1 // SPDX-License-Identifier: GPL-2.0-only 2 /* Copyright(c) 2020 Intel Corporation. All rights reserved. */ 3 #include <linux/security.h> 4 #include <linux/debugfs.h> 5 #include <linux/ktime.h> 6 #include <linux/mutex.h> 7 #include <asm/unaligned.h> 8 #include <cxlpci.h> 9 #include <cxlmem.h> 10 #include <cxl.h> 11 12 #include "core.h" 13 #include "trace.h" 14 15 static bool cxl_raw_allow_all; 16 17 /** 18 * DOC: cxl mbox 19 * 20 * Core implementation of the CXL 2.0 Type-3 Memory Device Mailbox. The 21 * implementation is used by the cxl_pci driver to initialize the device 22 * and implement the cxl_mem.h IOCTL UAPI. It also implements the 23 * backend of the cxl_pmem_ctl() transport for LIBNVDIMM. 24 */ 25 26 #define cxl_for_each_cmd(cmd) \ 27 for ((cmd) = &cxl_mem_commands[0]; \ 28 ((cmd) - cxl_mem_commands) < ARRAY_SIZE(cxl_mem_commands); (cmd)++) 29 30 #define CXL_CMD(_id, sin, sout, _flags) \ 31 [CXL_MEM_COMMAND_ID_##_id] = { \ 32 .info = { \ 33 .id = CXL_MEM_COMMAND_ID_##_id, \ 34 .size_in = sin, \ 35 .size_out = sout, \ 36 }, \ 37 .opcode = CXL_MBOX_OP_##_id, \ 38 .flags = _flags, \ 39 } 40 41 #define CXL_VARIABLE_PAYLOAD ~0U 42 /* 43 * This table defines the supported mailbox commands for the driver. This table 44 * is made up of a UAPI structure. Non-negative values as parameters in the 45 * table will be validated against the user's input. For example, if size_in is 46 * 0, and the user passed in 1, it is an error. 47 */ 48 static struct cxl_mem_command cxl_mem_commands[CXL_MEM_COMMAND_ID_MAX] = { 49 CXL_CMD(IDENTIFY, 0, 0x43, CXL_CMD_FLAG_FORCE_ENABLE), 50 #ifdef CONFIG_CXL_MEM_RAW_COMMANDS 51 CXL_CMD(RAW, CXL_VARIABLE_PAYLOAD, CXL_VARIABLE_PAYLOAD, 0), 52 #endif 53 CXL_CMD(GET_SUPPORTED_LOGS, 0, CXL_VARIABLE_PAYLOAD, CXL_CMD_FLAG_FORCE_ENABLE), 54 CXL_CMD(GET_FW_INFO, 0, 0x50, 0), 55 CXL_CMD(GET_PARTITION_INFO, 0, 0x20, 0), 56 CXL_CMD(GET_LSA, 0x8, CXL_VARIABLE_PAYLOAD, 0), 57 CXL_CMD(GET_HEALTH_INFO, 0, 0x12, 0), 58 CXL_CMD(GET_LOG, 0x18, CXL_VARIABLE_PAYLOAD, CXL_CMD_FLAG_FORCE_ENABLE), 59 CXL_CMD(SET_PARTITION_INFO, 0x0a, 0, 0), 60 CXL_CMD(SET_LSA, CXL_VARIABLE_PAYLOAD, 0, 0), 61 CXL_CMD(GET_ALERT_CONFIG, 0, 0x10, 0), 62 CXL_CMD(SET_ALERT_CONFIG, 0xc, 0, 0), 63 CXL_CMD(GET_SHUTDOWN_STATE, 0, 0x1, 0), 64 CXL_CMD(SET_SHUTDOWN_STATE, 0x1, 0, 0), 65 CXL_CMD(GET_SCAN_MEDIA_CAPS, 0x10, 0x4, 0), 66 }; 67 68 /* 69 * Commands that RAW doesn't permit. The rationale for each: 70 * 71 * CXL_MBOX_OP_ACTIVATE_FW: Firmware activation requires adjustment / 72 * coordination of transaction timeout values at the root bridge level. 73 * 74 * CXL_MBOX_OP_SET_PARTITION_INFO: The device memory map may change live 75 * and needs to be coordinated with HDM updates. 76 * 77 * CXL_MBOX_OP_SET_LSA: The label storage area may be cached by the 78 * driver and any writes from userspace invalidates those contents. 79 * 80 * CXL_MBOX_OP_SET_SHUTDOWN_STATE: Set shutdown state assumes no writes 81 * to the device after it is marked clean, userspace can not make that 82 * assertion. 83 * 84 * CXL_MBOX_OP_[GET_]SCAN_MEDIA: The kernel provides a native error list that 85 * is kept up to date with patrol notifications and error management. 86 * 87 * CXL_MBOX_OP_[GET_,INJECT_,CLEAR_]POISON: These commands require kernel 88 * driver orchestration for safety. 89 */ 90 static u16 cxl_disabled_raw_commands[] = { 91 CXL_MBOX_OP_ACTIVATE_FW, 92 CXL_MBOX_OP_SET_PARTITION_INFO, 93 CXL_MBOX_OP_SET_LSA, 94 CXL_MBOX_OP_SET_SHUTDOWN_STATE, 95 CXL_MBOX_OP_SCAN_MEDIA, 96 CXL_MBOX_OP_GET_SCAN_MEDIA, 97 CXL_MBOX_OP_GET_POISON, 98 CXL_MBOX_OP_INJECT_POISON, 99 CXL_MBOX_OP_CLEAR_POISON, 100 }; 101 102 /* 103 * Command sets that RAW doesn't permit. All opcodes in this set are 104 * disabled because they pass plain text security payloads over the 105 * user/kernel boundary. This functionality is intended to be wrapped 106 * behind the keys ABI which allows for encrypted payloads in the UAPI 107 */ 108 static u8 security_command_sets[] = { 109 0x44, /* Sanitize */ 110 0x45, /* Persistent Memory Data-at-rest Security */ 111 0x46, /* Security Passthrough */ 112 }; 113 114 static bool cxl_is_security_command(u16 opcode) 115 { 116 int i; 117 118 for (i = 0; i < ARRAY_SIZE(security_command_sets); i++) 119 if (security_command_sets[i] == (opcode >> 8)) 120 return true; 121 return false; 122 } 123 124 static bool cxl_is_poison_command(u16 opcode) 125 { 126 #define CXL_MBOX_OP_POISON_CMDS 0x43 127 128 if ((opcode >> 8) == CXL_MBOX_OP_POISON_CMDS) 129 return true; 130 131 return false; 132 } 133 134 static void cxl_set_poison_cmd_enabled(struct cxl_poison_state *poison, 135 u16 opcode) 136 { 137 switch (opcode) { 138 case CXL_MBOX_OP_GET_POISON: 