1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Copyright (C) 2019-2022 Red Hat, Inc. Daniel Bristot de Oliveira <bristot@kernel.org> 4 * 5 * Runtime reactor interface. 6 * 7 * A runtime monitor can cause a reaction to the detection of an 8 * exception on the model's execution. By default, the monitors have 9 * tracing reactions, printing the monitor output via tracepoints. 10 * But other reactions can be added (on-demand) via this interface. 11 * 12 * == Registering reactors == 13 * 14 * The struct rv_reactor defines a callback function to be executed 15 * in case of a model exception happens. The callback function 16 * receives a message to be (optionally) printed before executing 17 * the reaction. 18 * 19 * A RV reactor is registered via: 20 * int rv_register_reactor(struct rv_reactor *reactor) 21 * And unregistered via: 22 * int rv_unregister_reactor(struct rv_reactor *reactor) 23 * 24 * These functions are exported to modules, enabling reactors to be 25 * dynamically loaded. 26 * 27 * == User interface == 28 * 29 * The user interface resembles the kernel tracing interface and 30 * presents these files: 31 * 32 * "available_reactors" 33 * - List the available reactors, one per line. 34 * 35 * For example: 36 * # cat available_reactors 37 * nop 38 * panic 39 * printk 40 * 41 * "reacting_on" 42 * - It is an on/off general switch for reactors, disabling 43 * all reactions. 44 * 45 * "monitors/MONITOR/reactors" 46 * - List available reactors, with the select reaction for the given 47 * MONITOR inside []. The default one is the nop (no operation) 48 * reactor. 49 * - Writing the name of an reactor enables it to the given 50 * MONITOR. 51 * 52 * For example: 53 * # cat monitors/wip/reactors 54 * [nop] 55 * panic 56 * printk 57 * # echo panic > monitors/wip/reactors 58 * # cat monitors/wip/reactors 59 * nop 60 * [panic] 61 * printk 62 */ 63 64 #include <linux/slab.h> 65 66 #include "rv.h" 67 68 /* 69 * Interface for the reactor register. 70 */ 71 static LIST_HEAD(rv_reactors_list); 72 73 static struct rv_reactor *get_reactor_rdef_by_name(char *name) 74 { 75 struct rv_reactor *r; 76 77 list_for_each_entry(r, &rv_reactors_list, list) { 78 if (strcmp(name, r->name) == 0) 79 return r; 80 } 81 return NULL; 82 } 83 84 /* 85 * Available reactors seq functions. 86 */ 87 static int reactors_show(struct seq_file *m, void *p) 88 { 89 struct rv_reactor *reactor = container_of(p, struct rv_reactor, list); 90 91 seq_printf(m, "%s\n", reactor->name); 92 return 0; 93 } 94 95 static void reactors_stop(struct seq_file *m, void *p) 96 { 97 mutex_unlock(&rv_interface_lock); 98 } 99 100 static void *reactors_start(struct seq_file *m, loff_t *pos) 101 { 102 mutex_lock(&rv_interface_lock); 103 return seq_list_start(&rv_reactors_list, *pos); 104 } 105 106 static void *reactors_next(struct seq_file *m, void *p, loff_t *pos) 107 { 108 return seq_list_next(p, &rv_reactors_list, pos); 109 } 110 111 /* 112 * available_reactors seq definition. 113 */ 114 static const struct seq_operations available_reactors_seq_ops = { 115 .start = reactors_start, 116 .next = reactors_next, 117 .stop = reactors_stop, 118 .show = reactors_show 119 }; 120 121 /* 122 * available_reactors interface. 123 */ 124 static int available_reactors_open(struct inode *inode, struct file *file) 125 { 126 return seq_open(file, &available_reactors_seq_ops); 127 }; 128 129 static const struct file_operations available_reactors_ops = { 130 .open = available_reactors_open, 131 .read = seq_read, 132 .llseek = seq_lseek, 133 .release = seq_release 134 }; 135 136 /* 137 * Monitor's reactor file. 138 */ 139 static int monitor_reactor_show(struct seq_file *m, void *p) 140 { 141 struct rv_monitor *mon = m->private; 142 struct rv_reactor *reactor = container_of(p, struct rv_reactor, list); 143 144 if (mon->reactor == reactor) 145 seq_printf(m, "[%s]\n", reactor->name); 146 else 147 seq_printf(m, "%s\n", reactor->name); 148 return 0; 149 } 150 151 /* 152 * available_reactors seq definition. 