From patchwork Mon Nov 7 22:53:10 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Joseph, Jithu" X-Patchwork-Id: 13035398 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 72505C433FE for ; Mon, 7 Nov 2022 22:54:49 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229534AbiKGWys (ORCPT ); Mon, 7 Nov 2022 17:54:48 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36000 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231657AbiKGWyq (ORCPT ); Mon, 7 Nov 2022 17:54:46 -0500 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D25D31571D; Mon, 7 Nov 2022 14:54:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1667861685; x=1699397685; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=MHFgE7gyjINPZEVbivHQy+5kAf7Oj4xtRrBdTlwN9uw=; b=bqfrtf8Qv4LtAXFyVnzQZskyqFrq+3Fw72JMD9qJ7GKDgSZYmqS3rhuE 7hQ6rWeJ6IHf0lZy/iUw49FAPXPv/Z19RTufgC/lgf0OIzP9mqfal84f/ 5j0HVFV8OPaTLoM+OEdyY7+/VdyrTlniG6hDpDHP7Khri39e8T7rL6iAQ w9hcVeJSXYxAgBhcKMsHbl+OivSLOXx+yhVq8A8TwEF352+jezoWj17bo N2yjIpy0WDrN+G1h25KGPG1DNOx3aMnzSRjEZHd/5A8Aj63tvpxFptek/ OyDo0r4pxIWv0aTSuGNCuOKiksj5VCCN7Sl7OA6eyUEhn/DuqfJ5nPZc2 g==; X-IronPort-AV: E=McAfee;i="6500,9779,10524"; a="293911819" X-IronPort-AV: E=Sophos;i="5.96,145,1665471600"; d="scan'208";a="293911819" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Nov 2022 14:54:45 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10524"; a="811012952" X-IronPort-AV: E=Sophos;i="5.96,145,1665471600"; d="scan'208";a="811012952" Received: from jithujos.sc.intel.com ([172.25.103.66]) by orsmga005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Nov 2022 14:54:44 -0800 From: Jithu Joseph To: hdegoede@redhat.com, markgross@kernel.org Cc: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, gregkh@linuxfoundation.org, jithu.joseph@intel.com, ashok.raj@intel.com, tony.luck@intel.com, linux-kernel@vger.kernel.org, platform-driver-x86@vger.kernel.org, patches@lists.linux.dev, ravi.v.shankar@intel.com, thiago.macieira@intel.com, athenas.jimenez.gonzalez@intel.com, sohil.mehta@intel.com Subject: [PATCH v2 01/14] platform/x86/intel/ifs: Remove unused selection Date: Mon, 7 Nov 2022 14:53:10 -0800 Message-Id: <20221107225323.2733518-2-jithu.joseph@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221107225323.2733518-1-jithu.joseph@intel.com> References: <20221021203413.1220137-1-jithu.joseph@intel.com> <20221107225323.2733518-1-jithu.joseph@intel.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: platform-driver-x86@vger.kernel.org CONFIG_INTEL_IFS_DEVICE is not used anywhere. The selection in Kconfig is therefore pointless. Delete it. Reviewed-by: Tony Luck Signed-off-by: Jithu Joseph Reviewed-by: Sohil Mehta Reviewed-by: Hans de Goede --- drivers/platform/x86/intel/ifs/Kconfig | 1 - 1 file changed, 1 deletion(-) diff --git a/drivers/platform/x86/intel/ifs/Kconfig b/drivers/platform/x86/intel/ifs/Kconfig index c341a27cc1a3..89152d46deee 100644 --- a/drivers/platform/x86/intel/ifs/Kconfig +++ b/drivers/platform/x86/intel/ifs/Kconfig @@ -4,7 +4,6 @@ config INTEL_IFS # Discussion on the list has shown that the sysfs API needs a bit # more work, mark this as broken for now depends on BROKEN - select INTEL_IFS_DEVICE help Enable support for the In Field Scan capability in select CPUs. The capability allows for running low level tests via From patchwork Mon Nov 7 22:53:11 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Joseph, Jithu" X-Patchwork-Id: 13035395 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6410EC43217 for ; Mon, 7 Nov 2022 22:54:48 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232529AbiKGWyr (ORCPT ); Mon, 7 Nov 2022 17:54:47 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36006 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232425AbiKGWyq (ORCPT ); Mon, 7 Nov 2022 17:54:46 -0500 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0A7AC2935D; Mon, 7 Nov 2022 14:54:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1667861686; x=1699397686; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=pUDmXJ81hZPKLSigWUAhVkXDqINWawcz+Tl9WL2UD/A=; b=SIC4Vk8zY3jQAK/+DRD1DbmCEvgHhRvqROTgK/w4O8GI9uazRezPI05y zc9o/G8O4SZ+wX9mdEd7/eWOwSrDfWLDfYhWFyqnG8QgDc9FzJeE/O0Gd G6rLGZCWe+cm6eV/a0Ep730lQHnxGFA1xxeZNbL7ucL9JxkPQP1N7i2ip 1H5fyD20KnhQXDliKwbaAuL+eeIcK9VXFa2mJCq9v7WN/vlobu6QBnhHS ltJNIymTZEXVr6o6cdu7e7bxXmVmp3vmbUkA7dUO3yYWHK+PW332Lk+i1 6YbMRPapMTIAk/Ew87czt7fdMAkP1jgD9SFmomlPjLKOubYbZe1rtLjKw w==; X-IronPort-AV: E=McAfee;i="6500,9779,10524"; a="293911822" X-IronPort-AV: E=Sophos;i="5.96,145,1665471600"; d="scan'208";a="293911822" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Nov 2022 14:54:45 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10524"; a="811012955" X-IronPort-AV: E=Sophos;i="5.96,145,1665471600"; d="scan'208";a="811012955" Received: from jithujos.sc.intel.com ([172.25.103.66]) by orsmga005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Nov 2022 14:54:45 -0800 From: Jithu Joseph To: hdegoede@redhat.com, markgross@kernel.org Cc: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, gregkh@linuxfoundation.org, jithu.joseph@intel.com, ashok.raj@intel.com, tony.luck@intel.com, linux-kernel@vger.kernel.org, platform-driver-x86@vger.kernel.org, patches@lists.linux.dev, ravi.v.shankar@intel.com, thiago.macieira@intel.com, athenas.jimenez.gonzalez@intel.com, sohil.mehta@intel.com Subject: [PATCH v2 02/14] platform/x86/intel/ifs: return a more appropriate Error code Date: Mon, 7 Nov 2022 14:53:11 -0800 Message-Id: <20221107225323.2733518-3-jithu.joseph@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221107225323.2733518-1-jithu.joseph@intel.com> References: <20221021203413.1220137-1-jithu.joseph@intel.com> <20221107225323.2733518-1-jithu.joseph@intel.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: platform-driver-x86@vger.kernel.org scan_chunks_sanity_check() returns -ENOMEM if it encounters an error while copying IFS test image from memory to Secure Memory. Return -EIO in this scenario, as it is more appropriate. Reviewed-by: Tony Luck Signed-off-by: Jithu Joseph Reviewed-by: Sohil Mehta Reviewed-by: Hans de Goede --- drivers/platform/x86/intel/ifs/load.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/platform/x86/intel/ifs/load.c b/drivers/platform/x86/intel/ifs/load.c index d056617ddc85..89ce265887ea 100644 --- a/drivers/platform/x86/intel/ifs/load.c +++ b/drivers/platform/x86/intel/ifs/load.c @@ -157,8 +157,10 @@ static int scan_chunks_sanity_check(struct device *dev) INIT_WORK(&local_work.w, copy_hashes_authenticate_chunks); schedule_work_on(cpu, &local_work.w); wait_for_completion(&ifs_done); - if (ifsd->loading_error) + if (ifsd->loading_error) { + ret = -EIO; goto out; + } package_authenticated[curr_pkg] = 1; } ret = 0; From patchwork Mon Nov 7 22:53:12 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Joseph, Jithu" X-Patchwork-Id: 13035396 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id C7DBAC4167B for ; Mon, 7 Nov 2022 22:54:49 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232439AbiKGWys (ORCPT ); Mon, 7 Nov 2022 17:54:48 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36014 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232448AbiKGWyr (ORCPT ); Mon, 7 Nov 2022 17:54:47 -0500 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6AA0DCE0D; Mon, 7 Nov 2022 14:54:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1667861686; x=1699397686; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Dcr0ozJ6OYs4trai4as92Ss4tTrZMrxeoFkgWXi5vd8=; b=cvcobvUuOxu0fgJ4zGlC1gTkVI+z5AXQ5E4yH86KYIsk97mSOBQGScvK 2P6965l89T7qgNGaOQYGFrtf+Az7DwYKmen7pLozyuHCD0Ybv8U4wgGIc Mo3/UZ8zHlXgMgMiNR2rI8LSg/DYh2m+cU+vDm7Lvv5m2yD2TIRSvI30v EgxFg5AZxlrCt9y8uBvNRWghfeyEr67QuNSSwKo2Pi6kzVKwSuY40Ohmq /KVEDT7rgtu7IdVOtOx2oOOeNExEmpSEQ+ACsHo4OqxnLUvbCw4jIHpUD DMDqZTVMUTo8PkmNM2uOPBVB0vJ6U+k7FE3Mv5Z16YKPPe181tRxO9QHP A==; X-IronPort-AV: E=McAfee;i="6500,9779,10524"; a="293911824" X-IronPort-AV: E=Sophos;i="5.96,145,1665471600"; d="scan'208";a="293911824" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Nov 2022 14:54:45 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10524"; a="811012960" X-IronPort-AV: E=Sophos;i="5.96,145,1665471600"; d="scan'208";a="811012960" Received: from jithujos.sc.intel.com ([172.25.103.66]) by orsmga005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Nov 2022 14:54:45 -0800 From: Jithu Joseph To: hdegoede@redhat.com, markgross@kernel.org Cc: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, gregkh@linuxfoundation.org, jithu.joseph@intel.com, ashok.raj@intel.com, tony.luck@intel.com, linux-kernel@vger.kernel.org, platform-driver-x86@vger.kernel.org, patches@lists.linux.dev, ravi.v.shankar@intel.com, thiago.macieira@intel.com, athenas.jimenez.gonzalez@intel.com, sohil.mehta@intel.com Subject: [PATCH v2 03/14] platform/x86/intel/ifs: Remove image loading during init Date: Mon, 7 Nov 2022 14:53:12 -0800 Message-Id: <20221107225323.2733518-4-jithu.joseph@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221107225323.2733518-1-jithu.joseph@intel.com> References: <20221021203413.1220137-1-jithu.joseph@intel.com> <20221107225323.2733518-1-jithu.joseph@intel.