139 set_bit(CXL_POISON_ENABLED_LIST, poison->enabled_cmds); 140 break; 141 case CXL_MBOX_OP_INJECT_POISON: 142 set_bit(CXL_POISON_ENABLED_INJECT, poison->enabled_cmds); 143 break; 144 case CXL_MBOX_OP_CLEAR_POISON: 145 set_bit(CXL_POISON_ENABLED_CLEAR, poison->enabled_cmds); 146 break; 147 case CXL_MBOX_OP_GET_SCAN_MEDIA_CAPS: 148 set_bit(CXL_POISON_ENABLED_SCAN_CAPS, poison->enabled_cmds); 149 break; 150 case CXL_MBOX_OP_SCAN_MEDIA: 151 set_bit(CXL_POISON_ENABLED_SCAN_MEDIA, poison->enabled_cmds); 152 break; 153 case CXL_MBOX_OP_GET_SCAN_MEDIA: 154 set_bit(CXL_POISON_ENABLED_SCAN_RESULTS, poison->enabled_cmds); 155 break; 156 default: 157 break; 158 } 159 } 160 161 static struct cxl_mem_command *cxl_mem_find_command(u16 opcode) 162 { 163 struct cxl_mem_command *c; 164 165 cxl_for_each_cmd(c) 166 if (c->opcode == opcode) 167 return c; 168 169 return NULL; 170 } 171 172 static const char *cxl_mem_opcode_to_name(u16 opcode) 173 { 174 struct cxl_mem_command *c; 175 176 c = cxl_mem_find_command(opcode); 177 if (!c) 178 return NULL; 179 180 return cxl_command_names[c->info.id].name; 181 } 182 183 /** 184 * cxl_internal_send_cmd() - Kernel internal interface to send a mailbox command 185 * @cxlds: The device data for the operation 186 * @mbox_cmd: initialized command to execute 187 * 188 * Context: Any context. 189 * Return: 190 * * %>=0 - Number of bytes returned in @out. 191 * * %-E2BIG - Payload is too large for hardware. 192 * * %-EBUSY - Couldn't acquire exclusive mailbox access. 193 * * %-EFAULT - Hardware error occurred. 194 * * %-ENXIO - Command completed, but device reported an error. 195 * * %-EIO - Unexpected output size. 196 * 197 * Mailbox commands may execute successfully yet the device itself reported an 198 * error. While this distinction can be useful for commands from userspace, the 199 * kernel will only be able to use results when both are successful. 200 */ 201 int cxl_internal_send_cmd(struct cxl_dev_state *cxlds, 202 struct cxl_mbox_cmd *mbox_cmd) 203 { 204 size_t out_size, min_out; 205 int rc; 206 207 if (mbox_cmd->size_in > cxlds->payload_size || 208 mbox_cmd->size_out > cxlds->payload_size) 209 return -E2BIG; 210 211 out_size = mbox_cmd->size_out; 212 min_out = mbox_cmd->min_out; 213 rc = cxlds->mbox_send(cxlds, mbox_cmd); 214 /* 215 * EIO is reserved for a payload size mismatch and mbox_send() 216 * may not return this error. 217 */ 218 if (WARN_ONCE(rc == -EIO, "Bad return code: -EIO")) 219 return -ENXIO; 220 if (rc) 221 return rc; 222 223 if (mbox_cmd->return_code != CXL_MBOX_CMD_RC_SUCCESS) 224 return cxl_mbox_cmd_rc2errno(mbox_cmd); 225 226 if (!out_size) 227 return 0; 228 229 /* 230 * Variable sized output needs to at least satisfy the caller's 231 * minimum if not the fully requested size. 232 */ 233 if (min_out == 0) 234 min_out = out_size; 235 236 if (mbox_cmd->size_out < min_out) 237 return -EIO; 238 return 0; 239 } 240 EXPORT_SYMBOL_NS_GPL(cxl_internal_send_cmd, CXL); 241 242 static bool cxl_mem_raw_command_allowed(u16 opcode) 243 { 244 int i; 245 246 if (!IS_ENABLED(CONFIG_CXL_MEM_RAW_COMMANDS)) 247 return false; 248 249 if (security_locked_down(LOCKDOWN_PCI_ACCESS)) 250 return false; 251 252 if (cxl_raw_allow_all) 253 return true; 254 255 if (cxl_is_security_command(opcode)) 256 return false; 257 258 for (i = 0; i < ARRAY_SIZE(cxl_disabled_raw_commands); i++) 259 if (cxl_disabled_raw_commands[i] == opcode) 260 return false; 261 262 return true; 263 } 264 265 /** 266 * cxl_payload_from_user_allowed() - Check contents of in_payload. 267 * @opcode: The mailbox command opcode. 268 * @payload_in: Pointer to the input payload passed in from user space. 269 * 270 * Return: 271 * * true - payload_in passes check for @opcode. 272 * * false - payload_in contains invalid or unsupported values. 273 * 274 * The driver may inspect payload contents before sending a mailbox 275 * command from user space to the device. The intent is to reject 276 * commands with input payloads that are known to be unsafe. This 277 * check is not intended to replace the users careful selection of 278 * mailbox command parameters and makes no guarantee that the user 279 * command will succeed, nor that it is appropriate. 280 * 281 * The specific checks are determined by the opcode. 