mbox.c 40 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467
  1. // SPDX-License-Identifier: GPL-2.0-only
  2. /* Copyright(c) 2020 Intel Corporation. All rights reserved. */
  3. #include <linux/security.h>
  4. #include <linux/debugfs.h>
  5. #include <linux/ktime.h>
  6. #include <linux/mutex.h>
  7. #include <linux/unaligned.h>
  8. #include <cxlpci.h>
  9. #include <cxlmem.h>
  10. #include <cxl.h>
  11. #include "core.h"
  12. #include "trace.h"
  13. static bool cxl_raw_allow_all;
  14. /**
  15. * DOC: cxl mbox
  16. *
  17. * Core implementation of the CXL 2.0 Type-3 Memory Device Mailbox. The
  18. * implementation is used by the cxl_pci driver to initialize the device
  19. * and implement the cxl_mem.h IOCTL UAPI. It also implements the
  20. * backend of the cxl_pmem_ctl() transport for LIBNVDIMM.
  21. */
  22. #define cxl_for_each_cmd(cmd) \
  23. for ((cmd) = &cxl_mem_commands[0]; \
  24. ((cmd) - cxl_mem_commands) < ARRAY_SIZE(cxl_mem_commands); (cmd)++)
  25. #define CXL_CMD(_id, sin, sout, _flags) \
  26. [CXL_MEM_COMMAND_ID_##_id] = { \
  27. .info = { \
  28. .id = CXL_MEM_COMMAND_ID_##_id, \
  29. .size_in = sin, \
  30. .size_out = sout, \
  31. }, \
  32. .opcode = CXL_MBOX_OP_##_id, \
  33. .flags = _flags, \
  34. }
  35. #define CXL_VARIABLE_PAYLOAD ~0U
  36. /*
  37. * This table defines the supported mailbox commands for the driver. This table
  38. * is made up of a UAPI structure. Non-negative values as parameters in the
  39. * table will be validated against the user's input. For example, if size_in is
  40. * 0, and the user passed in 1, it is an error.
  41. */
  42. static struct cxl_mem_command cxl_mem_commands[CXL_MEM_COMMAND_ID_MAX] = {
  43. CXL_CMD(IDENTIFY, 0, 0x43, CXL_CMD_FLAG_FORCE_ENABLE),
  44. #ifdef CONFIG_CXL_MEM_RAW_COMMANDS
  45. CXL_CMD(RAW, CXL_VARIABLE_PAYLOAD, CXL_VARIABLE_PAYLOAD, 0),
  46. #endif
  47. CXL_CMD(GET_SUPPORTED_LOGS, 0, CXL_VARIABLE_PAYLOAD, CXL_CMD_FLAG_FORCE_ENABLE),
  48. CXL_CMD(GET_FW_INFO, 0, 0x50, 0),
  49. CXL_CMD(GET_PARTITION_INFO, 0, 0x20, 0),
  50. CXL_CMD(GET_LSA, 0x8, CXL_VARIABLE_PAYLOAD, 0),
  51. CXL_CMD(GET_HEALTH_INFO, 0, 0x12, 0),
  52. CXL_CMD(GET_LOG, 0x18, CXL_VARIABLE_PAYLOAD, CXL_CMD_FLAG_FORCE_ENABLE),
  53. CXL_CMD(GET_LOG_CAPS, 0x10, 0x4, 0),
  54. CXL_CMD(CLEAR_LOG, 0x10, 0, 0),
  55. CXL_CMD(GET_SUP_LOG_SUBLIST, 0x2, CXL_VARIABLE_PAYLOAD, 0),
  56. CXL_CMD(SET_PARTITION_INFO, 0x0a, 0, 0),
  57. CXL_CMD(SET_LSA, CXL_VARIABLE_PAYLOAD, 0, 0),
  58. CXL_CMD(GET_ALERT_CONFIG, 0, 0x10, 0),
  59. CXL_CMD(SET_ALERT_CONFIG, 0xc, 0, 0),
  60. CXL_CMD(GET_SHUTDOWN_STATE, 0, 0x1, 0),
  61. CXL_CMD(SET_SHUTDOWN_STATE, 0x1, 0, 0),
  62. CXL_CMD(GET_SCAN_MEDIA_CAPS, 0x10, 0x4, 0),
  63. CXL_CMD(GET_TIMESTAMP, 0, 0x8, 0),
  64. };
  65. /*
  66. * Commands that RAW doesn't permit. The rationale for each:
  67. *
  68. * CXL_MBOX_OP_ACTIVATE_FW: Firmware activation requires adjustment /
  69. * coordination of transaction timeout values at the root bridge level.
  70. *
  71. * CXL_MBOX_OP_SET_PARTITION_INFO: The device memory map may change live
  72. * and needs to be coordinated with HDM updates.
  73. *
  74. * CXL_MBOX_OP_SET_LSA: The label storage area may be cached by the
  75. * driver and any writes from userspace invalidates those contents.
  76. *
  77. * CXL_MBOX_OP_SET_SHUTDOWN_STATE: Set shutdown state assumes no writes
  78. * to the device after it is marked clean, userspace can not make that
  79. * assertion.
  80. *
  81. * CXL_MBOX_OP_[GET_]SCAN_MEDIA: The kernel provides a native error list that
  82. * is kept up to date with patrol notifications and error management.
  83. *
  84. * CXL_MBOX_OP_[GET_,INJECT_,CLEAR_]POISON: These commands require kernel
  85. * driver orchestration for safety.
