xref: /titanic_41/usr/src/cmd/fwflash/plugins/vendor/tavor-MELLANOX.c (revision b67a60d6eedde75935cdd0a5bdaf0f93210e759f)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved.
24  */
25 
26 /*
27  * Mellanox firmware image verification plugin
28  */
29 
30 
31 #include <stdio.h>
32 #include <stdlib.h>
33 #include <unistd.h>
34 #include <sys/types.h>
35 #include <sys/stat.h>
36 #include <sys/sysmacros.h>
37 #include <fcntl.h>
38 #include <sys/condvar.h>
39 #include <string.h>
40 #include <strings.h>
41 
42 #include <sys/byteorder.h>
43 
44 #include <libintl.h> /* for gettext(3c) */
45 
46 #include <fwflash/fwflash.h>
47 #include "../hdrs/MELLANOX.h"
48 #include "../hdrs/tavor_ib.h"
49 
50 char vendor[] = "MELLANOX\0";
51 
52 extern int errno;
53 extern struct vrfyplugin *verifier;
54 
55 
56 /* required functions for this plugin */
57 int vendorvrfy(struct devicelist *devicenode);
58 
59 
60 /* helper functions */
61 static int check_guid_ptr(uint8_t *data);
62 
63 
64 int
vendorvrfy(struct devicelist * devicenode)65 vendorvrfy(struct devicelist *devicenode)
66 {
67 	struct ib_encap_ident	*encap;
68 	uint32_t	sector_sz;
69 	int		*firmware;
70 	uint32_t	vp_fia, vs_fia;
71 	uint32_t	vp_imginfo, vs_imginfo;
72 	struct mlx_xps	*vps;
73 	uint8_t		*vfi;
74 	int		i = 0, a, b, c, d;
75 	char		temppsid[17];
76 	char		rawpsid[16];
77 	int		offset;
78 
79 	encap = (struct ib_encap_ident *)devicenode->ident->encap_ident;
80 
81 	/*
82 	 * NOTE that since verifier->fwimage is an array of ints,
83 	 * we have to divide our actual desired number by 4 to get
84 	 * the right data.
85 	 */
86 	firmware = verifier->fwimage;
87 
88 	/*
89 	 * The actual location of log2_sector_sz can be calculated
90 	 * by adding 0x32 to the value that is written in the
91 	 * log2_sector_sz_ptr field.  The log2_sector_sz_ptr is located
92 	 * at 0x16 byte offset in Invariant Sector.
93 	 */
94 	offset = FLASH_IS_SECTOR_SIZE_OFFSET +
95 	    MLXSWAPBITS32(firmware[FLASH_IS_SECT_SIZE_PTR/4]);
96 
97 	sector_sz = 1 << MLXSWAPBITS32(firmware[offset/4]);
98 
99 	if (sector_sz != encap->sector_sz) {
100 		logmsg(MSG_ERROR,
101 		    gettext("%s firmware image verifier: "
102 		    "Invariant Sector is invalid\n"), verifier->vendor);
103 		logmsg(MSG_ERROR, gettext("Mis-match in sector size: "
104 		    "device's 0x%X file 0x%X\n"), encap->sector_sz, sector_sz);
105 		logmsg(MSG_ERROR, gettext("Firmware image file is not "
106 		    "appropriate for this device.\n"));
107 		/* this is fatal */
108 		return (FWFLASH_FAILURE);
109 	}
110 
111 	/* now verify primary pointer sector */
112 	if ((vps = calloc(1, sizeof (struct mlx_xps))) == NULL) {
113 		logmsg(MSG_ERROR,
114 		    gettext("%s firmware image verifier: "
115 		    "Unable to allocate memory for Primary Pointer "
116 		    "Sector verification\n"), verifier->vendor);
117 		return (FWFLASH_FAILURE);
118 	}
119 	bcopy(&firmware[sector_sz / 4], vps, sizeof (struct mlx_xps));
120 	if ((MLXSWAPBITS32(vps->signature) != FLASH_PS_SIGNATURE) ||
121 	    (vps->xpsresv3 != 0)) {
122 		logmsg(MSG_ERROR,
123 		    gettext("%s firmware image verifier: "
124 		    "Primary Pointer Sector is invalid\n"),
125 		    verifier->vendor);
126 	}
127 	vp_fia = MLXSWAPBITS32(vps->fia);
128 
129 	/*
130 	 * A slight diversion - check the PSID in the last
131 	 * 16 bytes of the first 256bytes in the xPS sectors.