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: platform-driver-x86@vger.kernel.org IFS test image is unnecessarily loaded during driver initialization. Drop image loading during ifs_init() and improve module load time. With this change, user has to load one when starting the tests. As a consequence, make ifs_sem static as it is only used within sysfs.c Reviewed-by: Tony Luck Suggested-by: Hans de Goede Signed-off-by: Jithu Joseph Reviewed-by: Sohil Mehta Reviewed-by: Hans de Goede --- drivers/platform/x86/intel/ifs/ifs.h | 2 -- drivers/platform/x86/intel/ifs/core.c | 6 +----- drivers/platform/x86/intel/ifs/sysfs.c | 2 +- 3 files changed, 2 insertions(+), 8 deletions(-) diff --git a/drivers/platform/x86/intel/ifs/ifs.h b/drivers/platform/x86/intel/ifs/ifs.h index 73c8e91cf144..3ff1d9aaeaa9 100644 --- a/drivers/platform/x86/intel/ifs/ifs.h +++ b/drivers/platform/x86/intel/ifs/ifs.h @@ -229,6 +229,4 @@ void ifs_load_firmware(struct device *dev); int do_core_test(int cpu, struct device *dev); const struct attribute_group **ifs_get_groups(void); -extern struct semaphore ifs_sem; - #endif diff --git a/drivers/platform/x86/intel/ifs/core.c b/drivers/platform/x86/intel/ifs/core.c index 27204e3d674d..5fb7f655c291 100644 --- a/drivers/platform/x86/intel/ifs/core.c +++ b/drivers/platform/x86/intel/ifs/core.c @@ -51,12 +51,8 @@ static int __init ifs_init(void) ifs_device.misc.groups = ifs_get_groups(); if ((msrval & BIT(ifs_device.data.integrity_cap_bit)) && - !misc_register(&ifs_device.misc)) { - down(&ifs_sem); - ifs_load_firmware(ifs_device.misc.this_device); - up(&ifs_sem); + !misc_register(&ifs_device.misc)) return 0; - } return -ENODEV; } diff --git a/drivers/platform/x86/intel/ifs/sysfs.c b/drivers/platform/x86/intel/ifs/sysfs.c index 37d8380d6fa8..65dd6fea5342 100644 --- a/drivers/platform/x86/intel/ifs/sysfs.c +++ b/drivers/platform/x86/intel/ifs/sysfs.c @@ -13,7 +13,7 @@ * Protects against simultaneous tests on multiple cores, or * reloading can file while a test is in progress */ -DEFINE_SEMAPHORE(ifs_sem); +static DEFINE_SEMAPHORE(ifs_sem); /* * The sysfs interface to check additional details of last test From patchwork Mon Nov 7 22:53:13 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Joseph, Jithu" X-Patchwork-Id: 13035399 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8D543C4332F for ; Mon, 7 Nov 2022 22:54:51 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232740AbiKGWyu (ORCPT ); Mon, 7 Nov 2022 17:54:50 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36024 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232422AbiKGWyr (ORCPT ); Mon, 7 Nov 2022 17:54:47 -0500 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AE17A2A248; Mon, 7 Nov 2022 14:54:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1667861686; x=1699397686; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=xedD5rsR2yMai2pvQoz8bo86kLt8JC/fqw5ikRQeXNM=; b=VW9GzDD9imMwClBKMRKA3mN8/e45msywwT5iLftdbHWpC6vj3TQNWbDg rTsFqPeMJ5SI+uQl/VMBXA3MLpGGxE/nKprCHfWhu8LD+ixPgz7I079SX 8fJeaFADI54H6qxef4IxdZYWn+2K1dPIxAp4voSQTSp5fhr9CqXs3okWb AHoHQWGCEtNcQsqkzZgCyjw+MIClY9ORPBvU8Jrjlmiq9rB2V9nza1wSS oh5j0qi73THOQmQ5pUBC3U9SmvQzVdmjcx/tlZdKQqrABR4dkSozjhs+8 R5/FweD9DV6Rb9qtJh9e99zRzFYuVd2UQUgEMti1yS0wQtZn+UMm4wWfv Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10524"; a="293911826" X-IronPort-AV: E=Sophos;i="5.96,145,1665471600"; d="scan'208";a="293911826" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Nov 2022 14:54:46 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10524"; a="811012966" X-IronPort-AV: E=Sophos;i="5.96,145,1665471600"; d="scan'208";a="811012966" Received: from jithujos.sc.intel.com ([172.25.103.66]) by orsmga005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Nov 2022 14:54:45 -0800 From: Jithu Joseph To: hdegoede@redhat.com, markgross@kernel.org Cc: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, gregkh@linuxfoundation.org, jithu.joseph@intel.com, ashok.raj@intel.com, tony.luck@intel.com, linux-kernel@vger.kernel.org, platform-driver-x86@vger.kernel.org, patches@lists.linux.dev, ravi.v.shankar@intel.com, thiago.macieira@intel.com, athenas.jimenez.gonzalez@intel.com, sohil.mehta@intel.com Subject: [PATCH v2 04/14] x86/microcode/intel: Expose find_matching_signature() for IFS Date: Mon, 7 Nov 2022 14:53:13 -0800 Message-Id: <20221107225323.2733518-5-jithu.joseph@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221107225323.2733518-1-jithu.joseph@intel.com> References: <20221021203413.1220137-1-jithu.joseph@intel.com> <20221107225323.2733518-1-jithu.joseph@intel.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: platform-driver-x86@vger.kernel.org IFS uses 'scan test images' provided by Intel that can be regarded as firmware. IFS test image carries microcode header with extended signature table. Expose find_matching_signature() for verifying if the test image header or the extended signature table indicate whether an IFS test image is fit to run on a system. Move the function to cpu/intel.c and add intel_ prefix to the function name. No functional change Reviewed-by: Tony Luck Reviewed-by: Ashok Raj Signed-off-by: Jithu Joseph Reviewed-by: Sohil Mehta --- arch/x86/include/asm/cpu.h | 1 + arch/x86/kernel/cpu/intel.c | 29 ++++++++++++++++++ arch/x86/kernel/cpu/microcode/intel.c | 44 +++++---------------------- 3 files changed, 38 insertions(+), 36 deletions(-) diff --git a/arch/x86/include/asm/cpu.h b/arch/x86/include/asm/cpu.h index b472ef76826a..e853440b5c65 100644 --- a/arch/x86/include/asm/cpu.h +++ b/arch/x86/include/asm/cpu.h @@ -95,5 +95,6 @@ static inline bool intel_cpu_signatures_match(unsigned int s1, unsigned int p1, } extern u64 x86_read_arch_cap_msr(void); +int intel_find_matching_signature(void *mc, unsigned int csig, int cpf); #endif /* _ASM_X86_CPU_H */ diff --git a/arch/x86/kernel/cpu/intel.c b/arch/x86/kernel/cpu/intel.c index 2d7ea5480ec3..b6f9210fb31a 100644 --- a/arch/x86/kernel/cpu/intel.c +++ b/arch/x86/kernel/cpu/intel.c @@ -216,6 +216,35 @@ int intel_cpu_collect_info(struct ucode_cpu_info *uci) } EXPORT_SYMBOL_GPL(intel_cpu_collect_info); +/* + * Returns 1 if update has been found, 0 otherwise. + */ +int intel_find_matching_signature(void *mc, unsigned int csig, int cpf) +{ + struct microcode_header_intel *mc_hdr = mc; + struct extended_sigtable *ext_hdr; + struct extended_signature *ext_sig; + int i; + + if (intel_cpu_signatures_match(csig, cpf, mc_hdr->sig, mc_hdr->pf)) + return 1; + + /* Look for ext. headers: */ + if (get_totalsize(mc_hdr) <= get_datasize(mc_hdr) + MC_HEADER_SIZE) + return 0; + + ext_hdr = mc + get_datasize(mc_hdr) + MC_HEADER_SIZE; + ext_sig = (void *)ext_hdr + EXT_HEADER_SIZE; + + for (i = 0; i < ext_hdr->count; i++) { + if (intel_cpu_signatures_match(csig, cpf, ext_sig->sig, ext_sig->pf)) + return 1; + ext_sig++; + } + return 0; +} +EXPORT_SYMBOL_GPL(intel_find_matching_signature); + static void early_init_intel(struct cpuinfo_x86 *c) { u64 misc_enable; diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c index 1fcbd671f1df..4e611a708718 100644 --- a/arch/x86/kernel/cpu/microcode/intel.c +++ b/arch/x86/kernel/cpu/microcode/intel.c @@ -45,34 +45,6 @@ static struct microcode_intel *intel_ucode_patch; /* last level cache size per core */ static int llc_size_per_core; -/* - * Returns 1 if update has been found, 0 otherwise. - */ -static int find_matching_signature(void *mc, unsigned int csig, int cpf) -{ - struct microcode_header_intel *mc_hdr = mc; - struct extended_sigtable *ext_hdr; - struct extended_signature *ext_sig; - int i; - - if (intel_cpu_signatures_match(csig, cpf, mc_hdr->sig, mc_hdr->pf)) - return 1; - - /* Look for ext. headers: */ - if (get_totalsize(mc_hdr) <= get_datasize(mc_hdr) + MC_HEADER_SIZE) - return 0; - - ext_hdr = mc + get_datasize(mc_hdr) + MC_HEADER_SIZE; - ext_sig = (void *)ext_hdr + EXT_HEADER_SIZE; - - for (i = 0; i < ext_hdr->count; i++) { - if (intel_cpu_signatures_match(csig, cpf, ext_sig->sig, ext_sig->pf)) - return 1; - ext_sig++; - } - return 0; -} - /* * Returns 1 if update has been found, 0 otherwise. */ @@ -83,7 +55,7 @@ static int has_newer_microcode(void *mc, unsigned int csig, int cpf, int new_rev if (mc_hdr->rev <= new_rev) return 0; - return find_matching_signature(mc, csig, cpf); + return intel_find_matching_signature(mc, csig, cpf); } static struct ucode_patch *memdup_patch(void *data, unsigned int size) @@ -117,7 +89,7 @@ static void save_microcode_patch(struct ucode_cpu_info *uci, void *data, unsigne sig = mc_saved_hdr->sig; pf = mc_saved_hdr->pf; - if (find_matching_signature(data, sig, pf)) { + if (intel_find_matching_signature(data, sig, pf)) { prev_found = true; if (mc_hdr->rev <= mc_saved_hdr->rev) @@ -149,7 +121,7 @@ static void save_microcode_patch(struct ucode_cpu_info *uci, void *data, unsigne if (!p) return; - if (!find_matching_signature(p->data, uci->cpu_sig.sig, uci->cpu_sig.pf)) + if (!intel_find_matching_signature(p->data, uci->cpu_sig.sig, uci->cpu_sig.pf)) return; /* @@ -286,8 +258,8 @@ scan_microcode(void *data, size_t size, struct ucode_cpu_info *uci, bool save) size -= mc_size; - if (!find_matching_signature(data, uci->cpu_sig.sig, - uci->cpu_sig.pf)) { + if (!intel_find_matching_signature(data, uci->cpu_sig.sig, + uci->cpu_sig.pf)) { data += mc_size; continue; } @@ -652,9 +624,9 @@ static struct microcode_intel *find_patch(struct ucode_cpu_info *uci) if (phdr->rev <= uci->cpu_sig.rev) continue; - if (!find_matching_signature(phdr, - uci->cpu_sig.sig, - uci->cpu_sig.pf)) + if (!intel_find_matching_signature(phdr, + uci->cpu_sig.sig, + uci->cpu_sig.pf)) continue; return iter->data; From patchwork Mon Nov 7 22:53:14 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Joseph, Jithu" X-Patchwork-Id: 13035397 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 41EC8C4321E for ; Mon, 7 Nov 2022 22:54:50 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232690AbiKGWyt (ORCPT ); Mon, 7 Nov 2022 17:54:49 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36026 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232494AbiKGWyr (ORCPT ); Mon, 7 Nov 2022 17:54:47 -0500 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0FEB226481; Mon, 7 Nov 2022 14:54:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1667861687; x=1699397687; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Zb6DFxJeoRkypDZP83pg8o1HUltF1td45iw5cJt0xA4=; b=frxQU7hedYdI1/tLDZELMXnTzCFu85PO7Z9W56305HkvwaegKSQXZFza ZWQewH5oDkpUrw5AW/z1W9gcsZzhATvtxmSuGGw31tQ8NWLchJaPvm+Jz nSbnA/DCn9NRLL7etUi5Iiy1mDV1EJ3zAemHFYgKfFNrSUk5kmFimGEjL WLWGFweBU7OBI3UeyejkjtZmcGRSeM3s82F+7c9pPLFBH9mCKBqblMQFA 4V9ITB8UGXI8wMq/HOzxJULApxJsd2+tUgsW8n3zzJqwlhERzXn72tSI7 3dxf54fM9Hnthi9SvChuNkUwAAqXvc+vFJNCyX4tQ6FOr3Fr1LPI0TD94 w==; X-IronPort-AV: E=McAfee;i="6500,9779,10524"; a="293911828" X-IronPort-AV: E=Sophos;i="5.96,145,1665471600"; d="scan'208";a="293911828" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Nov 2022 14:54:46 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10524"; a="811012970" X-IronPort-AV: E=Sophos;i="5.96,145,1665471600"; d="scan'208";a="811012970" Received: from jithujos.sc.intel.com ([172.25.103.66]) by orsmga005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Nov 2022 14:54:46 -0800 From: Jithu Joseph To: hdegoede@redhat.com, markgross@kernel.org Cc: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, gregkh@linuxfoundation.org, jithu.joseph@intel.com, ashok.raj@intel.com, tony.luck@intel.com, linux-kernel@vger.kernel.org, platform-driver-x86@vger.kernel.org, patches@lists.linux.dev, ravi.v.shankar@intel.com, thiago.macieira@intel.com, athenas.jimenez.gonzalez@intel.com, sohil.mehta@intel.com Subject: [PATCH v2 05/14] x86/microcode/intel: Use appropriate type in microcode_sanity_check() Date: Mon, 7 Nov 2022 14:53:14 -0800 Message-Id: <20221107225323.2733518-6-jithu.joseph@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221107225323.2733518-1-jithu.joseph@intel.com> References: <20221021203413.1220137-1-jithu.joseph@intel.com> <20221107225323.2733518-1-jithu.joseph@intel.