  86. */
  87. static u16 cxl_disabled_raw_commands[] = {
  88. CXL_MBOX_OP_ACTIVATE_FW,
  89. CXL_MBOX_OP_SET_PARTITION_INFO,
  90. CXL_MBOX_OP_SET_LSA,
  91. CXL_MBOX_OP_SET_SHUTDOWN_STATE,
  92. CXL_MBOX_OP_SCAN_MEDIA,
  93. CXL_MBOX_OP_GET_SCAN_MEDIA,
  94. CXL_MBOX_OP_GET_POISON,
  95. CXL_MBOX_OP_INJECT_POISON,
  96. CXL_MBOX_OP_CLEAR_POISON,
  97. };
  98. /*
  99. * Command sets that RAW doesn't permit. All opcodes in this set are
  100. * disabled because they pass plain text security payloads over the
  101. * user/kernel boundary. This functionality is intended to be wrapped
  102. * behind the keys ABI which allows for encrypted payloads in the UAPI
  103. */
  104. static u8 security_command_sets[] = {
  105. 0x44, /* Sanitize */
  106. 0x45, /* Persistent Memory Data-at-rest Security */
  107. 0x46, /* Security Passthrough */
  108. };
  109. static bool cxl_is_security_command(u16 opcode)
  110. {
  111. int i;
  112. for (i = 0; i < ARRAY_SIZE(security_command_sets); i++)
  113. if (security_command_sets[i] == (opcode >> 8))
  114. return true;
  115. return false;
  116. }
  117. static void cxl_set_security_cmd_enabled(struct cxl_security_state *security,
  118. u16 opcode)
  119. {
  120. switch (opcode) {
  121. case CXL_MBOX_OP_SANITIZE:
  122. set_bit(CXL_SEC_ENABLED_SANITIZE, security->enabled_cmds);
  123. break;
  124. case CXL_MBOX_OP_SECURE_ERASE:
  125. set_bit(CXL_SEC_ENABLED_SECURE_ERASE,
  126. security->enabled_cmds);
  127. break;
  128. case CXL_MBOX_OP_GET_SECURITY_STATE:
  129. set_bit(CXL_SEC_ENABLED_GET_SECURITY_STATE,
  130. security->enabled_cmds);
  131. break;
  132. case CXL_MBOX_OP_SET_PASSPHRASE:
  133. set_bit(CXL_SEC_ENABLED_SET_PASSPHRASE,
  134. security->enabled_cmds);
  135. break;
  136. case CXL_MBOX_OP_DISABLE_PASSPHRASE:
  137. set_bit(CXL_SEC_ENABLED_DISABLE_PASSPHRASE,
  138. security->enabled_cmds);
  139. break;
  140. case CXL_MBOX_OP_UNLOCK:
  141. set_bit(CXL_SEC_ENABLED_UNLOCK, security->enabled_cmds);
  142. break;
  143. case CXL_MBOX_OP_FREEZE_SECURITY:
  144. set_bit(CXL_SEC_ENABLED_FREEZE_SECURITY,
  145. security->enabled_cmds);
  146. break;
  147. case CXL_MBOX_OP_PASSPHRASE_SECURE_ERASE:
  148. set_bit(CXL_SEC_ENABLED_PASSPHRASE_SECURE_ERASE,
  149. security->enabled_cmds);
  150. break;
  151. default:
  152. break;
  153. }
  154. }
  155. static bool cxl_is_poison_command(u16 opcode)
  156. {
  157. #define CXL_MBOX_OP_POISON_CMDS 0x43
  158. if ((opcode >> 8) == CXL_MBOX_OP_POISON_CMDS)
  159. return true;
  160. return false;
  161. }
  162. static void cxl_set_poison_cmd_enabled(struct cxl_poison_state *poison,
  163. u16 opcode)
  164. {
  165. switch (opcode) {
  166. case CXL_MBOX_OP_GET_POISON:
  167. set_bit(CXL_POISON_ENABLED_LIST, poison->enabled_cmds);
  168. break;
  169. case CXL_MBOX_OP_INJECT_POISON:
  170. set_bit(CXL_POISON_ENABLED_INJECT, poison->enabled_cmds);
  171. break;
  172. case CXL_MBOX_OP_CLEAR_POISON:
  173. set_bit(CXL_POISON_ENABLED_CLEAR, poison->enabled_cmds);
  174. break;
  175. case CXL_MBOX_OP_GET_SCAN_MEDIA_CAPS:
  176. set_bit(CXL_POISON_ENABLED_SCAN_CAPS, poison->enabled_cmds);
  177. break;
  178. case CXL_MBOX_OP_SCAN_MEDIA:
  179. set_bit(CXL_POISON_ENABLED_SCAN_MEDIA, poison->enabled_cmds);
  180. break;
  181. case CXL_MBOX_OP_GET_SCAN_MEDIA:
  182. set_bit(CXL_POISON_ENABLED_SCAN_RESULTS, poison->enabled_cmds);
  183. break;
  184. default:
  185. break;
  186. }
  187. }
  188. static struct cxl_mem_command *cxl_mem_find_command(u16 opcode)
  189. {
  190. struct cxl_mem_command *c;
  191. cxl_for_each_cmd(c)
  192. if (c->opcode == opcode)
  193. return c;
  194. return NULL;
  195. }
  196. static const char *cxl_mem_opcode_to_name(u16 opcode)
  197. {
  198. struct cxl_mem_command *c;
  199. c = cxl_mem_find_command(opcode);
  200. if (!c)
  201. return NULL;
  202. return cxl_command_names[c->info.id].name;
  203. }
  204. /**
  205. * cxl_internal_send_cmd() - Kernel internal interface to send a mailbox command
  206. * @cxl_mbox: CXL mailbox context
  207. * @mbox_cmd: initialized command to execute
  208. *
  209. * Context: Any context.
  210. * Return:
  211. * * %>=0 - Number of bytes returned in @out.
  212. * * %-E2BIG - Payload is too large for hardware.
  213. * * %-EBUSY - Couldn't acquire exclusive mailbox access.
  214. * * %-EFAULT - Hardware error occurred.
  215. * * %-ENXIO - Command completed, but device reported an error.
  216. * * %-EIO - Unexpected output size.
  217. *
  218. * Mailbox commands may execute successfully yet the device itself reported an
  219. * error. While this distinction can be useful for commands from userspace, the
  220. * kernel will only be able to use results when both are successful.
  221. */
  222. int cxl_internal_send_cmd(struct cxl_mailbox *cxl_mbox,
  223. struct cxl_mbox_cmd *mbox_cmd)
  224. {
  225. size_t out_size, min_out;
  226. int rc;
  227. if (mbox_cmd->size_in > cxl_mbox->payload_size ||
  228. mbox_cmd->size_out > cxl_mbox->payload_size)
  229. return -E2BIG;
  230. out_size = mbox_cmd->size_out;
  231. min_out = mbox_cmd->min_out;
  232. rc = cxl_mbox->mbox_send(cxl_mbox, mbox_cmd);
  233. /*
  234. * EIO is reserved for a payload size mismatch and mbox_send()
  235. * may not return this error.
  236. */
  237. if (WARN_ONCE(rc == -EIO, "Bad return code: -EIO"))
  238. return -ENXIO;
  239. if (rc)
  240. return rc;
  241. if (mbox_cmd->return_code != CXL_MBOX_CMD_RC_SUCCESS &&
  242. mbox_cmd->return_code != CXL_MBOX_CMD_RC_BACKGROUND)
  243. return cxl_mbox_cmd_rc2errno(mbox_cmd);
  244. if (!out_size)
  245. return 0;
  246. /*
  247. * Variable sized output needs to at least satisfy the caller's
  248. * minimum if not the fully requested size.
  249. */
  250. if (min_out == 0)
  251. min_out = out_size;
  252. if (mbox_cmd->size_out < min_out)
  253. return -EIO;
  254. return 0;
  255. }
  256. EXPORT_SYMBOL_NS_GPL(cxl_internal_send_cmd, CXL);
  257. static bool cxl_mem_raw_command_allowed(u16 opcode)
  258. {
  259. int i;
  260. if (!IS_ENABLED(CONFIG_CXL_MEM_RAW_COMMANDS))
  261. return false;
  262. if (security_locked_down(LOCKDOWN_PCI_ACCESS))
  263. return false;
  264. if (cxl_raw_allow_all)
  265. return true;
  266. if (cxl_is_security_command(opcode))
  267. return false;
  268. for (i = 0; i < ARRAY_SIZE(cxl_disabled_raw_commands); i++)
  269. if (cxl_disabled_raw_commands[i] == opcode)
  270. return false;
  271. return true;
  272. }
  273. /**
  274. * cxl_payload_from_user_allowed() - Check contents of in_payload.
  275. * @opcode: The mailbox command opcode.
  276. * @payload_in: Pointer to the input payload passed in from user space.
  277. *
  278. * Return:
  279. * * true - payload_in passes check for @opcode.
  280. * * false - payload_in contains invalid or unsupported values.
  281. *
  282. * The driver may inspect payload contents before sending a mailbox
  283. * command from user space to the device. The intent is to reject
  284. * commands with input payloads that are known to be unsafe. This
  285. * check is not intended to replace the users careful selection of
  286. * mailbox command parameters and makes no guarantee that the user
  287. * command will succeed, nor that it is appropriate.
  288. *
  289. * The specific checks are determined by the opcode.
  290. */
  291. static bool cxl_payload_from_user_allowed(u16 opcode, void *payload_in)
  292. {
  293. switch (opcode) {
  294. case CXL_MBOX_OP_SET_PARTITION_INFO: {
  295. struct cxl_mbox_set_partition_info *pi = payload_in;
  296. if (pi->flags & CXL_SET_PARTITION_IMMEDIATE_FLAG)
  297. return false;
  298. break;
  299. }
  300. case CXL_MBOX_OP_CLEAR_LOG: {
  301. const uuid_t *uuid = (uuid_t *)payload_in;
  302. /*
  303. * Restrict the ‘Clear log’ action to only apply to
  304. * Vendor debug logs.
