xref: /linux/drivers/platform/x86/intel/ifs/load.c (revision df9c299371054cb725eef730fd0f1d0fe2ed6bb0)
1 // SPDX-License-Identifier: GPL-2.0-only
2 /* Copyright(c) 2022 Intel Corporation. */
3 
4 #include <linux/firmware.h>
5 #include <linux/sizes.h>
6 #include <asm/cpu.h>
7 #include <asm/microcode.h>
8 #include <asm/msr.h>
9 
10 #include "ifs.h"
11 
12 #define IFS_CHUNK_ALIGNMENT	256
13 union meta_data {
14 	struct {
15 		u32 meta_type;		// metadata type
16 		u32 meta_size;		// size of this entire struct including hdrs.
17 		u32 test_type;		// IFS test type
18 		u32 fusa_info;		// Fusa info
19 		u32 total_images;	// Total number of images
20 		u32 current_image;	// Current Image #
21 		u32 total_chunks;	// Total number of chunks in this image
22 		u32 starting_chunk;	// Starting chunk number in this image
23 		u32 size_per_chunk;	// size of each chunk
24 		u32 chunks_per_stride;	// number of chunks in a stride
25 	};
26 	u8 padding[IFS_CHUNK_ALIGNMENT];
27 };
28 
29 #define IFS_HEADER_SIZE	(sizeof(struct microcode_header_intel))
30 #define META_TYPE_IFS	1
31 #define INVALIDATE_STRIDE	0x1UL
32 #define IFS_GEN_STRIDE_AWARE	2
33 #define AUTH_INTERRUPTED_ERROR	5
34 #define IFS_AUTH_RETRY_CT	10
35 
36 static  struct microcode_header_intel *ifs_header_ptr;	/* pointer to the ifs image header */
37 static u64 ifs_hash_ptr;			/* Address of ifs metadata (hash) */
38 static u64 ifs_test_image_ptr;			/* 256B aligned address of test pattern */
39 static DECLARE_COMPLETION(ifs_done);
40 
41 static const char * const scan_hash_status[] = {
42 	[0] = "No error reported",
43 	[1] = "Attempt to copy scan hashes when copy already in progress",
44 	[2] = "Secure Memory not set up correctly",
45 	[3] = "FuSaInfo.ProgramID does not match or ff-mm-ss does not match",
46 	[4] = "Reserved",
47 	[5] = "Integrity check failed",
48 	[6] = "Scan reload or test is in progress"
49 };
50 
51 static const char * const scan_authentication_status[] = {
52 	[0] = "No error reported",
53 	[1] = "Attempt to authenticate a chunk which is already marked as authentic",
54 	[2] = "Chunk authentication error. The hash of chunk did not match expected value",
55 	[3] = "Reserved",
56 	[4] = "Chunk outside the current stride",
57 	[5] = "Authentication flow interrupted",
58 };
59 
60 #define MC_HEADER_META_TYPE_END		(0)
61 
62 struct metadata_header {
63 	unsigned int		type;
64 	unsigned int		blk_size;
65 };
66 
67 static struct metadata_header *find_meta_data(void *ucode, unsigned int meta_type)
68 {
69 	struct microcode_header_intel *hdr = &((struct microcode_intel *)ucode)->hdr;
70 	struct metadata_header *meta_header;
71 	unsigned long data_size, total_meta;
72 	unsigned long meta_size = 0;
73 
74 	data_size = intel_microcode_get_datasize(hdr);
75 	total_meta = hdr->metasize;
76 	if (!total_meta)
77 		return NULL;
78 
79 	meta_header = (ucode + MC_HEADER_SIZE + data_size) - total_meta;
80 
81 	while (meta_header->type != MC_HEADER_META_TYPE_END &&
82 	       meta_header->blk_size &&
83 	       meta_size < total_meta) {
84 		meta_size += meta_header->blk_size;
85 		if (meta_header->type == meta_type)
86 			return meta_header;
87 
88 		meta_header = (void *)meta_header + meta_header->blk_size;
89 	}
90 	return NULL;
91 }
92 
93 static void hashcopy_err_message(struct device *dev, u32 err_code)
94 {
95 	if (err_code >= ARRAY_SIZE(scan_hash_status))
96 		dev_err(dev, "invalid error code 0x%x for hash copy\n", err_code);
97 	else
98 		dev_err(dev, "Hash copy error : %s\n", scan_hash_status[err_code]);
99 }
100 
101 static void auth_err_message(struct device *dev, u32 err_code)
102 {
103 	if (err_code >= ARRAY_SIZE(scan_authentication_status))
104 		dev_err(dev, "invalid error code 0x%x for authentication\n", err_code);
105 	else
106 		dev_err(dev, "Chunk authentication error : %s\n",
107 			scan_authentication_status[err_code]);
108 }
109 
110 /*
111  * To copy scan hashes and authenticate test chunks, the initiating cpu must point
112  * to the EDX:EAX to the test image in linear address.