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: platform-driver-x86@vger.kernel.org The data type of print_err parameter used by microcode_sanity_check() is int. In prepration for exporting this function, to be used by the IFS driver, Convert it to a more appropriate bool type for readability. No functional change intended. Reviewed-by: Tony Luck Reviewed-by: Ashok Raj Signed-off-by: Jithu Joseph Reviewed-by: Sohil Mehta --- arch/x86/kernel/cpu/microcode/intel.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c index 4e611a708718..234b163806ea 100644 --- a/arch/x86/kernel/cpu/microcode/intel.c +++ b/arch/x86/kernel/cpu/microcode/intel.c @@ -135,7 +135,7 @@ static void save_microcode_patch(struct ucode_cpu_info *uci, void *data, unsigne intel_ucode_patch = p->data; } -static int microcode_sanity_check(void *mc, int print_err) +static int microcode_sanity_check(void *mc, bool print_err) { unsigned long total_size, data_size, ext_table_size; struct microcode_header_intel *mc_header = mc; @@ -253,7 +253,7 @@ scan_microcode(void *data, size_t size, struct ucode_cpu_info *uci, bool save) mc_size = get_totalsize(mc_header); if (!mc_size || mc_size > size || - microcode_sanity_check(data, 0) < 0) + microcode_sanity_check(data, false) < 0) break; size -= mc_size; @@ -792,7 +792,7 @@ static enum ucode_state generic_load_microcode(int cpu, struct iov_iter *iter) memcpy(mc, &mc_header, sizeof(mc_header)); data = mc + sizeof(mc_header); if (!copy_from_iter_full(data, data_size, iter) || - microcode_sanity_check(mc, 1) < 0) { + microcode_sanity_check(mc, true) < 0) { break; } From patchwork Mon Nov 7 22:53:15 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Joseph, Jithu" X-Patchwork-Id: 13035401 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1DD70C433FE for ; Mon, 7 Nov 2022 22:54:53 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232736AbiKGWyv (ORCPT ); Mon, 7 Nov 2022 17:54:51 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36036 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232577AbiKGWys (ORCPT ); Mon, 7 Nov 2022 17:54:48 -0500 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 367A9CE0D; Mon, 7 Nov 2022 14:54:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1667861687; x=1699397687; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=ar0/IOLoKpjgwdmneDbn5qh+QIaaJXDpP25wZqaQ0CU=; b=AgBqnE4Wz+MWshklAVbE93xkVOvs999vPyB7l7QRcElD3IILTY5kCgEH HvZh5mxKnu1pmo/+5PErtgLTAvQc7gNA3EOOMwK1cWhLWtcZoEV2IZr3L BpiY1xt8lvWPHyyCNWHdd2lUN5FRXGRfh1qTSiTHbktCo9Kq1b8IZOsaP 49SAQhbO/YNKBj2toG6ZFtf/GNAu5lywMG0kTiIGhCA/85gVQeOIp9DMA Iv7KPKUa2A/lS8J8BZV/y7s+FOfXmY7/pN98wYnwMzxpdwwhoJ/1e3/Lg TMKsT4OUGZpAJHX4fSpMCfM/t439xhOMfkvA9HxMUtdaTKl1WUW3sOPsq A==; X-IronPort-AV: E=McAfee;i="6500,9779,10524"; a="293911829" X-IronPort-AV: E=Sophos;i="5.96,145,1665471600"; d="scan'208";a="293911829" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Nov 2022 14:54:46 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10524"; a="811012975" X-IronPort-AV: E=Sophos;i="5.96,145,1665471600"; d="scan'208";a="811012975" Received: from jithujos.sc.intel.com ([172.25.103.66]) by orsmga005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Nov 2022 14:54:46 -0800 From: Jithu Joseph To: hdegoede@redhat.com, markgross@kernel.org Cc: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, gregkh@linuxfoundation.org, jithu.joseph@intel.com, ashok.raj@intel.com, tony.luck@intel.com, linux-kernel@vger.kernel.org, platform-driver-x86@vger.kernel.org, patches@lists.linux.dev, ravi.v.shankar@intel.com, thiago.macieira@intel.com, athenas.jimenez.gonzalez@intel.com, sohil.mehta@intel.com Subject: [PATCH v2 06/14] x86/microcode/intel: Expose microcode_sanity_check() Date: Mon, 7 Nov 2022 14:53:15 -0800 Message-Id: <20221107225323.2733518-7-jithu.joseph@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221107225323.2733518-1-jithu.joseph@intel.com> References: <20221021203413.1220137-1-jithu.joseph@intel.com> <20221107225323.2733518-1-jithu.joseph@intel.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: platform-driver-x86@vger.kernel.org IFS test image carries the same microcode header as regular Intel microcode blobs. Microcode blobs use header version of 1, whereas IFS test images will use header version of 2. microcode_sanity_check() can be used by IFS driver to perform sanity check of the IFS test images too. Refactor header version as a parameter, move it to cpu/intel.c and expose this function. Qualify the function name with intel. Reviewed-by: Tony Luck Reviewed-by: Ashok Raj Signed-off-by: Jithu Joseph Reviewed-by: Sohil Mehta --- arch/x86/include/asm/cpu.h | 1 + arch/x86/include/asm/microcode_intel.h | 1 + arch/x86/kernel/cpu/intel.c | 100 ++++++++++++++++++++++++ arch/x86/kernel/cpu/microcode/intel.c | 102 +------------------------ 4 files changed, 104 insertions(+), 100 deletions(-) diff --git a/arch/x86/include/asm/cpu.h b/arch/x86/include/asm/cpu.h index e853440b5c65..4aff5f263973 100644 --- a/arch/x86/include/asm/cpu.h +++ b/arch/x86/include/asm/cpu.h @@ -96,5 +96,6 @@ static inline bool intel_cpu_signatures_match(unsigned int s1, unsigned int p1, extern u64 x86_read_arch_cap_msr(void); int intel_find_matching_signature(void *mc, unsigned int csig, int cpf); +int intel_microcode_sanity_check(void *mc, bool print_err, int hdr_ver); #endif /* _ASM_X86_CPU_H */ diff --git a/arch/x86/include/asm/microcode_intel.h b/arch/x86/include/asm/microcode_intel.h index 4c92cea7e4b5..6626744c577b 100644 --- a/arch/x86/include/asm/microcode_intel.h +++ b/arch/x86/include/asm/microcode_intel.h @@ -41,6 +41,7 @@ struct extended_sigtable { #define DEFAULT_UCODE_TOTALSIZE (DEFAULT_UCODE_DATASIZE + MC_HEADER_SIZE) #define EXT_HEADER_SIZE (sizeof(struct extended_sigtable)) #define EXT_SIGNATURE_SIZE (sizeof(struct extended_signature)) +#define MICROCODE_HEADER_VER_UCODE 1 #define get_totalsize(mc) \ (((struct microcode_intel *)mc)->hdr.datasize ? \ diff --git a/arch/x86/kernel/cpu/intel.c b/arch/x86/kernel/cpu/intel.c index b6f9210fb31a..f8a5a25ab502 100644 --- a/arch/x86/kernel/cpu/intel.c +++ b/arch/x86/kernel/cpu/intel.c @@ -245,6 +245,106 @@ int intel_find_matching_signature(void *mc, unsigned int csig, int cpf) } EXPORT_SYMBOL_GPL(intel_find_matching_signature); +int intel_microcode_sanity_check(void *mc, bool print_err, int hdr_ver) +{ + unsigned long total_size, data_size, ext_table_size; + struct microcode_header_intel *mc_header = mc; + struct extended_sigtable *ext_header = NULL; + u32 sum, orig_sum, ext_sigcount = 0, i; + struct extended_signature *ext_sig; + + total_size = get_totalsize(mc_header); + data_size = get_datasize(mc_header); + + if (data_size + MC_HEADER_SIZE > total_size) { + if (print_err) + pr_err("Error: invalid/unknown microcode update format.\n"); + return -EINVAL; + } + + if (mc_header->ldrver != 1 || mc_header->hdrver != hdr_ver) { + if (print_err) + pr_err("Error: invalid/unknown microcode update format. Header version %d\n", + mc_header->hdrver); + return -EINVAL; + } + + ext_table_size = total_size - (MC_HEADER_SIZE + data_size); + if (ext_table_size) { + u32 ext_table_sum = 0; + u32 *ext_tablep; + + if (ext_table_size < EXT_HEADER_SIZE || + ((ext_table_size - EXT_HEADER_SIZE) % EXT_SIGNATURE_SIZE)) { + if (print_err) + pr_err("Error: truncated extended signature table.\n"); + return -EINVAL; + } + + ext_header = mc + MC_HEADER_SIZE + data_size; + if (ext_table_size != exttable_size(ext_header)) { + if (print_err) + pr_err("Error: extended signature table size mismatch.\n"); + return -EFAULT; + } + + ext_sigcount = ext_header->count; + + /* + * Check extended table checksum: the sum of all dwords that + * comprise a valid table must be 0. + */ + ext_tablep = (u32 *)ext_header; + + i = ext_table_size / sizeof(u32); + while (i--) + ext_table_sum += ext_tablep[i]; + + if (ext_table_sum) { + if (print_err) + pr_warn("Bad extended signature table checksum, aborting.\n"); + return -EINVAL; + } + } + + /* + * Calculate the checksum of update data and header. The checksum of + * valid update data and header including the extended signature table + * must be 0. + */ + orig_sum = 0; + i = (MC_HEADER_SIZE + data_size) / sizeof(u32); + while (i--) + orig_sum += ((u32 *)mc)[i]; + + if (orig_sum) { + if (print_err) + pr_err("Bad microcode data checksum, aborting.\n"); + return -EINVAL; + } + + if (!ext_table_size) + return 0; + + /* + * Check extended signature checksum: 0 => valid. + */ + for (i = 0; i < ext_sigcount; i++) { + ext_sig = (void *)ext_header + EXT_HEADER_SIZE + + EXT_SIGNATURE_SIZE * i; + + sum = (mc_header->sig + mc_header->pf + mc_header->cksum) - + (ext_sig->sig + ext_sig->pf + ext_sig->cksum); + if (sum) { + if (print_err) + pr_err("Bad extended signature checksum, aborting.\n"); + return -EINVAL; + } + } + return 0; +} +EXPORT_SYMBOL_GPL(intel_microcode_sanity_check); + static void early_init_intel(struct cpuinfo_x86 *c) { u64 misc_enable; diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c index 234b163806ea..8cd6ecf7dae1 100644 --- a/arch/x86/kernel/cpu/microcode/intel.c +++ b/arch/x86/kernel/cpu/microcode/intel.c @@ -135,104 +135,6 @@ static void save_microcode_patch(struct ucode_cpu_info *uci, void *data, unsigne intel_ucode_patch = p->data; } -static int microcode_sanity_check(void *mc, bool print_err) -{ - unsigned long total_size, data_size, ext_table_size; - struct microcode_header_intel *mc_header = mc; - struct extended_sigtable *ext_header = NULL; - u32 sum, orig_sum, ext_sigcount = 0, i; - struct extended_signature *ext_sig; - - total_size = get_totalsize(mc_header); - data_size = get_datasize(mc_header); - - if (data_size + MC_HEADER_SIZE > total_size) { - if (print_err) - pr_err("Error: bad microcode data file size.