From: Tom Rix <trix@redhat.com>
To: Russ Weight <russell.h.weight@intel.com>,
mdf@kernel.org, lee.jones@linaro.org, linux-fpga@vger.kernel.org,
linux-kernel@vger.kernel.org
Cc: lgoncalv@redhat.com, yilun.xu@intel.com, hao.wu@intel.com,
matthew.gerlach@intel.com
Subject: Re: [PATCH v1 08/12] fpga: expose sec-mgr update errors
Date: Sun, 6 Sep 2020 09:27:34 -0700 [thread overview]
Message-ID: <448b27a2-0724-77c1-20e8-1c3ff9287034@redhat.com> (raw)
In-Reply-To: <20200904235305.6254-9-russell.h.weight@intel.com>
On 9/4/20 4:53 PM, Russ Weight wrote:
> Extend Intel Security Manager class driver to include
> an update/error sysfs node that can be read for error
> information when a secure update fails.
>
> Signed-off-by: Russ Weight <russell.h.weight@intel.com>
> Reviewed-by: Wu Hao <hao.wu@intel.com>
> ---
> .../ABI/testing/sysfs-class-ifpga-sec-mgr | 17 ++++++
> drivers/fpga/ifpga-sec-mgr.c | 60 +++++++++++++++++--
> include/linux/fpga/ifpga-sec-mgr.h | 1 +
> 3 files changed, 73 insertions(+), 5 deletions(-)
>
> diff --git a/Documentation/ABI/testing/sysfs-class-ifpga-sec-mgr b/Documentation/ABI/testing/sysfs-class-ifpga-sec-mgr
> index 849ccb2802f8..e7b1b02bf7ee 100644
> --- a/Documentation/ABI/testing/sysfs-class-ifpga-sec-mgr
> +++ b/Documentation/ABI/testing/sysfs-class-ifpga-sec-mgr
> @@ -97,3 +97,20 @@ Description: Read-only. Returns a string describing the current
> programming. Userspace code can poll on this file,
> as it will be signaled by sysfs_notify() on each
> state change.
> +
> +What: /sys/class/ifpga_sec_mgr/ifpga_secX/update/error
> +Date: Sep 2020
> +KernelVersion: 5.10
> +Contact: Russ Weight <russell.h.weight@intel.com>
> +Description: Read-only. Returns a string describing the failure
> + of a secure update. This string will be in the form
> + of <STATUS>:<ERROR>, where <STATUS> will be one of
> + the status strings described for the status sysfs
> + file and <ERROR> will be one of the following:
> + hw-error, timeout, user-abort, device-busy,
> + invalid-file-size, read-write-error, flash-wearout,
> + file-read-error. The error sysfs file is only
> + meaningful when the secure update engine is in the
> + idle state. If this file is read while a secure
> + update is in progress, then the read will fail with
> + EBUSY.
> diff --git a/drivers/fpga/ifpga-sec-mgr.c b/drivers/fpga/ifpga-sec-mgr.c
> index 5fe3d85e2963..a7718bd8ee61 100644
> --- a/drivers/fpga/ifpga-sec-mgr.c
> +++ b/drivers/fpga/ifpga-sec-mgr.c
> @@ -146,10 +146,16 @@ static void update_progress(struct ifpga_sec_mgr *imgr,
> sysfs_notify(&imgr->dev.kobj, "update", "status");
> }
>
> +static void set_error(struct ifpga_sec_mgr *imgr, enum ifpga_sec_err err_code)
> +{
> + imgr->err_state = imgr->progress;
> + imgr->err_code = err_code;
> +}
> +
> static void ifpga_sec_dev_error(struct ifpga_sec_mgr *imgr,
> enum ifpga_sec_err err_code)
> {
> - imgr->err_code = err_code;
> + set_error(imgr, err_code);
> imgr->iops->cancel(imgr);
> }
>
> @@ -172,7 +178,7 @@ static void ifpga_sec_mgr_update(struct work_struct *work)
>
> get_device(&imgr->dev);
> if (request_firmware(&fw, imgr->filename, &imgr->dev)) {
> - imgr->err_code = IFPGA_SEC_ERR_FILE_READ;
