[PATCH] iommu: Limit the IOVA page range to the specified addresses
From: amd The extent of pages specified when applying a reserved region should include up to the last page of the range, but not the page following the range. Signed-off-by: Gary R Hook --- drivers/iommu/amd_iommu.c |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/iommu/amd_iommu.c b/drivers/iommu/amd_iommu.c index 27eb0d6fcdc2..bb3ef33e3784 100644 --- a/drivers/iommu/amd_iommu.c +++ b/drivers/iommu/amd_iommu.c @@ -3271,7 +3271,7 @@ static void amd_iommu_apply_resv_region(struct device *dev, unsigned long start, end; start = IOVA_PFN(region->start); - end = IOVA_PFN(region->start + region->length); + end = IOVA_PFN(region->start + region->length - 1); WARN_ON_ONCE(reserve_iova(&dma_dom->iovad, start, end) == NULL); }
Re: [PATCH] crypto: ccp: remove unused variable qim
On 10/12/2017 11:55 AM, Colin King wrote:
From: Colin Ian King
Variable qim is assigned but never read, it is redundant and can
be removed.
Cleans up clang warning: Value stored to 'qim' is never read
Fixes: 4b394a232df7 ("crypto: ccp - Let a v5 CCP provide the same function as
v3")
Signed-off-by: Colin Ian King
Acked-by: Gary R Hook
---
drivers/crypto/ccp/ccp-dev-v5.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/drivers/crypto/ccp/ccp-dev-v5.c b/drivers/crypto/ccp/ccp-dev-v5.c
index 65604fc65e8f..44a4d2779b15 100644
--- a/drivers/crypto/ccp/ccp-dev-v5.c
+++ b/drivers/crypto/ccp/ccp-dev-v5.c
@@ -788,13 +788,12 @@ static int ccp5_init(struct ccp_device *ccp)
struct ccp_cmd_queue *cmd_q;
struct dma_pool *dma_pool;
char dma_pool_name[MAX_DMAPOOL_NAME_LEN];
- unsigned int qmr, qim, i;
+ unsigned int qmr, i;
u64 status;
u32 status_lo, status_hi;
int ret;
/* Find available queues */
- qim = 0;
qmr = ioread32(ccp->io_regs + Q_MASK_REG);
for (i = 0; i < MAX_HW_QUEUES; i++) {
Re: [Part2 PATCH v6 10/38] crypto: ccp: Define SEV userspace ioctl and command id
On 10/19/2017 09:33 PM, Brijesh Singh wrote:
Add a include file which defines the ioctl and command id used for
issuing SEV platform management specific commands.
Cc: Paolo Bonzini
Cc: "Radim Krčmář"
Cc: Borislav Petkov
Cc: Herbert Xu
Cc: Gary Hook
Cc: Tom Lendacky
Cc: linux-cry...@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Improvements-by: Borislav Petkov
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
Acked-by: Gary R Hook
---
include/uapi/linux/psp-sev.h | 113 +++
1 file changed, 113 insertions(+)
create mode 100644 include/uapi/linux/psp-sev.h
diff --git a/include/uapi/linux/psp-sev.h b/include/uapi/linux/psp-sev.h
new file mode 100644
index ..1dd98ba4ff22
--- /dev/null
+++ b/include/uapi/linux/psp-sev.h
@@ -0,0 +1,113 @@
+/*
+ * Userspace interface for AMD Secure Encrypted Virtualization (SEV)
+ * platform management commands.
+ *
+ * Copyright (C) 2016-2017 Advanced Micro Devices, Inc.