113  * Run wrmsr(MSR_COPY_SCAN_HASHES) for scan hash copy and run wrmsr(MSR_AUTHENTICATE_AND_COPY_CHUNK)
114  * for scan hash copy and test chunk authentication.
115  */
116 static void copy_hashes_authenticate_chunks(struct work_struct *work)
117 {
118 	struct ifs_work *local_work = container_of(work, struct ifs_work, w);
119 	union ifs_scan_hashes_status hashes_status;
120 	union ifs_chunks_auth_status chunk_status;
121 	struct device *dev = local_work->dev;
122 	const struct ifs_test_msrs *msrs;
123 	int i, num_chunks, chunk_size;
124 	struct ifs_data *ifsd;
125 	u64 linear_addr, base;
126 	u32 err_code;
127 
128 	ifsd = ifs_get_data(dev);
129 	msrs = ifs_get_test_msrs(dev);
130 	/* run scan hash copy */
131 	wrmsrq(msrs->copy_hashes, ifs_hash_ptr);
132 	rdmsrq(msrs->copy_hashes_status, hashes_status.data);
133 
134 	/* enumerate the scan image information */
135 	num_chunks = hashes_status.num_chunks;
136 	chunk_size = hashes_status.chunk_size * 1024;
137 	err_code = hashes_status.error_code;
138 
139 	if (!hashes_status.valid) {
140 		ifsd->loading_error = true;
141 		hashcopy_err_message(dev, err_code);
142 		goto done;
143 	}
144 
145 	/* base linear address to the scan data */
146 	base = ifs_test_image_ptr;
147 
148 	/* scan data authentication and copy chunks to secured memory */
149 	for (i = 0; i < num_chunks; i++) {
150 		linear_addr = base + i * chunk_size;
151 		linear_addr |= i;
152 
153 		wrmsrq(msrs->copy_chunks, linear_addr);
154 		rdmsrq(msrs->copy_chunks_status, chunk_status.data);
155 
156 		ifsd->valid_chunks = chunk_status.valid_chunks;
157 		err_code = chunk_status.error_code;
158 
159 		if (err_code) {
160 			ifsd->loading_error = true;
161 			auth_err_message(dev, err_code);
162 			goto done;
163 		}
164 	}
165 done:
166 	complete(&ifs_done);
167 }
168 
169 static int get_num_chunks(int gen, union ifs_scan_hashes_status_gen2 status)
170 {
171 	return gen >= IFS_GEN_STRIDE_AWARE ? status.chunks_in_stride : status.num_chunks;
172 }
173 
174 static bool need_copy_scan_hashes(struct ifs_data *ifsd)
175 {
176 	return !ifsd->loaded ||
177 		ifsd->generation < IFS_GEN_STRIDE_AWARE ||
178 		ifsd->loaded_version != ifs_header_ptr->rev;
179 }
180 
181 static int copy_hashes_authenticate_chunks_gen2(struct device *dev)
182 {
183 	union ifs_scan_hashes_status_gen2 hashes_status;
184 	union ifs_chunks_auth_status_gen2 chunk_status;
185 	u32 err_code, valid_chunks, total_chunks;
186 	const struct ifs_test_msrs *msrs;
187 	int i, num_chunks, chunk_size;
188 	union meta_data *ifs_meta;
189 	int starting_chunk_nr;
190 	struct ifs_data *ifsd;
191 	u64 linear_addr, base;
192 	u64 chunk_table[2];
193 	int retry_count;
194 
195 	ifsd = ifs_get_data(dev);
196 	msrs = ifs_get_test_msrs(dev);
197 
198 	if (need_copy_scan_hashes(ifsd)) {
199 		wrmsrq(msrs->copy_hashes, ifs_hash_ptr);
200 		rdmsrq(msrs->copy_hashes_status, hashes_status.data);
201 
202 		/* enumerate the scan image information */
203 		chunk_size = hashes_status.chunk_size * SZ_1K;
204 		err_code = hashes_status.error_code;
205 
206 		num_chunks = get_num_chunks(ifsd->generation, hashes_status);
207 
208 		if (!hashes_status.valid) {
209 			hashcopy_err_message(dev, err_code);
210 			return -EIO;
211 		}
212 		ifsd->loaded_version = ifs_header_ptr->rev;
213 		ifsd->chunk_size = chunk_size;
214 	} else {
215 		num_chunks = ifsd->valid_chunks;
216 		chunk_size = ifsd->chunk_size;
217 	}
218 
219 	if (ifsd->generation >= IFS_GEN_STRIDE_AWARE) {
