From mboxrd@z Thu Jan 1 00:00:00 1970 From: tom.hromatka at oracle.com (Tom Hromatka) Date: Mon, 23 Apr 2018 11:33:31 -0600 Subject: [PATCH v5 1/2] char: sparc64: Add privileged ADI driver In-Reply-To: <20180423173332.561489-1-tom.hromatka@oracle.com> References: <20180423173332.561489-1-tom.hromatka@oracle.com> Message-ID: <20180423173332.561489-2-tom.hromatka@oracle.com> SPARC M7 and newer processors utilize ADI to version and protect memory. This driver is capable of reading/writing ADI/MCD versions from privileged user space processes. Addresses in the adi file are mapped linearly to physical memory at a ratio of 1:adi_blksz. Thus, a read (or write) of offset K in the file operates upon the ADI version at physical address K * adi_blksz. The version information is encoded as one version per byte. Intended consumers are makedumpfile and crash. Signed-off-by: Tom Hromatka Reviewed-by: Khalid Aziz Reviewed-by: Shannon Nelson Reviewed-by: Anthony Yznaga --- drivers/char/Kconfig | 12 +++ drivers/char/Makefile | 1 + drivers/char/adi.c | 240 ++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 253 insertions(+) create mode 100644 drivers/char/adi.c diff --git a/drivers/char/Kconfig b/drivers/char/Kconfig index 40947a796666..5ecddc95a698 100644 --- a/drivers/char/Kconfig +++ b/drivers/char/Kconfig @@ -540,5 +540,17 @@ source "drivers/s390/char/Kconfig" source "drivers/char/xillybus/Kconfig" +config ADI + tristate "SPARC Privileged ADI driver" + depends on SPARC64 + default m + help + SPARC M7 and newer processors utilize ADI (Application Data + Integrity) to version and protect memory. This driver provides + read/write access to the ADI versions for privileged processes. + This feature is also known as MCD (Memory Corruption Detection) + and SSM (Silicon Secured Memory). Intended consumers of this + driver include crash and makedumpfile. + endmenu diff --git a/drivers/char/Makefile b/drivers/char/Makefile index c97c768cd1dd..b8d42b4e979b 100644 --- a/drivers/char/Makefile +++ b/drivers/char/Makefile @@ -57,3 +57,4 @@ js-rtc-y = rtc.o obj-$(CONFIG_XILLYBUS) += xillybus/ obj-$(CONFIG_POWERNV_OP_PANEL) += powernv-op-panel.o +obj-$(CONFIG_ADI) += adi.o diff --git a/drivers/char/adi.c b/drivers/char/adi.c new file mode 100644 index 000000000000..062b0d7feda2 --- /dev/null +++ b/drivers/char/adi.c @@ -0,0 +1,240 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Privileged ADI driver for sparc64 + * + * Author: Tom Hromatka + */ +#include +#include +#include +#include +#include +#include +#include + +#define MODULE_NAME "adi" +#define MAX_BUF_SZ 4096 + +static int adi_open(struct inode *inode, struct file *file) +{ + file->f_mode |= FMODE_UNSIGNED_OFFSET; + return 0; +} + +static int read_mcd_tag(unsigned long addr) +{ + long err; + int ver; + + __asm__ __volatile__( + "1: ldxa [%[addr]] %[asi], %[ver]\n" + " mov 0, %[err]\n" + "2:\n" + " .section .fixup,#alloc,#execinstr\n" + " .align 4\n" + "3: sethi %%hi(2b), %%g1\n" + " jmpl %%g1 + %%lo(2b), %%g0\n" + " mov %[invalid], %[err]\n" + " .previous\n" + " .section __ex_table, \"a\"\n" + " .align 4\n" + " .word 1b, 3b\n" + " .previous\n" + : [ver] "=r" (ver), [err] "=r" (err) + : [addr] "r" (addr), [invalid] "i" (EFAULT), + [asi] "i" (ASI_MCD_REAL) + : "memory", "g1" + ); + + if (err) + return -EFAULT; + else + return ver; +} + +static ssize_t adi_read(struct file *file, char __user *buf, + size_t count, loff_t *offp) +{ + size_t ver_buf_sz, bytes_read = 0; + int ver_buf_idx = 0; + loff_t offset; + u8 *ver_buf; + ssize_t ret; + + ver_buf_sz = min_t(size_t, count, MAX_BUF_SZ); + ver_buf = kmalloc(ver_buf_sz, GFP_KERNEL); + if (!ver_buf) + return -ENOMEM; + + offset = (*offp) * adi_blksize(); + + while (bytes_read < count) { + ret = read_mcd_tag(offset); + if (ret < 0) + goto out; + + ver_buf[ver_buf_idx] = (u8)ret; + ver_buf_idx++; + offset += adi_blksize(); + + if (ver_buf_idx >= ver_buf_sz) { + if (copy_to_user(buf + bytes_read, ver_buf, + ver_buf_sz)) { + ret = -EFAULT; + goto out; + } + + bytes_read += ver_buf_sz; + ver_buf_idx = 0; + + ver_buf_sz = min(count - bytes_read, + (size_t)MAX_BUF_SZ); + } + } + + (*offp) += bytes_read; + ret = bytes_read; +out: + kfree(ver_buf); + return ret; +} + +static int set_mcd_tag(unsigned long addr, u8 ver) +{ + long err; + + __asm__ __volatile__( + "1: stxa %[ver], [%[addr]] %[asi]\n" + " mov 0, %[err]\n" + "2:\n" + " .section .fixup,#alloc,#execinstr\n" + " .align 4\n" + "3: sethi %%hi(2b), %%g1\n" + " jmpl %%g1 + %%lo(2b), %%g0\n" + " mov %[invalid], %[err]\n" + " .previous\n" + " .section __ex_table, \"a\"\n" + " .align 4\n" + " .word 1b, 3b\n" + " .previous\n" + : [err] "=r" (err) + : [ver] "r" (ver), [addr] "r" (addr), + [invalid] "i" (EFAULT), [asi] "i" (ASI_MCD_REAL) + : "memory", "g1" + ); + + if (err) + return -EFAULT; + else + return ver; +} + +static ssize_t adi_write(struct file *file, const char __user *buf, + size_t count, loff_t *offp) +{ + size_t ver_buf_sz, bytes_written = 0; + loff_t offset; + u8 *ver_buf; + ssize_t ret; + int i; + + if (count <= 0) + return -EINVAL; + + ver_buf_sz = min_t(size_t, count, MAX_BUF_SZ); + ver_buf = kmalloc(ver_buf_sz, (size_t)GFP_KERNEL); + if (!ver_buf) + return -ENOMEM; + + offset = (*offp) * adi_blksize(); + + do { + if (copy_from_user(ver_buf, &buf[bytes_written], + ver_buf_sz)) { + ret = -EFAULT; + goto out; + } + + for (i = 0; i < ver_buf_sz; i++) { + ret = set_mcd_tag(offset, ver_buf[i]); + if (ret < 0) + goto out; + + offset += adi_blksize(); + } + + bytes_written += ver_buf_sz; + ver_buf_sz = min(count - bytes_written, (size_t)MAX_BUF_SZ); + } while (bytes_written < count); + + (*offp) += bytes_written; + ret = bytes_written; +out: + __asm__ __volatile__("membar #Sync"); + kfree(ver_buf); + return ret; +} + +static loff_t adi_llseek(struct file *file, loff_t offset, int whence) +{ + loff_t ret = -EINVAL; + + switch (whence) { + case SEEK_END: + case SEEK_DATA: + case SEEK_HOLE: + /* unsupported */ + return -EINVAL; + case SEEK_CUR: + if (offset == 0) + return file->f_pos; + + offset += file->f_pos; + break; + case SEEK_SET: + break; + } + + if (offset != file->f_pos) { + file->f_pos = offset; + file->f_version = 0; + ret = offset; + } + + return ret; +} + +static const struct file_operations adi_fops = { + .owner = THIS_MODULE, + .llseek = adi_llseek, + .open = adi_open, + .read = adi_read, + .write = adi_write, +}; + +static struct miscdevice adi_miscdev = { + .minor = MISC_DYNAMIC_MINOR, + .name = MODULE_NAME, + .fops = &adi_fops, +}; + +static int __init adi_init(void) +{ + if (!adi_capable()) + return -EPERM; + + return misc_register(&adi_miscdev); +} + +static void __exit adi_exit(void) +{ + misc_deregister(&adi_miscdev); +} + +module_init(adi_init); +module_exit(adi_exit); + +MODULE_AUTHOR("Tom Hromatka "); +MODULE_DESCRIPTION("Privileged interface to ADI"); +MODULE_VERSION("1.0"); +MODULE_LICENSE("GPL v2"); -- 2.15.0 -- To unsubscribe from this list: send the line "unsubscribe linux-kselftest" in the body of a message to majordomo at vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html From mboxrd@z Thu Jan 1 00:00:00 1970 From: tom.hromatka@oracle.com (Tom Hromatka) Date: Mon, 23 Apr 2018 11:33:31 -0600 Subject: [PATCH v5 1/2] char: sparc64: Add privileged ADI driver In-Reply-To: <20180423173332.561489-1-tom.hromatka@oracle.com> References: <20180423173332.561489-1-tom.hromatka@oracle.com> Message-ID: <20180423173332.561489-2-tom.hromatka@oracle.com> Content-Type: text/plain; charset="UTF-8" Message-ID: <20180423173331.5JMEJkC6ra_6rJVXfE0mP390ufL4XmHYiqMyaNVNxsw@z> SPARC M7 and newer processors utilize ADI to version and protect memory. This driver is capable of reading/writing ADI/MCD versions from privileged user space processes. Addresses in the adi file are mapped linearly to physical memory at a ratio of 1:adi_blksz. Thus, a read (or write) of offset K in the file operates upon the ADI version at physical address K * adi_blksz. The version information is encoded as one version per byte. Intended consumers are makedumpfile and crash. Signed-off-by: Tom Hromatka Reviewed-by: Khalid Aziz Reviewed-by: Shannon Nelson Reviewed-by: Anthony Yznaga --- drivers/char/Kconfig | 12 +++ drivers/char/Makefile | 1 + drivers/char/adi.c | 240 ++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 253 insertions(+) create mode 100644 drivers/char/adi.c diff --git a/drivers/char/Kconfig b/drivers/char/Kconfig index 40947a796666..5ecddc95a698 100644 --- a/drivers/char/Kconfig +++ b/drivers/char/Kconfig @@ -540,5 +540,17 @@ source "drivers/s390/char/Kconfig" source "drivers/char/xillybus/Kconfig" +config ADI + tristate "SPARC Privileged ADI driver" + depends on SPARC64 + default m + help + SPARC M7 and newer processors utilize ADI (Application Data + Integrity) to version and protect memory. This driver provides + read/write access to the ADI versions for privileged processes. + This feature is also known as MCD (Memory Corruption Detection) + and SSM (Silicon Secured Memory). Intended consumers of this + driver include crash and makedumpfile. + endmenu diff --git a/drivers/char/Makefile b/drivers/char/Makefile index c97c768cd1dd..b8d42b4e979b 100644 --- a/drivers/char/Makefile +++ b/drivers/char/Makefile @@ -57,3 +57,4 @@ js-rtc-y = rtc.o obj-$(CONFIG_XILLYBUS) += xillybus/ obj-$(CONFIG_POWERNV_OP_PANEL) += powernv-op-panel.o +obj-$(CONFIG_ADI) += adi.o diff --git a/drivers/char/adi.c b/drivers/char/adi.c new file mode 100644 index 000000000000..062b0d7feda2 --- /dev/null +++ b/drivers/char/adi.c @@ -0,0 +1,240 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Privileged ADI driver for sparc64 + * + * Author: Tom Hromatka + */ +#include +#include +#include +#include +#include +#include +#include + +#define MODULE_NAME "adi" +#define MAX_BUF_SZ 4096 + +static int adi_open(struct inode *inode, struct file *file) +{ + file->f_mode |= FMODE_UNSIGNED_OFFSET; + return 0; +} + +static int read_mcd_tag(unsigned long addr) +{ + long err; + int ver; + + __asm__ __volatile__( + "1: ldxa [%[addr]] %[asi], %[ver]\n" + " mov 0, %[err]\n" + "2:\n" + " .section .fixup,#alloc,#execinstr\n" + " .align 4\n" + "3: sethi %%hi(2b), %%g1\n" + " jmpl %%g1 + %%lo(2b), %%g0\n" + " mov %[invalid], %[err]\n" + " .previous\n" + " .section __ex_table, \"a\"\n" + " .align 4\n" + " .word 1b, 3b\n" + " .previous\n" + : [ver] "=r" (ver), [err] "=r" (err) + : [addr] "r" (addr), [invalid] "i" (EFAULT), + [asi] "i" (ASI_MCD_REAL) + : "memory", "g1" + ); + + if (err) + return -EFAULT; + else + return ver; +} + +static ssize_t adi_read(struct file *file, char __user *buf, + size_t count, loff_t *offp) +{ + size_t ver_buf_sz, bytes_read = 0; + int ver_buf_idx = 0; + loff_t offset; + u8 *ver_buf; + ssize_t ret; + + ver_buf_sz = min_t(size_t, count, MAX_BUF_SZ); + ver_buf = kmalloc(ver_buf_sz, GFP_KERNEL); + if (!ver_buf) + return -ENOMEM; + + offset = (*offp) * adi_blksize(); + + while (bytes_read < count) { + ret = read_mcd_tag(offset); + if (ret < 0) + goto out; + + ver_buf[ver_buf_idx] = (u8)ret; + ver_buf_idx++; + offset += adi_blksize(); + + if (ver_buf_idx >= ver_buf_sz) { + if (copy_to_user(buf + bytes_read, ver_buf, + ver_buf_sz)) { + ret = -EFAULT; + goto out; + } + + bytes_read += ver_buf_sz; + ver_buf_idx = 0; + + ver_buf_sz = min(count - bytes_read, + (size_t)MAX_BUF_SZ); + } + } + + (*offp) += bytes_read; + ret = bytes_read; +out: + kfree(ver_buf); + return ret; +} + +static int set_mcd_tag(unsigned long addr, u8 ver) +{ + long err; + + __asm__ __volatile__( + "1: stxa %[ver], [%[addr]] %[asi]\n" + " mov 0, %[err]\n" + "2:\n" + " .section .fixup,#alloc,#execinstr\n" + " .align 4\n" + "3: sethi %%hi(2b), %%g1\n" + " jmpl %%g1 + %%lo(2b), %%g0\n" + " mov %[invalid], %[err]\n" + " .previous\n" + " .section __ex_table, \"a\"\n" + " .align 4\n" + " .word 1b, 3b\n" + " .previous\n" + : [err] "=r" (err) + : [ver] "r" (ver), [addr] "r" (addr), + [invalid] "i" (EFAULT), [asi] "i" (ASI_MCD_REAL) + : "memory", "g1" + ); + + if (err) + return -EFAULT; + else + return ver; +} + +static ssize_t adi_write(struct file *file, const char __user *buf, + size_t count, loff_t *offp) +{ + size_t ver_buf_sz, bytes_written = 0; + loff_t offset; + u8 *ver_buf; + ssize_t ret; + int i; + + if (count <= 0) + return -EINVAL; + + ver_buf_sz = min_t(size_t, count, MAX_BUF_SZ); + ver_buf = kmalloc(ver_buf_sz, (size_t)GFP_KERNEL); + if (!ver_buf) + return -ENOMEM; + + offset = (*offp) * adi_blksize(); + + do { + if (copy_from_user(ver_buf, &buf[bytes_written], + ver_buf_sz)) { + ret = -EFAULT; + goto out; + } + + for (i = 0; i < ver_buf_sz; i++) { + ret = set_mcd_tag(offset, ver_buf[i]); + if (ret < 0) + goto out; + + offset += adi_blksize(); + } + + bytes_written += ver_buf_sz; + ver_buf_sz = min(count - bytes_written, (size_t)MAX_BUF_SZ); + } while (bytes_written < count); + + (*offp) += bytes_written; + ret = bytes_written; +out: + __asm__ __volatile__("membar #Sync"); + kfree(ver_buf); + return ret; +} + +static loff_t adi_llseek(struct file *file, loff_t offset, int whence) +{ + loff_t ret = -EINVAL; + + switch (whence) { + case SEEK_END: + case SEEK_DATA: + case SEEK_HOLE: + /* unsupported */ + return -EINVAL; + case SEEK_CUR: + if (offset == 0) + return file->f_pos; + + offset += file->f_pos; + break; + case SEEK_SET: + break; + } + + if (offset != file->f_pos) { + file->f_pos = offset; + file->f_version = 0; + ret = offset; + } + + return ret; +} + +static const struct file_operations adi_fops = { + .owner = THIS_MODULE, + .llseek = adi_llseek, + .open = adi_open, + .read = adi_read, + .write = adi_write, +}; + +static struct miscdevice adi_miscdev = { + .minor = MISC_DYNAMIC_MINOR, + .name = MODULE_NAME, + .fops = &adi_fops, +}; + +static int __init adi_init(void) +{ + if (!adi_capable()) + return -EPERM; + + return misc_register(&adi_miscdev); +} + +static void __exit adi_exit(void) +{ + misc_deregister(&adi_miscdev); +} + +module_init(adi_init); +module_exit(adi_exit); + +MODULE_AUTHOR("Tom Hromatka "); +MODULE_DESCRIPTION("Privileged interface to ADI"); +MODULE_VERSION("1.0"); +MODULE_LICENSE("GPL v2"); -- 2.15.0 -- To unsubscribe from this list: send the line "unsubscribe linux-kselftest" in the body of a message to majordomo at vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html