+ *
+ * Author: Brijesh Singh
+ *
+ * SEV spec 0.14 is available at:
+ * http://support.amd.com/TechDocs/55766_SEV-KM%20API_Specification.pdf
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#ifndef __PSP_SEV_USER_H__
+#define __PSP_SEV_USER_H__
+
+#include
+
+/**
+ * SEV platform commands
+ */
+enum {
+ SEV_FACTORY_RESET = 0,
+ SEV_PLATFORM_STATUS,
+ SEV_PEK_GEN,
+ SEV_PEK_CSR,
+ SEV_PDH_GEN,
+ SEV_PDH_CERT_EXPORT,
+ SEV_PEK_CERT_IMPORT,
+
+ SEV_MAX,
+};
+
+/**
+ * struct sev_user_data_status - PLATFORM_STATUS command parameters
+ *
+ * @major: major API version
+ * @minor: minor API version
+ * @state: platform state
+ * @flags: platform config flags
+ * @build: firmware build id for API version
+ * @guest_count: number of active guests
+ */
+struct sev_user_data_status {
+ __u8 api_major; /* Out */
+ __u8 api_minor; /* Out */
+ __u8 state; /* Out */
+ __u32 flags;/* Out */
+ __u8 build; /* Out */
+ __u32 guest_count; /* Out */
+} __packed;
+
+/**
+ * struct sev_user_data_pek_csr - PEK_CSR command parameters
+ *
+ * @address: PEK certificate chain
+ * @length: length of certificate
+ */
+struct sev_user_data_pek_csr {
+ __u64 address; /* In */
+ __u32 length; /* In/Out */
+} __packed;
+
+/**
+ * struct sev_user_data_cert_import - PEK_CERT_IMPORT command parameters
+ *
+ * @pek_address: PEK certificate chain
+ * @pek_len: length of PEK certificate
+ * @oca_address: OCA certificate chain
+ * @oca_len: length of OCA certificate
+ */
+struct sev_user_data_pek_cert_import {
+ __u64 pek_cert_address; /* In */
+ __u32 pek_cert_len; /* In */
+ __u64 oca_cert_address; /* In */
+ __u32 oca_cert_len; /* In */
+} __packed;
+
+/**
+ * struct sev_user_data_pdh_cert_export - PDH_CERT_EXPORT command parameters
+ *
+ * @pdh_address: PDH certificate address
+ * @pdh_len: length of PDH certificate
+ * @cert_chain_address: PDH certificate chain
+ * @cert_chain_len: length of PDH certificate chain
+ */
+struct sev_user_data_pdh_cert_export {
+ __u64 pdh_cert_address; /* In */
+ __u32 pdh_cert_len; /* In/Out */
+ __u64 cert_chain_address; /* In */
+ __u32 cert_chain_len; /* In/Out */
+} __packed;
+
+/**
+ * struct sev_issue_cmd - SEV ioctl parameters
+ *
+ * @cmd: SEV commands to execute
+ * @opaque: pointer to the command structure
+ * @error: SEV FW return code on failure
+ */
+struct sev_issue_cmd {
+ __u32 cmd; /* In */
+ __u64 data; /* In */
+ __u32 error;/* Out */
+} __packed;
+
+#define SEV_IOC_TYPE 'S'
+#define SEV_ISSUE_CMD _IOWR(SEV_IOC_TYPE, 0x0, struct sev_issue_cmd)
+
+#endif /* __PSP_USER_SEV_H */
Re: [Part2 PATCH v6 11/38] crypto: ccp: Define SEV key management command id
On 10/19/2017 09:33 PM, Brijesh Singh wrote:
Define Secure Encrypted Virtualization (SEV) key management command id
and structure. The command definition is available in SEV KM [1] spec
0.14.
[1] http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf
Cc: Paolo Bonzini
Cc: "Radim Krčmář"
Cc: Borislav Petkov
Cc: Herbert Xu
Cc: Gary Hook
Cc: Tom Lendacky
Cc: linux-cry...@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Improvements-by: Borislav Petkov
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
Acked-by: Gary R Hook
---
include/linux/psp-sev.h | 494
1 file changed, 494 insertions(+)
create mode 100644 include/linux/psp-sev.h
diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h
new file mode 100644
index ..15bda519538e
--- /dev/null
+++ b/include/linux/psp-sev.h
@@ -0,0 +1,494 @@
+/*
+ * AMD Secure Encrypted Virtualization (SEV) driver interface
+ *
+ * Copyright (C) 2016-2017 Advanced Micro Devices, Inc.