220 		wrmsrq(msrs->test_ctrl, INVALIDATE_STRIDE);
221 		rdmsrq(msrs->copy_chunks_status, chunk_status.data);
222 		if (chunk_status.valid_chunks != 0) {
223 			dev_err(dev, "Couldn't invalidate installed stride - %d\n",
224 				chunk_status.valid_chunks);
225 			return -EIO;
226 		}
227 	}
228 
229 	base = ifs_test_image_ptr;
230 	ifs_meta = (union meta_data *)find_meta_data(ifs_header_ptr, META_TYPE_IFS);
231 	starting_chunk_nr = ifs_meta->starting_chunk;
232 
233 	/* scan data authentication and copy chunks to secured memory */
234 	for (i = 0; i < num_chunks; i++) {
235 		retry_count = IFS_AUTH_RETRY_CT;
236 		linear_addr = base + i * chunk_size;
237 
238 		chunk_table[0] = starting_chunk_nr + i;
239 		chunk_table[1] = linear_addr;
240 		do {
241 			local_irq_disable();
242 			wrmsrq(msrs->copy_chunks, (u64)chunk_table);
243 			local_irq_enable();
244 			rdmsrq(msrs->copy_chunks_status, chunk_status.data);
245 			err_code = chunk_status.error_code;
246 		} while (err_code == AUTH_INTERRUPTED_ERROR && --retry_count);
247 
248 		if (err_code) {
249 			ifsd->loading_error = true;
250 			auth_err_message(dev, err_code);
251 			return -EIO;
252 		}
253 	}
254 
255 	valid_chunks = chunk_status.valid_chunks;
256 	total_chunks = chunk_status.total_chunks;
257 
258 	if (valid_chunks != total_chunks) {
259 		ifsd->loading_error = true;
260 		dev_err(dev, "Couldn't authenticate all the chunks. Authenticated %d total %d.\n",
261 			valid_chunks, total_chunks);
262 		return -EIO;
263 	}
264 	ifsd->valid_chunks = valid_chunks;
265 	ifsd->max_bundle = chunk_status.max_bundle;
266 
267 	return 0;
268 }
269 
270 static int validate_ifs_metadata(struct device *dev)
271 {
272 	const struct ifs_test_caps *test = ifs_get_test_caps(dev);
273 	struct ifs_data *ifsd = ifs_get_data(dev);
274 	union meta_data *ifs_meta;
275 	char test_file[64];
276 	int ret = -EINVAL;
277 
278 	snprintf(test_file, sizeof(test_file), "%02x-%02x-%02x-%02x.%s",
279 		 boot_cpu_data.x86, boot_cpu_data.x86_model,
280 		 boot_cpu_data.x86_stepping, ifsd->cur_batch, test->image_suffix);
281 
282 	ifs_meta = (union meta_data *)find_meta_data(ifs_header_ptr, META_TYPE_IFS);
283 	if (!ifs_meta) {
284 		dev_err(dev, "IFS Metadata missing in file %s\n", test_file);
285 		return ret;
286 	}
287 
288 	ifs_test_image_ptr = (u64)ifs_meta + sizeof(union meta_data);
289 
290 	/* Scan chunk start must be 256 byte aligned */
291 	if (!IS_ALIGNED(ifs_test_image_ptr, IFS_CHUNK_ALIGNMENT)) {
292 		dev_err(dev, "Scan pattern is not aligned on %d bytes aligned in %s\n",
293 			IFS_CHUNK_ALIGNMENT, test_file);
294 		return ret;
295 	}
296 
297 	if (ifs_meta->current_image != ifsd->cur_batch) {
298 		dev_warn(dev, "Mismatch between filename %s and batch metadata 0x%02x\n",
299 			 test_file, ifs_meta->current_image);
300 		return ret;
301 	}
302 
303 	if (ifs_meta->chunks_per_stride &&
304 	    (ifs_meta->starting_chunk % ifs_meta->chunks_per_stride != 0)) {
305 		dev_warn(dev, "Starting chunk num %u not a multiple of chunks_per_stride %u\n",
306 			 ifs_meta->starting_chunk, ifs_meta->chunks_per_stride);
307 		return ret;
308 	}
309 
310 	if (ifs_meta->test_type != test->test_num) {
311 		dev_warn(dev, "Metadata test_type %d mismatches with device type\n",
312 			 ifs_meta->test_type);
313 		return ret;
314 	}
315 
316 	return 0;
317 }
318 
319 /*
320  * IFS requires scan chunks authenticated per each socket in the platform.
