1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * PowerNV OPAL Dump Interface
4 *
5 * Copyright 2013,2014 IBM Corp.
6 */
7
8 #include <linux/kobject.h>
9 #include <linux/mm.h>
10 #include <linux/slab.h>
11 #include <linux/vmalloc.h>
12 #include <linux/pagemap.h>
13 #include <linux/delay.h>
14 #include <linux/interrupt.h>
15
16 #include <asm/opal.h>
17
18 #define DUMP_TYPE_FSP 0x01
19
20 struct dump_obj {
21 struct kobject kobj;
22 struct bin_attribute dump_attr;
23 uint32_t id; /* becomes object name */
24 uint32_t type;
25 uint32_t size;
26 char *buffer;
27 };
28 #define to_dump_obj(x) container_of(x, struct dump_obj, kobj)
29
30 struct dump_attribute {
31 struct attribute attr;
32 ssize_t (*show)(struct dump_obj *dump, struct dump_attribute *attr,
33 char *buf);
34 ssize_t (*store)(struct dump_obj *dump, struct dump_attribute *attr,
35 const char *buf, size_t count);
36 };
37 #define to_dump_attr(x) container_of(x, struct dump_attribute, attr)
38
dump_id_show(struct dump_obj * dump_obj,struct dump_attribute * attr,char * buf)39 static ssize_t dump_id_show(struct dump_obj *dump_obj,
40 struct dump_attribute *attr,
41 char *buf)
42 {
43 return sprintf(buf, "0x%x\n", dump_obj->id);
44 }
45
dump_type_to_string(uint32_t type)46 static const char* dump_type_to_string(uint32_t type)
47 {
48 switch (type) {
49 case 0x01: return "SP Dump";
50 case 0x02: return "System/Platform Dump";
51 case 0x03: return "SMA Dump";
52 default: return "unknown";
53 }
54 }
55
dump_type_show(struct dump_obj * dump_obj,struct dump_attribute * attr,char * buf)56 static ssize_t dump_type_show(struct dump_obj *dump_obj,
57 struct dump_attribute *attr,
58 char *buf)
59 {
60
61 return sprintf(buf, "0x%x %s\n", dump_obj->type,
62 dump_type_to_string(dump_obj->type));
63 }
64
dump_ack_show(struct dump_obj * dump_obj,struct dump_attribute * attr,char * buf)65 static ssize_t dump_ack_show(struct dump_obj *dump_obj,
66 struct dump_attribute *attr,
67 char *buf)
68 {
69 return sprintf(buf, "ack - acknowledge dump\n");
70 }
71
72 /*
73 * Send acknowledgement to OPAL
74 */
dump_send_ack(uint32_t dump_id)75 static int64_t dump_send_ack(uint32_t dump_id)
76 {
77 int rc;
78
79 rc = opal_dump_ack(dump_id);
80 if (rc)
81 pr_warn("%s: Failed to send ack to Dump ID 0x%x (%d)\n",
82 __func__, dump_id, rc);
83 return rc;
84 }
85
dump_ack_store(struct dump_obj * dump_obj,struct dump_attribute * attr,const char * buf,size_t count)86 static ssize_t dump_ack_store(struct dump_obj *dump_obj,
87 struct dump_attribute *attr,
88 const char *buf,
89 size_t count)
90 {
91 /*
92 * Try to self remove this attribute. If we are successful,
93 * delete the kobject itself.
