| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20250210183705.1114624-9-zaidal@os.amperecomputing.com>
Date: Mon, 10 Feb 2025 10:37:04 -0800
From: Zaid Alali <zaidal@...amperecomputing.com>
To: rafael@...nel.org,
lenb@...nel.org,
james.morse@....com,
tony.luck@...el.com,
bp@...en8.de,
robert.moore@...el.com,
dan.j.williams@...el.com,
zaidal@...amperecomputing.com,
Jonathan.Cameron@...wei.com,
Benjamin.Cheatham@....com,
Avadhut.Naik@....com,
viro@...iv.linux.org.uk,
arnd@...db.de,
ira.weiny@...el.com,
dave.jiang@...el.com,
sthanneeru.opensrc@...ron.com,
linux-acpi@...r.kernel.org,
linux-kernel@...r.kernel.org,
acpica-devel@...ts.linux.dev
Subject: [PATCH v3 8/9] ACPI: APEI: EINJ: Enable EINJv2 error injections
Enable the driver to inject EINJv2 type errors. The component
array values are parsed from user_input and expected to contain
hex values for component id and syndrome separated by space,
and multiple components are separated by new line as follows:
component_id1 component_syndrome1
component_id2 component_syndrome2
:
component_id(n) component_syndrome(n)
for example:
$comp_arr="0x1 0x2
>0x1 0x4
>0x2 0x4"
$cd /sys/kernel/debug/apei/einj/
$echo "$comp_arr" > einjv2_component_array
Signed-off-by: Zaid Alali <zaidal@...amperecomputing.com>
---
drivers/acpi/apei/einj-core.c | 103 +++++++++++++++++++++++++++++-----
1 file changed, 89 insertions(+), 14 deletions(-)
diff --git a/drivers/acpi/apei/einj-core.c b/drivers/acpi/apei/einj-core.c
index 40ebdbc4961f..46359019ca03 100644
--- a/drivers/acpi/apei/einj-core.c
+++ b/drivers/acpi/apei/einj-core.c
@@ -87,6 +87,13 @@ enum {
SETWA_FLAGS_APICID = 1,
SETWA_FLAGS_MEM = 2,
SETWA_FLAGS_PCIE_SBDF = 4,
+ SETWA_FLAGS_EINJV2 = 8,
+};
+
+enum {
+ EINJV2_PROCESSOR_ERROR = 0x1,
+ EINJV2_MEMORY_ERROR = 0x2,
+ EINJV2_PCIE_ERROR = 0x4,
};
/*
@@ -111,6 +118,7 @@ static char vendor_dev[64];
static struct debugfs_blob_wrapper einjv2_component_arr;
static u64 component_count;
static void *user_input;
+static int nr_components;
static u32 available_error_type;
static u32 available_error_type_v2;
@@ -181,6 +189,8 @@ static DEFINE_MUTEX(einj_mutex);
bool einj_initialized __ro_after_init;
static void __iomem *einj_param;
+static u32 v5param_size;
+static bool is_V2;
static void einj_exec_ctx_init(struct apei_exec_context *ctx)
{
@@ -288,11 +298,23 @@ static void *einj_get_parameter_address(void)
struct set_error_type_with_address v5param;
void __iomem *p;
+ v5param_size = sizeof(v5param);
p = acpi_os_map_iomem(pa_v5, sizeof(v5param));
if (p) {
- memcpy_fromio(&v5param, p, sizeof(v5param));
+ int offset, len;
+
+ memcpy_fromio(&v5param, p, v5param_size);
acpi5 = 1;
check_vendor_extension(pa_v5, &v5param);
+ if (available_error_type & ACPI65_EINJV2_SUPP) {
+ len = v5param.einjv2_struct.length;
+ offset = offsetof(struct einjv2_extension_struct, component_arr);
+ nr_components = (len - offset) / 32;
+ acpi_os_unmap_iomem(p, v5param_size);
+ v5param_size = sizeof(v5param) +
+ (nr_components * sizeof(struct syndrome_array));
+ p = acpi_os_map_iomem(pa_v5, v5param_size);
+ }
return p;
}
}
@@ -486,8 +508,8 @@ static int __einj_error_inject(u32 type, u32 flags, u64 param1, u64 param2,
if (acpi5) {
struct set_error_type_with_address *v5param;
- v5param = kmalloc(sizeof(*v5param), GFP_KERNEL);
- memcpy_fromio(v5param, einj_param, sizeof(*v5param));
+ v5param = kmalloc(v5param_size, GFP_KERNEL);
+ memcpy_fromio(v5param, einj_param, v5param_size);
v5param->type = type;
if (type & ACPI5_VENDOR_BIT) {
switch (vendor_flags) {
@@ -507,8 +529,49 @@ static int __einj_error_inject(u32 type, u32 flags, u64 param1, u64 param2,
v5param->flags = flags;
v5param->memory_address = param1;
v5param->memory_address_range = param2;
- v5param->apicid = param3;
- v5param->pcie_sbdf = param4;
+
+ if (is_V2) {