  305. */
  306. return uuid_equal(uuid, &DEFINE_CXL_VENDOR_DEBUG_UUID);
  307. }
  308. default:
  309. break;
  310. }
  311. return true;
  312. }
  313. static int cxl_mbox_cmd_ctor(struct cxl_mbox_cmd *mbox,
  314. struct cxl_memdev_state *mds, u16 opcode,
  315. size_t in_size, size_t out_size, u64 in_payload)
  316. {
  317. struct cxl_mailbox *cxl_mbox = &mds->cxlds.cxl_mbox;
  318. *mbox = (struct cxl_mbox_cmd) {
  319. .opcode = opcode,
  320. .size_in = in_size,
  321. };
  322. if (in_size) {
  323. mbox->payload_in = vmemdup_user(u64_to_user_ptr(in_payload),
  324. in_size);
  325. if (IS_ERR(mbox->payload_in))
  326. return PTR_ERR(mbox->payload_in);
  327. if (!cxl_payload_from_user_allowed(opcode, mbox->payload_in)) {
  328. dev_dbg(mds->cxlds.dev, "%s: input payload not allowed\n",
  329. cxl_mem_opcode_to_name(opcode));
  330. kvfree(mbox->payload_in);
  331. return -EBUSY;
  332. }
  333. }
  334. /* Prepare to handle a full payload for variable sized output */
  335. if (out_size == CXL_VARIABLE_PAYLOAD)
  336. mbox->size_out = cxl_mbox->payload_size;
  337. else
  338. mbox->size_out = out_size;
  339. if (mbox->size_out) {
  340. mbox->payload_out = kvzalloc(mbox->size_out, GFP_KERNEL);
  341. if (!mbox->payload_out) {
  342. kvfree(mbox->payload_in);
  343. return -ENOMEM;
  344. }
  345. }
  346. return 0;
  347. }
  348. static void cxl_mbox_cmd_dtor(struct cxl_mbox_cmd *mbox)
  349. {
  350. kvfree(mbox->payload_in);
  351. kvfree(mbox->payload_out);
  352. }
  353. static int cxl_to_mem_cmd_raw(struct cxl_mem_command *mem_cmd,
  354. const struct cxl_send_command *send_cmd,
  355. struct cxl_memdev_state *mds)
  356. {
  357. struct cxl_mailbox *cxl_mbox = &mds->cxlds.cxl_mbox;
  358. if (send_cmd->raw.rsvd)
  359. return -EINVAL;
  360. /*
  361. * Unlike supported commands, the output size of RAW commands
  362. * gets passed along without further checking, so it must be
  363. * validated here.
  364. */
  365. if (send_cmd->out.size > cxl_mbox->payload_size)
  366. return -EINVAL;
  367. if (!cxl_mem_raw_command_allowed(send_cmd->raw.opcode))
  368. return -EPERM;
  369. dev_WARN_ONCE(mds->cxlds.dev, true, "raw command path used\n");
  370. *mem_cmd = (struct cxl_mem_command) {
  371. .info = {
  372. .id = CXL_MEM_COMMAND_ID_RAW,
  373. .size_in = send_cmd->in.size,
  374. .size_out = send_cmd->out.size,
  375. },
  376. .opcode = send_cmd->raw.opcode
  377. };
  378. return 0;
  379. }
  380. static int cxl_to_mem_cmd(struct cxl_mem_command *mem_cmd,
  381. const struct cxl_send_command *send_cmd,
  382. struct cxl_memdev_state *mds)
  383. {
  384. struct cxl_mem_command *c = &cxl_mem_commands[send_cmd->id];
  385. const struct cxl_command_info *info = &c->info;
  386. if (send_cmd->flags & ~CXL_MEM_COMMAND_FLAG_MASK)
  387. return -EINVAL;
  388. if (send_cmd->rsvd)
  389. return -EINVAL;
  390. if (send_cmd->in.rsvd || send_cmd->out.rsvd)
  391. return -EINVAL;
  392. /* Check that the command is enabled for hardware */
  393. if (!test_bit(info->id, mds->enabled_cmds))
  394. return -ENOTTY;
  395. /* Check that the command is not claimed for exclusive kernel use */
  396. if (test_bit(info->id, mds->exclusive_cmds))
  397. return -EBUSY;
  398. /* Check the input buffer is the expected size */
  399. if ((info->size_in != CXL_VARIABLE_PAYLOAD) &&
  400. (info->size_in != send_cmd->in.size))
  401. return -ENOMEM;
  402. /* Check the output buffer is at least large enough */
  403. if ((info->size_out != CXL_VARIABLE_PAYLOAD) &&
  404. (send_cmd->out.size < info->size_out))
  405. return -ENOMEM;
  406. *mem_cmd = (struct cxl_mem_command) {
  407. .info = {
  408. .id = info->id,
  409. .flags = info->flags,
  410. .size_in = send_cmd->in.size,
  411. .size_out = send_cmd->out.size,
  412. },
  413. .opcode = c->opcode
  414. };
  415. return 0;
  416. }
  417. /**
  418. * cxl_validate_cmd_from_user() - Check fields for CXL_MEM_SEND_COMMAND.
  419. * @mbox_cmd: Sanitized and populated &struct cxl_mbox_cmd.
  420. * @mds: The driver data for the operation
  421. * @send_cmd: &struct cxl_send_command copied in from userspace.
  422. *
  423. * Return:
  424. * * %0 - @out_cmd is ready to send.
  425. * * %-ENOTTY - Invalid command specified.
  426. * * %-EINVAL - Reserved fields or invalid values were used.
  427. * * %-ENOMEM - Input or output buffer wasn't sized properly.
  428. * * %-EPERM - Attempted to use a protected command.
  429. * * %-EBUSY - Kernel has claimed exclusive access to this opcode
  430. *
  431. * The result of this command is a fully validated command in @mbox_cmd that is
  432. * safe to send to the hardware.
  433. */
  434. static int cxl_validate_cmd_from_user(struct cxl_mbox_cmd *mbox_cmd,
  435. struct cxl_memdev_state *mds,
  436. const struct cxl_send_command *send_cmd)
  437. {
  438. struct cxl_mailbox *cxl_mbox = &mds->cxlds.cxl_mbox;
  439. struct cxl_mem_command mem_cmd;
  440. int rc;
  441. if (send_cmd->id == 0 || send_cmd->id >= CXL_MEM_COMMAND_ID_MAX)
  442. return -ENOTTY;
  443. /*
  444. * The user can never specify an input payload larger than what hardware
  445. * supports, but output can be arbitrarily large (simply write out as
  446. * much data as the hardware provides).
  447. */
  448. if (send_cmd->in.size > cxl_mbox->payload_size)
  449. return -EINVAL;
  450. /* Sanitize and construct a cxl_mem_command */
  451. if (send_cmd->id == CXL_MEM_COMMAND_ID_RAW)
  452. rc = cxl_to_mem_cmd_raw(&mem_cmd, send_cmd, mds);
  453. else
  454. rc = cxl_to_mem_cmd(&mem_cmd, send_cmd, mds);
  455. if (rc)
  456. return rc;
  457. /* Sanitize and construct a cxl_mbox_cmd */
  458. return cxl_mbox_cmd_ctor(mbox_cmd, mds, mem_cmd.opcode,
  459. mem_cmd.info.size_in, mem_cmd.info.size_out,
  460. send_cmd->in.payload);
  461. }
  462. int cxl_query_cmd(struct cxl_memdev *cxlmd,
  463. struct cxl_mem_query_commands __user *q)
  464. {
  465. struct cxl_memdev_state *mds = to_cxl_memdev_state(cxlmd->cxlds);
  466. struct device *dev = &cxlmd->dev;
  467. struct cxl_mem_command *cmd;
  468. u32 n_commands;
  469. int j = 0;
  470. dev_dbg(dev, "Query IOCTL\n");
  471. if (get_user(n_commands, &q->n_commands))
  472. return -EFAULT;
  473. /* returns the total number if 0 elements are requested. */
  474. if (n_commands == 0)
  475. return put_user(ARRAY_SIZE(cxl_mem_commands), &q->n_commands);
  476. /*
  477. * otherwise, return min(n_commands, total commands) cxl_command_info
  478. * structures.