282 */ 283 static bool cxl_payload_from_user_allowed(u16 opcode, void *payload_in) 284 { 285 switch (opcode) { 286 case CXL_MBOX_OP_SET_PARTITION_INFO: { 287 struct cxl_mbox_set_partition_info *pi = payload_in; 288 289 if (pi->flags & CXL_SET_PARTITION_IMMEDIATE_FLAG) 290 return false; 291 break; 292 } 293 default: 294 break; 295 } 296 return true; 297 } 298 299 static int cxl_mbox_cmd_ctor(struct cxl_mbox_cmd *mbox, 300 struct cxl_dev_state *cxlds, u16 opcode, 301 size_t in_size, size_t out_size, u64 in_payload) 302 { 303 *mbox = (struct cxl_mbox_cmd) { 304 .opcode = opcode, 305 .size_in = in_size, 306 }; 307 308 if (in_size) { 309 mbox->payload_in = vmemdup_user(u64_to_user_ptr(in_payload), 310 in_size); 311 if (IS_ERR(mbox->payload_in)) 312 return PTR_ERR(mbox->payload_in); 313 314 if (!cxl_payload_from_user_allowed(opcode, mbox->payload_in)) { 315 dev_dbg(cxlds->dev, "%s: input payload not allowed\n", 316 cxl_mem_opcode_to_name(opcode)); 317 kvfree(mbox->payload_in); 318 return -EBUSY; 319 } 320 } 321 322 /* Prepare to handle a full payload for variable sized output */ 323 if (out_size == CXL_VARIABLE_PAYLOAD) 324 mbox->size_out = cxlds->payload_size; 325 else 326 mbox->size_out = out_size; 327 328 if (mbox->size_out) { 329 mbox->payload_out = kvzalloc(mbox->size_out, GFP_KERNEL); 330 if (!mbox->payload_out) { 331 kvfree(mbox->payload_in); 332 return -ENOMEM; 333 } 334 } 335 return 0; 336 } 337 338 static void cxl_mbox_cmd_dtor(struct cxl_mbox_cmd *mbox) 339 { 340 kvfree(mbox->payload_in); 341 kvfree(mbox->payload_out); 342 } 343 344 static int cxl_to_mem_cmd_raw(struct cxl_mem_command *mem_cmd, 345 const struct cxl_send_command *send_cmd, 346 struct cxl_dev_state *cxlds) 347 { 348 if (send_cmd->raw.rsvd) 349 return -EINVAL; 350 351 /* 352 * Unlike supported commands, the output size of RAW commands 353 * gets passed along without further checking, so it must be 354 * validated here. 355 */ 356 if (send_cmd->out.size > cxlds->payload_size) 357 return -EINVAL; 358 359 if (!cxl_mem_raw_command_allowed(send_cmd->raw.opcode)) 360 return -EPERM; 361 362 dev_WARN_ONCE(cxlds->dev, true, "raw command path used\n"); 363 364 *mem_cmd = (struct cxl_mem_command) { 365 .info = { 366 .id = CXL_MEM_COMMAND_ID_RAW, 367 .size_in = send_cmd->in.size, 368 .size_out = send_cmd->out.size, 369 }, 370 .opcode = send_cmd->raw.opcode 371 }; 372 373 return 0; 374 } 375 376 static int cxl_to_mem_cmd(struct cxl_mem_command *mem_cmd, 377 const struct cxl_send_command *send_cmd, 378 struct cxl_dev_state *cxlds) 379 { 380 struct cxl_mem_command *c = &cxl_mem_commands[send_cmd->id]; 381 const struct cxl_command_info *info = &c->info; 382 383 if (send_cmd->flags & ~CXL_MEM_COMMAND_FLAG_MASK) 384 return -EINVAL; 385 386 if (send_cmd->rsvd) 387 return -EINVAL; 388 389 if (send_cmd->in.rsvd || send_cmd->out.rsvd) 390 return -EINVAL; 391 392 /* Check that the command is enabled for hardware */ 393 if (!test_bit(info->id, cxlds->enabled_cmds)) 394 return -ENOTTY; 395 396 /* Check that the command is not claimed for exclusive kernel use */ 397 if (test_bit(info->id, cxlds->exclusive_cmds)) 398 return -EBUSY; 399 400 /* Check the input buffer is the expected size */ 401 if ((info->size_in != CXL_VARIABLE_PAYLOAD) && 402 (info->size_in != send_cmd->in.size)) 403 return -ENOMEM; 404 405 /* Check the output buffer is at least large enough */ 406 if ((info->size_out != CXL_VARIABLE_PAYLOAD) && 407 (send_cmd->out.size < info->size_out)) 408 return -ENOMEM; 409 410 *mem_cmd = (struct cxl_mem_command) { 411 .info = { 412 .id = info->id, 413 .flags = info->flags, 414 .size_in = send_cmd->in.size, 415 .size_out = send_cmd->out.size, 416 }, 417 .opcode = c->opcode 418 }; 419 420 return 0; 421 } 422 423 /** 424 * cxl_validate_cmd_from_user() - Check fields for CXL_MEM_SEND_COMMAND. 425 * @mbox_cmd: Sanitized and populated &struct cxl_mbox_cmd. 426 * @cxlds: The device data for the operation 427 * @send_cmd: &struct cxl_send_command copied in from userspace. 428 * 429 * Return: 430 * * %0 - @out_cmd is ready to send. 431 * * %-ENOTTY - Invalid command specified. 432 * * %-EINVAL - Reserved fields or invalid values were used. 433 * * %-ENOMEM - Input or output buffer wasn't sized properly. 434 * * %-EPERM - Attempted to use a protected command. 435 * * %-EBUSY - Kernel has claimed exclusive access to this opcode 436 * 437 * The result of this command is a fully validated command in @mbox_cmd that is 438 * safe to send to the hardware. 439 */ 440 static int cxl_validate_cmd_from_user(struct cxl_mbox_cmd *mbox_cmd, 441 struct cxl_dev_state *cxlds, 442 const struct cxl_send_command *send_cmd) 443 { 444 struct cxl_mem_command mem_cmd; 445 int rc; 446 447 if (send_cmd->id == 0 || send_cmd->id >= CXL_MEM_COMMAND_ID_MAX) 448 return -ENOTTY; 449 450 /* 451 * The user can never specify an input payload larger than what hardware 452 * supports, but output can be arbitrarily large (simply write out as 453 * much data as the hardware provides). 