| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ZK7DNdlUvUZ5deho@smile.fi.intel.com>
Date: Wed, 12 Jul 2023 18:13:57 +0300
From: Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
To: Srinivas Pandruvada <srinivas.pandruvada@...ux.intel.com>
Cc: hdegoede@...hat.com, markgross@...nel.org,
ilpo.jarvinen@...ux.intel.com, platform-driver-x86@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 2/3] platform/x86/intel/tpmi: Add debugfs interface
On Tue, Jul 11, 2023 at 03:09:48PM -0700, Srinivas Pandruvada wrote:
> Add debugfs interface for debugging TPMI configuration and register
> contents. This shows PFS (PM Feature structure) for each TPMI device.
>
> For each feature, show full register contents and allow to modify
> register at an offset.
>
> This debugfs interface is not present on locked down kernel with no
> DEVMEM access and without CAP_SYS_RAWIO permission.
...
> struct intel_tpmi_pm_feature {
> struct intel_tpmi_pfs_entry pfs_header;
> unsigned int vsec_offset;
> + struct intel_vsec_device *vsec_dev;
Hmm... I don't know the layout of pfs_header, but this may be 4 bytes less
if you move it upper.
> };
...
> + for (count = 0; count < pfs->pfs_header.num_entries; ++count) {
> + size = pfs->pfs_header.entry_size * sizeof(u32);
You already used this once, perhaps a macro helper?
Also you can add there a comment that this comes from the trusted hw.
> + /* The size is from a trusted hardware, but verify anyway */
> + if (size > TPMI_MAX_BUFFER_SIZE) {
> + /*
> + * The next offset depends on the current size. So, can't skip to the
> + * display of the next entry. Simply return from this function with error.
> + */
> + ret = -EIO;
> + goto done_mem_show;
> + }
> +
> + buffer = kmalloc(size, GFP_KERNEL);
> + if (!buffer) {
> + ret = -ENOMEM;
> + goto done_mem_show;
> + }
> +
> + seq_printf(s, "TPMI Instance:%d offset:0x%x\n", count, off);
> +
> + mem = ioremap(off, size);
> + if (!mem) {
> + ret = -ENOMEM;
> + kfree(buffer);
> + goto done_mem_show;
> + }
> +
> + memcpy_fromio(buffer, mem, size);
> +
> + seq_hex_dump(s, " ", DUMP_PREFIX_OFFSET, row_size, sizeof(u32), buffer, size,
> + false);
> +
> + iounmap(mem);
> + kfree(buffer);
> +
> + off += size;
> + }
> +
> +done_mem_show:
> + mutex_unlock(&tpmi_dev_lock);
> +
> + return ret;
> +}
...
> + size = pfs->pfs_header.entry_size * sizeof(u32);
> + if (size > TPMI_MAX_BUFFER_SIZE)
> + return -EIO;
Again a dup even with a check.
...
> + top_dir = debugfs_create_dir(name, NULL);
> + if (IS_ERR_OR_NULL(top_dir))
I dunno if I told you, but after a discussion (elsewhere), I realized
two things:
1) this one never returns NULL;
2) even if error pointer is returned, the debugfs API is aware and
will do nothing.
Hence this conditional is redundant.
> + return;
...
> + for (i = 0; i < tpmi_info->feature_count; ++i) {
Why preincrement?
> + struct intel_tpmi_pm_feature *pfs;
> + struct dentry *dir;
> +
> + pfs = &tpmi_info->tpmi_features[i];
> + snprintf(name, sizeof(name), "tpmi-id-%02x", pfs->pfs_header.tpmi_id);
> + dir = debugfs_create_dir(name, top_dir);
> +
> + debugfs_create_file("mem_dump", 0444, dir, pfs, &tpmi_mem_dump_fops);
> + debugfs_create_file("mem_write", 0644, dir, pfs, &mem_write_ops);
> + }
--
With Best Regards,
Andy Shevchenko
Powered by blists - more mailing lists