94 */
95 if (sysfs_remove_file_self(&dump_obj->kobj, &attr->attr)) {
96 dump_send_ack(dump_obj->id);
97 kobject_put(&dump_obj->kobj);
98 }
99 return count;
100 }
101
102 /* Attributes of a dump
103 * The binary attribute of the dump itself is dynamic
104 * due to the dynamic size of the dump
105 */
106 static struct dump_attribute id_attribute =
107 __ATTR(id, 0444, dump_id_show, NULL);
108 static struct dump_attribute type_attribute =
109 __ATTR(type, 0444, dump_type_show, NULL);
110 static struct dump_attribute ack_attribute =
111 __ATTR(acknowledge, 0660, dump_ack_show, dump_ack_store);
112
init_dump_show(struct dump_obj * dump_obj,struct dump_attribute * attr,char * buf)113 static ssize_t init_dump_show(struct dump_obj *dump_obj,
114 struct dump_attribute *attr,
115 char *buf)
116 {
117 return sprintf(buf, "1 - initiate Service Processor(FSP) dump\n");
118 }
119
dump_fips_init(uint8_t type)120 static int64_t dump_fips_init(uint8_t type)
121 {
122 int rc;
123
124 rc = opal_dump_init(type);
125 if (rc)
126 pr_warn("%s: Failed to initiate FSP dump (%d)\n",
127 __func__, rc);
128 return rc;
129 }
130
init_dump_store(struct dump_obj * dump_obj,struct dump_attribute * attr,const char * buf,size_t count)131 static ssize_t init_dump_store(struct dump_obj *dump_obj,
132 struct dump_attribute *attr,
133 const char *buf,
134 size_t count)
135 {
136 int rc;
137
138 rc = dump_fips_init(DUMP_TYPE_FSP);
139 if (rc == OPAL_SUCCESS)
140 pr_info("%s: Initiated FSP dump\n", __func__);
141
142 return count;
143 }
144
145 static struct dump_attribute initiate_attribute =
146 __ATTR(initiate_dump, 0600, init_dump_show, init_dump_store);
147
148 static struct attribute *initiate_attrs[] = {
149 &initiate_attribute.attr,
150 NULL,
151 };
152
153 static struct attribute_group initiate_attr_group = {
154 .attrs = initiate_attrs,
155 };
156
157 static struct kset *dump_kset;
158
dump_attr_show(struct kobject * kobj,struct attribute * attr,char * buf)159 static ssize_t dump_attr_show(struct kobject *kobj,
160 struct attribute *attr,
161 char *buf)
162 {
163 struct dump_attribute *attribute;
164 struct dump_obj *dump;
165
166 attribute = to_dump_attr(attr);
167 dump = to_dump_obj(kobj);
168
169 if (!attribute->show)
170 return -EIO;
171
172 return attribute->show(dump, attribute, buf);
173 }
174
dump_attr_store(struct kobject * kobj,struct attribute * attr,const char * buf,size_t len)175 static ssize_t dump_attr_store(struct kobject *kobj,
176 struct attribute *attr,
177 const char *buf, size_t len)
178 {
179 struct dump_attribute *attribute;
180 struct dump_obj *dump;
181
182 attribute = to_dump_attr(attr);
183 dump = to_dump_obj(kobj);
184
185 if (!attribute->store)
186 return -EIO;
187
188 return attribute->store(dump, attribute, buf, len);
189 }
190
191 static const struct sysfs_ops dump_sysfs_ops = {
192 .show = dump_attr_show,
193 .store = dump_attr_store,
194 };
195
dump_release(struct kobject * kobj)196 static void dump_release(struct kobject *kobj)
197 {
198 struct dump_obj *dump;
199
200 dump = to_dump_obj(kobj);
201 vfree(dump->buffer);
202 kfree(dump);
203 }
204
205 static struct attribute *dump_default_attrs[] = {
206 &id_attribute.attr,
207 &type_attribute.attr,
208 &ack_attribute.attr,
209 NULL,
210 };
211
212 static struct kobj_type dump_ktype = {
213 .sysfs_ops = &dump_sysfs_ops,
214 .release = &dump_release,
215 .default_attrs = dump_default_attrs,
216 };
217
dump_read_info(uint32_t * dump_id,uint32_t * dump_size,uint32_t * dump_type)218 static int64_t dump_read_info(uint32_t *dump_id, uint32_t *dump_size, uint32_t *dump_type)
219 {
220 __be32 id, size, type;
221 int rc;
222
223 type = cpu_to_be32(0xffffffff);
224
225 rc = opal_dump_info2(&id, &size, &type);