153 */ 154 static const struct seq_operations monitor_reactors_seq_ops = { 155 .start = reactors_start, 156 .next = reactors_next, 157 .stop = reactors_stop, 158 .show = monitor_reactor_show 159 }; 160 161 static void monitor_swap_reactors_single(struct rv_monitor *mon, 162 struct rv_reactor *reactor, 163 bool nested) 164 { 165 bool monitor_enabled; 166 167 /* nothing to do */ 168 if (mon->reactor == reactor) 169 return; 170 171 monitor_enabled = mon->enabled; 172 if (monitor_enabled) 173 rv_disable_monitor(mon); 174 175 mon->reactor = reactor; 176 mon->react = reactor->react; 177 178 /* enable only once if iterating through a container */ 179 if (monitor_enabled && !nested) 180 rv_enable_monitor(mon); 181 } 182 183 static void monitor_swap_reactors(struct rv_monitor *mon, struct rv_reactor *reactor) 184 { 185 struct rv_monitor *p = mon; 186 187 if (rv_is_container_monitor(mon)) 188 list_for_each_entry_continue(p, &rv_monitors_list, list) { 189 if (p->parent != mon) 190 break; 191 monitor_swap_reactors_single(p, reactor, true); 192 } 193 /* 194 * This call enables and disables the monitor if they were active. 195 * In case of a container, we already disabled all and will enable all. 196 * All nested monitors are enabled also if they were off, we may refine 197 * this logic in the future. 198 */ 199 monitor_swap_reactors_single(mon, reactor, false); 200 } 201 202 static ssize_t 203 monitor_reactors_write(struct file *file, const char __user *user_buf, 204 size_t count, loff_t *ppos) 205 { 206 char buff[MAX_RV_REACTOR_NAME_SIZE + 2]; 207 struct rv_monitor *mon; 208 struct rv_reactor *reactor; 209 struct seq_file *seq_f; 210 int retval = -EINVAL; 211 char *ptr; 212 int len; 213 214 if (count < 1 || count > MAX_RV_REACTOR_NAME_SIZE + 1) 215 return -EINVAL; 216 217 memset(buff, 0, sizeof(buff)); 218 219 retval = simple_write_to_buffer(buff, sizeof(buff) - 1, ppos, user_buf, count); 220 if (retval < 0) 221 return -EFAULT; 222 223 ptr = strim(buff); 224 225 len = strlen(ptr); 226 if (!len) 227 return count; 228 229 /* 230 * See monitor_reactors_open() 231 */ 232 seq_f = file->private_data; 233 mon = seq_f->private; 234 235 mutex_lock(&rv_interface_lock); 236 237 retval = -EINVAL; 238 239 list_for_each_entry(reactor, &rv_reactors_list, list) { 240 if (strcmp(ptr, reactor->name) != 0) 241 continue; 242 243 monitor_swap_reactors(mon, reactor); 244 245 retval = count; 246 break; 247 } 248 249 mutex_unlock(&rv_interface_lock); 250 251 return retval; 252 } 253 254 /* 255 * available_reactors interface. 256 */ 257 static int monitor_reactors_open(struct inode *inode, struct file *file) 258 { 259 struct rv_monitor *mon = inode->i_private; 260 struct seq_file *seq_f; 261 int ret; 262 263 ret = seq_open(file, &monitor_reactors_seq_ops); 264 if (ret < 0) 265 return ret; 266 267 /* 268 * seq_open stores the seq_file on the file->private data. 269 */ 270 seq_f = file->private_data; 271 272 /* 273 * Copy the create file "private" data to the seq_file private data. 274 */ 275 seq_f->private = mon; 276 277 return 0; 278 }; 279 280 static const struct file_operations monitor_reactors_ops = { 281 .open = monitor_reactors_open, 282 .read = seq_read, 283 .llseek = seq_lseek, 284 .release = seq_release, 285 .write = monitor_reactors_write 286 }; 287 288 static int __rv_register_reactor(struct rv_reactor *reactor) 289 { 290 struct rv_reactor *r; 291 292 list_for_each_entry(r, &rv_reactors_list, list) { 293 if (strcmp(reactor->name, r->name) == 0) { 294 pr_info("Reactor %s is already registered\n", reactor->name); 295 return -EINVAL; 296 } 297 } 298 299 list_add_tail(&reactor->list, &rv_reactors_list); 300 301 return 0; 302 } 303 304 /** 305 * rv_register_reactor - register a rv reactor. 306 * @reactor: The rv_reactor to be registered. 307 * 308 * Returns 0 if successful, error otherwise. 