| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 13 Dec 2022 12:18:50 +0200 (EET)
From: Ilpo Järvinen <ilpo.jarvinen@...ux.intel.com>
To: Xu Yilun <yilun.xu@...el.com>
cc: linux-fpga@...r.kernel.org, Wu Hao <hao.wu@...el.com>,
Tom Rix <trix@...hat.com>, Moritz Fischer <mdf@...nel.org>,
Lee Jones <lee@...nel.org>,
Matthew Gerlach <matthew.gerlach@...ux.intel.com>,
Russ Weight <russell.h.weight@...el.com>,
Tianfei zhang <tianfei.zhang@...el.com>,
Mark Brown <broonie@...nel.org>,
Greg KH <gregkh@...uxfoundation.org>,
Marco Pagani <marpagan@...hat.com>,
LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v4 8/8] fpga: m10bmc-sec: Add support for N6000
On Tue, 13 Dec 2022, Xu Yilun wrote:
> On 2022-12-11 at 12:39:13 +0200, Ilpo Järvinen wrote:
> > Add support for PMCI-based flash access path and N6000 sec update
> > support. Access to flash staging area is different for N6000 from that
> > of the SPI interfaced counterparts.
> >
> > Introduce intel_m10bmc_flash_bulk_ops to allow interface specific
> > differentiations for the flash access path for sec update and make
> > m10bmc_sec_read/write() in sec update driver to use the new operations.
> >
> > Co-developed-by: Tianfei zhang <tianfei.zhang@...el.com>
> > Signed-off-by: Tianfei zhang <tianfei.zhang@...el.com>
> > Co-developed-by: Russ Weight <russell.h.weight@...el.com>
> > Signed-off-by: Russ Weight <russell.h.weight@...el.com>
> > Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@...ux.intel.com>
> > ---
> > drivers/fpga/intel-m10-bmc-sec-update.c | 65 ++++++++++-
> > drivers/mfd/intel-m10-bmc-pmci.c | 145 ++++++++++++++++++++++++
> > include/linux/mfd/intel-m10-bmc.h | 14 +++
> > 3 files changed, 223 insertions(+), 1 deletion(-)
> >
> > diff --git a/drivers/fpga/intel-m10-bmc-sec-update.c b/drivers/fpga/intel-m10-bmc-sec-update.c
> > index 9922027856a4..885e38f13897 100644
> > --- a/drivers/fpga/intel-m10-bmc-sec-update.c
> > +++ b/drivers/fpga/intel-m10-bmc-sec-update.c
> > @@ -14,6 +14,20 @@
> > #include <linux/platform_device.h>
> > #include <linux/slab.h>
> >
> > +#define M10BMC_PMCI_FLASH_MUX_CTRL 0x1d0
> > +#define FLASH_MUX_SELECTION GENMASK(2, 0)
> > +#define FLASH_MUX_IDLE 0
> > +#define FLASH_MUX_NIOS 1
> > +#define FLASH_MUX_HOST 2
> > +#define FLASH_MUX_PFL 4
> > +#define get_flash_mux(mux) FIELD_GET(FLASH_MUX_SELECTION, mux)
> > +
> > +#define FLASH_NIOS_REQUEST BIT(4)
> > +#define FLASH_HOST_REQUEST BIT(5)
> > +
> > +#define M10_FLASH_INT_US 1
> > +#define M10_FLASH_TIMEOUT_US 10000
> > +
> > struct m10bmc_sec {
> > struct device *dev;
> > struct intel_m10bmc *m10bmc;
> > @@ -21,6 +35,7 @@ struct m10bmc_sec {
> > char *fw_name;
> > u32 fw_name_id;
> > bool cancel_request;
> > + struct mutex flash_mutex;
> > };
> >
> > static DEFINE_XARRAY_ALLOC(fw_upload_xa);
> > @@ -31,6 +46,24 @@ static DEFINE_XARRAY_ALLOC(fw_upload_xa);
> > #define REH_MAGIC GENMASK(15, 0)
> > #define REH_SHA_NUM_BYTES GENMASK(31, 16)
> >