132 	 * This will give us our part number to match. If the
133 	 * part number in the image doesn't match the part number
134 	 * in the encap_ident info (and pn_len > 0) then we reject
135 	 * this image as being incompatible with the HCA.
136 	 *
137 	 * In this bit we're only checking the info.mlx_psid field
138 	 * of the primary image in the on-disk image. If that's
139 	 * invalid we reject the image.
140 	 */
141 
142 	bzero(temppsid, 17);
143 	bcopy(vps->vsdpsid+0xd0, &rawpsid, 16);
144 
145 	for (i = 0; i < 16; i += 4) {
146 		temppsid[i]   = rawpsid[i+3];
147 		temppsid[i+1] = rawpsid[i+2];
148 		temppsid[i+2] = rawpsid[i+1];
149 		temppsid[i+3] = rawpsid[i];
150 	}
151 	logmsg(MSG_INFO,
152 	    "tavor: have raw '%s', want munged '%s'\n",
153 	    rawpsid, temppsid);
154 	logmsg(MSG_INFO, "tavor_vrfy: PSID file '%s' HCA's PSID '%s'\n",
155 	    (temppsid != NULL) ? temppsid : "(null)",
156 	    (encap->info.mlx_psid != NULL) ? encap->info.mlx_psid : "(null)");
157 
158 	if (encap->info.mlx_psid != NULL) {
159 		int resp;
160 		if (strncmp(encap->info.mlx_psid, temppsid, 16) != 0) {
161 			logmsg(MSG_ERROR,
162 			    gettext("%s firmware image verifier: "
163 			    "firmware image file %s is not appropriate "
164 			    "for device "
165 			    "%s (PSID file %s vs PSID device %s)\n"),
166 			    verifier->vendor, verifier->imgfile,
167 			    devicenode->drvname,
168 			    ((temppsid != NULL) ? temppsid : "(null)"),
169 			    encap->info.mlx_psid);
170 
171 			logmsg(MSG_ERROR,
172 			    gettext("Do you want to continue? (Y/N): "));
173 			(void) fflush(stdin);
174 			resp = getchar();
175 			if (resp != 'Y' && resp != 'y') {
176 				free(vps);
177 				logmsg(MSG_ERROR, gettext("Not proceeding with "
178 				    "flash operation of %s on %s\n"),
179 				    verifier->imgfile, devicenode->drvname);
180 				return (FWFLASH_FAILURE);
181 			}
182 		} else {
183 			logmsg(MSG_INFO,
184 			    "%s firmware image verifier: HCA PSID (%s) "
185 			    "matches firmware image %s's PSID\n",
186 			    verifier->vendor,
187 			    encap->info.mlx_psid,
188 			    verifier->imgfile);
189 		}
190 	}
191 
192 
193 	/* now verify secondary pointer sector */
194 	bzero(vps, sizeof (struct mlx_xps));
195 
196 	bcopy(&firmware[sector_sz / 2], vps, sizeof (struct mlx_xps));
197 	if ((MLXSWAPBITS32(vps->signature) != FLASH_PS_SIGNATURE) ||
198 	    (vps->xpsresv3 != 0)) {
199 		logmsg(MSG_ERROR,
200 		    gettext("%s firmware image verifier: "
201 		    "Secondary Pointer Sector is invalid\n"),
202 		    verifier->vendor);
203 	}
204 	vs_fia = MLXSWAPBITS32(vps->fia);
205 
206 	(void) free(vps);
207 
208 	if ((vfi = calloc(1, sector_sz)) == NULL) {
