xref: /linux/drivers/firmware/google/memconsole-coreboot.c (revision 4b660dbd9ee2059850fd30e0df420ca7a38a1856)
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * memconsole-coreboot.c
4  *
5  * Memory based BIOS console accessed through coreboot table.
6  *
7  * Copyright 2017 Google Inc.
8  */
9 
10 #include <linux/device.h>
11 #include <linux/io.h>
12 #include <linux/kernel.h>
13 #include <linux/module.h>
14 
15 #include "memconsole.h"
16 #include "coreboot_table.h"
17 
18 #define CB_TAG_CBMEM_CONSOLE	0x17
19 
20 /* CBMEM firmware console log descriptor. */
21 struct cbmem_cons {
22 	u32 size_dont_access_after_boot;
23 	u32 cursor;
24 	u8  body[];
25 } __packed;
26 
27 #define CURSOR_MASK ((1 << 28) - 1)
28 #define OVERFLOW (1 << 31)
29 
30 static struct cbmem_cons *cbmem_console;
31 static u32 cbmem_console_size;
32 
33 /*
34  * The cbmem_console structure is read again on every access because it may
35  * change at any time if runtime firmware logs new messages. This may rarely
36  * lead to race conditions where the firmware overwrites the beginning of the
37  * ring buffer with more lines after we have already read |cursor|. It should be
38  * rare and harmless enough that we don't spend extra effort working around it.
39  */
40 static ssize_t memconsole_coreboot_read(char *buf, loff_t pos, size_t count)
41 {
42 	u32 cursor = cbmem_console->cursor & CURSOR_MASK;
43 	u32 flags = cbmem_console->cursor & ~CURSOR_MASK;
44 	u32 size = cbmem_console_size;
45 	struct seg {	/* describes ring buffer segments in logical order */
46 		u32 phys;	/* physical offset from start of mem buffer */
47 		u32 len;	/* length of segment */
48 	} seg[2] = { {0}, {0} };
49 	size_t done = 0;
50 	int i;
51 
52 	if (flags & OVERFLOW) {
53 		if (cursor > size)	/* Shouldn't really happen, but... */
54 			cursor = 0;
55 		seg[0] = (struct seg){.phys = cursor, .len = size - cursor};
56 		seg[1] = (struct seg){.phys = 0, .len = cursor};
57 	} else {
58 		seg[0] = (struct seg){.phys = 0, .len = min(cursor, size)};
59 	}
60 
61 	for (i = 0; i < ARRAY_SIZE(seg) && count > done; i++) {
62 		done += memory_read_from_buffer(buf + done, count - done, &pos,
63 			cbmem_console->body + seg[i].phys, seg[i].len);
64 		pos -= seg[i].len;
65 	}
66 	return done;
67 }
68 
69 static int memconsole_probe(struct coreboot_device *dev)
70 {
71 	struct cbmem_cons *tmp_cbmc;
72 
73 	tmp_cbmc = memremap(dev->cbmem_ref.cbmem_addr,
74 			    sizeof(*tmp_cbmc), MEMREMAP_WB);
75 
76 	if (!tmp_cbmc)
77 		return -ENOMEM;
78 
79 	/* Read size only once to prevent overrun attack through /dev/mem. */
80 	cbmem_console_size = tmp_cbmc->size_dont_access_after_boot;
81 	cbmem_console = devm_memremap(&dev->dev, dev->cbmem_ref.cbmem_addr,
82 				 cbmem_console_size + sizeof(*cbmem_console),
83 				 MEMREMAP_WB);
84 	memunmap(tmp_cbmc);
85 
86 	if (IS_ERR(cbmem_console))
87 		return PTR_ERR(cbmem_console);
88 
89 	memconsole_setup(memconsole_coreboot_read);
90 
91 	return memconsole_sysfs_init();
92 }
93 
94 static void memconsole_remove(struct coreboot_device *dev)
95 {
96 	memconsole_exit();
97 }
98 
99 static const struct coreboot_device_id memconsole_ids[] = {
100 	{ .tag = CB_TAG_CBMEM_CONSOLE },
101 	{ /* sentinel */ }
102 };
103 MODULE_DEVICE_TABLE(coreboot, memconsole_ids);
104 
105 static struct coreboot_driver memconsole_driver = {
106 	.probe = memconsole_probe,
107 	.remove = memconsole_remove,
108 	.drv = {
109 		.name = "memconsole",
110 	},
111 	.id_table = memconsole_ids,
112 };
113 module_coreboot_driver(memconsole_driver);
114 
115 MODULE_AUTHOR("Google, Inc.");
116 MODULE_LICENSE("GPL");
117