log size is 16 bytes. > > > > > > > > > > > > > > Can the audit-log not contain all-zero bytes? > > > > > > > If it does this would need to be a bin_attribute. > > > > > > > > > > > > Bytes 16-127 are ignored and not used at this time. If the aud= it log > > > > > > changes, then the driver will need to change to accommodate the= new > > > > > > audit log size. > > > > > > > > > > buf is not guaranteed to have 128 bytes left for this data. > > > > > > > > > > For example if this is entry number 253 we are at offset 253 * 16= =3D 4048 > > > > > in the sysfs buffer. Now hw_wmi_perform_query may try to write to= 4048 + > > > > > 127 =3D 4175 which is out of bounds for the buf of size 4096. > > > > > > > > > > Writing first to a stack buffer would be better, > > > > > or pass outsize =3D LOG_ENTRY_SIZE. > > > > > > > > > BIOS currently stores 16 bytes for each audit log although the WMI > > > > query reads 128 bytes. The 128 bytes size is set to provide suppor= t > > > > in future BIOS for audit log sizes >=3D 16 and < 128 bytes. > > > > > > And if an old driver is running on a new BIOS then this would write o= ut > > > of bounds. > > > Or if the BIOS is buggy. > > > > > > If the current driver can only handle 16 byte sized log entries then = the > > > this should be used in the call to HPWMI_SURESTART_GET_LOG. > > > > BIOS WMI specification indicates that the HPWMI_SURESTART_GET_LOG call > > expects a 128 byte size output buffer regardless of the actual audit > > log size currently supported. > > > > Return Values: > > Byte 0-15: a requested Audit Log entry (Each Audit log is 16 bytes) > > Byte 16-127: Unused > > > > > > Storing it in a 128 byte stackvariable would also sidestep the issue. > > > > The driver hardcodes the audit log size to 16 bytes. If the new BIOS > > provides an audit log that is larger than 16 bytes, then the logs > > provided to the user application by the old driver will be truncated. > > HPWMI_SURESTART_GET_LOG is directly passed a pointer into "buf" which > comes from sysfs core and is one page, 4096 bytes large. > It is told to write 128 bytes into it at a given offset. > > In the loop if i =3D=3D 253 then this offset will be LOG_ENTRY_SIZE * 253= =3D 4048. > > So on a new BIOS the driver may write 128 bytes at offset 4048. > This goes up to 4175 which is larger than the 4096 buffer. > > (See also the calculation in the previous mail) > > Just use a 128 byte stack buffer and copy 16 bytes of it to the output > buffer. > (After having validated that the BIOS actually returned 16 bytes) Thank you for the clarification. Done!