  479. */
  480. cxl_for_each_cmd(cmd) {
  481. struct cxl_command_info info = cmd->info;
  482. if (test_bit(info.id, mds->enabled_cmds))
  483. info.flags |= CXL_MEM_COMMAND_FLAG_ENABLED;
  484. if (test_bit(info.id, mds->exclusive_cmds))
  485. info.flags |= CXL_MEM_COMMAND_FLAG_EXCLUSIVE;
  486. if (copy_to_user(&q->commands[j++], &info, sizeof(info)))
  487. return -EFAULT;
  488. if (j == n_commands)
  489. break;
  490. }
  491. return 0;
  492. }
  493. /**
  494. * handle_mailbox_cmd_from_user() - Dispatch a mailbox command for userspace.
  495. * @mds: The driver data for the operation
  496. * @mbox_cmd: The validated mailbox command.
  497. * @out_payload: Pointer to userspace's output payload.
  498. * @size_out: (Input) Max payload size to copy out.
  499. * (Output) Payload size hardware generated.
  500. * @retval: Hardware generated return code from the operation.
  501. *
  502. * Return:
  503. * * %0 - Mailbox transaction succeeded. This implies the mailbox
  504. * protocol completed successfully not that the operation itself
  505. * was successful.
  506. * * %-ENOMEM - Couldn't allocate a bounce buffer.
  507. * * %-EFAULT - Something happened with copy_to/from_user.
  508. * * %-EINTR - Mailbox acquisition interrupted.
  509. * * %-EXXX - Transaction level failures.
  510. *
  511. * Dispatches a mailbox command on behalf of a userspace request.
  512. * The output payload is copied to userspace.
  513. *
  514. * See cxl_send_cmd().
  515. */
  516. static int handle_mailbox_cmd_from_user(struct cxl_memdev_state *mds,
  517. struct cxl_mbox_cmd *mbox_cmd,
  518. u64 out_payload, s32 *size_out,
  519. u32 *retval)
  520. {
  521. struct cxl_mailbox *cxl_mbox = &mds->cxlds.cxl_mbox;
  522. struct device *dev = mds->cxlds.dev;
  523. int rc;
  524. dev_dbg(dev,
  525. "Submitting %s command for user\n"
  526. "\topcode: %x\n"
  527. "\tsize: %zx\n",
  528. cxl_mem_opcode_to_name(mbox_cmd->opcode),
  529. mbox_cmd->opcode, mbox_cmd->size_in);
  530. rc = cxl_mbox->mbox_send(cxl_mbox, mbox_cmd);
  531. if (rc)
  532. goto out;
  533. /*
  534. * @size_out contains the max size that's allowed to be written back out
  535. * to userspace. While the payload may have written more output than
  536. * this it will have to be ignored.
  537. */
  538. if (mbox_cmd->size_out) {
  539. dev_WARN_ONCE(dev, mbox_cmd->size_out > *size_out,
  540. "Invalid return size\n");
  541. if (copy_to_user(u64_to_user_ptr(out_payload),
  542. mbox_cmd->payload_out, mbox_cmd->size_out)) {
  543. rc = -EFAULT;
  544. goto out;
  545. }
  546. }
  547. *size_out = mbox_cmd->size_out;
  548. *retval = mbox_cmd->return_code;
  549. out:
  550. cxl_mbox_cmd_dtor(mbox_cmd);
  551. return rc;
  552. }
  553. int cxl_send_cmd(struct cxl_memdev *cxlmd, struct cxl_send_command __user *s)
  554. {
  555. struct cxl_memdev_state *mds = to_cxl_memdev_state(cxlmd->cxlds);
  556. struct device *dev = &cxlmd->dev;
  557. struct cxl_send_command send;
  558. struct cxl_mbox_cmd mbox_cmd;
  559. int rc;
  560. dev_dbg(dev, "Send IOCTL\n");
  561. if (copy_from_user(&send, s, sizeof(send)))
  562. return -EFAULT;
  563. rc = cxl_validate_cmd_from_user(&mbox_cmd, mds, &send);
  564. if (rc)
  565. return rc;
  566. rc = handle_mailbox_cmd_from_user(mds, &mbox_cmd, send.out.payload,
  567. &send.out.size, &send.retval);
  568. if (rc)
  569. return rc;
  570. if (copy_to_user(s, &send, sizeof(send)))
  571. return -EFAULT;
  572. return 0;
  573. }
  574. static int cxl_xfer_log(struct cxl_memdev_state *mds, uuid_t *uuid,
  575. u32 *size, u8 *out)
  576. {
  577. struct cxl_mailbox *cxl_mbox = &mds->cxlds.cxl_mbox;
  578. u32 remaining = *size;
  579. u32 offset = 0;
  580. while (remaining) {
  581. u32 xfer_size = min_t(u32, remaining, cxl_mbox->payload_size);
  582. struct cxl_mbox_cmd mbox_cmd;
  583. struct cxl_mbox_get_log log;
  584. int rc;
  585. log = (struct cxl_mbox_get_log) {
  586. .uuid = *uuid,
  587. .offset = cpu_to_le32(offset),
  588. .length = cpu_to_le32(xfer_size),
  589. };
  590. mbox_cmd = (struct cxl_mbox_cmd) {
  591. .opcode = CXL_MBOX_OP_GET_LOG,
  592. .size_in = sizeof(log),
  593. .payload_in = &log,
  594. .size_out = xfer_size,
  595. .payload_out = out,
  596. };
  597. rc = cxl_internal_send_cmd(cxl_mbox, &mbox_cmd);
  598. /*
  599. * The output payload length that indicates the number
  600. * of valid bytes can be smaller than the Log buffer
  601. * size.
  602. */
  603. if (rc == -EIO && mbox_cmd.size_out < xfer_size) {
  604. offset += mbox_cmd.size_out;
  605. break;
  606. }
  607. if (rc < 0)
  608. return rc;
  609. out += xfer_size;
  610. remaining -= xfer_size;
  611. offset += xfer_size;
  612. }
  613. *size = offset;
  614. return 0;
  615. }
  616. /**
  617. * cxl_walk_cel() - Walk through the Command Effects Log.
  618. * @mds: The driver data for the operation
  619. * @size: Length of the Command Effects Log.
  620. * @cel: CEL
  621. *
  622. * Iterate over each entry in the CEL and determine if the driver supports the
  623. * command. If so, the command is enabled for the device and can be used later.