209 		logmsg(MSG_ERROR,
210 		    gettext("%s firmware image verifier: "
211 		    "Unable to allocate space for Primary "
212 		    "Firmware Image verification\n"),
213 		    verifier->vendor);
214 		return (FWFLASH_FAILURE);
215 	}
216 	bcopy(&firmware[vp_fia / 4], vfi, sector_sz);
217 	bcopy(&vfi[XFI_IMGINFO_OFFSET], &i, 4);
218 	vp_imginfo = MLXSWAPBITS32(i);
219 
220 	/* for readability only */
221 	a = (vp_imginfo & 0xff000000) >> 24;
222 	b = (vp_imginfo & 0x00ff0000) >> 16;
223 	c = (vp_imginfo & 0x0000ff00) >> 8;
224 	d = (vp_imginfo & 0x000000ff);
225 
226 	/*
227 	 * It appears to be the case (empirically) that this particular
228 	 * check condition for ImageInfoPtr doesn't hold for A1 firmware
229 	 * images. So if the ((a+b+c+d)%0x100) fails, don't worry unless
230 	 * the contents of the GUID section do not match the Mellanox
231 	 * default GUIDs 2c9000100d05[0123]. The A2++ images also have
232 	 * these default GUIDS.
233 	 *
234 	 * Unfortunately we can't depend on the hwrev field of the image's
235 	 * Invariant Sector for another level of confirmation, since A2++
236 	 * images seem to have that field set to 0xa1 as well as the A1
237 	 * images. Annoying!
238 	 */
239 
240 	if ((((a+b+c+d) % 0x100) == 0) &&
241 	    (vp_imginfo != 0x00000000)) {
242 		logmsg(MSG_INFO,
243 		    "%s firmware image verifier: "
244 		    "Primary Firmware Image Info pointer is valid\n",
245 		    verifier->vendor);
246 	} else {
247 
248 		logmsg(MSG_INFO,
249 		    gettext("%s firmware image verifier: "
250 		    "Primary Firmware Image Info pointer is invalid "
251 		    "(0x%04x)\nChecking GUID section.....\n"),
252 		    verifier->vendor, vp_imginfo);
253 
254 		if (check_guid_ptr(vfi) == FWFLASH_FAILURE) {
255 			logmsg(MSG_INFO,
256 			    gettext("%s firmware image verifier: "
257 			    "Primary Firmware Image GUID section "
258 			    "is invalid\n"),
259 			    verifier->vendor);
260 			i = 1;
261 		} else {
262 			logmsg(MSG_INFO,
263 			    "%s firmware image verifier: "
264 			    "Primary GUID section is ok\n",
265 			    verifier->vendor);
266 		}
267 
268 	}
269 
270 	bzero(vfi, sector_sz);
271 	bcopy(&firmware[vs_fia / 4], vfi, sector_sz);
272 
273 	bcopy(&vfi[XFI_IMGINFO_OFFSET], &i, 4);
274 	vs_imginfo = MLXSWAPBITS32(i);
275 
276 	/* for readability only */
277 	a = (vs_imginfo & 0xff000000) >> 24;
278 	b = (vs_imginfo & 0x00ff0000) >> 16;
279 	c = (vs_imginfo & 0x0000ff00) >> 8;
280 	d = (vs_imginfo & 0x000000ff);
281 
282 	if ((((a+b+c+d) % 0x100) == 0) &&
283 	    (vs_imginfo != 0x00000000)) {
284 		logmsg(MSG_INFO,
285 		    "%s firmware image verifier: "
286 		    "Secondary Firmware Image Info pointer is valid\n",
