1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * PowerNV OPAL Dump Interface 4 * 5 * Copyright 2013,2014 IBM Corp. 6 */ 7 8 #include <linux/kobject.h> 9 #include <linux/mm.h> 10 #include <linux/slab.h> 11 #include <linux/sysfs.h> 12 #include <linux/vmalloc.h> 13 #include <linux/pagemap.h> 14 #include <linux/delay.h> 15 #include <linux/interrupt.h> 16 17 #include <asm/opal.h> 18 19 #define DUMP_TYPE_FSP 0x01 20 21 struct dump_obj { 22 struct kobject kobj; 23 struct bin_attribute dump_attr; 24 uint32_t id; /* becomes object name */ 25 uint32_t type; 26 uint32_t size; 27 char *buffer; 28 }; 29 #define to_dump_obj(x) container_of(x, struct dump_obj, kobj) 30 31 struct dump_attribute { 32 struct attribute attr; 33 ssize_t (*show)(struct dump_obj *dump, struct dump_attribute *attr, 34 char *buf); 35 ssize_t (*store)(struct dump_obj *dump, struct dump_attribute *attr, 36 const char *buf, size_t count); 37 }; 38 #define to_dump_attr(x) container_of(x, struct dump_attribute, attr) 39 40 static ssize_t dump_id_show(struct dump_obj *dump_obj, 41 struct dump_attribute *attr, 42 char *buf) 43 { 44 return sysfs_emit(buf, "0x%x\n", dump_obj->id); 45 } 46 47 static const char* dump_type_to_string(uint32_t type) 48 { 49 switch (type) { 50 case 0x01: return "SP Dump"; 51 case 0x02: return "System/Platform Dump"; 52 case 0x03: return "SMA Dump"; 53 default: return "unknown"; 54 } 55 } 56 57 static ssize_t dump_type_show(struct dump_obj *dump_obj, 58 struct dump_attribute *attr, 59 char *buf) 60 { 61 62 return sysfs_emit(buf, "0x%x %s\n", dump_obj->type, 63 dump_type_to_string(dump_obj->type)); 64 } 65 66 static ssize_t dump_ack_show(struct dump_obj *dump_obj, 67 struct dump_attribute *attr, 68 char *buf) 69 { 70 return sysfs_emit(buf, "ack - acknowledge dump\n"); 71 } 72 73 /* 74 * Send acknowledgement to OPAL 75 */ 76 static int64_t dump_send_ack(uint32_t dump_id) 77 { 78 int rc; 79 80 rc = opal_dump_ack(dump_id); 81 if (rc) 82 pr_warn("%s: Failed to send ack to Dump ID 0x%x (%d)\n", 83 __func__, dump_id, rc); 84 return rc; 85 } 86 87 static ssize_t dump_ack_store(struct dump_obj *dump_obj, 88 struct dump_attribute *attr, 89 const char *buf, 90 size_t count) 91 { 92 /* 93 * Try to self remove this attribute. If we are successful, 94 * delete the kobject itself. 95 */ 96 if (sysfs_remove_file_self(&dump_obj->kobj, &attr->attr)) { 97 dump_send_ack(dump_obj->id); 98 kobject_put(&dump_obj->kobj); 99 } 100 return count; 101 } 102 103 /* Attributes of a dump 104 * The binary attribute of the dump itself is dynamic 105 * due to the dynamic size of the dump 106 */ 107 static struct dump_attribute id_attribute = 108 __ATTR(id, 0444, dump_id_show, NULL); 109 static struct dump_attribute type_attribute = 110 __ATTR(type, 0444, dump_type_show, NULL); 111 static struct dump_attribute ack_attribute = 112 __ATTR(acknowledge, 0660, dump_ack_show, dump_ack_store); 113 114 static ssize_t init_dump_show(struct dump_obj *dump_obj, 115 struct dump_attribute *attr, 116 char *buf) 117 { 118 return sysfs_emit(buf, "1 - initiate Service Processor(FSP) dump\n"); 119 } 120 121 static int64_t dump_fips_init(uint8_t type) 122 { 123 int rc; 124 125 rc = opal_dump_init(type); 126 if (rc) 127 pr_warn("%s: Failed to initiate FSP dump (%d)\n", 128 __func__, rc); 129 return rc; 130 } 131 132 static ssize_t init_dump_store(struct dump_obj *dump_obj, 133 struct dump_attribute *attr, 134 const char *buf, 135 size_t count) 136 { 137 int rc; 138 139 rc = dump_fips_init(DUMP_TYPE_FSP); 140 if (rc == OPAL_SUCCESS) 141 pr_info("%s: Initiated FSP dump\n", __func__); 142 143 return count; 144 } 145 146 static struct dump_attribute initiate_attribute = 147 __ATTR(initiate_dump, 0600, init_dump_show, init_dump_store); 148 149 static struct attribute *initiate_attrs[] = { 150 &initiate_attribute.attr, 151 NULL, 152 }; 153 154 static const struct attribute_group