+ *
+ * Author: Brijesh Singh
+ *
+ * SEV spec 0.14 is available at:
+ * http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#ifndef __PSP_SEV_H__
+#define __PSP_SEV_H__
+
+#include
+
+#ifdef CONFIG_X86
+#include
+
+#define __psp_pa(x)__sme_pa(x)
+#else
+#define __psp_pa(x)__pa(x)
+#endif
+
+#define SEV_FW_BLOB_MAX_SIZE 0x4000 /* 16KB */
+
+/**
+ * SEV platform state
+ */
+enum sev_state {
+ SEV_STATE_UNINIT= 0x0,
+ SEV_STATE_INIT = 0x1,
+ SEV_STATE_WORKING = 0x2,
+
+ SEV_STATE_MAX
+};
+
+/**
+ * SEV platform and guest management commands
+ */
+enum sev_cmd {
+ /* platform commands */
+ SEV_CMD_INIT= 0x001,
+ SEV_CMD_SHUTDOWN= 0x002,
+ SEV_CMD_FACTORY_RESET = 0x003,
+ SEV_CMD_PLATFORM_STATUS = 0x004,
+ SEV_CMD_PEK_GEN = 0x005,
+ SEV_CMD_PEK_CSR = 0x006,
+ SEV_CMD_PEK_CERT_IMPORT = 0x007,
+ SEV_CMD_PDH_CERT_EXPORT = 0x008,
+ SEV_CMD_PDH_GEN = 0x009,
+ SEV_CMD_DF_FLUSH= 0x00A,
+
+ /* Guest commands */
+ SEV_CMD_DECOMMISSION= 0x020,
+ SEV_CMD_ACTIVATE= 0x021,
+ SEV_CMD_DEACTIVATE = 0x022,
+ SEV_CMD_GUEST_STATUS= 0x023,
+
+ /* Guest launch commands */
+ SEV_CMD_LAUNCH_START= 0x030,
+ SEV_CMD_LAUNCH_UPDATE_DATA = 0x031,
+ SEV_CMD_LAUNCH_UPDATE_VMSA = 0x032,
+ SEV_CMD_LAUNCH_MEASURE = 0x033,
+ SEV_CMD_LAUNCH_UPDATE_SECRET= 0x034,
+ SEV_CMD_LAUNCH_FINISH = 0x035,
+
+ /* Guest migration commands (outgoing) */
+ SEV_CMD_SEND_START = 0x040,
+ SEV_CMD_SEND_UPDATE_DATA= 0x041,
+ SEV_CMD_SEND_UPDATE_VMSA= 0x042,
+ SEV_CMD_SEND_FINISH = 0x043,
+
+ /* Guest migration commands (incoming) */
+ SEV_CMD_RECEIVE_START = 0x050,
+ SEV_CMD_RECEIVE_UPDATE_DATA = 0x051,
+ SEV_CMD_RECEIVE_UPDATE_VMSA = 0x052,
+ SEV_CMD_RECEIVE_FINISH = 0x053,
+
+ /* Guest debug commands */
+ SEV_CMD_DBG_DECRYPT = 0x060,
+ SEV_CMD_DBG_ENCRYPT = 0x061,
+
+ SEV_CMD_MAX,
+};
+
+/**
+ * status code returned by the commands
+ */
+enum psp_ret_code {
+ SEV_RET_SUCCESS = 0,
+ SEV_RET_INVALID_PLATFORM_STATE,
+ SEV_RET_INVALID_GUEST_STATE,
+ SEV_RET_INAVLID_CONFIG,
+ SEV_RET_INVALID_len,
+ SEV_RET_ALREADY_OWNED,
+ SEV_RET_INVALID_CERTIFICATE,
+ SEV_RET_POLICY_FAILURE,
+ SEV_RET_INACTIVE,
+ SEV_RET_INVALID_ADDRESS,
+ SEV_RET_BAD_SIGNATURE,
+ SEV_RET_BAD_MEASUREMENT,
+ SEV_RET_ASID_OWNED,
+ SEV_RET_INVALID_ASID,
+ SEV_RET_WBINVD_REQUIRED,
+ SEV_RET_DFFLUSH_REQUIRED,
+ SEV_RET_INVALID_GUEST,
+ SEV_RET_INVALID_COMMAND,
+ SEV_RET_ACTIVE,
+ SEV_RET_HWSEV_RET_PLATFORM,
+ SEV_RET_HWSEV_RET_UNSAFE,
+ SEV_RET_UNSUPPORTED,
+ SEV_RET_MAX,
+};
+
+/**
+ * struct sev_data_init - INIT command parameters
+ *
+ * @flags: processing flags
+ * @tmr_address: system physical address used for SEV-ES
+ * @tmr_len: len of tmr_address
+ */
+struct sev_data_init {
+ u32 flags; /* In */
+ u32 reserved; /* In */
+ u64 tmr_address;/* In */
+ u32 tmr_len;/* In */
+} __packed;
+
+/**
+ * struct sev_data_pek_csr - PEK_CSR command parameters
+ *
+ * @address: PEK certifi