  624. */
  625. static void cxl_walk_cel(struct cxl_memdev_state *mds, size_t size, u8 *cel)
  626. {
  627. struct cxl_cel_entry *cel_entry;
  628. const int cel_entries = size / sizeof(*cel_entry);
  629. struct device *dev = mds->cxlds.dev;
  630. int i;
  631. cel_entry = (struct cxl_cel_entry *) cel;
  632. for (i = 0; i < cel_entries; i++) {
  633. u16 opcode = le16_to_cpu(cel_entry[i].opcode);
  634. struct cxl_mem_command *cmd = cxl_mem_find_command(opcode);
  635. int enabled = 0;
  636. if (cmd) {
  637. set_bit(cmd->info.id, mds->enabled_cmds);
  638. enabled++;
  639. }
  640. if (cxl_is_poison_command(opcode)) {
  641. cxl_set_poison_cmd_enabled(&mds->poison, opcode);
  642. enabled++;
  643. }
  644. if (cxl_is_security_command(opcode)) {
  645. cxl_set_security_cmd_enabled(&mds->security, opcode);
  646. enabled++;
  647. }
  648. dev_dbg(dev, "Opcode 0x%04x %s\n", opcode,
  649. enabled ? "enabled" : "unsupported by driver");
  650. }
  651. }
  652. static struct cxl_mbox_get_supported_logs *cxl_get_gsl(struct cxl_memdev_state *mds)
  653. {
  654. struct cxl_mailbox *cxl_mbox = &mds->cxlds.cxl_mbox;
  655. struct cxl_mbox_get_supported_logs *ret;
  656. struct cxl_mbox_cmd mbox_cmd;
  657. int rc;
  658. ret = kvmalloc(cxl_mbox->payload_size, GFP_KERNEL);
  659. if (!ret)
  660. return ERR_PTR(-ENOMEM);
  661. mbox_cmd = (struct cxl_mbox_cmd) {
  662. .opcode = CXL_MBOX_OP_GET_SUPPORTED_LOGS,
  663. .size_out = cxl_mbox->payload_size,
  664. .payload_out = ret,
  665. /* At least the record number field must be valid */
  666. .min_out = 2,
  667. };
  668. rc = cxl_internal_send_cmd(cxl_mbox, &mbox_cmd);
  669. if (rc < 0) {
  670. kvfree(ret);
  671. return ERR_PTR(rc);
  672. }
  673. return ret;
  674. }
  675. enum {
  676. CEL_UUID,
  677. VENDOR_DEBUG_UUID,
  678. };
  679. /* See CXL 2.0 Table 170. Get Log Input Payload */
  680. static const uuid_t log_uuid[] = {
  681. [CEL_UUID] = DEFINE_CXL_CEL_UUID,
  682. [VENDOR_DEBUG_UUID] = DEFINE_CXL_VENDOR_DEBUG_UUID,
  683. };
  684. /**
  685. * cxl_enumerate_cmds() - Enumerate commands for a device.
  686. * @mds: The driver data for the operation
  687. *
  688. * Returns 0 if enumerate completed successfully.
  689. *
  690. * CXL devices have optional support for certain commands. This function will
  691. * determine the set of supported commands for the hardware and update the
  692. * enabled_cmds bitmap in the @mds.
  693. */
  694. int cxl_enumerate_cmds(struct cxl_memdev_state *mds)
  695. {
  696. struct cxl_mbox_get_supported_logs *gsl;
  697. struct device *dev = mds->cxlds.dev;
  698. struct cxl_mem_command *cmd;
  699. int i, rc;
  700. gsl = cxl_get_gsl(mds);
  701. if (IS_ERR(gsl))
  702. return PTR_ERR(gsl);
  703. rc = -ENOENT;
  704. for (i = 0; i < le16_to_cpu(gsl->entries); i++) {
  705. u32 size = le32_to_cpu(gsl->entry[i].size);
  706. uuid_t uuid = gsl->entry[i].uuid;
  707. u8 *log;
  708. dev_dbg(dev, "Found LOG type %pU of size %d", &uuid, size);
  709. if (!uuid_equal(&uuid, &log_uuid[CEL_UUID]))
  710. continue;
  711. log = kvmalloc(size, GFP_KERNEL);
  712. if (!log) {
  713. rc = -ENOMEM;
  714. goto out;
  715. }
  716. rc = cxl_xfer_log(mds, &uuid, &size, log);
  717. if (rc) {
  718. kvfree(log);
  719. goto out;
  720. }
  721. cxl_walk_cel(mds, size, log);
  722. kvfree(log);
  723. /* In case CEL was bogus, enable some default commands. */
  724. cxl_for_each_cmd(cmd)
  725. if (cmd->flags & CXL_CMD_FLAG_FORCE_ENABLE)
  726. set_bit(cmd->info.id, mds->enabled_cmds);
  727. /* Found the required CEL */
  728. rc = 0;
  729. }
  730. out:
  731. kvfree(gsl);
  732. return rc;
  733. }
  734. EXPORT_SYMBOL_NS_GPL(cxl_enumerate_cmds, CXL);
  735. void cxl_event_trace_record(const struct cxl_memdev *cxlmd,
  736. enum cxl_event_log_type type,
  737. enum cxl_event_type event_type,
  738. const uuid_t *uuid, union cxl_event *evt)
  739. {
  740. if (event_type == CXL_CPER_EVENT_MEM_MODULE) {
  741. trace_cxl_memory_module(cxlmd, type, &evt->mem_module);
  742. return;
  743. }
  744. if (event_type == CXL_CPER_EVENT_GENERIC) {
  745. trace_cxl_generic_event(cxlmd, type, uuid, &evt->generic);
  746. return;
  747. }
  748. if (trace_cxl_general_media_enabled() || trace_cxl_dram_enabled()) {
  749. u64 dpa, hpa = ULLONG_MAX;
  750. struct cxl_region *cxlr;
  751. /*
  752. * These trace points are annotated with HPA and region
  753. * translations. Take topology mutation locks and lookup
  754. * { HPA, REGION } from { DPA, MEMDEV } in the event record.
  755. */
  756. guard(rwsem_read)(&cxl_region_rwsem);
  757. guard(rwsem_read)(&cxl_dpa_rwsem);
  758. dpa = le64_to_cpu(evt->media_hdr.phys_addr) & CXL_DPA_MASK;
  759. cxlr = cxl_dpa_to_region(cxlmd, dpa);
  760. if (cxlr)
  761. hpa = cxl_dpa_to_hpa(cxlr, cxlmd, dpa);
  762. if (event_type == CXL_CPER_EVENT_GEN_MEDIA)
  763. trace_cxl_general_media(cxlmd, type, cxlr, hpa,
  764. &evt->gen_media);
  765. else if (event_type == CXL_CPER_EVENT_DRAM)
  766. trace_cxl_dram(cxlmd, type, cxlr, hpa, &evt->dram);
  767. }
  768. }
  769. EXPORT_SYMBOL_NS_GPL(cxl_event_trace_record, CXL);
  770. static void __cxl_event_trace_record(const struct cxl_memdev *cxlmd,
  771. enum cxl_event_log_type type,
  772. struct cxl_event_record_raw *record)
  773. {
  774. enum cxl_event_type ev_type = CXL_CPER_EVENT_GENERIC;
  775. const uuid_t *uuid = &record->id;
  776. if (uuid_equal(uuid, &CXL_EVENT_GEN_MEDIA_UUID))
  777. ev_type = CXL_CPER_EVENT_GEN_MEDIA;
  778. else if (uuid_equal(uuid, &CXL_EVENT_DRAM_UUID))
  779. ev_type = CXL_CPER_EVENT_DRAM;
  780. else if (uuid_equal(uuid, &CXL_EVENT_MEM_MODULE_UUID))
  781. ev_type = CXL_CPER_EVENT_MEM_MODULE;
  782. cxl_event_trace_record(cxlmd, type, ev_type, uuid, &record->event);
  783. }
  784. static int cxl_clear_event_record(struct cxl_memdev_state *mds,
  785. enum cxl_event_log_type log,
  786. struct cxl_get_event_payload *get_pl)
  787. {
  788. struct cxl_mailbox *cxl_mbox = &mds->cxlds.cxl_mbox;
  789. struct cxl_mbox_clear_event_payload *payload;
  790. u16 total = le16_to_cpu(get_pl->record_count);
  791. u8 max_handles = CXL_CLEAR_EVENT_MAX_HANDLES;
  792. size_t pl_size = struct_size(payload, handles, max_handles);
  793. struct cxl_mbox_cmd mbox_cmd;
  794. u16 cnt;
  795. int rc = 0;
  796. int i;
  797. /* Payload size may limit the max handles */
  798. if (pl_size > cxl_mbox->payload_size) {
  799. max_handles = (cxl_mbox->payload_size - sizeof(*payload)) /
  800. sizeof(__le16);
  801. pl_size = struct_size(payload, handles, max_handles);
  802. }
  803. payload = kvzalloc(pl_size, GFP_KERNEL);
  804. if (!payload)
  805. return -ENOMEM;
  806. *payload = (struct cxl_mbox_clear_event_payload) {
  807. .event_log = log,
  808. };
  809. mbox_cmd = (struct cxl_mbox_cmd) {
  810. .opcode = CXL_MBOX_OP_CLEAR_EVENT_RECORD,
  811. .payload_in = payload,
  812. .size_in = pl_size,
  813. };
  814. /*
  815. * Clear Event Records uses u8 for the handle cnt while Get Event
  816. * Record can return up to 0xffff records.