initiate_attr_group = { 155 .attrs = initiate_attrs, 156 }; 157 158 static struct kset *dump_kset; 159 160 static ssize_t dump_attr_show(struct kobject *kobj, 161 struct attribute *attr, 162 char *buf) 163 { 164 struct dump_attribute *attribute; 165 struct dump_obj *dump; 166 167 attribute = to_dump_attr(attr); 168 dump = to_dump_obj(kobj); 169 170 if (!attribute->show) 171 return -EIO; 172 173 return attribute->show(dump, attribute, buf); 174 } 175 176 static ssize_t dump_attr_store(struct kobject *kobj, 177 struct attribute *attr, 178 const char *buf, size_t len) 179 { 180 struct dump_attribute *attribute; 181 struct dump_obj *dump; 182 183 attribute = to_dump_attr(attr); 184 dump = to_dump_obj(kobj); 185 186 if (!attribute->store) 187 return -EIO; 188 189 return attribute->store(dump, attribute, buf, len); 190 } 191 192 static const struct sysfs_ops dump_sysfs_ops = { 193 .show = dump_attr_show, 194 .store = dump_attr_store, 195 }; 196 197 static void dump_release(struct kobject *kobj) 198 { 199 struct dump_obj *dump; 200 201 dump = to_dump_obj(kobj); 202 vfree(dump->buffer); 203 kfree(dump); 204 } 205 206 static struct attribute *dump_default_attrs[] = { 207 &id_attribute.attr, 208 &type_attribute.attr, 209 &ack_attribute.attr, 210 NULL, 211 }; 212 ATTRIBUTE_GROUPS(dump_default); 213 214 static const struct kobj_type dump_ktype = { 215 .sysfs_ops = &dump_sysfs_ops, 216 .release = &dump_release, 217 .default_groups = dump_default_groups, 218 }; 219 220 static int64_t dump_read_info(uint32_t *dump_id, uint32_t *dump_size, uint32_t *dump_type) 221 { 222 __be32 id, size, type; 223 int rc; 224 225 type = cpu_to_be32(0xffffffff); 226 227 rc = opal_dump_info2(&id, &size, &type); 228 if (rc == OPAL_PARAMETER) 229 rc = opal_dump_info(&id, &size); 230 231 if (rc) { 232 pr_warn("%s: Failed to get dump info (%d)\n", 233 __func__, rc); 234 return rc; 235 } 236 237 *dump_id = be32_to_cpu(id); 238 *dump_size = be32_to_cpu(size); 239 *dump_type = be32_to_cpu(type); 240 241 return rc; 242 } 243 244 static int64_t dump_read_data(struct dump_obj *dump) 245 { 246 struct opal_sg_list *list; 247 uint64_t addr; 248 int64_t rc; 249 250 /* Allocate memory */ 251 dump->buffer = vzalloc(PAGE_ALIGN(dump->size)); 252 if (!dump->buffer) { 253 pr_err("%s : Failed to allocate memory\n", __func__); 254 rc = -ENOMEM; 255 goto out; 256 } 257 258 /* Generate SG list */ 259 list = opal_vmalloc_to_sg_list(dump->buffer, dump->size); 260 if (!list) { 261 rc = -ENOMEM; 262 goto out; 263 } 264 265 /* First entry address */ 266 addr = __pa(list); 267 268 /* Fetch data */ 269 rc = OPAL_BUSY_EVENT; 270 while (rc == OPAL_BUSY || rc == OPAL_BUSY_EVENT) { 271 rc = opal_dump_read(dump->id, addr); 272 if (rc == OPAL_BUSY_EVENT) { 273 opal_poll_events(NULL); 274 msleep(20); 275 } 276 } 277 278 if (rc != OPAL_SUCCESS && rc != OPAL_PARTIAL) 279 pr_warn("%s: Extract dump failed for ID 0x%x\n", 280 __func__, dump->id); 281 282 /* Free SG list */ 283 opal_free_sg_list(list); 284 285 out: 286 return rc; 287 } 288 289 static ssize_t dump_attr_read(struct file *filep, struct kobject *kobj, 290 const struct bin_attribute *bin_attr, 291 char *buffer, loff_t pos, size_t count) 292 { 293 ssize_t rc; 294 295 struct dump_obj *dump = to_dump_obj(kobj); 296 297 if (!dump->buffer) { 298 rc = dump_read_data(dump); 299 300 if (rc != OPAL_SUCCESS && rc != OPAL_PARTIAL) { 301 vfree(dump->buffer); 302 dump->buffer = NULL; 303 304 return -EIO; 305 } 306 if (rc == OPAL_PARTIAL) { 307 /* On a partial read, we just return EIO 308 * and rely on userspace to ask us to try 309 * again. 310 */ 311 pr_info("%s: Platform dump partially read. ID = 0x%x\n", 312 __func__, dump->id); 313 return -EIO; 314 } 315 } 316 317 memcpy(buffer, dump->buffer + pos, count); 318 319 /* You may think we could free the dump buffer now and retrieve 320 * it again later if needed, but due to current firmware limitation, 321 * that's not the case. So, once read into userspace once, 322 * we keep the dump around until it's acknowledged by userspace. 