1 // SPDX-License-Identifier: GPL-2.0-only 2 /* Copyright(c) 2022 Intel Corporation. */ 3 4 #include <linux/bitfield.h> 5 #include <linux/module.h> 6 #include <linux/kdev_t.h> 7 #include <linux/semaphore.h> 8 #include <linux/slab.h> 9 10 #include <asm/cpu_device_id.h> 11 12 #include "ifs.h" 13 14 #define X86_MATCH(vfm, array_gen) \ 15 X86_MATCH_VFM_FEATURE(vfm, X86_FEATURE_CORE_CAPABILITIES, array_gen) 16 17 static const struct x86_cpu_id ifs_cpu_ids[] __initconst = { 18 X86_MATCH(INTEL_SAPPHIRERAPIDS_X, ARRAY_GEN0), 19 X86_MATCH(INTEL_EMERALDRAPIDS_X, ARRAY_GEN0), 20 X86_MATCH(INTEL_GRANITERAPIDS_X, ARRAY_GEN0), 21 X86_MATCH(INTEL_GRANITERAPIDS_D, ARRAY_GEN0), 22 X86_MATCH(INTEL_ATOM_CRESTMONT_X, ARRAY_GEN1), 23 {} 24 }; 25 MODULE_DEVICE_TABLE(x86cpu, ifs_cpu_ids); 26 27 ATTRIBUTE_GROUPS(plat_ifs); 28 ATTRIBUTE_GROUPS(plat_ifs_array); 29 30 bool *ifs_pkg_auth; 31 32 static const struct ifs_test_caps scan_test = { 33 .integrity_cap_bit = MSR_INTEGRITY_CAPS_PERIODIC_BIST_BIT, 34 .test_num = IFS_TYPE_SAF, 35 .image_suffix = "scan", 36 }; 37 38 static const struct ifs_test_caps array_test = { 39 .integrity_cap_bit = MSR_INTEGRITY_CAPS_ARRAY_BIST_BIT, 40 .test_num = IFS_TYPE_ARRAY_BIST, 41 }; 42 43 static const struct ifs_test_msrs scan_msrs = { 44 .copy_hashes = MSR_COPY_SCAN_HASHES, 45 .copy_hashes_status = MSR_SCAN_HASHES_STATUS, 46 .copy_chunks = MSR_AUTHENTICATE_AND_COPY_CHUNK, 47 .copy_chunks_status = MSR_CHUNKS_AUTHENTICATION_STATUS, 48 .test_ctrl = MSR_SAF_CTRL, 49 }; 50 51 static const struct ifs_test_msrs sbaf_msrs = { 52 .copy_hashes = MSR_COPY_SBAF_HASHES, 53 .copy_hashes_status = MSR_SBAF_HASHES_STATUS, 54 .copy_chunks = MSR_AUTHENTICATE_AND_COPY_SBAF_CHUNK, 55 .copy_chunks_status = MSR_SBAF_CHUNKS_AUTHENTICATION_STATUS, 56 .test_ctrl = MSR_SBAF_CTRL, 57 }; 58 59 static const struct ifs_test_caps sbaf_test = { 60 .integrity_cap_bit = MSR_INTEGRITY_CAPS_SBAF_BIT, 61 .test_num = IFS_TYPE_SBAF, 62 .image_suffix = "sbft", 63 }; 64 65 static struct ifs_device ifs_devices[] = { 66 [IFS_TYPE_SAF] = { 67 .test_caps = &scan_test, 68 .test_msrs = &scan_msrs, 69 .misc = { 70 .name = "intel_ifs_0", 71 .minor = MISC_DYNAMIC_MINOR, 72 .groups = plat_ifs_groups, 73 }, 74 }, 75 [IFS_TYPE_ARRAY_BIST] = { 76 .test_caps = &array_test, 77 .misc = { 78 .name = "intel_ifs_1", 79 .minor = MISC_DYNAMIC_MINOR, 80 .groups = plat_ifs_array_groups, 81 }, 82 }, 83 [IFS_TYPE_SBAF] = { 84 .test_caps = &sbaf_test, 85 .test_msrs = &sbaf_msrs, 86 .misc = { 87 .name = "intel_ifs_2", 88 .minor = MISC_DYNAMIC_MINOR, 89 .groups = plat_ifs_groups, 90 }, 91 }, 92 }; 93 94 #define IFS_NUMTESTS ARRAY_SIZE(ifs_devices) 95 ifs_cleanup(void)96 static void ifs_cleanup(void) 97 { 98 int i; 99 100 for (i = 0; i < IFS_NUMTESTS; i++) { 101 if (ifs_devices[i].misc.this_device) 102 misc_deregister(&ifs_devices[i].misc); 103 } 104 kfree(ifs_pkg_auth); 105 } 106 ifs_init(void)107 static int __init ifs_init(void) 108 { 109 const struct x86_cpu_id *m; 110 u64 msrval; 111 int i, ret; 112 113 m = x86_match_cpu(ifs_cpu_ids); 114 if (!m) 115 return -ENODEV; 116 117 if (rdmsrl_safe(MSR_IA32_CORE_CAPS, &msrval)) 118 return -ENODEV; 119 120 if (!(msrval & MSR_IA32_CORE_CAPS_INTEGRITY_CAPS)) 121 return -ENODEV; 122 123 if (rdmsrl_safe(MSR_INTEGRITY_CAPS, &msrval)) 124 return -ENODEV; 125 126 ifs_pkg_auth = kmalloc_array(topology_max_packages(), sizeof(bool), GFP_KERNEL); 127 if (!ifs_pkg_auth) 128 return -ENOMEM; 129 130 for (i = 0; i < IFS_NUMTESTS; i++) { 131 if (!(msrval & BIT(ifs_devices[i].test_caps->integrity_cap_bit))) 132 continue; 133 ifs_devices[i].rw_data.generation = FIELD_GET(MSR_INTEGRITY_CAPS_SAF_GEN_MASK, 134 msrval); 135 ifs_devices[i].rw_data.array_gen = (u32)m->driver_data; 136 ret = misc_register(&ifs_devices[i].misc); 137 if (ret) 138 goto err_exit; 139 } 140 return 0; 141 142 err_exit: 143 ifs_cleanup(); 144 return ret; 145 } 146 ifs_exit(void)147 static void __exit ifs_exit(void) 148 { 149 ifs_cleanup(); 150 } 151 152 module_init(ifs_init); 153 module_exit(ifs_exit); 154 155 MODULE_LICENSE("GPL"); 156 MODULE_DESCRIPTION("Intel In Field Scan (IFS) device"); 157