321  * Once the test chunk is authenticated, it is automatically copied to secured memory
322  * and proceed the authentication for the next chunk.
323  */
324 static int scan_chunks_sanity_check(struct device *dev)
325 {
326 	struct ifs_data *ifsd = ifs_get_data(dev);
327 	struct ifs_work local_work;
328 	int curr_pkg, cpu, ret;
329 
330 	memset(ifs_pkg_auth, 0, (topology_max_packages() * sizeof(bool)));
331 	ret = validate_ifs_metadata(dev);
332 	if (ret)
333 		return ret;
334 
335 	ifsd->loading_error = false;
336 
337 	if (ifsd->generation > 0)
338 		return copy_hashes_authenticate_chunks_gen2(dev);
339 
340 	/* copy the scan hash and authenticate per package */
341 	cpus_read_lock();
342 	for_each_online_cpu(cpu) {
343 		curr_pkg = topology_physical_package_id(cpu);
344 		if (ifs_pkg_auth[curr_pkg])
345 			continue;
346 		reinit_completion(&ifs_done);
347 		local_work.dev = dev;
348 		INIT_WORK_ONSTACK(&local_work.w, copy_hashes_authenticate_chunks);
349 		schedule_work_on(cpu, &local_work.w);
350 		wait_for_completion(&ifs_done);
351 		if (ifsd->loading_error) {
352 			ret = -EIO;
353 			goto out;
354 		}
355 		ifs_pkg_auth[curr_pkg] = 1;
356 	}
357 	ret = 0;
358 	ifsd->loaded_version = ifs_header_ptr->rev;
359 out:
360 	cpus_read_unlock();
361 
362 	return ret;
363 }
364 
365 static int image_sanity_check(struct device *dev, const struct microcode_header_intel *data)
366 {
367 	struct cpu_signature sig;
368 
369 	/* Provide a specific error message when loading an older/unsupported image */
370 	if (data->hdrver != MC_HEADER_TYPE_IFS) {
371 		dev_err(dev, "Header version %d not supported\n", data->hdrver);
372 		return -EINVAL;
373 	}
374 
375 	if (intel_microcode_sanity_check((void *)data, true, MC_HEADER_TYPE_IFS)) {
376 		dev_err(dev, "sanity check failed\n");
377 		return -EINVAL;
378 	}
379 
380 	intel_collect_cpu_info(&sig);
381 
382 	if (!intel_find_matching_signature((void *)data, &sig)) {
383 		dev_err(dev, "cpu signature, processor flags not matching\n");
384 		return -EINVAL;
385 	}
386 
387 	return 0;
388 }
389 
390 /*
391  * Load ifs image. Before loading ifs module, the ifs image must be located
392  * in /lib/firmware/intel/ifs_x/ and named as family-model-stepping-02x.{testname}.
393  */
394 int ifs_load_firmware(struct device *dev)
395 {
396 	const struct ifs_test_caps *test = ifs_get_test_caps(dev);
397 	struct ifs_data *ifsd = ifs_get_data(dev);
398 	unsigned int expected_size;
399 	const struct firmware *fw;
400 	char scan_path[64];
401 	int ret;
402 
403 	snprintf(scan_path, sizeof(scan_path), "intel/ifs_%d/%02x-%02x-%02x-%02x.%s",
404 		 test->test_num, boot_cpu_data.x86, boot_cpu_data.x86_model,
405 		 boot_cpu_data.x86_stepping, ifsd->cur_batch, test->image_suffix);
406 
407 	ret = request_firmware_direct(&fw, scan_path, dev);
408 	if (ret) {
409 		dev_err(dev, "ifs file %s load failed\n", scan_path);
410 		goto done;
411 	}
412 
413 	expected_size = ((struct microcode_header_intel *)fw->data)->totalsize;
414 	if (fw->size != expected_size) {
415 		dev_err(dev, "File size mismatch (expected %u, actual %zu). Corrupted IFS image.\n",
416 			expected_size, fw->size);
417 		ret = -EINVAL;
418 		goto release;
419 	}
420 
421 	ret = image_sanity_check(dev, (struct microcode_header_intel *)fw->data);
422 	if (ret)
423 		goto release;
424 
425 	ifs_header_ptr = (struct microcode_header_intel *)fw->data;
426 	ifs_hash_ptr = (u64)(ifs_header_ptr + 1);
427 
428 	ret = scan_chunks_sanity_check(dev);
429 	if (ret)
430 		dev_err(dev, "Load failure for batch: %02x\n", ifsd->cur_batch);
431 
432 release:
433 	release_firmware(fw);
434 done:
435 	ifsd->loaded = (ret == 0);
436 
437 	return ret;
438 }
439