> + set_error(imgr, IFPGA_SEC_ERR_FILE_READ);
> goto idle_exit;
> }
>
> @@ -180,7 +186,7 @@ static void ifpga_sec_mgr_update(struct work_struct *work)
> imgr->remaining_size = fw->size;
>
> if (!try_module_get(imgr->dev.parent->driver->owner)) {
> - imgr->err_code = IFPGA_SEC_ERR_BUSY;
> + set_error(imgr, IFPGA_SEC_ERR_BUSY);
> goto release_fw_exit;
> }
>
> @@ -266,16 +272,59 @@ static const char * const sec_mgr_prog_str[] = {
> "programming" /* IFPGA_SEC_PROG_PROGRAMMING */
> };
>
> +static const char * const sec_mgr_err_str[] = {
> + "none", /* IFPGA_SEC_ERR_NONE */
> + "hw-error", /* IFPGA_SEC_ERR_HW_ERROR */
> + "timeout", /* IFPGA_SEC_ERR_TIMEOUT */
> + "user-abort", /* IFPGA_SEC_ERR_CANCELED */
> + "device-busy", /* IFPGA_SEC_ERR_BUSY */
> + "invalid-file-size", /* IFPGA_SEC_ERR_INVALID_SIZE */
> + "read-write-error", /* IFPGA_SEC_ERR_RW_ERROR */
> + "flash-wearout", /* IFPGA_SEC_ERR_WEAROUT */
> + "file-read-error" /* IFPGA_SEC_ERR_FILE_READ */
> +};
> +
> +static const char *sec_progress(enum ifpga_sec_prog prog)
> +{
A consistent api would have imgr as the parameter.
> + return (prog < IFPGA_SEC_PROG_MAX) ?
> + sec_mgr_prog_str[prog] : "unknown-status";
> +}
> +
> static ssize_t
> status_show(struct device *dev, struct device_attribute *attr, char *buf)
> {
> struct ifpga_sec_mgr *imgr = to_sec_mgr(dev);
>
> - return sprintf(buf, "%s\n", (imgr->progress < IFPGA_SEC_PROG_MAX) ?
> - sec_mgr_prog_str[imgr->progress] : "unknown-status");
> + return sprintf(buf, "%s\n", sec_progress(imgr->progress));
> }
> static DEVICE_ATTR_RO(status);
>
> +static ssize_t
> +error_show(struct device *dev, struct device_attribute *attr, char *buf)
> +{
> + struct ifpga_sec_mgr *imgr = to_sec_mgr(dev);
> + enum ifpga_sec_err err_code;
> + const char *prog_str;
> + int ret;
> +
> + mutex_lock(&imgr->lock);
> + if (imgr->progress != IFPGA_SEC_PROG_IDLE) {
> + ret = -EBUSY;
> + } else if (!imgr->err_code) {
> + ret = 0;
> + } else {
> + err_code = imgr->err_code;
> + prog_str = sec_progress(imgr->err_state);
> + ret = sprintf(buf, "%s:%s\n", prog_str,
> + (err_code < IFPGA_SEC_ERR_MAX) ?
> + sec_mgr_err_str[err_code] : "unknown-error");
Should have sec_error() call to match the new sec_progress()
Tom
> + }
> + mutex_unlock(&imgr->lock);
> +
> + return ret;
> +}
> +static DEVICE_ATTR_RO(error);
> +
> static ssize_t filename_store(struct device *dev, struct device_attribute *attr,
> const char *buf, size_t count)
> {
> @@ -314,6 +363,7 @@ static DEVICE_ATTR_WO(filename);
> static struct attribute *sec_mgr_update_attrs[] = {
> &dev_attr_filename.attr,
> &dev_attr_status.attr,
> + &dev_attr_error.attr,
> NULL,
> };
>
> diff --git a/include/linux/fpga/ifpga-sec-mgr.h b/include/linux/fpga/ifpga-sec-mgr.h
> index 4da2864e251c..f04bf9e30c67 100644
> --- a/include/linux/fpga/ifpga-sec-mgr.h
> +++ b/include/linux/fpga/ifpga-sec-mgr.h
> @@ -181,6 +181,7 @@ struct ifpga_sec_mgr {
> const u8 *data; /* pointer to update data */
> u32 remaining_size; /* size remaining to transfer */
> enum ifpga_sec_prog progress;
> + enum ifpga_sec_prog err_state; /* progress state at time of failure */
> enum ifpga_sec_err err_code; /* security manager error code */
> bool driver_unload;
> void *priv;