309 */ 310 int rv_register_reactor(struct rv_reactor *reactor) 311 { 312 int retval = 0; 313 314 if (strlen(reactor->name) >= MAX_RV_REACTOR_NAME_SIZE) { 315 pr_info("Reactor %s has a name longer than %d\n", 316 reactor->name, MAX_RV_MONITOR_NAME_SIZE); 317 return -EINVAL; 318 } 319 320 mutex_lock(&rv_interface_lock); 321 retval = __rv_register_reactor(reactor); 322 mutex_unlock(&rv_interface_lock); 323 return retval; 324 } 325 326 /** 327 * rv_unregister_reactor - unregister a rv reactor. 328 * @reactor: The rv_reactor to be unregistered. 329 * 330 * Returns 0 if successful, error otherwise. 331 */ 332 int rv_unregister_reactor(struct rv_reactor *reactor) 333 { 334 mutex_lock(&rv_interface_lock); 335 list_del(&reactor->list); 336 mutex_unlock(&rv_interface_lock); 337 return 0; 338 } 339 340 /* 341 * reacting_on interface. 342 */ 343 static bool __read_mostly reacting_on; 344 345 /** 346 * rv_reacting_on - checks if reacting is on 347 * 348 * Returns 1 if on, 0 otherwise. 349 */ 350 bool rv_reacting_on(void) 351 { 352 /* Ensures that concurrent monitors read consistent reacting_on */ 353 smp_rmb(); 354 return READ_ONCE(reacting_on); 355 } 356 357 static ssize_t reacting_on_read_data(struct file *filp, 358 char __user *user_buf, 359 size_t count, loff_t *ppos) 360 { 361 char *buff; 362 363 buff = rv_reacting_on() ? "1\n" : "0\n"; 364 365 return simple_read_from_buffer(user_buf, count, ppos, buff, strlen(buff)+1); 366 } 367 368 static void turn_reacting_off(void) 369 { 370 WRITE_ONCE(reacting_on, false); 371 /* Ensures that concurrent monitors read consistent reacting_on */ 372 smp_wmb(); 373 } 374 375 static void turn_reacting_on(void) 376 { 377 WRITE_ONCE(reacting_on, true); 378 /* Ensures that concurrent monitors read consistent reacting_on */ 379 smp_wmb(); 380 } 381 382 static ssize_t reacting_on_write_data(struct file *filp, const char __user *user_buf, 383 size_t count, loff_t *ppos) 384 { 385 int retval; 386 bool val; 387 388 retval = kstrtobool_from_user(user_buf, count, &val); 389 if (retval) 390 return retval; 391 392 mutex_lock(&rv_interface_lock); 393 394 if (val) 395 turn_reacting_on(); 396 else 397 turn_reacting_off(); 398 399 /* 400 * Wait for the execution of all events to finish 401 * before returning to user-space. 402 */ 403 tracepoint_synchronize_unregister(); 404 405 mutex_unlock(&rv_interface_lock); 406 407 return count; 408 } 409 410 static const struct file_operations reacting_on_fops = { 411 .open = simple_open, 412 .write = reacting_on_write_data, 413 .read = reacting_on_read_data, 414 }; 415 416 /** 417 * reactor_populate_monitor - creates per monitor reactors file 418 * @mon: The monitor. 419 * 420 * Returns 0 if successful, error otherwise. 421 */ 422 int reactor_populate_monitor(struct rv_monitor *mon) 423 { 424 struct dentry *tmp; 425 426 tmp = rv_create_file("reactors", RV_MODE_WRITE, mon->root_d, mon, &monitor_reactors_ops); 427 if (!tmp) 428 return -ENOMEM; 429 430 /* 431 * Configure as the rv_nop reactor. 432 */ 433 mon->reactor = get_reactor_rdef_by_name("nop"); 434 435 return 0; 436 } 437 438 /* 439 * Nop reactor register 440 */ 441 __printf(1, 2) static void rv_nop_reaction(const char *msg, ...) 442 { 443 } 444 445 static struct rv_reactor rv_nop = { 446 .name = "nop", 447 .description = "no-operation reactor: do nothing.", 448 .react = rv_nop_reaction 449 }; 450 451 int init_rv_reactors(struct dentry *root_dir) 452 { 453 struct dentry *available, *reacting; 454 int retval; 455 456 available = rv_create_file("available_reactors", RV_MODE_READ, root_dir, NULL, 457 &available_reactors_ops); 458 if (!available) 459 goto out_err; 460 461 reacting = rv_create_file("reacting_on", RV_MODE_WRITE, root_dir, NULL, &reacting_on_fops); 462 if (!reacting) 463 goto rm_available; 464 465 retval = __rv_register_reactor(&rv_nop); 466 if (retval) 467 goto rm_reacting; 468 469 turn_reacting_on(); 470 471 return 0; 472 473 rm_reacting: 474 rv_remove(reacting); 475 rm_available: 476 rv_remove(available); 477 out_err: 478 return -ENOMEM; 479 } 480