454 */ 455 if (send_cmd->in.size > cxlds->payload_size) 456 return -EINVAL; 457 458 /* Sanitize and construct a cxl_mem_command */ 459 if (send_cmd->id == CXL_MEM_COMMAND_ID_RAW) 460 rc = cxl_to_mem_cmd_raw(&mem_cmd, send_cmd, cxlds); 461 else 462 rc = cxl_to_mem_cmd(&mem_cmd, send_cmd, cxlds); 463 464 if (rc) 465 return rc; 466 467 /* Sanitize and construct a cxl_mbox_cmd */ 468 return cxl_mbox_cmd_ctor(mbox_cmd, cxlds, mem_cmd.opcode, 469 mem_cmd.info.size_in, mem_cmd.info.size_out, 470 send_cmd->in.payload); 471 } 472 473 int cxl_query_cmd(struct cxl_memdev *cxlmd, 474 struct cxl_mem_query_commands __user *q) 475 { 476 struct device *dev = &cxlmd->dev; 477 struct cxl_mem_command *cmd; 478 u32 n_commands; 479 int j = 0; 480 481 dev_dbg(dev, "Query IOCTL\n"); 482 483 if (get_user(n_commands, &q->n_commands)) 484 return -EFAULT; 485 486 /* returns the total number if 0 elements are requested. */ 487 if (n_commands == 0) 488 return put_user(ARRAY_SIZE(cxl_mem_commands), &q->n_commands); 489 490 /* 491 * otherwise, return max(n_commands, total commands) cxl_command_info 492 * structures. 493 */ 494 cxl_for_each_cmd(cmd) { 495 struct cxl_command_info info = cmd->info; 496 497 if (test_bit(info.id, cxlmd->cxlds->enabled_cmds)) 498 info.flags |= CXL_MEM_COMMAND_FLAG_ENABLED; 499 if (test_bit(info.id, cxlmd->cxlds->exclusive_cmds)) 500 info.flags |= CXL_MEM_COMMAND_FLAG_EXCLUSIVE; 501 502 if (copy_to_user(&q->commands[j++], &info, sizeof(info))) 503 return -EFAULT; 504 505 if (j == n_commands) 506 break; 507 } 508 509 return 0; 510 } 511 512 /** 513 * handle_mailbox_cmd_from_user() - Dispatch a mailbox command for userspace. 514 * @cxlds: The device data for the operation 515 * @mbox_cmd: The validated mailbox command. 516 * @out_payload: Pointer to userspace's output payload. 517 * @size_out: (Input) Max payload size to copy out. 518 * (Output) Payload size hardware generated. 519 * @retval: Hardware generated return code from the operation. 520 * 521 * Return: 522 * * %0 - Mailbox transaction succeeded. This implies the mailbox 523 * protocol completed successfully not that the operation itself 524 * was successful. 525 * * %-ENOMEM - Couldn't allocate a bounce buffer. 526 * * %-EFAULT - Something happened with copy_to/from_user. 527 * * %-EINTR - Mailbox acquisition interrupted. 528 * * %-EXXX - Transaction level failures. 529 * 530 * Dispatches a mailbox command on behalf of a userspace request. 531 * The output payload is copied to userspace. 532 * 533 * See cxl_send_cmd(). 534 */ 535 static int handle_mailbox_cmd_from_user(struct cxl_dev_state *cxlds, 536 struct cxl_mbox_cmd *mbox_cmd, 537 u64 out_payload, s32 *size_out, 538 u32 *retval) 539 { 540 struct device *dev = cxlds->dev; 541 int rc; 542 543 dev_dbg(dev, 544 "Submitting %s command for user\n" 545 "\topcode: %x\n" 546 "\tsize: %zx\n", 547 cxl_mem_opcode_to_name(mbox_cmd->opcode), 548 mbox_cmd->opcode, mbox_cmd->size_in); 549 550 rc = cxlds->mbox_send(cxlds, mbox_cmd); 551 if (rc) 552 goto out; 553 554 /* 555 * @size_out contains the max size that's allowed to be written back out 556 * to userspace. While the payload may have written more output than 557 * this it will have to be ignored. 558 */ 559 if (mbox_cmd->size_out) { 560 dev_WARN_ONCE(dev, mbox_cmd->size_out > *size_out, 561 "Invalid return size\n"); 562 if (copy_to_user(u64_to_user_ptr(out_payload), 563 mbox_cmd->payload_out, mbox_cmd->size_out)) { 564 rc = -EFAULT; 565 goto out; 566 } 567 } 568 569 *size_out = mbox_cmd->size_out; 570 *retval = mbox_cmd->return_code; 571 572 out: 573 cxl_mbox_cmd_dtor(mbox_cmd); 574 return rc; 575 } 576 577 int cxl_send_cmd(struct cxl_memdev *cxlmd, struct cxl_send_command __user *s) 578 { 579 struct cxl_dev_state *cxlds = cxlmd->cxlds; 580 struct device *dev = &cxlmd->dev; 581 struct cxl_send_command send; 582 struct cxl_mbox_cmd mbox_cmd; 583 int rc; 584 585 dev_dbg(dev, "Send IOCTL\n"); 586 587 if (copy_from_user(&send, s, sizeof(send))) 588 return -EFAULT; 589 590 rc = cxl_validate_cmd_from_user(&mbox_cmd, cxlmd->cxlds, &send); 591 if (rc) 592 return rc; 593 594 rc = handle_mailbox_cmd_from_user(cxlds, &mbox_cmd, send.out.payload, 595 &send.out.size, &send.retval); 596 if (rc) 597 return rc; 598 599 if (copy_to_user(s, &send, sizeof(send))) 600 return -EFAULT; 601 602 return 0; 603 } 604 605 static int cxl_xfer_log(struct cxl_dev_state *cxlds, uuid_t *uuid, u32 *size, u8 *out) 606 { 607 u32 remaining = *size; 608 u32 offset = 0; 609 610 while (remaining) { 611 u32 xfer_size = min_t(u32, remaining, cxlds->payload_size); 612 struct cxl_mbox_cmd mbox_cmd; 613 struct cxl_mbox_get_log log; 614 int rc; 615 616 log = (struct cxl_mbox_get_log) { 617 .uuid = *uuid, 618 .offset = cpu_to_le32(offset), 619 .length = cpu_to_le32(xfer_size), 