next prev parent reply other threads:[~2020-09-06 16:27 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-04 23:52 [PATCH v1 00/12] Intel FPGA Security Manager Class Driver Russ Weight
2020-09-04 23:52 ` [PATCH v1 01/12] fpga: fpga security manager class driver Russ Weight
2020-09-04 23:57 ` Randy Dunlap
2020-09-05 0:23 ` Moritz Fischer
2020-09-05 0:44 ` Russ Weight
2020-09-05 13:39 ` Wu, Hao
2020-09-05 19:09 ` Tom Rix
[not found] ` <ebf251a0-5f13-d1a1-6915-e3c940bb19fe@intel.com>
2020-09-10 21:51 ` Tom Rix
2020-09-10 23:05 ` Russ Weight
2020-09-16 20:16 ` Moritz Fischer
2020-09-30 20:54 ` Russ Weight
2020-10-01 0:31 ` Moritz Fischer
2020-10-01 1:07 ` Russ Weight
2020-10-01 19:07 ` Moritz Fischer
2020-09-04 23:52 ` [PATCH v1 02/12] fpga: create intel max10 bmc security engine Russ Weight
2020-09-05 0:01 ` Randy Dunlap
2020-09-05 0:05 ` Russ Weight
2020-09-05 20:22 ` Tom Rix
2020-09-14 19:07 ` Russ Weight
2020-09-14 20:48 ` Tom Rix
2020-09-14 21:40 ` Russ Weight
2020-09-16 20:33 ` Moritz Fischer
2020-09-30 23:14 ` Russ Weight
2020-09-04 23:52 ` [PATCH v1 03/12] fpga: expose max10 flash update counts in sysfs Russ Weight
2020-09-05 20:39 ` Tom Rix
2020-09-16 18:37 ` Russ Weight
2020-09-04 23:52 ` [PATCH v1 04/12] fpga: expose max10 canceled keys " Russ Weight
2020-09-05 20:52 ` Tom Rix
2020-09-04 23:52 ` [PATCH v1 05/12] fpga: enable secure updates Russ Weight
2020-09-05 22:04 ` Tom Rix
[not found] ` <1d90bfb6-417c-55df-9290-991c391158a9@intel.com>
2020-09-20 15:24 ` Tom Rix
2020-09-04 23:52 ` [PATCH v1 06/12] fpga: add max10 secure update functions Russ Weight
2020-09-06 16:10 ` Tom Rix
2020-09-22 1:15 ` Russ Weight
2020-09-08 8:05 ` Lee Jones
2020-09-04 23:53 ` [PATCH v1 07/12] fpga: expose sec-mgr update status Russ Weight
2020-09-06 16:16 ` Tom Rix
2020-09-22 22:31 ` Russ Weight
2020-09-04 23:53 ` [PATCH v1 08/12] fpga: expose sec-mgr update errors Russ Weight
2020-09-06 16:27 ` Tom Rix [this message]
2020-09-22 23:42 ` Russ Weight
2020-09-23 12:52 ` Tom Rix
2020-09-04 23:53 ` [PATCH v1 09/12] fpga: expose sec-mgr update size Russ Weight
2020-09-06 16:39 ` Tom Rix
2020-09-04 23:53 ` [PATCH v1 10/12] fpga: enable sec-mgr update cancel Russ Weight
2020-09-06 17:00 ` Tom Rix
[not found] ` <678f8d39-a244-42d0-4c56-91eb859b43f0@intel.com>
2020-09-23 13:02 ` Tom Rix
2020-09-04 23:53 ` [PATCH v1 11/12] fpga: expose hardware error info in sysfs Russ Weight
2020-09-06 17:06 ` Tom Rix
2020-09-04 23:53 ` [PATCH v1 12/12] fpga: add max10 get_hw_errinfo callback func Russ Weight
2020-09-06 17:14 ` Tom Rix
2020-09-24 21:48 ` Russ Weight
2020-09-05 14:13 ` [PATCH v1 00/12] Intel FPGA Security Manager Class Driver Wu, Hao
2020-10-01 20:42 ` Russ Weight
2020-09-05 16:10 ` Tom Rix
2020-09-05 17:16 ` Tom Rix
2020-10-01 0:19 ` Russ Weight
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=448b27a2-0724-77c1-20e8-1c3ff9287034@redhat.com \
--to=trix@redhat.com \
--cc=hao.wu@intel.com \
--cc=lee.jones@linaro.org \
--cc=lgoncalv@redhat.com \
--cc=linux-fpga@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=matthew.gerlach@intel.com \
--cc=mdf@kernel.org \
--cc=russell.h.weight@intel.com \
--cc=yilun.xu@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).