> > +static int m10bmc_sec_set_flash_host_mux(struct intel_m10bmc *m10bmc, bool request)
> > +{
> > + u32 ctrl;
> > + int ret;
> > +
> > + ret = regmap_update_bits(m10bmc->regmap, M10BMC_PMCI_FLASH_MUX_CTRL,
> > + FLASH_HOST_REQUEST,
> > + FIELD_PREP(FLASH_HOST_REQUEST, request));
> > + if (ret)
> > + return ret;
> > +
> > + return regmap_read_poll_timeout(m10bmc->regmap,
> > + M10BMC_PMCI_FLASH_MUX_CTRL, ctrl,
> > + request ? (get_flash_mux(ctrl) == FLASH_MUX_HOST) :
> > + (get_flash_mux(ctrl) != FLASH_MUX_HOST),
> > + M10_FLASH_INT_US, M10_FLASH_TIMEOUT_US);
> > +}
> > +
> > static int m10bmc_sec_write(struct m10bmc_sec *sec, const u8 *buf, u32 offset, u32 size)
> > {
> > struct intel_m10bmc *m10bmc = sec->m10bmc;
> > @@ -41,6 +74,15 @@ static int m10bmc_sec_write(struct m10bmc_sec *sec, const u8 *buf, u32 offset, u
> > u32 leftover_tmp = 0;
> > int ret;
> >
> > + if (sec->m10bmc->flash_bulk_ops) {
> > + mutex_lock(&sec->flash_mutex);
> > + /* On write, firmware manages flash MUX */
> > + ret = sec->m10bmc->flash_bulk_ops->write(m10bmc, buf, offset, size);
> > + mutex_unlock(&sec->flash_mutex);
> > +
> > + return ret;
> > + }
> > +
> > if (WARN_ON_ONCE(stride > sizeof(leftover_tmp)))
> > return -EINVAL;
> >
> > @@ -69,7 +111,21 @@ static int m10bmc_sec_read(struct m10bmc_sec *sec, u8 *buf, u32 addr, u32 size)
> > u32 leftover_offset = read_count * stride;
> > u32 leftover_size = size - leftover_offset;
> > u32 leftover_tmp;
> > - int ret;
> > + int ret, ret2;
> > +
> > + if (sec->m10bmc->flash_bulk_ops) {
> > + mutex_lock(&sec->flash_mutex);
> > + ret = m10bmc_sec_set_flash_host_mux(m10bmc, true);
> > + if (ret)
> > + goto mux_fail;
>
> If the flash host mux fail, we still need to un-mux it?
It seemed safer to attempt to set it back after the code tried to alter
the MUX setting. I don't see how it could be harmful. Likely we're in the
deep end in that case anyway so setting it back might just fails too
(which is harmless sans the small extra delay) or just confirms that the
value wasn't changed.
--
i.
> > + ret = sec->m10bmc->flash_bulk_ops->read(m10bmc, buf, addr, size);
> > +mux_fail:
> > + ret2 = m10bmc_sec_set_flash_host_mux(m10bmc, false);
> > + mutex_unlock(&sec->flash_mutex);
> > + if (ret)
> > + return ret;
> > + return ret2;
> > + }
> >
> > if (WARN_ON_ONCE(stride > sizeof(leftover_tmp)))
> > return -EINVAL;
> > @@ -611,6 +667,8 @@ static int m10bmc_sec_probe(struct platform_device *pdev)
> > if (ret)
> > return ret;
> >
> > + mutex_init(&sec->flash_mutex);
> > +
> > len = scnprintf(buf, SEC_UPDATE_LEN_MAX, "secure-update%d",
> > sec->fw_name_id);
> > sec->fw_name = kmemdup_nul(buf, len, GFP_KERNEL);
> > @@ -633,6 +691,7 @@ static int m10bmc_sec_probe(struct platform_device *pdev)
> > fw_uploader_fail:
> > kfree(sec->fw_name);
> > fw_name_fail:
> > + mutex_destroy(&sec->flash_mutex);
> > xa_erase(&fw_upload_xa, sec->fw_name_id);
> > return ret;
> > }
>
Powered by blists - more mailing lists