  817. */
  818. i = 0;
  819. for (cnt = 0; cnt < total; cnt++) {
  820. struct cxl_event_record_raw *raw = &get_pl->records[cnt];
  821. struct cxl_event_generic *gen = &raw->event.generic;
  822. payload->handles[i++] = gen->hdr.handle;
  823. dev_dbg(mds->cxlds.dev, "Event log '%d': Clearing %u\n", log,
  824. le16_to_cpu(payload->handles[i - 1]));
  825. if (i == max_handles) {
  826. payload->nr_recs = i;
  827. rc = cxl_internal_send_cmd(cxl_mbox, &mbox_cmd);
  828. if (rc)
  829. goto free_pl;
  830. i = 0;
  831. }
  832. }
  833. /* Clear what is left if any */
  834. if (i) {
  835. payload->nr_recs = i;
  836. mbox_cmd.size_in = struct_size(payload, handles, i);
  837. rc = cxl_internal_send_cmd(cxl_mbox, &mbox_cmd);
  838. if (rc)
  839. goto free_pl;
  840. }
  841. free_pl:
  842. kvfree(payload);
  843. return rc;
  844. }
  845. static void cxl_mem_get_records_log(struct cxl_memdev_state *mds,
  846. enum cxl_event_log_type type)
  847. {
  848. struct cxl_mailbox *cxl_mbox = &mds->cxlds.cxl_mbox;
  849. struct cxl_memdev *cxlmd = mds->cxlds.cxlmd;
  850. struct device *dev = mds->cxlds.dev;
  851. struct cxl_get_event_payload *payload;
  852. u8 log_type = type;
  853. u16 nr_rec;
  854. mutex_lock(&mds->event.log_lock);
  855. payload = mds->event.buf;
  856. do {
  857. int rc, i;
  858. struct cxl_mbox_cmd mbox_cmd = (struct cxl_mbox_cmd) {
  859. .opcode = CXL_MBOX_OP_GET_EVENT_RECORD,
  860. .payload_in = &log_type,
  861. .size_in = sizeof(log_type),
  862. .payload_out = payload,
  863. .size_out = cxl_mbox->payload_size,
  864. .min_out = struct_size(payload, records, 0),
  865. };
  866. rc = cxl_internal_send_cmd(cxl_mbox, &mbox_cmd);
  867. if (rc) {
  868. dev_err_ratelimited(dev,
  869. "Event log '%d': Failed to query event records : %d",
  870. type, rc);
  871. break;
  872. }
  873. nr_rec = le16_to_cpu(payload->record_count);
  874. if (!nr_rec)
  875. break;
  876. for (i = 0; i < nr_rec; i++)
  877. __cxl_event_trace_record(cxlmd, type,
  878. &payload->records[i]);
  879. if (payload->flags & CXL_GET_EVENT_FLAG_OVERFLOW)
  880. trace_cxl_overflow(cxlmd, type, payload);
  881. rc = cxl_clear_event_record(mds, type, payload);
  882. if (rc) {
  883. dev_err_ratelimited(dev,
  884. "Event log '%d': Failed to clear events : %d",
  885. type, rc);
  886. break;
  887. }
  888. } while (nr_rec);
  889. mutex_unlock(&mds->event.log_lock);
  890. }
  891. /**
  892. * cxl_mem_get_event_records - Get Event Records from the device
  893. * @mds: The driver data for the operation
  894. * @status: Event Status register value identifying which events are available.
  895. *
  896. * Retrieve all event records available on the device, report them as trace
  897. * events, and clear them.
  898. *
  899. * See CXL rev 3.0 @8.2.9.2.2 Get Event Records
  900. * See CXL rev 3.0 @8.2.9.2.3 Clear Event Records
  901. */
  902. void cxl_mem_get_event_records(struct cxl_memdev_state *mds, u32 status)
  903. {
  904. dev_dbg(mds->cxlds.dev, "Reading event logs: %x\n", status);
  905. if (status & CXLDEV_EVENT_STATUS_FATAL)
  906. cxl_mem_get_records_log(mds, CXL_EVENT_TYPE_FATAL);
  907. if (status & CXLDEV_EVENT_STATUS_FAIL)
  908. cxl_mem_get_records_log(mds, CXL_EVENT_TYPE_FAIL);
  909. if (status & CXLDEV_EVENT_STATUS_WARN)
  910. cxl_mem_get_records_log(mds, CXL_EVENT_TYPE_WARN);
  911. if (status & CXLDEV_EVENT_STATUS_INFO)
  912. cxl_mem_get_records_log(mds, CXL_EVENT_TYPE_INFO);
  913. }
  914. EXPORT_SYMBOL_NS_GPL(cxl_mem_get_event_records, CXL);
  915. /**
  916. * cxl_mem_get_partition_info - Get partition info
  917. * @mds: The driver data for the operation
  918. *
  919. * Retrieve the current partition info for the device specified. The active
  920. * values are the current capacity in bytes. If not 0, the 'next' values are
  921. * the pending values, in bytes, which take affect on next cold reset.
  922. *
  923. * Return: 0 if no error: or the result of the mailbox command.
  924. *
  925. * See CXL @8.2.9.5.2.1 Get Partition Info
  926. */
  927. static int cxl_mem_get_partition_info(struct cxl_memdev_state *mds)
  928. {
  929. struct cxl_mailbox *cxl_mbox = &mds->cxlds.cxl_mbox;
  930. struct cxl_mbox_get_partition_info pi;
  931. struct cxl_mbox_cmd mbox_cmd;
  932. int rc;
  933. mbox_cmd = (struct cxl_mbox_cmd) {
  934. .opcode = CXL_MBOX_OP_GET_PARTITION_INFO,
  935. .size_out = sizeof(pi),
  936. .payload_out = &pi,
  937. };
  938. rc = cxl_internal_send_cmd(cxl_mbox, &mbox_cmd);
  939. if (rc)
  940. return rc;
  941. mds->active_volatile_bytes =
  942. le64_to_cpu(pi.active_volatile_cap) * CXL_CAPACITY_MULTIPLIER;
  943. mds->active_persistent_bytes =
  944. le64_to_cpu(pi.active_persistent_cap) * CXL_CAPACITY_MULTIPLIER;
  945. mds->next_volatile_bytes =
  946. le64_to_cpu(pi.next_volatile_cap) * CXL_CAPACITY_MULTIPLIER;
  947. mds->next_persistent_bytes =
  948. le64_to_cpu(pi.next_volatile_cap) * CXL_CAPACITY_MULTIPLIER;
  949. return 0;
  950. }
  951. /**
  952. * cxl_dev_state_identify() - Send the IDENTIFY command to the device.
  953. * @mds: The driver data for the operation
  954. *
  955. * Return: 0 if identify was executed successfully or media not ready.