\n"); - return -EINVAL; - } - - if (mc_header->ldrver != 1 || mc_header->hdrver != 1) { - if (print_err) - pr_err("Error: invalid/unknown microcode update format.\n"); - return -EINVAL; - } - - ext_table_size = total_size - (MC_HEADER_SIZE + data_size); - if (ext_table_size) { - u32 ext_table_sum = 0; - u32 *ext_tablep; - - if ((ext_table_size < EXT_HEADER_SIZE) - || ((ext_table_size - EXT_HEADER_SIZE) % EXT_SIGNATURE_SIZE)) { - if (print_err) - pr_err("Error: truncated extended signature table.\n"); - return -EINVAL; - } - - ext_header = mc + MC_HEADER_SIZE + data_size; - if (ext_table_size != exttable_size(ext_header)) { - if (print_err) - pr_err("Error: extended signature table size mismatch.\n"); - return -EFAULT; - } - - ext_sigcount = ext_header->count; - - /* - * Check extended table checksum: the sum of all dwords that - * comprise a valid table must be 0. - */ - ext_tablep = (u32 *)ext_header; - - i = ext_table_size / sizeof(u32); - while (i--) - ext_table_sum += ext_tablep[i]; - - if (ext_table_sum) { - if (print_err) - pr_warn("Bad extended signature table checksum, aborting.\n"); - return -EINVAL; - } - } - - /* - * Calculate the checksum of update data and header. The checksum of - * valid update data and header including the extended signature table - * must be 0. - */ - orig_sum = 0; - i = (MC_HEADER_SIZE + data_size) / sizeof(u32); - while (i--) - orig_sum += ((u32 *)mc)[i]; - - if (orig_sum) { - if (print_err) - pr_err("Bad microcode data checksum, aborting.\n"); - return -EINVAL; - } - - if (!ext_table_size) - return 0; - - /* - * Check extended signature checksum: 0 => valid. - */ - for (i = 0; i < ext_sigcount; i++) { - ext_sig = (void *)ext_header + EXT_HEADER_SIZE + - EXT_SIGNATURE_SIZE * i; - - sum = (mc_header->sig + mc_header->pf + mc_header->cksum) - - (ext_sig->sig + ext_sig->pf + ext_sig->cksum); - if (sum) { - if (print_err) - pr_err("Bad extended signature checksum, aborting.\n"); - return -EINVAL; - } - } - return 0; -} - /* * Get microcode matching with BSP's model. Only CPUs with the same model as * BSP can stay in the platform. @@ -253,7 +155,7 @@ scan_microcode(void *data, size_t size, struct ucode_cpu_info *uci, bool save) mc_size = get_totalsize(mc_header); if (!mc_size || mc_size > size || - microcode_sanity_check(data, false) < 0) + intel_microcode_sanity_check(data, false, MICROCODE_HEADER_VER_UCODE) < 0) break; size -= mc_size; @@ -792,7 +694,7 @@ static enum ucode_state generic_load_microcode(int cpu, struct iov_iter *iter) memcpy(mc, &mc_header, sizeof(mc_header)); data = mc + sizeof(mc_header); if (!copy_from_iter_full(data, data_size, iter) || - microcode_sanity_check(mc, true) < 0) { + intel_microcode_sanity_check(mc, true, MICROCODE_HEADER_VER_UCODE) < 0) { break; } From patchwork Mon Nov 7 22:53:16 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Joseph, Jithu" X-Patchwork-Id: 13035400 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2BE67C43217 for ; Mon, 7 Nov 2022 22:54:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231796AbiKGWyu (ORCPT ); Mon, 7 Nov 2022 17:54:50 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36038 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232613AbiKGWys (ORCPT ); Mon, 7 Nov 2022 17:54:48 -0500 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B01B31571D; Mon, 7 Nov 2022 14:54:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1667861687; x=1699397687; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=9L4yTAcmbDrd8Wtf0AHUAz+/qaAhDmvRMsfLMW5DI0M=; b=Qd/I8lbYgrP7VLxd+crsq3YA+4cxOBiFlk+JYPLPEMapMkbE68ltwEgS yHdlgoNwkn3Cwd6qCuuZW60ys8yYNfbQSihIS9wIn79Yb2Ml70rcxmCMS 7RlcFVwczpZOBZmn/c+aHMpRJ1V51qscF8sPXTG0DvzTeuj9yfpM+Qnof EPXDDsHYtiYtesQd3B4cS7n+iFy5rrmU5Lh9+o0wr+sIBFjc957p4weEd GPxrjGNJExe/Xzf4vEuxjOtGSz8Tcbf87bnW+LYxTGsthnqZxhgisYmQu PyOSgQnT9SViiXwZDSBhc9abULaH7CyRypAPqcJUvSVE+42ex5M5ngzsf A==; X-IronPort-AV: E=McAfee;i="6500,9779,10524"; a="293911831" X-IronPort-AV: E=Sophos;i="5.96,145,1665471600"; d="scan'208";a="293911831" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Nov 2022 14:54:47 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10524"; a="811012979" X-IronPort-AV: E=Sophos;i="5.96,145,1665471600"; d="scan'208";a="811012979" Received: from jithujos.sc.intel.com ([172.25.103.66]) by orsmga005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Nov 2022 14:54:46 -0800 From: Jithu Joseph To: hdegoede@redhat.com, markgross@kernel.org Cc: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, gregkh@linuxfoundation.org, jithu.joseph@intel.com, ashok.raj@intel.com, tony.luck@intel.com, linux-kernel@vger.kernel.org, platform-driver-x86@vger.kernel.org, patches@lists.linux.dev, ravi.v.shankar@intel.com, thiago.macieira@intel.com, athenas.jimenez.gonzalez@intel.com, sohil.mehta@intel.com Subject: [PATCH v2 07/14] x86/microcode/intel: Use a reserved field for metasize Date: Mon, 7 Nov 2022 14:53:16 -0800 Message-Id: <20221107225323.2733518-8-jithu.joseph@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221107225323.2733518-1-jithu.joseph@intel.com> References: <20221021203413.1220137-1-jithu.joseph@intel.com> <20221107225323.2733518-1-jithu.joseph@intel.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: platform-driver-x86@vger.kernel.org Intel is using microcode file format for IFS test images too. IFS test images use one of the existing reserved fields in microcode header to indicate the size of the region in the file allocated for metadata structures. In prepration for this, rename first of the existing reserved fields in microcode header to metasize. In subsequent patches IFS specific code will make use of this field while parsing IFS images. Reviewed-by: Tony Luck Reviewed-by: Ashok Raj Signed-off-by: Jithu Joseph Reviewed-by: Sohil Mehta --- arch/x86/include/asm/microcode_intel.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/microcode_intel.h b/arch/x86/include/asm/microcode_intel.h index 6626744c577b..0ff4545f72d2 100644 --- a/arch/x86/include/asm/microcode_intel.h +++ b/arch/x86/include/asm/microcode_intel.h @@ -14,7 +14,8 @@ struct microcode_header_intel { unsigned int pf; unsigned int datasize; unsigned int totalsize; - unsigned int reserved[3]; + unsigned int metasize; + unsigned int reserved[2]; }; struct microcode_intel { From patchwork Mon Nov 7 22:53:17 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Joseph, Jithu" X-Patchwork-Id: 13035402 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4A61FC43219 for ; Mon, 7 Nov 2022 22:54:54 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232716AbiKGWyw (ORCPT ); Mon, 7 Nov 2022 17:54:52 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36050 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232387AbiKGWys (ORCPT ); Mon, 7 Nov 2022 17:54:48 -0500 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D09B62935D; Mon, 7 Nov 2022 14:54:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1667861687; x=1699397687; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Mk+Vz7rzmu4MdLLvCybyRG1sgfbqtsuXJMMpfrS3JGA=; b=k9Qw2A+r8FatH5CZrGoYG91w+ZON67gClZegulWPYfIPb93vRDiBaWom treX+UEOe3bnPfsWwkW9tDUnhp4YLwyyVf6+45ODKrR9YUP30CtNle5xP J647rztBHX3P88YjKfQDDN6Ix9A7XF+nptwhRRGNDPBF9VnZ45FvUEC4v jPbfCvKNbhD+sULUNntUdl/YhjM5j8j2lFMJNlA5PZOUOrXyT48ZKpqFL BEZ93JkbkOVC3CtGIk9V0ev1KhbK+FMzf5WZWGZRdWN+Vg3rdUDHfwTY0 xpGNXOQTlCf5nP2x8ztaPx1ZlSg+jC33lOUB+Hn+tL/OAoITVmdg7zZ51 A==; X-IronPort-AV: E=McAfee;i="6500,9779,10524"; a="293911834" X-IronPort-AV: E=Sophos;i="5.96,145,1665471600"; d="scan'208";a="293911834" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Nov 2022 14:54:47 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10524"; a="811012982" X-IronPort-AV: E=Sophos;i="5.96,145,1665471600"; d="scan'208";a="811012982" Received: from jithujos.sc.intel.com ([172.25.103.66]) by orsmga005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Nov 2022 14:54:47 -0800 From: Jithu Joseph To: hdegoede@redhat.com, markgross@kernel.org Cc: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, gregkh@linuxfoundation.org, jithu.joseph@intel.com, ashok.raj@intel.com, tony.luck@intel.com, linux-kernel@vger.kernel.org, platform-driver-x86@vger.kernel.org, patches@lists.linux.dev, ravi.v.shankar@intel.com, thiago.macieira@intel.com, athenas.jimenez.gonzalez@intel.com, sohil.mehta@intel.com Subject: [PATCH v2 08/14] platform/x86/intel/ifs: Add metadata support Date: Mon, 7 Nov 2022 14:53:17 -0800 Message-Id: <20221107225323.2733518-9-jithu.joseph@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221107225323.2733518-1-jithu.joseph@intel.com> References: <20221021203413.1220137-1-jithu.joseph@intel.com> <20221107225323.2733518-1-jithu.joseph@intel.