Re: [Part2 PATCH v6 12/38] crypto: ccp: Add Platform Security Processor (PSP) device support
On 10/19/2017 09:33 PM, Brijesh Singh wrote:
The Platform Security Processor (PSP) is part of the AMD Secure
Processor (AMD-SP) functionality. The PSP is a dedicated processor
that provides support for key management commands in Secure Encrypted
Virtualization (SEV) mode, along with software-based Trusted Execution
Environment (TEE) to enable third-party trusted applications.
Note that the key management functionality provided by the SEV firmware
can be used outside of the kvm-amd driver hence it doesn't need to
depend on CONFIG_KVM_AMD.
Cc: Paolo Bonzini
Cc: "Radim Krčmář"
Cc: Borislav Petkov
Cc: Herbert Xu
Cc: Gary Hook
Cc: Tom Lendacky
Cc: linux-cry...@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Improvements-by: Borislav Petkov
Signed-off-by: Brijesh Singh
Reviewed-by: Borislav Petkov
Acked-by: Gary R Hook
---
drivers/crypto/ccp/Kconfig | 11 +
drivers/crypto/ccp/Makefile | 1 +
drivers/crypto/ccp/psp-dev.c | 105 +++
drivers/crypto/ccp/psp-dev.h | 59
drivers/crypto/ccp/sp-dev.c | 26 +++
drivers/crypto/ccp/sp-dev.h | 24 +-
drivers/crypto/ccp/sp-pci.c | 52 +
7 files changed, 277 insertions(+), 1 deletion(-)
create mode 100644 drivers/crypto/ccp/psp-dev.c
create mode 100644 drivers/crypto/ccp/psp-dev.h
diff --git a/drivers/crypto/ccp/Kconfig b/drivers/crypto/ccp/Kconfig
index 9c84f9838931..b9dfae47aefd 100644
--- a/drivers/crypto/ccp/Kconfig
+++ b/drivers/crypto/ccp/Kconfig
@@ -33,3 +33,14 @@ config CRYPTO_DEV_CCP_CRYPTO
Support for using the cryptographic API with the AMD Cryptographic
Coprocessor. This module supports offload of SHA and AES algorithms.
If you choose 'M' here, this module will be called ccp_crypto.
+
+config CRYPTO_DEV_SP_PSP
+ bool "Platform Security Processor (PSP) device"
+ default y
+ depends on CRYPTO_DEV_CCP_DD && X86_64
+ help
+Provide support for the AMD Platform Security Processor (PSP).
+The PSP is a dedicated processor that provides support for key
+management commands in Secure Encrypted Virtualization (SEV) mode,
+along with software-based Trusted Execution Environment (TEE) to
+enable third-party trusted applications.
diff --git a/drivers/crypto/ccp/Makefile b/drivers/crypto/ccp/Makefile
index 57f8debfcfb3..008bae7e26ec 100644
--- a/drivers/crypto/ccp/Makefile
+++ b/drivers/crypto/ccp/Makefile
@@ -7,6 +7,7 @@ ccp-$(CONFIG_CRYPTO_DEV_SP_CCP) += ccp-dev.o \
ccp-dmaengine.o \
ccp-debugfs.o
ccp-$(CONFIG_PCI) += sp-pci.o
+ccp-$(CONFIG_CRYPTO_DEV_SP_PSP) += psp-dev.o
obj-$(CONFIG_CRYPTO_DEV_CCP_CRYPTO) += ccp-crypto.o
ccp-crypto-objs := ccp-crypto-main.o \
diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c
new file mode 100644
index ..b5789f878560
--- /dev/null
+++ b/drivers/crypto/ccp/psp-dev.c
@@ -0,0 +1,105 @@
+/*
+ * AMD Platform Security Processor (PSP) interface
+ *
+ * Copyright (C) 2016-2017 Advanced Micro Devices, Inc.