  956. *
  957. * This will dispatch the identify command to the device and on success populate
  958. * structures to be exported to sysfs.
  959. */
  960. int cxl_dev_state_identify(struct cxl_memdev_state *mds)
  961. {
  962. struct cxl_mailbox *cxl_mbox = &mds->cxlds.cxl_mbox;
  963. /* See CXL 2.0 Table 175 Identify Memory Device Output Payload */
  964. struct cxl_mbox_identify id;
  965. struct cxl_mbox_cmd mbox_cmd;
  966. u32 val;
  967. int rc;
  968. if (!mds->cxlds.media_ready)
  969. return 0;
  970. mbox_cmd = (struct cxl_mbox_cmd) {
  971. .opcode = CXL_MBOX_OP_IDENTIFY,
  972. .size_out = sizeof(id),
  973. .payload_out = &id,
  974. };
  975. rc = cxl_internal_send_cmd(cxl_mbox, &mbox_cmd);
  976. if (rc < 0)
  977. return rc;
  978. mds->total_bytes =
  979. le64_to_cpu(id.total_capacity) * CXL_CAPACITY_MULTIPLIER;
  980. mds->volatile_only_bytes =
  981. le64_to_cpu(id.volatile_capacity) * CXL_CAPACITY_MULTIPLIER;
  982. mds->persistent_only_bytes =
  983. le64_to_cpu(id.persistent_capacity) * CXL_CAPACITY_MULTIPLIER;
  984. mds->partition_align_bytes =
  985. le64_to_cpu(id.partition_align) * CXL_CAPACITY_MULTIPLIER;
  986. mds->lsa_size = le32_to_cpu(id.lsa_size);
  987. memcpy(mds->firmware_version, id.fw_revision,
  988. sizeof(id.fw_revision));
  989. if (test_bit(CXL_POISON_ENABLED_LIST, mds->poison.enabled_cmds)) {
  990. val = get_unaligned_le24(id.poison_list_max_mer);
  991. mds->poison.max_errors = min_t(u32, val, CXL_POISON_LIST_MAX);
  992. }
  993. return 0;
  994. }
  995. EXPORT_SYMBOL_NS_GPL(cxl_dev_state_identify, CXL);
  996. static int __cxl_mem_sanitize(struct cxl_memdev_state *mds, u16 cmd)
  997. {
  998. struct cxl_mailbox *cxl_mbox = &mds->cxlds.cxl_mbox;
  999. int rc;
  1000. u32 sec_out = 0;
  1001. struct cxl_get_security_output {
  1002. __le32 flags;
  1003. } out;
  1004. struct cxl_mbox_cmd sec_cmd = {
  1005. .opcode = CXL_MBOX_OP_GET_SECURITY_STATE,
  1006. .payload_out = &out,
  1007. .size_out = sizeof(out),
  1008. };
  1009. struct cxl_mbox_cmd mbox_cmd = { .opcode = cmd };
  1010. if (cmd != CXL_MBOX_OP_SANITIZE && cmd != CXL_MBOX_OP_SECURE_ERASE)
  1011. return -EINVAL;
  1012. rc = cxl_internal_send_cmd(cxl_mbox, &sec_cmd);
  1013. if (rc < 0) {
  1014. dev_err(cxl_mbox->host, "Failed to get security state : %d", rc);
  1015. return rc;
  1016. }
  1017. /*
  1018. * Prior to using these commands, any security applied to
  1019. * the user data areas of the device shall be DISABLED (or
  1020. * UNLOCKED for secure erase case).
  1021. */
  1022. sec_out = le32_to_cpu(out.flags);
  1023. if (sec_out & CXL_PMEM_SEC_STATE_USER_PASS_SET)
  1024. return -EINVAL;
  1025. if (cmd == CXL_MBOX_OP_SECURE_ERASE &&
  1026. sec_out & CXL_PMEM_SEC_STATE_LOCKED)
  1027. return -EINVAL;
  1028. rc = cxl_internal_send_cmd(cxl_mbox, &mbox_cmd);
  1029. if (rc < 0) {
  1030. dev_err(cxl_mbox->host, "Failed to sanitize device : %d", rc);
  1031. return rc;
  1032. }
  1033. return 0;
  1034. }
  1035. /**
  1036. * cxl_mem_sanitize() - Send a sanitization command to the device.
  1037. * @cxlmd: The device for the operation
  1038. * @cmd: The specific sanitization command opcode
  1039. *
  1040. * Return: 0 if the command was executed successfully, regardless of
  1041. * whether or not the actual security operation is done in the background,
  1042. * such as for the Sanitize case.
  1043. * Error return values can be the result of the mailbox command, -EINVAL
  1044. * when security requirements are not met or invalid contexts, or -EBUSY
  1045. * if the sanitize operation is already in flight.
  1046. *
  1047. * See CXL 3.0 @8.2.9.8.5.1 Sanitize and @8.2.9.8.5.2 Secure Erase.
  1048. */
  1049. int cxl_mem_sanitize(struct cxl_memdev *cxlmd, u16 cmd)
  1050. {
  1051. struct cxl_memdev_state *mds = to_cxl_memdev_state(cxlmd->cxlds);
  1052. struct cxl_port *endpoint;
  1053. int rc;
  1054. /* synchronize with cxl_mem_probe() and decoder write operations */
  1055. guard(device)(&cxlmd->dev);
  1056. endpoint = cxlmd->endpoint;
  1057. down_read(&cxl_region_rwsem);
  1058. /*
  1059. * Require an endpoint to be safe otherwise the driver can not
  1060. * be sure that the device is unmapped.
  1061. */
  1062. if (endpoint && cxl_num_decoders_committed(endpoint) == 0)
  1063. rc = __cxl_mem_sanitize(mds, cmd);
  1064. else
  1065. rc = -EBUSY;
  1066. up_read(&cxl_region_rwsem);
  1067. return rc;
  1068. }
  1069. static int add_dpa_res(struct device *dev, struct resource *parent,
  1070. struct resource *res, resource_size_t start,
  1071. resource_size_t size, const char *type)
  1072. {
  1073. int rc;
  1074. res->name = type;
  1075. res->start = start;
  1076. res->end = start + size - 1;
  1077. res->flags = IORESOURCE_MEM;
  1078. if (resource_size(res) == 0) {
  1079. dev_dbg(dev, "DPA(%s): no capacity\n", res->name);
  1080. return 0;
  1081. }
  1082. rc = request_resource(parent, res);
  1083. if (rc) {
  1084. dev_err(dev, "DPA(%s): failed to track %pr (%d)\n", res->name,
  1085. res, rc);
  1086. return rc;
  1087. }
  1088. dev_dbg(dev, "DPA(%s): %pr\n", res->name, res);
  1089. return 0;
  1090. }
  1091. int cxl_mem_create_range_info(struct cxl_memdev_state *mds)
  1092. {
  1093. struct cxl_dev_state *cxlds = &mds->cxlds;
  1094. struct device *dev = cxlds->dev;
  1095. int rc;
  1096. if (!cxlds->media_ready) {
  1097. cxlds->dpa_res = DEFINE_RES_MEM(0, 0);
  1098. cxlds->ram_res = DEFINE_RES_MEM(0, 0);
  1099. cxlds->pmem_res = DEFINE_RES_MEM(0, 0);
  1100. return 0;
  1101. }
  1102. cxlds->dpa_res = DEFINE_RES_MEM(0, mds->total_bytes);
  1103. if (mds->partition_align_bytes == 0) {
  1104. rc = add_dpa_res(dev, &cxlds->dpa_res, &cxlds->ram_res, 0,
  1105. mds->volatile_only_bytes, "ram");
  1106. if (rc)
  1107. return rc;
  1108. return add_dpa_res(dev, &cxlds->dpa_res, &cxlds->pmem_res,
  1109. mds->volatile_only_bytes,
  1110. mds->persistent_only_bytes, "pmem");
  1111. }
  1112. rc = cxl_mem_get_partition_info(mds);
  1113. if (rc) {
  1114. dev_err(dev, "Failed to query partition information\n");
  1115. return rc;
  1116. }
  1117. rc = add_dpa_res(dev, &cxlds->dpa_res, &cxlds->ram_res, 0,
  1118. mds->active_volatile_bytes, "ram");
  1119. if (rc)
  1120. return rc;
  1121. return add_dpa_res(dev, &cxlds->dpa_res, &cxlds->pmem_res,
  1122. mds->active_volatile_bytes,
  1123. mds->active_persistent_bytes, "pmem");
  1124. }
  1125. EXPORT_SYMBOL_NS_GPL(cxl_mem_create_range_info, CXL);
  1126. int cxl_set_timestamp(struct cxl_memdev_state *mds)
  1127. {
  1128. struct cxl_mailbox *cxl_mbox = &mds->cxlds.cxl_mbox;
  1129. struct cxl_mbox_cmd mbox_cmd;
  1130. struct cxl_mbox_set_timestamp_in pi;
  1131. int rc;
  1132. pi.timestamp = cpu_to_le64(ktime_get_real_ns());
  1133. mbox_cmd = (struct cxl_mbox_cmd) {
  1134. .opcode = CXL_MBOX_OP_SET_TIMESTAMP,
  1135. .size_in = sizeof(pi),
  1136. .payload_in = &pi,
  1137. };
  1138. rc = cxl_internal_send_cmd(cxl_mbox, &mbox_cmd);
  1139. /*
  1140. * Command is optional. Devices may have another way of providing
  1141. * a timestamp, or may return all 0s in timestamp fields.