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: platform-driver-x86@vger.kernel.org From: Ashok Raj One of the existing reserved fields in microcode header has been allocated to indicate the size for metadata structures. The metadata section within microcode header is as shown below: Microcode Format +----------------------+ Base |Header Version | +----------------------+ |Update revision | +----------------------+ |Date DDMMYYYY | +----------------------+ |Sig | +----------------------+ |Checksum | +----------------------+ |Loader Version | +----------------------+ |Processor Flags | +----------------------+ |Data Size | +----------------------+ |Total Size | +----------------------+ |Meta Size | +----------------------+ |Reserved | +----------------------+ |Reserved | +----------------------+ Base+48 | | | | | | | | | Microcode | | | | Data | | | | | +----------------------+ Base+48+data_size- | | meta_size | Meta Data | | structure(s) | | | +----------------------+ Base+48+data_size | Extended Signature | | Table | | | | | | | | | | | +----------------------+ Base+total_size Add an accessor function which will return a pointer to the start of a specific meta_type being queried. In subsequent patches, IFS test image file (which reuse microcode header format) will make use of metadata section. Reviewed-by: Tony Luck Signed-off-by: Ashok Raj Signed-off-by: Jithu Joseph Reviewed-by: Sohil Mehta Reviewed-by: Hans de Goede --- drivers/platform/x86/intel/ifs/load.c | 32 +++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/drivers/platform/x86/intel/ifs/load.c b/drivers/platform/x86/intel/ifs/load.c index 89ce265887ea..60ba5a057f91 100644 --- a/drivers/platform/x86/intel/ifs/load.c +++ b/drivers/platform/x86/intel/ifs/load.c @@ -44,6 +44,38 @@ static const char * const scan_authentication_status[] = { [2] = "Chunk authentication error. The hash of chunk did not match expected value" }; +#define META_TYPE_END (0) + +struct metadata_header { + unsigned int type; + unsigned int blk_size; +}; + +static struct metadata_header *ifs_find_meta_data(void *ucode, unsigned int meta_type) +{ + struct metadata_header *meta_header; + unsigned long data_size, total_meta; + unsigned long meta_size = 0; + + data_size = get_datasize(ucode); + total_meta = ((struct microcode_intel *)ucode)->hdr.metasize; + + if (!total_meta) + return NULL; + + meta_header = (ucode + MC_HEADER_SIZE + data_size) - total_meta; + + while ((meta_header->type != META_TYPE_END) && meta_header->blk_size && + meta_size < total_meta) { + meta_size += meta_header->blk_size; + if (meta_header->type == meta_type) + return meta_header; + + meta_header = (void *)meta_header + meta_header->blk_size; + } + return NULL; +} + /* * To copy scan hashes and authenticate test chunks, the initiating cpu must point * to the EDX:EAX to the test image in linear address. From patchwork Mon Nov 7 22:53:18 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: "Joseph, Jithu" X-Patchwork-Id: 13035403 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4BCD9C433FE for ; Mon, 7 Nov 2022 22:54:57 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232258AbiKGWyx (ORCPT ); Mon, 7 Nov 2022 17:54:53 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36062 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232699AbiKGWyt (ORCPT ); Mon, 7 Nov 2022 17:54:49 -0500 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 34DA32A264; Mon, 7 Nov 2022 14:54:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1667861688; x=1699397688; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=xk3wu53viXULrrqCXnqhCdTb0C0obxsJ7pgLlcSNlt0=; b=bsrB++UX/5sluX0u6/0rTbzzH4ly1Z3dRoG+hQxNPlgxBLRGL0HxVogN 4244CGI8yC027BXqvZ9gWakm1f2CdGzjP21YSUB2CQBtGzef2Wi80CUus BakUcDPwVH0HmR2Wy2pL18rOhf5XEKA06nNJJ7KHb78f5ExdMmGV14XcI Uf41cAkEh0/H8KhobzrgjMnCmnNgBqmD26pqH1S5w8CFVFFOsLgzza7lR zvTWjxx6VqA6lpV8tDeFkrNDr99Xxmuj5I/px+p59iuQre5T1agELC2jP tJvM3rdvYexZt56Jf36NVLVRwcroQTOiMl4DyjUV0YcT19EV+MJ1omzvd Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10524"; a="293911835" X-IronPort-AV: E=Sophos;i="5.96,145,1665471600"; d="scan'208";a="293911835" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Nov 2022 14:54:48 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10524"; a="811012985" X-IronPort-AV: E=Sophos;i="5.96,145,1665471600"; d="scan'208";a="811012985" Received: from jithujos.sc.intel.com ([172.25.103.66]) by orsmga005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Nov 2022 14:54:47 -0800 From: Jithu Joseph To: hdegoede@redhat.com, markgross@kernel.org Cc: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, gregkh@linuxfoundation.org, jithu.joseph@intel.com, ashok.raj@intel.com, tony.luck@intel.com, linux-kernel@vger.kernel.org, platform-driver-x86@vger.kernel.org, patches@lists.linux.dev, ravi.v.shankar@intel.com, thiago.macieira@intel.com, athenas.jimenez.gonzalez@intel.com, sohil.mehta@intel.com Subject: [PATCH v2 09/14] platform/x86/intel/ifs: Use generic microcode headers and functions Date: Mon, 7 Nov 2022 14:53:18 -0800 Message-Id: <20221107225323.2733518-10-jithu.joseph@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221107225323.2733518-1-jithu.joseph@intel.com> References: <20221021203413.1220137-1-jithu.joseph@intel.com> <20221107225323.2733518-1-jithu.joseph@intel.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: platform-driver-x86@vger.kernel.org Existing implementation (broken) of IFS used a header format (for IFS test images) which was very similar to microcode format, but didn’t accommodate extended signatures. This meant same IFS test image had to be duplicated for different steppings and the validation code in the driver was only looking at the primary header parameters. Going forward IFS test image headers has been tweaked to become fully compatible with microcode format. Newer IFS test image headers will use microcode_header_intel->hdrver = 2, so as to distinguish it from microcode images and older IFS test images. In light of the above, use struct microcode_header_intel directly in IFS driver instead of duplicating into a separate ifs_header structure. Further use existing microcode_sanity_check() and find_matching_signature() directly instead of implementing separate ones within the driver. More IFS specific checks will be added subsequently. Reviewed-by: Tony Luck Signed-off-by: Jithu Joseph Reviewed-by: Sohil Mehta Reviewed-by: Hans de Goede --- arch/x86/include/asm/microcode_intel.h | 1 + drivers/platform/x86/intel/ifs/load.c | 102 +++++-------------------- 2 files changed, 20 insertions(+), 83 deletions(-) diff --git a/arch/x86/include/asm/microcode_intel.h b/arch/x86/include/asm/microcode_intel.h index 0ff4545f72d2..f905238748fc 100644 --- a/arch/x86/include/asm/microcode_intel.h +++ b/arch/x86/include/asm/microcode_intel.h @@ -43,6 +43,7 @@ struct extended_sigtable { #define EXT_HEADER_SIZE (sizeof(struct extended_sigtable)) #define EXT_SIGNATURE_SIZE (sizeof(struct extended_signature)) #define MICROCODE_HEADER_VER_UCODE 1 +#define MICROCODE_HEADER_VER_IFS 2 #define get_totalsize(mc) \ (((struct microcode_intel *)mc)->hdr.datasize ? \ diff --git a/drivers/platform/x86/intel/ifs/load.c b/drivers/platform/x86/intel/ifs/load.c index 60ba5a057f91..7c0d8602817b 100644 --- a/drivers/platform/x86/intel/ifs/load.c +++ b/drivers/platform/x86/intel/ifs/load.c @@ -8,22 +8,8 @@ #include "ifs.h" -struct ifs_header { - u32 header_ver; - u32 blob_revision; - u32 date; - u32 processor_sig; - u32 check_sum; - u32 loader_rev; - u32 processor_flags; - u32 metadata_size; - u32 total_size; - u32 fusa_info; - u64 reserved; -}; - -#define IFS_HEADER_SIZE (sizeof(struct ifs_header)) -static struct ifs_header *ifs_header_ptr; /* pointer to the ifs image header */ +#define IFS_HEADER_SIZE (sizeof(struct microcode_header_intel)) +static struct microcode_header_intel *ifs_header_ptr; /* pointer to the ifs image header */ static u64 ifs_hash_ptr; /* Address of ifs metadata (hash) */ static u64 ifs_test_image_ptr; /* 256B aligned address of test pattern */ static DECLARE_COMPLETION(ifs_done); @@ -150,33 +136,18 @@ static void copy_hashes_authenticate_chunks(struct work_struct *work) */ static int scan_chunks_sanity_check(struct device *dev) { - int metadata_size, curr_pkg, cpu, ret = -ENOMEM; struct ifs_data *ifsd = ifs_get_data(dev); + int curr_pkg, cpu, ret = -ENOMEM; bool *package_authenticated; struct ifs_work local_work; - char *test_ptr; package_authenticated = kcalloc(topology_max_packages(), sizeof(bool), GFP_KERNEL); if (!package_authenticated) return ret; - metadata_size = ifs_header_ptr->metadata_size; - /* Spec says that if the Meta Data Size = 0 then it should be treated as 2000 */ - if (metadata_size == 0) - metadata_size = 2000; - - /* Scan chunk start must be 256 byte aligned */ - if ((metadata_size + IFS_HEADER_SIZE) % 256) { - dev_err(dev, "Scan pattern offset within the binary is not 256 byte aligned\n"); - return -EINVAL; - } - - test_ptr = (char *)ifs_header_ptr + IFS_HEADER_SIZE + metadata_size; ifsd->loading_error = false; - - ifs_test_image_ptr = (u64)test_ptr; - ifsd->loaded_version = ifs_header_ptr->blob_revision; + ifsd->loaded_version = ifs_header_ptr->rev; /* copy the scan hash and authenticate per package */ cpus_read_lock(); @@ -203,67 +174,33 @@ static int scan_chunks_sanity_check(struct device *dev) return ret; } -static int ifs_sanity_check(struct device *dev, - const struct microcode_header_intel *mc_header) +static int ifs_image_sanity_check(struct device *dev, const struct microcode_header_intel *data) { - unsigned long total_size, data_size; - u32 sum, *mc; - - total_size = get_totalsize(mc_header); - data_size = get_datasize(mc_header); + struct ucode_cpu_info uci; - if ((data_size + MC_HEADER_SIZE > total_size) || (total_size % sizeof(u32))) { - dev_err(dev, "bad ifs data file size.\n"); + /* Provide a specific error message when loading an older/unsupported image */ + if (data->hdrver != MICROCODE_HEADER_VER_IFS) { + dev_err(dev, "Header version %d not supported\n", data->hdrver); return -EINVAL; } - if (mc_header->ldrver != 1 || mc_header->hdrver != 1) { - dev_err(dev, "invalid/unknown ifs update format.\n"); + if (intel_microcode_sanity_check((void *)data, true, MICROCODE_HEADER_VER_IFS)) { + dev_err(dev, "sanity check failed\n"); return -EINVAL; } - mc = (u32 *)mc_header; - sum = 0; - for (int i = 0; i < total_size / sizeof(u32); i++) - sum += mc[i]; + intel_cpu_collect_info(&uci); - if (sum) { - dev_err(dev, "bad ifs data checksum, aborting.\n"); + if (!intel_find_matching_signature((void *)data, + uci.cpu_sig.sig, + uci.cpu_sig.pf)) { + dev_err(dev, "cpu signature, processor flags not matching\n"); return -EINVAL; } return 0; } -static bool find_ifs_matching_signature(struct device *dev, struct ucode_cpu_info *uci, - const struct microcode_header_intel *shdr) -{ - unsigned int mc_size; - - mc_size = get_totalsize(shdr); - - if (!mc_size || ifs_sanity_check(dev, shdr) < 0) { - dev_err(dev, "ifs sanity check failure\n"); - return false; - } - - if (!intel_cpu_signatures_match(uci->cpu_sig.sig, uci->cpu_sig.pf, shdr->sig, shdr->pf)) { - dev_err(dev, "ifs signature, pf not matching\n"); - return false; - } - - return true; -} - -static bool ifs_image_sanity_check(struct device *dev, const struct microcode_header_intel *data) -{ - struct ucode_cpu_info uci; - - intel_cpu_collect_info(&uci); - - return find_ifs_matching_signature(dev, &uci, data); -} - /* * Load ifs image. Before loading ifs module, the ifs image must be located * in /lib/firmware/intel/ifs and named as {family/model/stepping}.