226 if (rc == OPAL_PARAMETER)
227 rc = opal_dump_info(&id, &size);
228
229 if (rc) {
230 pr_warn("%s: Failed to get dump info (%d)\n",
231 __func__, rc);
232 return rc;
233 }
234
235 *dump_id = be32_to_cpu(id);
236 *dump_size = be32_to_cpu(size);
237 *dump_type = be32_to_cpu(type);
238
239 return rc;
240 }
241
dump_read_data(struct dump_obj * dump)242 static int64_t dump_read_data(struct dump_obj *dump)
243 {
244 struct opal_sg_list *list;
245 uint64_t addr;
246 int64_t rc;
247
248 /* Allocate memory */
249 dump->buffer = vzalloc(PAGE_ALIGN(dump->size));
250 if (!dump->buffer) {
251 pr_err("%s : Failed to allocate memory\n", __func__);
252 rc = -ENOMEM;
253 goto out;
254 }
255
256 /* Generate SG list */
257 list = opal_vmalloc_to_sg_list(dump->buffer, dump->size);
258 if (!list) {
259 rc = -ENOMEM;
260 goto out;
261 }
262
263 /* First entry address */
264 addr = __pa(list);
265
266 /* Fetch data */
267 rc = OPAL_BUSY_EVENT;
268 while (rc == OPAL_BUSY || rc == OPAL_BUSY_EVENT) {
269 rc = opal_dump_read(dump->id, addr);
270 if (rc == OPAL_BUSY_EVENT) {
271 opal_poll_events(NULL);
272 msleep(20);
273 }
274 }
275
276 if (rc != OPAL_SUCCESS && rc != OPAL_PARTIAL)
277 pr_warn("%s: Extract dump failed for ID 0x%x\n",
278 __func__, dump->id);
279
280 /* Free SG list */
281 opal_free_sg_list(list);
282
283 out:
284 return rc;
285 }
286
dump_attr_read(struct file * filep,struct kobject * kobj,struct bin_attribute * bin_attr,char * buffer,loff_t pos,size_t count)287 static ssize_t dump_attr_read(struct file *filep, struct kobject *kobj,
288 struct bin_attribute *bin_attr,
289 char *buffer, loff_t pos, size_t count)
290 {
291 ssize_t rc;
292
293 struct dump_obj *dump = to_dump_obj(kobj);
294
295 if (!dump->buffer) {
296 rc = dump_read_data(dump);
297
298 if (rc != OPAL_SUCCESS && rc != OPAL_PARTIAL) {
299 vfree(dump->buffer);
300 dump->buffer = NULL;
301
302 return -EIO;
303 }
304 if (rc == OPAL_PARTIAL) {
305 /* On a partial read, we just return EIO
306 * and rely on userspace to ask us to try
307 * again.
308 */
309 pr_info("%s: Platform dump partially read. ID = 0x%x\n",
310 __func__, dump->id);
311 return -EIO;
312 }
313 }
314
315 memcpy(buffer, dump->buffer + pos, count);
316
317 /* You may think we could free the dump buffer now and retrieve
318 * it again later if needed, but due to current firmware limitation,
319 * that's not the case. So, once read into userspace once,
320 * we keep the dump around until it's acknowledged by userspace.
321 */
322
323 return count;
324 }
325
create_dump_obj(uint32_t id,size_t size,uint32_t type)326 static void create_dump_obj(uint32_t id, size_t size, uint32_t type)
327 {
328 struct dump_obj *dump;
329 int rc;
330
331 dump = kzalloc(sizeof(*dump), GFP_KERNEL);
332 if (!dump)
333 return;
334
335 dump->kobj.kset = dump_kset;
336
337 kobject_init(&dump->kobj, &dump_ktype);
338
339 sysfs_bin_attr_init(&dump->dump_attr);
340
341 dump->dump_attr.attr.name = "dump";
342 dump->dump_attr.attr.mode = 0400;
343 dump->dump_attr.size = size;
344 dump->dump_attr.read = dump_attr_read;
345
346 dump->id = id;
347 dump->size = size;
348 dump->type = type;
349
350 rc = kobject_add(&dump->kobj, NULL, "0x%x-0x%x", type, id);
351 if (rc) {
352 kobject_put(&dump->kobj);
353 return;
354 }
355
356 /*
357 * As soon as the sysfs file for this dump is created/activated there is
358 * a chance the opal_errd daemon (or any userspace) might read and
359 * acknowledge the dump before kobject_uevent() is called. If that
360 * happens then there is a potential race between
361 * dump_ack_store->kobject_put() and kobject_uevent() which leads to a
362 * use-after-free of a kernfs object resulting in a kernel crash.
