1 // SPDX-License-Identifier: GPL-2.0-only
2 /* Copyright(c) 2022 Intel Corporation. */
3
4 #include <linux/bitfield.h>
5 #include <linux/module.h>
6 #include <linux/kdev_t.h>
7 #include <linux/semaphore.h>
8 #include <linux/slab.h>
9
10 #include <asm/cpu_device_id.h>
11
12 #include "ifs.h"
13
14 #define X86_MATCH(vfm, array_gen) \
15 X86_MATCH_VFM_FEATURE(vfm, X86_FEATURE_CORE_CAPABILITIES, array_gen)
16
17 static const struct x86_cpu_id ifs_cpu_ids[] __initconst = {
18 X86_MATCH(INTEL_SAPPHIRERAPIDS_X, ARRAY_GEN0),
19 X86_MATCH(INTEL_EMERALDRAPIDS_X, ARRAY_GEN0),
20 X86_MATCH(INTEL_GRANITERAPIDS_X, ARRAY_GEN0),
21 X86_MATCH(INTEL_GRANITERAPIDS_D, ARRAY_GEN0),
22 X86_MATCH(INTEL_ATOM_CRESTMONT_X, ARRAY_GEN1),
23 {}
24 };
25 MODULE_DEVICE_TABLE(x86cpu, ifs_cpu_ids);
26
27 ATTRIBUTE_GROUPS(plat_ifs);
28 ATTRIBUTE_GROUPS(plat_ifs_array);
29
30 bool *ifs_pkg_auth;
31
32 static const struct ifs_test_caps scan_test = {
33 .integrity_cap_bit = MSR_INTEGRITY_CAPS_PERIODIC_BIST_BIT,
34 .test_num = IFS_TYPE_SAF,
35 .image_suffix = "scan",
36 };
37
38 static const struct ifs_test_caps array_test = {
39 .integrity_cap_bit = MSR_INTEGRITY_CAPS_ARRAY_BIST_BIT,
40 .test_num = IFS_TYPE_ARRAY_BIST,
41 };
42
43 static const struct ifs_test_msrs scan_msrs = {
44 .copy_hashes = MSR_COPY_SCAN_HASHES,
45 .copy_hashes_status = MSR_SCAN_HASHES_STATUS,
46 .copy_chunks = MSR_AUTHENTICATE_AND_COPY_CHUNK,
47 .copy_chunks_status = MSR_CHUNKS_AUTHENTICATION_STATUS,
48 .test_ctrl = MSR_SAF_CTRL,
49 };
50
51 static const struct ifs_test_msrs sbaf_msrs = {
52 .copy_hashes = MSR_COPY_SBAF_HASHES,
53 .copy_hashes_status = MSR_SBAF_HASHES_STATUS,
54 .copy_chunks = MSR_AUTHENTICATE_AND_COPY_SBAF_CHUNK,
55 .copy_chunks_status = MSR_SBAF_CHUNKS_AUTHENTICATION_STATUS,
56 .test_ctrl = MSR_SBAF_CTRL,
57 };
58
59 static const struct ifs_test_caps sbaf_test = {
60 .integrity_cap_bit = MSR_INTEGRITY_CAPS_SBAF_BIT,
61 .test_num = IFS_TYPE_SBAF,
62 .image_suffix = "sbft",
63 };
64
65 static struct ifs_device ifs_devices[] = {
66 [IFS_TYPE_SAF] = {
67 .test_caps = &scan_test,
68 .test_msrs = &scan_msrs,
69 .misc = {
70 .name = "intel_ifs_0",
71 .minor = MISC_DYNAMIC_MINOR,
72 .groups = plat_ifs_groups,
73 },
74 },
75 [IFS_TYPE_ARRAY_BIST] = {
76 .test_caps = &array_test,
77 .misc = {
78 .name = "intel_ifs_1",
79 .minor = MISC_DYNAMIC_MINOR,
80 .groups = plat_ifs_array_groups,
81 },
82 },
83 [IFS_TYPE_SBAF] = {
84 .test_caps = &sbaf_test,
85 .test_msrs = &sbaf_msrs,
86 .misc = {
87 .name = "intel_ifs_2",
88 .minor = MISC_DYNAMIC_MINOR,
89 .groups = plat_ifs_groups,
90 },
91 },
92 };
93
94 #define IFS_NUMTESTS ARRAY_SIZE(ifs_devices)
95
ifs_cleanup(void)96 static void ifs_cleanup(void)
97 {
98 int i;
99
100 for (i = 0; i < IFS_NUMTESTS; i++) {
101 if (ifs_devices[i].misc.this_device)
102 misc_deregister(&ifs_devices[i].misc);
103 }
104 kfree(ifs_pkg_auth);
105 }
106
ifs_init(void)107 static int __init ifs_init(void)
108 {
109 const struct x86_cpu_id *m;
110 u64 msrval;
111 int i, ret;
112
113 m = x86_match_cpu(ifs_cpu_ids);
114 if (!m)
115 return -ENODEV;
116
117 if (rdmsrl_safe(MSR_IA32_CORE_CAPS, &msrval))
118 return -ENODEV;
119
120 if (!(msrval & MSR_IA32_CORE_CAPS_INTEGRITY_CAPS))
121 return -ENODEV;
122
123 if (rdmsrl_safe(MSR_INTEGRITY_CAPS, &msrval))
124 return -ENODEV;
125
126 ifs_pkg_auth = kmalloc_array(topology_max_packages(), sizeof(bool), GFP_KERNEL);
127 if (!ifs_pkg_auth)
128 return -ENOMEM;
129
130 for (i = 0; i < IFS_NUMTESTS; i++) {
131 if (!(msrval & BIT(ifs_devices[i].test_caps->integrity_cap_bit)))
132 continue;
133 ifs_devices[i].rw_data.generation = FIELD_GET(MSR_INTEGRITY_CAPS_SAF_GEN_MASK,
134 msrval);
135 ifs_devices[i].rw_data.array_gen = (u32)m->driver_data;
136 ret = misc_register(&ifs_devices[i].misc);
137 if (ret)
138 goto err_exit;
139 }
140 return 0;
141
142 err_exit:
143 ifs_cleanup();
144 return ret;
145 }
146
ifs_exit(void)147 static void __exit ifs_exit(void)
148 {
149 ifs_cleanup();
150 }
151
152 module_init(ifs_init);
153 module_exit(ifs_exit);
154
155 MODULE_LICENSE("GPL");
156 MODULE_DESCRIPTION("Intel In Field Scan (IFS) device");
157