{testname}. @@ -284,12 +221,11 @@ void ifs_load_firmware(struct device *dev) goto done; } - if (!ifs_image_sanity_check(dev, (struct microcode_header_intel *)fw->data)) { - dev_err(dev, "ifs header sanity check failed\n"); + ret = ifs_image_sanity_check(dev, (struct microcode_header_intel *)fw->data); + if (ret) goto release; - } - ifs_header_ptr = (struct ifs_header *)fw->data; + ifs_header_ptr = (struct microcode_header_intel *)fw->data; ifs_hash_ptr = (u64)(ifs_header_ptr + 1); ret = scan_chunks_sanity_check(dev); From patchwork Mon Nov 7 22:53:19 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Joseph, Jithu" X-Patchwork-Id: 13035404 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 62E77C4332F for ; Mon, 7 Nov 2022 22:54:58 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232799AbiKGWyy (ORCPT ); Mon, 7 Nov 2022 17:54:54 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36064 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232693AbiKGWyt (ORCPT ); Mon, 7 Nov 2022 17:54:49 -0500 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 86C941571D; Mon, 7 Nov 2022 14:54:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1667861688; x=1699397688; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=WqEb7bkqzB9awU+zIFi5Shc5FWp2eKID0NmWlt0sCJQ=; b=PbwsfgymAIVonXFszJxQ2sEZmMInoSMtQugjnXwJaYqcRhjFY6cA2fAd MBoM/YYySfXsstmGy9doGRGByne+N2325rzGZ85F7IS0WbYkNDHs6XdDq GRaCpqYVQcq1wm/E5tbMJvbImXMEnUMOfXOUF4IPA9305vIYgBMsQOyDV EihQq3zfafeti/NXz+ZZZgoYstgEjTsVbO8evxtPDFQlpm1x1GnB6aIIy xc1lUnFIeg23oYdQNBM9n0Q1I+ap6pUd5QzDwgjKlepHVJ8pytB6Uzz5a fG7/m15TgSzeK2cw/W37Cgo7vavS3LfyPbJ8wOjSFpo4GwvXYMFZg2up/ A==; X-IronPort-AV: E=McAfee;i="6500,9779,10524"; a="293911836" X-IronPort-AV: E=Sophos;i="5.96,145,1665471600"; d="scan'208";a="293911836" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Nov 2022 14:54:48 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10524"; a="811012988" X-IronPort-AV: E=Sophos;i="5.96,145,1665471600"; d="scan'208";a="811012988" Received: from jithujos.sc.intel.com ([172.25.103.66]) by orsmga005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Nov 2022 14:54:47 -0800 From: Jithu Joseph To: hdegoede@redhat.com, markgross@kernel.org Cc: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, gregkh@linuxfoundation.org, jithu.joseph@intel.com, ashok.raj@intel.com, tony.luck@intel.com, linux-kernel@vger.kernel.org, platform-driver-x86@vger.kernel.org, patches@lists.linux.dev, ravi.v.shankar@intel.com, thiago.macieira@intel.com, athenas.jimenez.gonzalez@intel.com, sohil.mehta@intel.com Subject: [PATCH v2 10/14] platform/x86/intel/ifs: Add metadata validation Date: Mon, 7 Nov 2022 14:53:19 -0800 Message-Id: <20221107225323.2733518-11-jithu.joseph@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221107225323.2733518-1-jithu.joseph@intel.com> References: <20221021203413.1220137-1-jithu.joseph@intel.com> <20221107225323.2733518-1-jithu.joseph@intel.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: platform-driver-x86@vger.kernel.org The data portion of IFS test image file contains a metadata region containing possibly multiple metadata structures in addition to test data and hashes. Introduce the layout of this meta_data structure and validate the sanity of certain fields of the new image before loading. Tweak references to IFS test image chunks to reflect the updated layout of the test image. Reviewed-by: Tony Luck Signed-off-by: Jithu Joseph Reviewed-by: Sohil Mehta Reviewed-by: Hans de Goede --- drivers/platform/x86/intel/ifs/ifs.h | 2 + drivers/platform/x86/intel/ifs/load.c | 53 +++++++++++++++++++++++++++ 2 files changed, 55 insertions(+) diff --git a/drivers/platform/x86/intel/ifs/ifs.h b/drivers/platform/x86/intel/ifs/ifs.h index 3ff1d9aaeaa9..98ca91bdd5ca 100644 --- a/drivers/platform/x86/intel/ifs/ifs.h +++ b/drivers/platform/x86/intel/ifs/ifs.h @@ -196,6 +196,7 @@ union ifs_status { * @valid_chunks: number of chunks which could be validated. * @status: it holds simple status pass/fail/untested * @scan_details: opaque scan status code from h/w + * @cur_batch: number indicating the currently loaded test file */ struct ifs_data { int integrity_cap_bit; @@ -205,6 +206,7 @@ struct ifs_data { int valid_chunks; int status; u64 scan_details; + int cur_batch; }; struct ifs_work { diff --git a/drivers/platform/x86/intel/ifs/load.c b/drivers/platform/x86/intel/ifs/load.c index 7c0d8602817b..f361fd42a320 100644 --- a/drivers/platform/x86/intel/ifs/load.c +++ b/drivers/platform/x86/intel/ifs/load.c @@ -8,7 +8,23 @@ #include "ifs.h" +struct meta_data { + unsigned int meta_type; // metadata type + unsigned int meta_size; // size of this entire struct including hdrs. + unsigned int test_type; // IFS test type + unsigned int fusa_info; // Fusa info + unsigned int total_images; // Total number of images + unsigned int current_image; // Current Image # + unsigned int total_chunks; // Total number of chunks in this image + unsigned int starting_chunk; // Starting chunk number in this image + unsigned int size_per_chunk; // size of each chunk + unsigned int chunks_per_stride; // number of chunks in a stride + unsigned int reserved[54]; // Align to 256 bytes for chunk alignment. +}; + #define IFS_HEADER_SIZE (sizeof(struct microcode_header_intel)) +#define META_TYPE_IFS 1 +#define IFS_CHUNK_ALIGNMENT 256 static struct microcode_header_intel *ifs_header_ptr; /* pointer to the ifs image header */ static u64 ifs_hash_ptr; /* Address of ifs metadata (hash) */ static u64 ifs_test_image_ptr; /* 256B aligned address of test pattern */ @@ -129,6 +145,40 @@ static void copy_hashes_authenticate_chunks(struct work_struct *work) complete(&ifs_done); } +static int validate_ifs_metadata(struct device *dev) +{ + struct ifs_data *ifsd = ifs_get_data(dev); + struct meta_data *ifs_meta; + char test_file[64]; + int ret = -EINVAL; + + snprintf(test_file, sizeof(test_file), "%02x-%02x-%02x-%02x.scan", + boot_cpu_data.x86, boot_cpu_data.x86_model, + boot_cpu_data.x86_stepping, ifsd->cur_batch); + + ifs_meta = (struct meta_data *)ifs_find_meta_data(ifs_header_ptr, META_TYPE_IFS); + if (!ifs_meta) { + dev_err(dev, "IFS Metadata missing in file %s\n", test_file); + return ret; + } + + ifs_test_image_ptr = (u64)ifs_meta + sizeof(struct meta_data); + + /* Scan chunk start must be 256 byte aligned */ + if (!IS_ALIGNED(ifs_test_image_ptr, IFS_CHUNK_ALIGNMENT)) { + dev_err(dev, "Scan pattern offset is not 256 byte aligned in %s\n", test_file); + return ret; + } + + if (ifs_meta->current_image != ifsd->cur_batch) { + dev_warn(dev, "Mismatch between filename %s and batch metadata 0x%02x\n", + test_file, ifs_meta->current_image); + return ret; + } + + return 0; +} + /* * IFS requires scan chunks authenticated per each socket in the platform. * Once the test chunk is authenticated, it is automatically copied to secured memory @@ -145,6 +195,9 @@ static int scan_chunks_sanity_check(struct device *dev) if (!package_authenticated) return ret; + ret = validate_ifs_metadata(dev); + if (ret) + return ret; ifsd->loading_error = false; ifsd->loaded_version = ifs_header_ptr->rev; From patchwork Mon Nov 7 22:53:20 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Joseph, Jithu" X-Patchwork-Id: 13035405 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id C51E4C433FE for ; Mon, 7 Nov 2022 22:54:59 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231657AbiKGWy5 (ORCPT ); Mon, 7 Nov 2022 17:54:57 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36050 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232712AbiKGWyt (ORCPT ); Mon, 7 Nov 2022 17:54:49 -0500 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1EEE62935D; Mon, 7 Nov 2022 14:54:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1667861689; x=1699397689; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=w7zyU0EMZtiBlCMi0pWV2TZ8XEkOY6y3ce2a9bhJ6dI=; b=BZcnB+CxME1goxSDHKYZq6aUQTYRBlC0FG3CyYZHi7R42k3ZLnXUStjX zamkIxAGfDwMnLWs+b2r5St3lIepPgG/6A93inKwD4ZVmgojRLU7GYuSj 2cPMuXoD0tOlzRU+Pk+fgcqH9aAP4LAvxbqoxNMvhwR//OCyKmaM7H5f9 PaIyJY12Mng4cYUw5RhHzcqoS5kBo/oRVaUaQb8mhfcqCKeGVQCcdRrmH WJupKc7xxJQFW03BfxAChGrwXO7pktE8BlraFvHLTMxoaFv1IG1ibwAv3 obDbZXPMw9x87+MpCJZHzz6BaqqXYAZskuML6QW0Q/7kfPsWeL8wguhKU g==; X-IronPort-AV: E=McAfee;i="6500,9779,10524"; a="293911839" X-IronPort-AV: E=Sophos;i="5.96,145,1665471600"; d="scan'208";a="293911839" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Nov 2022 14:54:49 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10524"; a="811012991" X-IronPort-AV: E=Sophos;i="5.96,145,1665471600"; d="scan'208";a="811012991" Received: from jithujos.sc.intel.com ([172.25.103.66]) by orsmga005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Nov 2022 14:54:48 -0800 From: Jithu Joseph To: hdegoede@redhat.com, markgross@kernel.org Cc: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, gregkh@linuxfoundation.org, jithu.joseph@intel.com, ashok.raj@intel.com, tony.luck@intel.com, linux-kernel@vger.kernel.org, platform-driver-x86@vger.kernel.org, patches@lists.linux.dev, ravi.v.shankar@intel.com, thiago.macieira@intel.com, athenas.jimenez.gonzalez@intel.com, sohil.mehta@intel.com Subject: [PATCH v2 11/14] platform/x86/intel/ifs: Remove reload sysfs entry Date: Mon, 7 Nov 2022 14:53:20 -0800 Message-Id: <20221107225323.2733518-12-jithu.joseph@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221107225323.2733518-1-jithu.joseph@intel.com> References: <20221021203413.1220137-1-jithu.joseph@intel.com> <20221107225323.2733518-1-jithu.joseph@intel.