323 */ 324 325 return count; 326 } 327 328 static void create_dump_obj(uint32_t id, size_t size, uint32_t type) 329 { 330 struct dump_obj *dump; 331 int rc; 332 333 dump = kzalloc_obj(*dump); 334 if (!dump) 335 return; 336 337 dump->kobj.kset = dump_kset; 338 339 kobject_init(&dump->kobj, &dump_ktype); 340 341 sysfs_bin_attr_init(&dump->dump_attr); 342 343 dump->dump_attr.attr.name = "dump"; 344 dump->dump_attr.attr.mode = 0400; 345 dump->dump_attr.size = size; 346 dump->dump_attr.read = dump_attr_read; 347 348 dump->id = id; 349 dump->size = size; 350 dump->type = type; 351 352 rc = kobject_add(&dump->kobj, NULL, "0x%x-0x%x", type, id); 353 if (rc) { 354 kobject_put(&dump->kobj); 355 return; 356 } 357 358 /* 359 * As soon as the sysfs file for this dump is created/activated there is 360 * a chance the opal_errd daemon (or any userspace) might read and 361 * acknowledge the dump before kobject_uevent() is called. If that 362 * happens then there is a potential race between 363 * dump_ack_store->kobject_put() and kobject_uevent() which leads to a 364 * use-after-free of a kernfs object resulting in a kernel crash. 365 * 366 * To avoid that, we need to take a reference on behalf of the bin file, 367 * so that our reference remains valid while we call kobject_uevent(). 368 * We then drop our reference before exiting the function, leaving the 369 * bin file to drop the last reference (if it hasn't already). 370 */ 371 372 /* Take a reference for the bin file */ 373 kobject_get(&dump->kobj); 374 rc = sysfs_create_bin_file(&dump->kobj, &dump->dump_attr); 375 if (rc == 0) { 376 kobject_uevent(&dump->kobj, KOBJ_ADD); 377 378 pr_info("%s: New platform dump. ID = 0x%x Size %u\n", 379 __func__, dump->id, dump->size); 380 } else { 381 /* Drop reference count taken for bin file */ 382 kobject_put(&dump->kobj); 383 } 384 385 /* Drop our reference */ 386 kobject_put(&dump->kobj); 387 return; 388 } 389 390 static irqreturn_t process_dump(int irq, void *data) 391 { 392 int rc; 393 uint32_t dump_id, dump_size, dump_type; 394 char name[22]; 395 struct kobject *kobj; 396 397 rc = dump_read_info(&dump_id, &dump_size, &dump_type); 398 if (rc != OPAL_SUCCESS) 399 return IRQ_HANDLED; 400 401 sprintf(name, "0x%x-0x%x", dump_type, dump_id); 402 403 /* we may get notified twice, let's handle 404 * that gracefully and not create two conflicting 405 * entries. 406 */ 407 kobj = kset_find_obj(dump_kset, name); 408 if (kobj) { 409 /* Drop reference added by kset_find_obj() */ 410 kobject_put(kobj); 411 return IRQ_HANDLED; 412 } 413 414 create_dump_obj(dump_id, dump_size, dump_type); 415 416 return IRQ_HANDLED; 417 } 418 419 void __init opal_platform_dump_init(void) 420 { 421 int rc; 422 int dump_irq; 423 424 /* Dump not supported by firmware */ 425 if (!opal_check_token(OPAL_DUMP_READ)) 426 return; 427 428 dump_kset = kset_create_and_add("dump", NULL, opal_kobj); 429 if (!dump_kset) { 430 pr_warn("%s: Failed to create dump kset\n", __func__); 431 return; 432 } 433 434 rc = sysfs_create_group(&dump_kset->kobj, &initiate_attr_group); 435 if (rc) { 436 pr_warn("%s: Failed to create initiate dump attr group\n", 437 __func__); 438 kobject_put(&dump_kset->kobj); 439 return; 440 } 441 442 dump_irq = opal_event_request(ilog2(OPAL_EVENT_DUMP_AVAIL)); 443 if (!dump_irq) { 444 pr_err("%s: Can't register OPAL event irq (%d)\n", 445 __func__, dump_irq); 446 return; 447 } 448 449 rc = request_threaded_irq(dump_irq, NULL, process_dump, 450 IRQF_TRIGGER_HIGH | IRQF_ONESHOT, 451 "opal-dump", NULL); 452 if (rc) { 453 pr_err("%s: Can't request OPAL event irq (%d)\n", 454 __func__, rc); 455 return; 456 } 457 458 if (opal_check_token(OPAL_DUMP_RESEND)) 459 opal_dump_resend_notification(); 460 } 461