+ int count = 0, bytes_read, pos = 0;
+ unsigned int comp, synd;
+ struct syndrome_array *component_arr;
+
+ if (component_count > nr_components)
+ goto err_out;
+
+ v5param->einjv2_struct.component_arr_count = component_count;
+ component_arr = v5param->einjv2_struct.component_arr;
+
+ while (sscanf(user_input + pos, "%x %x\n%n", &comp, &synd,
+ &bytes_read) == 2) {
+ pos += bytes_read;
+ if (count > component_count)
+ goto err_out;
+
+ switch (type) {
+ case EINJV2_PROCESSOR_ERROR:
+ component_arr[count].comp_id.acpi_id = comp;
+ component_arr[count].comp_synd.proc_synd = synd;
+ break;
+ case EINJV2_MEMORY_ERROR:
+ component_arr[count].comp_id.device_id = comp;
+ component_arr[count].comp_synd.mem_synd = synd;
+ break;
+ case EINJV2_PCIE_ERROR:
+ component_arr[count].comp_id.pcie_sbdf = comp;
+ component_arr[count].comp_synd.pcie_synd = synd;
+ break;
+ }
+ count++;
+ }
+ if (count != component_count)
+ goto err_out;
+
+ /* clear buffer after user input for next injection */
+ memset(user_input, 0, COMP_ARR_SIZE);
+ } else {
+ v5param->apicid = param3;
+ v5param->pcie_sbdf = param4;
+ }
} else {
switch (type) {
case ACPI_EINJ_PROCESSOR_CORRECTABLE:
@@ -532,7 +595,7 @@ static int __einj_error_inject(u32 type, u32 flags, u64 param1, u64 param2,
break;
}
}
- memcpy_toio(einj_param, v5param, sizeof(*v5param));
+ memcpy_toio(einj_param, v5param, v5param_size);
kfree(v5param);
} else {
rc = apei_exec_run(&ctx, ACPI_EINJ_SET_ERROR_TYPE);
@@ -587,6 +650,9 @@ static int __einj_error_inject(u32 type, u32 flags, u64 param1, u64 param2,
rc = apei_exec_run_optional(&ctx, ACPI_EINJ_END_OPERATION);
return rc;
+err_out:
+ memset(user_input, 0, COMP_ARR_SIZE);
+ return -EINVAL;
}
/* Inject the specified hardware error */
@@ -597,10 +663,15 @@ int einj_error_inject(u32 type, u32 flags, u64 param1, u64 param2, u64 param3,
u64 base_addr, size;
/* If user manually set "flags", make sure it is legal */
- if (flags && (flags &
- ~(SETWA_FLAGS_APICID|SETWA_FLAGS_MEM|SETWA_FLAGS_PCIE_SBDF)))
+ if (flags && (flags & ~(SETWA_FLAGS_APICID | SETWA_FLAGS_MEM |
+ SETWA_FLAGS_PCIE_SBDF | SETWA_FLAGS_EINJV2)))
return -EINVAL;
+ /* check if type is a valid EINJv2 error type */
+ if (is_V2) {
+ if (!(type & available_error_type_v2))
+ return -EINVAL;
+ }
/*
* We need extra sanity checks for memory errors.
* Other types leap directly to injection.
@@ -750,7 +821,7 @@ int einj_validate_error_type(u64 type)
if (tval & (tval - 1))
return -EINVAL;
if (!vendor)
- if (!(type & available_error_type))
+ if (!(type & (available_error_type | available_error_type_v2)))
return -EINVAL;
return 0;
@@ -763,12 +834,14 @@ static ssize_t error_type_set(struct file *file, const char __user *buf,
u64 val;
memset(einj_buf, 0, BUFF_SIZE);
+ is_V2 = false;
if (copy_from_user(einj_buf, buf, count))
return -EFAULT;
if (strncmp(einj_buf, "V2_", 3) == 0) {
if (!sscanf(einj_buf, "V2_%llx", &val))
return -EINVAL;
+ is_V2 = true;
} else
if (!sscanf(einj_buf, "%llx", &val))
return -EINVAL;
@@ -792,6 +865,9 @@ static int error_inject_set(void *data, u64 val)
if (!error_type)
return -EINVAL;
+ if (is_V2)
+ error_flags |= SETWA_FLAGS_EINJV2;
+
return einj_error_inject(error_type, error_flags, error_param1, error_param2,
error_param3, error_param4);
}
@@ -944,11 +1020,10 @@ static void __exit einj_remove(struct platform_device *pdev)
struct apei_exec_context ctx;
if (einj_param) {
- acpi_size size = (acpi5) ?
- sizeof(struct set_error_type_with_address) :
- sizeof(struct einj_parameter);
-
- acpi_os_unmap_iomem(einj_param, size);
+ if (acpi5)
+ acpi_os_unmap_iomem(einj_param, v5param_size);
+ else
+ acpi_os_unmap_iomem(einj_param, sizeof(struct einj_parameter));
if (vendor_errors.size)
acpi_os_unmap_memory(vendor_errors.data, vendor_errors.size);
}
--
2.34.1
Powered by blists - more mailing lists