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: platform-driver-x86@vger.kernel.org Reload sysfs entry will be replaced by current_batch, drop it. Reviewed-by: Tony Luck Signed-off-by: Jithu Joseph Reviewed-by: Sohil Mehta Reviewed-by: Hans de Goede --- drivers/platform/x86/intel/ifs/sysfs.c | 29 -------------------------- 1 file changed, 29 deletions(-) diff --git a/drivers/platform/x86/intel/ifs/sysfs.c b/drivers/platform/x86/intel/ifs/sysfs.c index 65dd6fea5342..e077910c5d28 100644 --- a/drivers/platform/x86/intel/ifs/sysfs.c +++ b/drivers/platform/x86/intel/ifs/sysfs.c @@ -87,34 +87,6 @@ static ssize_t run_test_store(struct device *dev, static DEVICE_ATTR_WO(run_test); -/* - * Reload the IFS image. When user wants to install new IFS image - */ -static ssize_t reload_store(struct device *dev, - struct device_attribute *attr, - const char *buf, size_t count) -{ - struct ifs_data *ifsd = ifs_get_data(dev); - bool res; - - - if (kstrtobool(buf, &res)) - return -EINVAL; - if (!res) - return count; - - if (down_interruptible(&ifs_sem)) - return -EINTR; - - ifs_load_firmware(dev); - - up(&ifs_sem); - - return ifsd->loaded ? count : -ENODEV; -} - -static DEVICE_ATTR_WO(reload); - /* * Display currently loaded IFS image version. */ @@ -136,7 +108,6 @@ static struct attribute *plat_ifs_attrs[] = { &dev_attr_details.attr, &dev_attr_status.attr, &dev_attr_run_test.attr, - &dev_attr_reload.attr, &dev_attr_image_version.attr, NULL }; From patchwork Mon Nov 7 22:53:21 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Joseph, Jithu" X-Patchwork-Id: 13035406 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id CCE4BC433FE for ; Mon, 7 Nov 2022 22:55:06 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232834AbiKGWzE (ORCPT ); Mon, 7 Nov 2022 17:55:04 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36050 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232745AbiKGWyv (ORCPT ); Mon, 7 Nov 2022 17:54:51 -0500 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C717C2C136; Mon, 7 Nov 2022 14:54:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1667861689; x=1699397689; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=rGty/ND0dwTw6DFxmOEmfdO/+IKOkgj7e852ob1OgrI=; b=HaaewNOQdV/N8xHGk+7tGAIZN+YMQdlsBkA9CVODvEuKnezTpyc1hbHC ycHrFcI0TcYxVbPDEQa6fRqOrL/1cEDKBQcEcIilfckWAAImoBU5NUsvl 6sblGdi/PRO8ZUbwMv3KSqlroaHsS0rCga5RgEyA1loFykj9qkK2X8n30 MkvBUJdA1SxTux0tenzyLDdnxZjRY2g3cbXhTPARVrnJsImqjotdl1JLO 5tkaogUYHqTw1mM98YPpPJITbb0DtQSnLj7iJ4wmciSLr+gnRJBnErRPN 3w/YIMpahBPFjqne7ClEhUiOFAHyPeLmi4fIsGs98cRehCTzfv/7TxABi w==; X-IronPort-AV: E=McAfee;i="6500,9779,10524"; a="293911840" X-IronPort-AV: E=Sophos;i="5.96,145,1665471600"; d="scan'208";a="293911840" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Nov 2022 14:54:49 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10524"; a="811012994" X-IronPort-AV: E=Sophos;i="5.96,145,1665471600"; d="scan'208";a="811012994" Received: from jithujos.sc.intel.com ([172.25.103.66]) by orsmga005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Nov 2022 14:54:48 -0800 From: Jithu Joseph To: hdegoede@redhat.com, markgross@kernel.org Cc: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, gregkh@linuxfoundation.org, jithu.joseph@intel.com, ashok.raj@intel.com, tony.luck@intel.com, linux-kernel@vger.kernel.org, platform-driver-x86@vger.kernel.org, patches@lists.linux.dev, ravi.v.shankar@intel.com, thiago.macieira@intel.com, athenas.jimenez.gonzalez@intel.com, sohil.mehta@intel.com Subject: [PATCH v2 12/14] platform/x86/intel/ifs: Add current_batch sysfs entry Date: Mon, 7 Nov 2022 14:53:21 -0800 Message-Id: <20221107225323.2733518-13-jithu.joseph@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221107225323.2733518-1-jithu.joseph@intel.com> References: <20221021203413.1220137-1-jithu.joseph@intel.com> <20221107225323.2733518-1-jithu.joseph@intel.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: platform-driver-x86@vger.kernel.org Initial implementation assumed a single IFS test image file with a fixed name ff-mm-ss.scan. (where ff, mm, ss refers to family, model and stepping of the core) Subsequently, it became evident that supporting more than one test image file is needed to provide more comprehensive test coverage. (Test coverage in this scenario refers to testing more transistors in the core to identify faults) The other alternative of increasing the size of a single scan test image file would not work as the upper bound is limited by the size of memory area reserved by BIOS for loading IFS test image. Introduce "current_batch" file which accepts a number. Writing a number to the current_batch file would load the test image file by name ff-mm-ss-.scan, where is the number written to the "current_batch" file in hex. Range check of the input is done to verify it not greater than 0xff. For e.g if the scan test image comprises of 6 files, they would be named as show below: 06-8f-06-01.scan 06-8f-06-02.scan 06-8f-06-03.scan 06-8f-06-04.scan 06-8f-06-05.scan 06-8f-06-06.scan And writing 3 to current_batch would result in loading 06-8f-06-03.scan in the above e.g. The file can also be read to know the currently loaded file. And testing a system looks like: for each scan file do load the IFS test image file (write to the batch file) for each core do test the core with this set of tests done done Qualify few error messages with the test image file suffix to provide better context. Reviewed-by: Tony Luck Signed-off-by: Jithu Joseph Reviewed-by: Sohil Mehta Reviewed-by: Hans de Goede --- drivers/platform/x86/intel/ifs/ifs.h | 23 ++++++++++---- drivers/platform/x86/intel/ifs/core.c | 1 + drivers/platform/x86/intel/ifs/load.c | 18 +++++++---- drivers/platform/x86/intel/ifs/runtest.c | 10 ++++--- drivers/platform/x86/intel/ifs/sysfs.c | 38 ++++++++++++++++++++++++ 5 files changed, 74 insertions(+), 16 deletions(-) diff --git a/drivers/platform/x86/intel/ifs/ifs.h b/drivers/platform/x86/intel/ifs/ifs.h index 98ca91bdd5ca..390e508faf57 100644 --- a/drivers/platform/x86/intel/ifs/ifs.h +++ b/drivers/platform/x86/intel/ifs/ifs.h @@ -33,13 +33,23 @@ * The driver loads the tests into memory reserved BIOS local to each CPU * socket in a two step process using writes to MSRs to first load the * SHA hashes for the test. Then the tests themselves. Status MSRs provide - * feedback on the success/failure of these steps. When a new test file - * is installed it can be loaded by writing to the driver reload file:: + * feedback on the success/failure of these steps. * - * # echo 1 > /sys/devices/virtual/misc/intel_ifs_0/reload + * The test files are kept in a fixed location: /lib/firmware/intel/ifs_0/ + * For e.g if there are 3 test files, they would be named in the following + * fashion: + * ff-mm-ss-01.scan + * ff-mm-ss-02.scan + * ff-mm-ss-03.scan + * (where ff refers to family, mm indicates model and ss indicates stepping) * - * Similar to microcode, the current version of the scan tests is stored - * in a fixed location: /lib/firmware/intel/ifs.0/family-model-stepping.scan + * A different testfile can be loaded by writing the numerical portion + * (e.g 1, 2 or 3 in the above scenario) into the curent_batch file. + * To load ff-mm-ss-02.scan, the following command can be used:: + * + * # echo 2 > /sys/devices/virtual/misc/intel_ifs_0/current_batch + * + * The above file can also be read to know the currently loaded image. * * Running tests * ------------- @@ -207,6 +217,7 @@ struct ifs_data { int status; u64 scan_details; int cur_batch; + int test_num; }; struct ifs_work { @@ -227,7 +238,7 @@ static inline struct ifs_data *ifs_get_data(struct device *dev) return &d->data; } -void ifs_load_firmware(struct device *dev); +int ifs_load_firmware(struct device *dev); int do_core_test(int cpu, struct device *dev); const struct attribute_group **ifs_get_groups(void); diff --git a/drivers/platform/x86/intel/ifs/core.c b/drivers/platform/x86/intel/ifs/core.c index 5fb7f655c291..1f040837e8eb 100644 --- a/drivers/platform/x86/intel/ifs/core.c +++ b/drivers/platform/x86/intel/ifs/core.c @@ -22,6 +22,7 @@ MODULE_DEVICE_TABLE(x86cpu, ifs_cpu_ids); static struct ifs_device ifs_device = { .data = { .integrity_cap_bit = MSR_INTEGRITY_CAPS_PERIODIC_BIST_BIT, + .test_num = 0, }, .misc = { .name = "intel_ifs_0", diff --git a/drivers/platform/x86/intel/ifs/load.c b/drivers/platform/x86/intel/ifs/load.c index f361fd42a320..c6414958a691 100644 --- a/drivers/platform/x86/intel/ifs/load.c +++ b/drivers/platform/x86/intel/ifs/load.c @@ -256,17 +256,18 @@ static int ifs_image_sanity_check(struct device *dev, const struct microcode_hea /* * Load ifs image. Before loading ifs module, the ifs image must be located - * in /lib/firmware/intel/ifs and named as {family/model/stepping}.{testname}. + * in /lib/firmware/intel/ifs_x/ and named as family-model-stepping-02x.{testname}. */ -void ifs_load_firmware(struct device *dev) +int ifs_load_firmware(struct device *dev) { struct ifs_data *ifsd = ifs_get_data(dev); const struct firmware *fw; - char scan_path[32]; - int ret; + char scan_path[64]; + int ret = -EINVAL; - snprintf(scan_path, sizeof(scan_path), "intel/ifs/%02x-%02x-%02x.scan", - boot_cpu_data.x86, boot_cpu_data.x86_model, boot_cpu_data.x86_stepping); + snprintf(scan_path, sizeof(scan_path), "intel/ifs_%d/%02x-%02x-%02x-%02x.scan", + ifsd->test_num, boot_cpu_data.x86, boot_cpu_data.x86_model, + boot_cpu_data.x86_stepping, ifsd->cur_batch); ret = request_firmware_direct(&fw, scan_path, dev); if (ret) { @@ -282,8 +283,13 @@ void ifs_load_firmware(struct device *dev) ifs_hash_ptr = (u64)(ifs_header_ptr + 1); ret = scan_chunks_sanity_check(dev); + if (ret) + dev_err(dev, "Load failure for batch: %02x\n", ifsd->cur_batch); + release: release_firmware(fw); done: ifsd->loaded = (ret == 0); + + return ret; } diff --git a/drivers/platform/x86/intel/ifs/runtest.c b/drivers/platform/x86/intel/ifs/runtest.c index b2ca2bb4501f..0bfd8fcdd7e8 100644 --- a/drivers/platform/x86/intel/ifs/runtest.c +++ b/drivers/platform/x86/intel/ifs/runtest.c @@ -78,14 +78,16 @@ static void message_not_tested(struct device *dev, int cpu, union ifs_status sta static void message_fail(struct device *dev, int cpu, union ifs_status status) { + struct ifs_data *ifsd = ifs_get_data(dev); + /* * control_error is set when the microcode runs into a problem * loading the image from the reserved BIOS memory, or it has * been corrupted. Reloading the image may fix this issue. */ if (status.control_error) { - dev_err(dev, "CPU(s) %*pbl: could not execute from loaded scan image\n", - cpumask_pr_args(cpu_smt_mask(cpu))); + dev_err(dev, "CPU(s) %*pbl: could not execute from loaded scan image. Batch: %02x version: 0x%x\n", + cpumask_pr_args(cpu_smt_mask(cpu)), ifsd->cur_batch, ifsd->loaded_version); } /* @@ -96,8 +98,8 @@ static void message_fail(struct device *dev, int cpu, union ifs_status status) * the core being tested. */ if (status.signature_error) { - dev_err(dev, "CPU(s) %*pbl: test signature incorrect.