620 }; 621 622 mbox_cmd = (struct cxl_mbox_cmd) { 623 .opcode = CXL_MBOX_OP_GET_LOG, 624 .size_in = sizeof(log), 625 .payload_in = &log, 626 .size_out = xfer_size, 627 .payload_out = out, 628 }; 629 630 rc = cxl_internal_send_cmd(cxlds, &mbox_cmd); 631 632 /* 633 * The output payload length that indicates the number 634 * of valid bytes can be smaller than the Log buffer 635 * size. 636 */ 637 if (rc == -EIO && mbox_cmd.size_out < xfer_size) { 638 offset += mbox_cmd.size_out; 639 break; 640 } 641 642 if (rc < 0) 643 return rc; 644 645 out += xfer_size; 646 remaining -= xfer_size; 647 offset += xfer_size; 648 } 649 650 *size = offset; 651 652 return 0; 653 } 654 655 /** 656 * cxl_walk_cel() - Walk through the Command Effects Log. 657 * @cxlds: The device data for the operation 658 * @size: Length of the Command Effects Log. 659 * @cel: CEL 660 * 661 * Iterate over each entry in the CEL and determine if the driver supports the 662 * command. If so, the command is enabled for the device and can be used later. 663 */ 664 static void cxl_walk_cel(struct cxl_dev_state *cxlds, size_t size, u8 *cel) 665 { 666 struct cxl_cel_entry *cel_entry; 667 const int cel_entries = size / sizeof(*cel_entry); 668 int i; 669 670 cel_entry = (struct cxl_cel_entry *) cel; 671 672 for (i = 0; i < cel_entries; i++) { 673 u16 opcode = le16_to_cpu(cel_entry[i].opcode); 674 struct cxl_mem_command *cmd = cxl_mem_find_command(opcode); 675 676 if (!cmd && !cxl_is_poison_command(opcode)) { 677 dev_dbg(cxlds->dev, 678 "Opcode 0x%04x unsupported by driver\n", opcode); 679 continue; 680 } 681 682 if (cmd) 683 set_bit(cmd->info.id, cxlds->enabled_cmds); 684 685 if (cxl_is_poison_command(opcode)) 686 cxl_set_poison_cmd_enabled(&cxlds->poison, opcode); 687 688 dev_dbg(cxlds->dev, "Opcode 0x%04x enabled\n", opcode); 689 } 690 } 691 692 static struct cxl_mbox_get_supported_logs *cxl_get_gsl(struct cxl_dev_state *cxlds) 693 { 694 struct cxl_mbox_get_supported_logs *ret; 695 struct cxl_mbox_cmd mbox_cmd; 696 int rc; 697 698 ret = kvmalloc(cxlds->payload_size, GFP_KERNEL); 699 if (!ret) 700 return ERR_PTR(-ENOMEM); 701 702 mbox_cmd = (struct cxl_mbox_cmd) { 703 .opcode = CXL_MBOX_OP_GET_SUPPORTED_LOGS, 704 .size_out = cxlds->payload_size, 705 .payload_out = ret, 706 /* At least the record number field must be valid */ 707 .min_out = 2, 708 }; 709 rc = cxl_internal_send_cmd(cxlds, &mbox_cmd); 710 if (rc < 0) { 711 kvfree(ret); 712 return ERR_PTR(rc); 713 } 714 715 716 return ret; 717 } 718 719 enum { 720 CEL_UUID, 721 VENDOR_DEBUG_UUID, 722 }; 723 724 /* See CXL 2.0 Table 170. Get Log Input Payload */ 725 static const uuid_t log_uuid[] = { 726 [CEL_UUID] = DEFINE_CXL_CEL_UUID, 727 [VENDOR_DEBUG_UUID] = DEFINE_CXL_VENDOR_DEBUG_UUID, 728 }; 729 730 /** 731 * cxl_enumerate_cmds() - Enumerate commands for a device. 732 * @cxlds: The device data for the operation 733 * 734 * Returns 0 if enumerate completed successfully. 735 * 736 * CXL devices have optional support for certain commands. This function will 737 * determine the set of supported commands for the hardware and update the 738 * enabled_cmds bitmap in the @cxlds. 739 */ 740 int cxl_enumerate_cmds(struct cxl_dev_state *cxlds) 741 { 742 struct cxl_mbox_get_supported_logs *gsl; 743 struct device *dev = cxlds->dev; 744 struct cxl_mem_command *cmd; 745 int i, rc; 746 747 gsl = cxl_get_gsl(cxlds); 748 if (IS_ERR(gsl)) 749 return PTR_ERR(gsl); 750 751 rc = -ENOENT; 752 for (i = 0; i < le16_to_cpu(gsl->entries); i++) { 753 u32 size = le32_to_cpu(gsl->entry[i].size); 754 uuid_t uuid = gsl->entry[i].uuid; 755 u8 *log; 756 757 dev_dbg(dev, "Found LOG type %pU of size %d", &uuid, size); 758 759 if (!uuid_equal(&uuid, &log_uuid[CEL_UUID])) 760 continue; 761 762 log = kvmalloc(size, GFP_KERNEL); 763 if (!log) { 764 rc = -ENOMEM; 765 goto out; 766 } 767 768 rc = cxl_xfer_log(cxlds, &uuid, &size, log); 769 if (rc) { 770 kvfree(log); 771 goto out; 772 } 773 774 cxl_walk_cel(cxlds, size, log); 775 kvfree(log); 776 777 /* In case CEL was bogus, enable some default commands. */ 778 cxl_for_each_cmd(cmd) 779 if (cmd->flags & CXL_CMD_FLAG_FORCE_ENABLE) 780 set_bit(cmd->info.id, cxlds->enabled_cmds); 781 782 /* Found the required CEL */ 783 rc = 0; 784 } 785 out: 786 kvfree(gsl); 787 return rc; 788 } 789 EXPORT_SYMBOL_NS_GPL(cxl_enumerate_cmds, CXL); 790 791 /* 792 * General Media Event Record 793 * CXL rev 3.0 Section 8.2.9.2.1.1; Table 8-43 794 */ 795 static const uuid_t gen_media_event_uuid = 796 UUID_INIT(0xfbcd0a77, 0xc260, 0x417f, 797 0x85, 0xa9, 0x08, 0x8b, 0x16, 0x21, 0xeb, 0xa6); 798 799 /* 800 * DRAM Event Record 801 * CXL rev 3.0 section 8.2.9.2.1.2; Table 8-44 802 */ 803 static const