  1142. * Don't report an error if this command isn't supported
  1143. */
  1144. if (rc && (mbox_cmd.return_code != CXL_MBOX_CMD_RC_UNSUPPORTED))
  1145. return rc;
  1146. return 0;
  1147. }
  1148. EXPORT_SYMBOL_NS_GPL(cxl_set_timestamp, CXL);
  1149. int cxl_mem_get_poison(struct cxl_memdev *cxlmd, u64 offset, u64 len,
  1150. struct cxl_region *cxlr)
  1151. {
  1152. struct cxl_memdev_state *mds = to_cxl_memdev_state(cxlmd->cxlds);
  1153. struct cxl_mailbox *cxl_mbox = &cxlmd->cxlds->cxl_mbox;
  1154. struct cxl_mbox_poison_out *po;
  1155. struct cxl_mbox_poison_in pi;
  1156. int nr_records = 0;
  1157. int rc;
  1158. rc = mutex_lock_interruptible(&mds->poison.lock);
  1159. if (rc)
  1160. return rc;
  1161. po = mds->poison.list_out;
  1162. pi.offset = cpu_to_le64(offset);
  1163. pi.length = cpu_to_le64(len / CXL_POISON_LEN_MULT);
  1164. do {
  1165. struct cxl_mbox_cmd mbox_cmd = (struct cxl_mbox_cmd){
  1166. .opcode = CXL_MBOX_OP_GET_POISON,
  1167. .size_in = sizeof(pi),
  1168. .payload_in = &pi,
  1169. .size_out = cxl_mbox->payload_size,
  1170. .payload_out = po,
  1171. .min_out = struct_size(po, record, 0),
  1172. };
  1173. rc = cxl_internal_send_cmd(cxl_mbox, &mbox_cmd);
  1174. if (rc)
  1175. break;
  1176. for (int i = 0; i < le16_to_cpu(po->count); i++)
  1177. trace_cxl_poison(cxlmd, cxlr, &po->record[i],
  1178. po->flags, po->overflow_ts,
  1179. CXL_POISON_TRACE_LIST);
  1180. /* Protect against an uncleared _FLAG_MORE */
  1181. nr_records = nr_records + le16_to_cpu(po->count);
  1182. if (nr_records >= mds->poison.max_errors) {
  1183. dev_dbg(&cxlmd->dev, "Max Error Records reached: %d\n",
  1184. nr_records);
  1185. break;
  1186. }
  1187. } while (po->flags & CXL_POISON_FLAG_MORE);
  1188. mutex_unlock(&mds->poison.lock);
  1189. return rc;
  1190. }
  1191. EXPORT_SYMBOL_NS_GPL(cxl_mem_get_poison, CXL);
  1192. static void free_poison_buf(void *buf)
  1193. {
  1194. kvfree(buf);
  1195. }
  1196. /* Get Poison List output buffer is protected by mds->poison.lock */
  1197. static int cxl_poison_alloc_buf(struct cxl_memdev_state *mds)
  1198. {
  1199. struct cxl_mailbox *cxl_mbox = &mds->cxlds.cxl_mbox;
  1200. mds->poison.list_out = kvmalloc(cxl_mbox->payload_size, GFP_KERNEL);
  1201. if (!mds->poison.list_out)
  1202. return -ENOMEM;
  1203. return devm_add_action_or_reset(mds->cxlds.dev, free_poison_buf,
  1204. mds->poison.list_out);
  1205. }
  1206. int cxl_poison_state_init(struct cxl_memdev_state *mds)
  1207. {
  1208. int rc;
  1209. if (!test_bit(CXL_POISON_ENABLED_LIST, mds->poison.enabled_cmds))
  1210. return 0;
  1211. rc = cxl_poison_alloc_buf(mds);
  1212. if (rc) {
  1213. clear_bit(CXL_POISON_ENABLED_LIST, mds->poison.enabled_cmds);
  1214. return rc;
  1215. }
  1216. mutex_init(&mds->poison.lock);
  1217. return 0;
  1218. }
  1219. EXPORT_SYMBOL_NS_GPL(cxl_poison_state_init, CXL);
  1220. int cxl_mailbox_init(struct cxl_mailbox *cxl_mbox, struct device *host)
  1221. {
  1222. if (!cxl_mbox || !host)
  1223. return -EINVAL;
  1224. cxl_mbox->host = host;
  1225. mutex_init(&cxl_mbox->mbox_mutex);
  1226. rcuwait_init(&cxl_mbox->mbox_wait);
  1227. return 0;
  1228. }
  1229. EXPORT_SYMBOL_NS_GPL(cxl_mailbox_init, CXL);
  1230. struct cxl_memdev_state *cxl_memdev_state_create(struct device *dev)
  1231. {
  1232. struct cxl_memdev_state *mds;
  1233. mds = devm_kzalloc(dev, sizeof(*mds), GFP_KERNEL);
  1234. if (!mds) {
  1235. dev_err(dev, "No memory available\n");
  1236. return ERR_PTR(-ENOMEM);
  1237. }
  1238. mutex_init(&mds->event.log_lock);
  1239. mds->cxlds.dev = dev;
  1240. mds->cxlds.reg_map.host = dev;
  1241. mds->cxlds.reg_map.resource = CXL_RESOURCE_NONE;
  1242. mds->cxlds.type = CXL_DEVTYPE_CLASSMEM;
  1243. mds->ram_perf.qos_class = CXL_QOS_CLASS_INVALID;
  1244. mds->pmem_perf.qos_class = CXL_QOS_CLASS_INVALID;
  1245. return mds;
  1246. }
  1247. EXPORT_SYMBOL_NS_GPL(cxl_memdev_state_create, CXL);
  1248. void __init cxl_mbox_init(void)
  1249. {
  1250. struct dentry *mbox_debugfs;
  1251. mbox_debugfs = cxl_debugfs_create_dir("mbox");
  1252. debugfs_create_bool("raw_allow_all", 0600, mbox_debugfs,
  1253. &cxl_raw_allow_all);
  1254. }