[PATCH v5] x86, tboot: iomem fixes

[PATCH v5] x86, tboot: iomem fixes

[Qiaowei Ren]

Current code doesn't use specific interface to access I/O space.
So some potential bugs can be caused. We can fix this by using
specific API.

Signed-off-by: Qiaowei Ren <qiaowei.ren@intel.com>
---
 arch/x86/kernel/tboot.c |   18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/arch/x86/kernel/tboot.c b/arch/x86/kernel/tboot.c
index 3ff42d2..4e149c7 100644
--- a/arch/x86/kernel/tboot.c
+++ b/arch/x86/kernel/tboot.c
@@ -468,7 +468,8 @@ struct sinit_mle_data {
 
 struct acpi_table_header *tboot_get_dmar_table(struct acpi_table_header *dmar_tbl)
 {
-	void *heap_base, *heap_ptr, *config;
+	void __iomem *heap_base, *heap_ptr, *config;
+	u32 dmar_tbl_off;
 
 	if (!tboot_enabled())
 		return dmar_tbl;
@@ -485,25 +486,26 @@ struct acpi_table_header *tboot_get_dmar_table(struct acpi_table_header *dmar_tb
 		return NULL;
 
 	/* now map TXT heap */
-	heap_base = ioremap(*(u64 *)(config + TXTCR_HEAP_BASE),
-			    *(u64 *)(config + TXTCR_HEAP_SIZE));
+	heap_base = ioremap(readl(config + TXTCR_HEAP_BASE),
+			    readl(config + TXTCR_HEAP_SIZE));
 	iounmap(config);
 	if (!heap_base)
 		return NULL;
 
 	/* walk heap to SinitMleData */
 	/* skip BiosData */
-	heap_ptr = heap_base + *(u64 *)heap_base;
+	heap_ptr = heap_base + readq(heap_base);
 	/* skip OsMleData */
-	heap_ptr += *(u64 *)heap_ptr;
+	heap_ptr += readq(heap_ptr);
 	/* skip OsSinitData */
-	heap_ptr += *(u64 *)heap_ptr;
+	heap_ptr += readq(heap_ptr);
 	/* now points to SinitMleDataSize; set to SinitMleData */
 	heap_ptr += sizeof(u64);
 	/* get addr of DMAR table */
+	dmar_tbl_off = readl(heap_ptr +
+			offsetof(struct sinit_mle_data, vtd_dmars_off));
 	dmar_tbl = (struct acpi_table_header *)(heap_ptr +
-		   ((struct sinit_mle_data *)heap_ptr)->vtd_dmars_off -
-		   sizeof(u64));
+			dmar_tbl_off - sizeof(u64));
 
 	/* don't unmap heap because dmar.c needs access to this */
 
-- 
1.7.9.5

Re: [PATCH v5] x86, tboot: iomem fixes

[Ingo Molnar]

* Qiaowei Ren <qiaowei.ren@intel.com> wrote:

> Current code doesn't use specific interface to access I/O space.
> So some potential bugs can be caused. We can fix this by using
> specific API.
> 
> Signed-off-by: Qiaowei Ren <qiaowei.ren@intel.com>
> ---
>  arch/x86/kernel/tboot.c |   18 ++++++++++--------
>  1 file changed, 10 insertions(+), 8 deletions(-)
> 
> diff --git a/arch/x86/kernel/tboot.c b/arch/x86/kernel/tboot.c
> index 3ff42d2..4e149c7 100644
> --- a/arch/x86/kernel/tboot.c
> +++ b/arch/x86/kernel/tboot.c
> @@ -468,7 +468,8 @@ struct sinit_mle_data {
>  
>  struct acpi_table_header *tboot_get_dmar_table(struct acpi_table_header *dmar_tbl)
>  {
> -	void *heap_base, *heap_ptr, *config;
> +	void __iomem *heap_base, *heap_ptr, *config;
> +	u32 dmar_tbl_off;
>  
>  	if (!tboot_enabled())
>  		return dmar_tbl;
> @@ -485,25 +486,26 @@ struct acpi_table_header *tboot_get_dmar_table(struct acpi_table_header *dmar_tb
>  		return NULL;
>  
>  	/* now map TXT heap */
> -	heap_base = ioremap(*(u64 *)(config + TXTCR_HEAP_BASE),
> -			    *(u64 *)(config + TXTCR_HEAP_SIZE));
> +	heap_base = ioremap(readl(config + TXTCR_HEAP_BASE),
> +			    readl(config + TXTCR_HEAP_SIZE));
>  	iounmap(config);
>  	if (!heap_base)
>  		return NULL;
>  
>  	/* walk heap to SinitMleData */
>  	/* skip BiosData */
> -	heap_ptr = heap_base + *(u64 *)heap_base;
> +	heap_ptr = heap_base + readq(heap_base);
>  	/* skip OsMleData */
> -	heap_ptr += *(u64 *)heap_ptr;
> +	heap_ptr += readq(heap_ptr);

tboot.c is build on 32-bit kernel as well, but readq() is only available 
on 64-bit systems.

Thanks,

	Ingo

Re: [PATCH v5] x86, tboot: iomem fixes

[H. Peter Anvin]

On 07/20/2013 09:26 AM, Qiaowei Ren wrote:
>  
>  	/* now map TXT heap */
> -	heap_base = ioremap(*(u64 *)(config + TXTCR_HEAP_BASE),
> -			    *(u64 *)(config + TXTCR_HEAP_SIZE));
> +	heap_base = ioremap(readl(config + TXTCR_HEAP_BASE),
> +			    readl(config + TXTCR_HEAP_SIZE));

You are changing u64 references to readl()... this means you are doing
only 32-bit reads.

>  	iounmap(config);
>  	if (!heap_base)
>  		return NULL;
>  
>  	/* walk heap to SinitMleData */
>  	/* skip BiosData */
> -	heap_ptr = heap_base + *(u64 *)heap_base;
> +	heap_ptr = heap_base + readq(heap_base);
>  	/* skip OsMleData */
> -	heap_ptr += *(u64 *)heap_ptr;
> +	heap_ptr += readq(heap_ptr);
>  	/* skip OsSinitData */
> -	heap_ptr += *(u64 *)heap_ptr;
> +	heap_ptr += readq(heap_ptr);

As I believe Ingo already commented on, readq() only exists on 64 bits.

You can #include <asm-generic/io-64-nonatomic-lo-hi.h> to remedy that.

>  	/* now points to SinitMleDataSize; set to SinitMleData */
>  	heap_ptr += sizeof(u64);
>  	/* get addr of DMAR table */
> +	dmar_tbl_off = readl(heap_ptr +
> +			offsetof(struct sinit_mle_data, vtd_dmars_off));
>  	dmar_tbl = (struct acpi_table_header *)(heap_ptr +
> -		   ((struct sinit_mle_data *)heap_ptr)->vtd_dmars_off -
> -		   sizeof(u64));
> +			dmar_tbl_off - sizeof(u64));
>  
>  	/* don't unmap heap because dmar.c needs access to this */
>  

If you are using accessors here, what about dmar_tbl itself?

	-hpa