uuid_t dram_event_uuid = 804 UUID_INIT(0x601dcbb3, 0x9c06, 0x4eab, 805 0xb8, 0xaf, 0x4e, 0x9b, 0xfb, 0x5c, 0x96, 0x24); 806 807 /* 808 * Memory Module Event Record 809 * CXL rev 3.0 section 8.2.9.2.1.3; Table 8-45 810 */ 811 static const uuid_t mem_mod_event_uuid = 812 UUID_INIT(0xfe927475, 0xdd59, 0x4339, 813 0xa5, 0x86, 0x79, 0xba, 0xb1, 0x13, 0xb7, 0x74); 814 815 static void cxl_event_trace_record(const struct cxl_memdev *cxlmd, 816 enum cxl_event_log_type type, 817 struct cxl_event_record_raw *record) 818 { 819 uuid_t *id = &record->hdr.id; 820 821 if (uuid_equal(id, &gen_media_event_uuid)) { 822 struct cxl_event_gen_media *rec = 823 (struct cxl_event_gen_media *)record; 824 825 trace_cxl_general_media(cxlmd, type, rec); 826 } else if (uuid_equal(id, &dram_event_uuid)) { 827 struct cxl_event_dram *rec = (struct cxl_event_dram *)record; 828 829 trace_cxl_dram(cxlmd, type, rec); 830 } else if (uuid_equal(id, &mem_mod_event_uuid)) { 831 struct cxl_event_mem_module *rec = 832 (struct cxl_event_mem_module *)record; 833 834 trace_cxl_memory_module(cxlmd, type, rec); 835 } else { 836 /* For unknown record types print just the header */ 837 trace_cxl_generic_event(cxlmd, type, record); 838 } 839 } 840 841 static int cxl_clear_event_record(struct cxl_dev_state *cxlds, 842 enum cxl_event_log_type log, 843 struct cxl_get_event_payload *get_pl) 844 { 845 struct cxl_mbox_clear_event_payload *payload; 846 u16 total = le16_to_cpu(get_pl->record_count); 847 u8 max_handles = CXL_CLEAR_EVENT_MAX_HANDLES; 848 size_t pl_size = struct_size(payload, handles, max_handles); 849 struct cxl_mbox_cmd mbox_cmd; 850 u16 cnt; 851 int rc = 0; 852 int i; 853 854 /* Payload size may limit the max handles */ 855 if (pl_size > cxlds->payload_size) { 856 max_handles = (cxlds->payload_size - sizeof(*payload)) / 857 sizeof(__le16); 858 pl_size = struct_size(payload, handles, max_handles); 859 } 860 861 payload = kvzalloc(pl_size, GFP_KERNEL); 862 if (!payload) 863 return -ENOMEM; 864 865 *payload = (struct cxl_mbox_clear_event_payload) { 866 .event_log = log, 867 }; 868 869 mbox_cmd = (struct cxl_mbox_cmd) { 870 .opcode = CXL_MBOX_OP_CLEAR_EVENT_RECORD, 871 .payload_in = payload, 872 .size_in = pl_size, 873 }; 874 875 /* 876 * Clear Event Records uses u8 for the handle cnt while Get Event 877 * Record can return up to 0xffff records. 878 */ 879 i = 0; 880 for (cnt = 0; cnt < total; cnt++) { 881 payload->handles[i++] = get_pl->records[cnt].hdr.handle; 882 dev_dbg(cxlds->dev, "Event log '%d': Clearing %u\n", 883 log, le16_to_cpu(payload->handles[i])); 884 885 if (i == max_handles) { 886 payload->nr_recs = i; 887 rc = cxl_internal_send_cmd(cxlds, &mbox_cmd); 888 if (rc) 889 goto free_pl; 890 i = 0; 891 } 892 } 893 894 /* Clear what is left if any */ 895 if (i) { 896 payload->nr_recs = i; 897 mbox_cmd.size_in = struct_size(payload, handles, i); 898 rc = cxl_internal_send_cmd(cxlds, &mbox_cmd); 899 if (rc) 900 goto free_pl; 901 } 902 903 free_pl: 904 kvfree(payload); 905 return rc; 906 } 907 908 static void cxl_mem_get_records_log(struct cxl_dev_state *cxlds, 909 enum cxl_event_log_type type) 910 { 911 struct cxl_get_event_payload *payload; 912 struct cxl_mbox_cmd mbox_cmd; 913 u8 log_type = type; 914 u16 nr_rec; 915 916 mutex_lock(&cxlds->event.log_lock); 917 payload = cxlds->event.buf; 918 919 mbox_cmd = (struct cxl_mbox_cmd) { 920 .opcode = CXL_MBOX_OP_GET_EVENT_RECORD, 921 .payload_in = &log_type, 922 .size_in = sizeof(log_type), 923 .payload_out = payload, 924 .size_out = cxlds->payload_size, 925 .min_out = struct_size(payload, records, 0), 926 }; 927 928 do { 929 int rc, i; 930 931 rc = cxl_internal_send_cmd(cxlds, &mbox_cmd); 932 if (rc) { 933 dev_err_ratelimited(cxlds->dev, 934 "Event log '%d': Failed to query event records : %d", 935 type, rc); 936 break; 937 } 938 939 nr_rec = le16_to_cpu(payload->record_count); 940 if (!nr_rec) 941 break; 942 943 for (i = 0; i < nr_rec; i++) 944 cxl_event_trace_record(cxlds->cxlmd, type, 945 &payload->records[i]); 946 947 if (payload->flags & CXL_GET_EVENT_FLAG_OVERFLOW) 948 trace_cxl_overflow(cxlds->cxlmd, type, payload); 949 950 rc = cxl_clear_event_record(cxlds, type, payload); 951 if (rc) { 952 dev_err_ratelimited(cxlds->dev, 953 "Event log '%d': Failed to clear events : %d", 954 type, rc); 955 break; 956 } 957 } while (nr_rec); 958 959 mutex_unlock(&cxlds->event.log_lock); 960 } 961 962 /** 963 * cxl_mem_get_event_records - Get Event Records from the device 964 * @cxlds: The device data for the operation 965 * @status: Event Status register value identifying which events are available. 