287 		    verifier->vendor);
288 	} else {
289 		logmsg(MSG_INFO,
290 		    gettext("%s firmware image verifier: "
291 		    "Secondary Firmware Image Info pointer is invalid "
292 		    "(0x%04x)\nChecking GUID section.....\n"),
293 		    verifier->vendor, vp_imginfo);
294 
295 		if (check_guid_ptr(vfi) == FWFLASH_FAILURE) {
296 			logmsg(MSG_INFO,
297 			    gettext("%s firmware image verifier: "
298 			    "Secondary Firmware Image GUID section "
299 			    "is invalid\n"),
300 			    verifier->vendor);
301 			i++;
302 		}
303 	}
304 
305 	free(vfi);
306 
307 	if (i == 2)
308 		logmsg(MSG_WARN, gettext("%s firmware image verifier: "
309 		    "FAILED\n"), verifier->vendor);
310 
311 	return ((i == 2) ? (FWFLASH_FAILURE) : (FWFLASH_SUCCESS));
312 }
313 
314 
315 /*
316  * Very simple function - we're given an array of bytes,
317  * we know that we need to read the value at offset FLASH_GUID_PTR
318  * and jump to that location to read 4x uint64_t of (hopefully)
319  * GUID data. If we can read that data, and it matches the default
320  * Mellanox GUIDs, then we return success. We need all 4 default
321  * GUIDs to match otherwise we return failure.
322  */
323 static int
check_guid_ptr(uint8_t * data)324 check_guid_ptr(uint8_t *data)
325 {
326 	struct mlx_xfi	xfisect;
327 	struct mlx_guid_sect	guidsect;
328 
329 	bcopy(data, &xfisect, sizeof (xfisect));
330 	bcopy(&data[MLXSWAPBITS32(xfisect.nguidptr) - 16], &guidsect,
331 	    GUIDSECTION_SZ);
332 
333 	logmsg(MSG_INFO, "nodeguid:  %0llx\n",
334 	    MLXSWAPBITS64(guidsect.nodeguid));
335 	logmsg(MSG_INFO, "port1guid: %0llx\n",
336 	    MLXSWAPBITS64(guidsect.port1guid));
337 	logmsg(MSG_INFO, "port2guid: %0llx\n",
338 	    MLXSWAPBITS64(guidsect.port2guid));
339 	logmsg(MSG_INFO, "sysimguid: %0llx\n",
340 	    MLXSWAPBITS64(guidsect.sysimguid));
341 
342 	if ((MLXSWAPBITS64(guidsect.nodeguid) == MLX_DEFAULT_NODE_GUID) &&
343 	    (MLXSWAPBITS64(guidsect.port1guid) == MLX_DEFAULT_P1_GUID) &&
344 	    (MLXSWAPBITS64(guidsect.port2guid) == MLX_DEFAULT_P2_GUID) &&
345 	    ((MLXSWAPBITS64(guidsect.sysimguid) == MLX_DEFAULT_SYSIMG_GUID) ||
346 	    (MLXSWAPBITS64(guidsect.sysimguid) == MLX_DEFAULT_NODE_GUID)) ||
347 	    ((((MLXSWAPBITS64(guidsect.nodeguid) & HIGHBITS64) >> 40)
348 	    == MLX_OUI) ||
349 	    (((MLXSWAPBITS64(guidsect.port1guid) & HIGHBITS64) >> 40)
350 	    == MLX_OUI) ||
351 	    (((MLXSWAPBITS64(guidsect.port2guid) & HIGHBITS64) >> 40)
352 	    == MLX_OUI) ||
353 	    (((MLXSWAPBITS64(guidsect.sysimguid) & HIGHBITS64) >> 40)
354 	    == MLX_OUI))) {
355 		return (FWFLASH_SUCCESS);
356 	} else {
357 		return (FWFLASH_FAILURE);
358 	}
359 }
360