\n", - cpumask_pr_args(cpu_smt_mask(cpu))); + dev_err(dev, "CPU(s) %*pbl: test signature incorrect. Batch: %02x version: 0x%x\n", + cpumask_pr_args(cpu_smt_mask(cpu)), ifsd->cur_batch, ifsd->loaded_version); } } diff --git a/drivers/platform/x86/intel/ifs/sysfs.c b/drivers/platform/x86/intel/ifs/sysfs.c index e077910c5d28..d2eeeb04d760 100644 --- a/drivers/platform/x86/intel/ifs/sysfs.c +++ b/drivers/platform/x86/intel/ifs/sysfs.c @@ -87,6 +87,43 @@ static ssize_t run_test_store(struct device *dev, static DEVICE_ATTR_WO(run_test); +static ssize_t current_batch_store(struct device *dev, + struct device_attribute *attr, + const char *buf, size_t count) +{ + struct ifs_data *ifsd = ifs_get_data(dev); + int cur_batch; + int rc; + + rc = kstrtouint(buf, 0, &cur_batch); + if (rc < 0 || cur_batch > 0xff) + return -EINVAL; + + if (down_interruptible(&ifs_sem)) + return -EINTR; + + ifsd->cur_batch = cur_batch; + + rc = ifs_load_firmware(dev); + + up(&ifs_sem); + + return (rc == 0) ? count : rc; +} + +static ssize_t current_batch_show(struct device *dev, + struct device_attribute *attr, char *buf) +{ + struct ifs_data *ifsd = ifs_get_data(dev); + + if (!ifsd->loaded) + return sysfs_emit(buf, "none\n"); + else + return sysfs_emit(buf, "0x%02x\n", ifsd->cur_batch); +} + +static DEVICE_ATTR_RW(current_batch); + /* * Display currently loaded IFS image version. */ @@ -108,6 +145,7 @@ static struct attribute *plat_ifs_attrs[] = { &dev_attr_details.attr, &dev_attr_status.attr, &dev_attr_run_test.attr, + &dev_attr_current_batch.attr, &dev_attr_image_version.attr, NULL }; From patchwork Mon Nov 7 22:53:22 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Joseph, Jithu" X-Patchwork-Id: 13035408 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 33864C433FE for ; Mon, 7 Nov 2022 22:55:10 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232847AbiKGWzH (ORCPT ); Mon, 7 Nov 2022 17:55:07 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36118 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232748AbiKGWyv (ORCPT ); Mon, 7 Nov 2022 17:54:51 -0500 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E37C02A264; Mon, 7 Nov 2022 14:54:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1667861689; x=1699397689; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=ieAw6DOi25+M/PVVeqIKsG7UFRjhjw4Kz3UXCTTfxEQ=; b=jLNXKJI2oqzj1JklbJ3UsotsSG4GhMX5OiI+gaJXWCWjxbVN2I1egimE DFTnhE4Z7D32QRkDvb7JVDmhSmo6SZOyB0w95kd4JEcDtBv8ZMebGqNpW vY4BkgwBwEHW9ep1unP/rRp/bLUQbN6bScPaFLLiSL9Lhk0IhThVto6E1 thCkJBYKLdGt/wVsugygUj1CJeVj/XvZ6R9Eik3CewERNeUxCapcgO+B8 DDbAX8Zk1jEtjlBy6u/o/Slw92UMO3uobMo/q64fLr11qzN6quOl56UCg XJ90YExw/vhWwJ1uRXlVEgdyi+yugfDsidlwEbRrhLPlxCtc+K+1BbGS2 Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10524"; a="293911842" X-IronPort-AV: E=Sophos;i="5.96,145,1665471600"; d="scan'208";a="293911842" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Nov 2022 14:54:49 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10524"; a="811012997" X-IronPort-AV: E=Sophos;i="5.96,145,1665471600"; d="scan'208";a="811012997" Received: from jithujos.sc.intel.com ([172.25.103.66]) by orsmga005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Nov 2022 14:54:49 -0800 From: Jithu Joseph To: hdegoede@redhat.com, markgross@kernel.org Cc: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, gregkh@linuxfoundation.org, jithu.joseph@intel.com, ashok.raj@intel.com, tony.luck@intel.com, linux-kernel@vger.kernel.org, platform-driver-x86@vger.kernel.org, patches@lists.linux.dev, ravi.v.shankar@intel.com, thiago.macieira@intel.com, athenas.jimenez.gonzalez@intel.com, sohil.mehta@intel.com Subject: [PATCH v2 13/14] Documentation/ABI: Update IFS ABI doc Date: Mon, 7 Nov 2022 14:53:22 -0800 Message-Id: <20221107225323.2733518-14-jithu.joseph@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221107225323.2733518-1-jithu.joseph@intel.com> References: <20221021203413.1220137-1-jithu.joseph@intel.com> <20221107225323.2733518-1-jithu.joseph@intel.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: platform-driver-x86@vger.kernel.org Remove reload documentation and add current_batch documentation. Update the kernel version and date for all the entries. Reviewed-by: Tony Luck Signed-off-by: Jithu Joseph Reviewed-by: Sohil Mehta Reviewed-by: Hans de Goede --- .../ABI/testing/sysfs-platform-intel-ifs | 30 ++++++++++--------- 1 file changed, 16 insertions(+), 14 deletions(-) diff --git a/Documentation/ABI/testing/sysfs-platform-intel-ifs b/Documentation/ABI/testing/sysfs-platform-intel-ifs index 486d6d2ff8a0..f74df3abee57 100644 --- a/Documentation/ABI/testing/sysfs-platform-intel-ifs +++ b/Documentation/ABI/testing/sysfs-platform-intel-ifs @@ -1,39 +1,41 @@ What: /sys/devices/virtual/misc/intel_ifs_/run_test -Date: April 21 2022 -KernelVersion: 5.19 +Date: Sept 30 2022 +KernelVersion: 6.2 Contact: "Jithu Joseph" Description: Write to trigger IFS test for one online core. Note that the test is per core. The cpu# can be for any thread on the core. Running on one thread completes the test for the core containing that thread. Example: to test the core containing cpu5: echo 5 > - /sys/devices/platform/intel_ifs./run_test + /sys/devices/virtual/misc/intel_ifs_/run_test What: /sys/devices/virtual/misc/intel_ifs_/status -Date: April 21 2022 -KernelVersion: 5.19 +Date: Sept 30 2022 +KernelVersion: 6.2 Contact: "Jithu Joseph" Description: The status of the last test. It can be one of "pass", "fail" or "untested". What: /sys/devices/virtual/misc/intel_ifs_/details -Date: April 21 2022 -KernelVersion: 5.19 +Date: Sept 30 2022 +KernelVersion: 6.2 Contact: "Jithu Joseph" Description: Additional information regarding the last test. The details file reports the hex value of the SCAN_STATUS MSR. Note that the error_code field may contain driver defined software code not defined in the Intel SDM. What: /sys/devices/virtual/misc/intel_ifs_/image_version -Date: April 21 2022 -KernelVersion: 5.19 +Date: Sept 30 2022 +KernelVersion: 6.2 Contact: "Jithu Joseph" Description: Version (hexadecimal) of loaded IFS binary image. If no scan image is loaded reports "none". -What: /sys/devices/virtual/misc/intel_ifs_/reload -Date: April 21 2022 -KernelVersion: 5.19 +What: /sys/devices/virtual/misc/intel_ifs_/current_batch +Date: Sept 30 2022 +KernelVersion: 6.2 Contact: "Jithu Joseph" -Description: Write "1" (or "y" or "Y") to reload the IFS image from - /lib/firmware/intel/ifs/ff-mm-ss.scan. +Description: Write a number less than or equal to 0xff to load an IFS test image. + The number written treated as the 2 digit suffix in the following file name: + /lib/firmware/intel/ifs_/ff-mm-ss-02x.scan + Reading the file will provide the suffix of the currently loaded IFS test image. From patchwork Mon Nov 7 22:53:23 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Joseph, Jithu" X-Patchwork-Id: 13035407 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8073FC43217 for ; Mon, 7 Nov 2022 22:55:08 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232841AbiKGWzG (ORCPT ); Mon, 7 Nov 2022 17:55:06 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36074 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232755AbiKGWyv (ORCPT ); Mon, 7 Nov 2022 17:54:51 -0500 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 04E962B61F; Mon, 7 Nov 2022 14:54:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1667861691; x=1699397691; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=DyrS883OR7AFX4gN5EeEXTzT5dUJ/TdR0BLm14KTOTM=; b=IM1Zga1Ppta/6CWnZJJiVS1nc52O4WgmVQNMmqYtlG9nn7u0BzoaNo2d dUyzCebOi5PRi567CEBCiJTWNyaclkLZtLUJJKnEWM/kl3zQbXnBBG3xT U53SvrvFX2QrIgm34eXwbXgMb9j263Is4Tzy9v3J2onqU/WujFUrPxa2B Zr2kUAUs0pLHJFgZ89Ixi0V9ax9bSAq4qyic4GcVpX9JZ6mi1rISVlUsK 9IKvkGLygMwlLHA5nMZ2X7uCmhGT6Ue9BFwoFxs9p2qpSxIsBMZcJXBmA f2TNhCS5S8JMLqVnmGtZMr8hcoQzllJu7rRYpBzQ5TW2c3/lWsH53HRv5 w==; X-IronPort-AV: E=McAfee;i="6500,9779,10524"; a="293911843" X-IronPort-AV: E=Sophos;i="5.96,145,1665471600"; d="scan'208";a="293911843" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Nov 2022 14:54:50 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10524"; a="811013001" X-IronPort-AV: E=Sophos;i="5.96,145,1665471600"; d="scan'208";a="811013001" Received: from jithujos.sc.intel.com ([172.25.103.66]) by orsmga005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Nov 2022 14:54:49 -0800 From: Jithu Joseph To: hdegoede@redhat.com, markgross@kernel.org Cc: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, gregkh@linuxfoundation.org, jithu.joseph@intel.com, ashok.raj@intel.com, tony.luck@intel.com, linux-kernel@vger.kernel.org, platform-driver-x86@vger.kernel.org, patches@lists.linux.dev, ravi.v.shankar@intel.com, thiago.macieira@intel.com, athenas.jimenez.gonzalez@intel.com, sohil.mehta@intel.com Subject: [PATCH v2 14/14] Revert "platform/x86/intel/ifs: Mark as BROKEN" Date: Mon, 7 Nov 2022 14:53:23 -0800 Message-Id: <20221107225323.2733518-15-jithu.joseph@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221107225323.2733518-1-jithu.joseph@intel.com> References: <20221021203413.1220137-1-jithu.joseph@intel.com> <20221107225323.2733518-1-jithu.joseph@intel.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: platform-driver-x86@vger.kernel.org Issues with user interface [1] to load scan test images has been addressed, so the following can be reverted. commit c483e7ea10fa ("platform/x86/intel/ifs: Mark as BROKEN") Link: https://lore.kernel.org/lkml/26102aca-a730-ddf8-d024-2e7367696757@redhat.com/ [1] Reviewed-by: Tony Luck Signed-off-by: Jithu Joseph Reviewed-by: Sohil Mehta Reviewed-by: Hans de Goede --- drivers/platform/x86/intel/ifs/Kconfig | 3 --- 1 file changed, 3 deletions(-) diff --git a/drivers/platform/x86/intel/ifs/Kconfig b/drivers/platform/x86/intel/ifs/Kconfig index 89152d46deee..3eded966757e 100644 --- a/drivers/platform/x86/intel/ifs/Kconfig +++ b/drivers/platform/x86/intel/ifs/Kconfig @@ -1,9 +1,6 @@ config INTEL_IFS tristate "Intel In Field Scan" depends on X86 && CPU_SUP_INTEL && 64BIT && SMP - # Discussion on the list has shown that the sysfs API needs a bit - # more work, mark this as broken for now - depends on BROKEN help Enable support for the In Field Scan capability in select CPUs. The capability allows for running low level tests via