966 * 967 * Retrieve all event records available on the device, report them as trace 968 * events, and clear them. 969 * 970 * See CXL rev 3.0 @8.2.9.2.2 Get Event Records 971 * See CXL rev 3.0 @8.2.9.2.3 Clear Event Records 972 */ 973 void cxl_mem_get_event_records(struct cxl_dev_state *cxlds, u32 status) 974 { 975 dev_dbg(cxlds->dev, "Reading event logs: %x\n", status); 976 977 if (status & CXLDEV_EVENT_STATUS_FATAL) 978 cxl_mem_get_records_log(cxlds, CXL_EVENT_TYPE_FATAL); 979 if (status & CXLDEV_EVENT_STATUS_FAIL) 980 cxl_mem_get_records_log(cxlds, CXL_EVENT_TYPE_FAIL); 981 if (status & CXLDEV_EVENT_STATUS_WARN) 982 cxl_mem_get_records_log(cxlds, CXL_EVENT_TYPE_WARN); 983 if (status & CXLDEV_EVENT_STATUS_INFO) 984 cxl_mem_get_records_log(cxlds, CXL_EVENT_TYPE_INFO); 985 } 986 EXPORT_SYMBOL_NS_GPL(cxl_mem_get_event_records, CXL); 987 988 /** 989 * cxl_mem_get_partition_info - Get partition info 990 * @cxlds: The device data for the operation 991 * 992 * Retrieve the current partition info for the device specified. The active 993 * values are the current capacity in bytes. If not 0, the 'next' values are 994 * the pending values, in bytes, which take affect on next cold reset. 995 * 996 * Return: 0 if no error: or the result of the mailbox command. 997 * 998 * See CXL @8.2.9.5.2.1 Get Partition Info 999 */ 1000 static int cxl_mem_get_partition_info(struct cxl_dev_state *cxlds) 1001 { 1002 struct cxl_mbox_get_partition_info pi; 1003 struct cxl_mbox_cmd mbox_cmd; 1004 int rc; 1005 1006 mbox_cmd = (struct cxl_mbox_cmd) { 1007 .opcode = CXL_MBOX_OP_GET_PARTITION_INFO, 1008 .size_out = sizeof(pi), 1009 .payload_out = &pi, 1010 }; 1011 rc = cxl_internal_send_cmd(cxlds, &mbox_cmd); 1012 if (rc) 1013 return rc; 1014 1015 cxlds->active_volatile_bytes = 1016 le64_to_cpu(pi.active_volatile_cap) * CXL_CAPACITY_MULTIPLIER; 1017 cxlds->active_persistent_bytes = 1018 le64_to_cpu(pi.active_persistent_cap) * CXL_CAPACITY_MULTIPLIER; 1019 cxlds->next_volatile_bytes = 1020 le64_to_cpu(pi.next_volatile_cap) * CXL_CAPACITY_MULTIPLIER; 1021 cxlds->next_persistent_bytes = 1022 le64_to_cpu(pi.next_volatile_cap) * CXL_CAPACITY_MULTIPLIER; 1023 1024 return 0; 1025 } 1026 1027 /** 1028 * cxl_dev_state_identify() - Send the IDENTIFY command to the device. 1029 * @cxlds: The device data for the operation 1030 * 1031 * Return: 0 if identify was executed successfully. 1032 * 1033 * This will dispatch the identify command to the device and on success populate 1034 * structures to be exported to sysfs. 1035 */ 1036 int cxl_dev_state_identify(struct cxl_dev_state *cxlds) 1037 { 1038 /* See CXL 2.0 Table 175 Identify Memory Device Output Payload */ 1039 struct cxl_mbox_identify id; 1040 struct cxl_mbox_cmd mbox_cmd; 1041 u32 val; 1042 int rc; 1043 1044 mbox_cmd = (struct cxl_mbox_cmd) { 1045 .opcode = CXL_MBOX_OP_IDENTIFY, 1046 .size_out = sizeof(id), 1047 .payload_out = &id, 1048 }; 1049 rc = cxl_internal_send_cmd(cxlds, &mbox_cmd); 1050 if (rc < 0) 1051 return rc; 1052 1053 cxlds->total_bytes = 1054 le64_to_cpu(id.total_capacity) * CXL_CAPACITY_MULTIPLIER; 1055 cxlds->volatile_only_bytes = 1056 le64_to_cpu(id.volatile_capacity) * CXL_CAPACITY_MULTIPLIER; 1057 cxlds->persistent_only_bytes = 1058 le64_to_cpu(id.persistent_capacity) * CXL_CAPACITY_MULTIPLIER; 1059 cxlds->partition_align_bytes = 1060 le64_to_cpu(id.partition_align) * CXL_CAPACITY_MULTIPLIER; 1061 1062 cxlds->lsa_size = le32_to_cpu(id.lsa_size); 1063 memcpy(cxlds->firmware_version, id.fw_revision, sizeof(id.fw_revision)); 1064 1065 if (test_bit(CXL_POISON_ENABLED_LIST, cxlds->poison.enabled_cmds)) { 1066 val = get_unaligned_le24(id.poison_list_max_mer); 1067 cxlds->poison.max_errors = min_t(u32, val, CXL_POISON_LIST_MAX); 1068 } 1069 1070 return 0; 1071 } 1072 EXPORT_SYMBOL_NS_GPL(cxl_dev_state_identify, CXL); 1073 1074 static int add_dpa_res(struct device *dev, struct resource *parent, 1075 struct resource *res, resource_size_t start, 1076 resource_size_t size, const char *type) 1077 { 1078 int rc; 1079 1080 res->name = type; 1081 res->start = start; 1082 res->end = start + size - 1; 1083 res->flags = IORESOURCE_MEM; 1084 if (resource_size(res) == 0) { 1085 dev_dbg(dev, "DPA(%s): no capacity\n", res->name); 1086 return 0; 1087 } 1088 rc = request_resource(parent, res); 1089 if (rc) { 1090 dev_err(dev, "DPA(%s): failed to track %pr (%d)\n", res->name, 1091 res, rc); 1092 return rc; 1093 } 1094 1095 dev_dbg(dev, "DPA(%s): %pr\n", res->name, res); 1096 1097 return 0; 1098 } 1099 1100 int cxl_mem_create_range_info(struct cxl_dev_state *cxlds) 1101 { 1102 struct device *dev = cxlds->dev; 1103 int rc; 1104 1105 cxlds->dpa_res = 1106 (struct resource)DEFINE_RES_MEM(0, cxlds->total_bytes); 1107 1108 if (cxlds->partition_align_bytes == 0) { 1109 rc = add_dpa_res(dev, &cxlds->dpa_res, &cxlds->ram_res, 0, 1110 cxlds->volatile_only_bytes, "ram"); 1111 if (rc) 1112 return rc; 1113 return add_dpa_res(dev, &cxlds->dpa_res, &cxlds->pmem_res, 1114 cxlds->volatile_only_bytes, 1115 cxlds->persistent_only_bytes, "pmem"); 1116 } 1117 1118 rc = cxl_mem_get_partition_info(cxlds); 1119 if (rc) { 1120 dev_err(dev, "Failed to query partition information\n"); 1121 return rc; 1122 } 1123 1124 rc = add_dpa_res(dev, &cxlds->dpa_res, &cxlds->ram_res, 0, 1125 cxlds->active_volatile_bytes, "ram"); 1126 if (rc) 1127 return rc; 1128 return add_dpa_res(dev, &cxlds->dpa_res, &cxlds->pmem_res, 1129 cxlds->active_volatile_bytes, 1130 cxlds->active_persistent_bytes, "pmem"); 1131 } 1132 EXPORT_SYMBOL_NS_GPL(cxl_mem_create_range_info, CXL); 1133 1134 int cxl_set_timestamp(struct cxl_dev_state *cxlds) 1135 { 1136 struct cxl_mbox_cmd mbox_cmd; 1137 struct cxl_mbox_set_timestamp_in pi; 1138 int rc; 1139 1140 pi.timestamp = cpu_to_le64(ktime_get_real_ns()); 1141 mbox_cmd = (struct cxl_mbox_cmd) { 1142 .opcode = CXL_MBOX_OP_SET_TIMESTAMP, 1143 .size_in = sizeof(pi), 1144 .payload_in = &pi, 1145 }; 1146 1147 rc = cxl_internal_send_cmd(cxlds, &mbox_cmd); 1148 /* 1149 * Command is optional. Devices may have another way of providing 1150 * a timestamp, or may return all 0s in timestamp fields. 1151 * Don't report an error if this command isn't supported 1152 */ 1153 if (rc && (mbox_cmd.return_code != CXL_MBOX_CMD_RC_UNSUPPORTED)) 1154 return rc; 1155 1156 return 0; 1157 } 1158 EXPORT_SYMBOL_NS_GPL(cxl_set_timestamp, CXL); 1159 1160 int cxl_mem_get_poison(struct cxl_memdev *cxlmd, u64 offset, u64 len, 1161 struct cxl_region *cxlr) 1162 { 1163 struct cxl_dev_state *cxlds = cxlmd->cxlds; 1164 struct cxl_mbox_poison_out *po; 1165 struct cxl_mbox_poison_in pi; 1166 struct cxl_mbox_cmd mbox_cmd; 1167 int nr_records = 0; 1168 int rc; 1169 1170 rc = mutex_lock_interruptible(&cxlds->poison.lock); 1171 if (rc) 1172 return rc; 1173 1174 po = cxlds->poison.list_out; 1175 pi.offset = cpu_to_le64(offset); 1176 pi.length = cpu_to_le64(len / CXL_POISON_LEN_MULT); 1177 1178 mbox_cmd = (struct cxl_mbox_cmd) { 1179 .opcode = CXL_MBOX_OP_GET_POISON, 1180 .size_in = sizeof(pi), 1181 .payload_in = &pi, 1182 .size_out = cxlds->payload_size, 1183 .payload_out = po, 1184 .min_out = struct_size(po, record, 0), 1185 }; 1186 1187 do { 1188 rc = cxl_internal_send_cmd(cxlds, &mbox_cmd); 1189 if (rc) 1190 break; 1191 1192 for (int i = 0; i < le16_to_cpu(po->count); i++) 1193 trace_cxl_poison(cxlmd, cxlr, &po->record[i], 1194 po->flags, po->overflow_ts, 1195 CXL_POISON_TRACE_LIST); 1196 1197 /* Protect against an uncleared _FLAG_MORE */ 1198 nr_records = nr_records + le16_to_cpu(po->count); 1199 if (nr_records >= cxlds->poison.max_errors) { 1200 dev_dbg(&cxlmd->dev, "Max Error Records reached: %d\n", 1201 nr_records); 1202 break; 1203 } 1204 } while (po->flags & CXL_POISON_FLAG_MORE); 1205 1206 mutex_unlock(&cxlds->poison.lock); 1207 return rc; 1208 } 1209 EXPORT_SYMBOL_NS_GPL(cxl_mem_get_poison, CXL); 1210 1211 static void free_poison_buf(void *buf) 1212 { 1213 kvfree(buf); 1214 } 1215 1216 /* Get Poison List output buffer is protected by cxlds->poison.lock */ 1217 static int cxl_poison_alloc_buf(struct cxl_dev_state *cxlds) 1218 { 1219 cxlds->poison.list_out = kvmalloc(cxlds->payload_size, GFP_KERNEL); 1220 if (!cxlds->poison.list_out) 1221 return -ENOMEM; 1222 1223 return devm_add_action_or_reset(cxlds->dev, free_poison_buf, 1224 cxlds->poison.list_out); 1225 } 1226 1227 int cxl_poison_state_init(struct cxl_dev_state *cxlds) 1228 { 1229 int rc; 1230 1231 if (!test_bit(CXL_POISON_ENABLED_LIST, cxlds->poison.enabled_cmds)) 1232 return 0; 1233 1234 rc = cxl_poison_alloc_buf(cxlds); 1235 if (rc) { 1236 clear_bit(CXL_POISON_ENABLED_LIST, cxlds->poison.enabled_cmds); 1237 return rc; 1238 } 1239 1240 mutex_init(&cxlds->poison.lock); 1241 return 0; 1242 } 1243 EXPORT_SYMBOL_NS_GPL(cxl_poison_state_init, CXL); 1244 1245 struct cxl_dev_state *cxl_dev_state_create(struct device *dev) 1246 { 1247 struct cxl_dev_state *cxlds; 1248 1249 cxlds = devm_kzalloc(dev, sizeof(*cxlds), GFP_KERNEL); 1250 if (!cxlds) { 1251 dev_err(dev, "No memory available\n"); 1252 return ERR_PTR(-ENOMEM); 1253 } 1254 1255 mutex_init(&cxlds->mbox_mutex); 1256 mutex_init(&cxlds->event.log_lock); 1257 cxlds->dev = dev; 1258 1259 return cxlds; 1260 } 1261 EXPORT_SYMBOL_NS_GPL(cxl_dev_state_create, CXL); 1262 1263 void __init cxl_mbox_init(void) 1264 { 1265 struct dentry *mbox_debugfs; 1266 1267 mbox_debugfs = cxl_debugfs_create_dir("mbox"); 1268 debugfs_create_bool("raw_allow_all", 0600, mbox_debugfs, 1269 &cxl_raw_allow_all); 1270 } 1271