363 *
364 * To avoid that, we need to take a reference on behalf of the bin file,
365 * so that our reference remains valid while we call kobject_uevent().
366 * We then drop our reference before exiting the function, leaving the
367 * bin file to drop the last reference (if it hasn't already).
368 */
369
370 /* Take a reference for the bin file */
371 kobject_get(&dump->kobj);
372 rc = sysfs_create_bin_file(&dump->kobj, &dump->dump_attr);
373 if (rc == 0) {
374 kobject_uevent(&dump->kobj, KOBJ_ADD);
375
376 pr_info("%s: New platform dump. ID = 0x%x Size %u\n",
377 __func__, dump->id, dump->size);
378 } else {
379 /* Drop reference count taken for bin file */
380 kobject_put(&dump->kobj);
381 }
382
383 /* Drop our reference */
384 kobject_put(&dump->kobj);
385 return;
386 }
387
process_dump(int irq,void * data)388 static irqreturn_t process_dump(int irq, void *data)
389 {
390 int rc;
391 uint32_t dump_id, dump_size, dump_type;
392 char name[22];
393 struct kobject *kobj;
394
395 rc = dump_read_info(&dump_id, &dump_size, &dump_type);
396 if (rc != OPAL_SUCCESS)
397 return IRQ_HANDLED;
398
399 sprintf(name, "0x%x-0x%x", dump_type, dump_id);
400
401 /* we may get notified twice, let's handle
402 * that gracefully and not create two conflicting
403 * entries.
404 */
405 kobj = kset_find_obj(dump_kset, name);
406 if (kobj) {
407 /* Drop reference added by kset_find_obj() */
408 kobject_put(kobj);
409 return IRQ_HANDLED;
410 }
411
412 create_dump_obj(dump_id, dump_size, dump_type);
413
414 return IRQ_HANDLED;
415 }
416
opal_platform_dump_init(void)417 void __init opal_platform_dump_init(void)
418 {
419 int rc;
420 int dump_irq;
421
422 /* ELOG not supported by firmware */
423 if (!opal_check_token(OPAL_DUMP_READ))
424 return;
425
426 dump_kset = kset_create_and_add("dump", NULL, opal_kobj);
427 if (!dump_kset) {
428 pr_warn("%s: Failed to create dump kset\n", __func__);
429 return;
430 }
431
432 rc = sysfs_create_group(&dump_kset->kobj, &initiate_attr_group);
433 if (rc) {
434 pr_warn("%s: Failed to create initiate dump attr group\n",
435 __func__);
436 kobject_put(&dump_kset->kobj);
437 return;
438 }
439
440 dump_irq = opal_event_request(ilog2(OPAL_EVENT_DUMP_AVAIL));
441 if (!dump_irq) {
442 pr_err("%s: Can't register OPAL event irq (%d)\n",
443 __func__, dump_irq);
444 return;
445 }
446
447 rc = request_threaded_irq(dump_irq, NULL, process_dump,
448 IRQF_TRIGGER_HIGH | IRQF_ONESHOT,
449 "opal-dump", NULL);
450 if (rc) {
451 pr_err("%s: Can't request OPAL event irq (%d)\n",
452 __func__, rc);
453 return;
454 }
455
456 if (opal_check_token(OPAL_DUMP_RESEND))
457 opal_dump_resend_notification();
458 }
459