+ *
+ * Author: Brijesh Singh
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+
+#include "sp-dev.h"
+#include "psp-dev.h"
+
+static struct psp_device *psp_alloc_struct(struct sp_device *sp)
+{
+ struct device *dev = sp->dev;
+ struct psp_device *psp;
+
+ psp = devm_kzalloc(dev, sizeof(*psp), GFP_KERNEL);
+ if (!psp)
+ return NULL;
+
+ psp->dev = dev;
+ psp->sp = sp;
+
+ snprintf(psp->name, sizeof(psp->name), "psp-%u", sp->ord);
+
+ return psp;
+}
+
+static irqreturn_t psp_irq_handler(int irq, void *data)
+{
+ return IRQ_HANDLED;
+}
+
+int psp_dev_init(struct sp_device *sp)
+{
+ struct device *dev = sp->dev;
+ struct psp_device *psp;
+ int ret;
+
+ ret = -ENOMEM;
+ psp = psp_alloc_struct(sp);
+ if (!psp)
+ goto e_err;
+
+ sp->psp_data = psp;
+
+ psp->vdata = (struct psp_vdata *)sp->dev_vdata->psp_vdata;
+ if (!psp->vdata) {
+ ret = -ENODEV;
+ dev_err(dev, "missing driver data\n");
+ goto e_err;
+ }
+
+ psp->io_regs = sp->io_map + psp->vdata->offset;
+
+ /* Disable and clear interrupts until ready */
+ iowrite32(0, psp->io_regs + PSP_P2CMSG_INTEN);
+ iowrite32(-1, psp->io_regs + PSP_P2CMSG_INTSTS);
+
+ /* Request an irq */
+ ret = sp_request_psp_irq(psp->sp, psp_i
Re: [Part2 PATCH v6 15/38] crypto: ccp: Implement SEV_PLATFORM_STATUS ioctl command
On 10/19/2017 09:33 PM, Brijesh Singh wrote:
The SEV_PLATFORM_STATUS command can be used by the platform owner to
get the current status of the platform. The command is defined in
SEV spec section 5.5.
Cc: Paolo Bonzini
Cc: "Radim Krčmář"
Cc: Borislav Petkov
Cc: Herbert Xu
Cc: Gary Hook
Cc: Tom Lendacky
Cc: linux-cry...@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Improvements-by: Borislav Petkov
Signed-off-by: Brijesh Singh
Acked-by: Gary R Hook
---
drivers/crypto/ccp/psp-dev.c | 24
1 file changed, 24 insertions(+)
diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c
index 99f3761206da..5c921b36bc23 100644
--- a/drivers/crypto/ccp/psp-dev.c
+++ b/drivers/crypto/ccp/psp-dev.c
@@ -174,6 +174,27 @@ static int sev_do_cmd(int cmd, void *data, int *psp_ret)
return ret;
}
+static int sev_ioctl_do_platform_status(struct sev_issue_cmd *argp)
+{
+ struct sev_user_data_status *data;
+ int ret;
+
+ data = kzalloc(sizeof(*data), GFP_KERNEL);
+ if (!data)
+ return -ENOMEM;
+
+ ret = sev_do_cmd(SEV_CMD_PLATFORM_STATUS, data, &argp->error);
+ if (ret)
+ goto e_free;
+
+ if (copy_to_user((void __user *)argp->data, data, sizeof(*data)))
+ ret = -EFAULT;
+
+e_free:
+ kfree(data);
+ return ret;
+}
+
static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long
arg)
{
void __user *argp = (void __user *)arg;
@@ -194,6 +215,9 @@ static long sev_ioctl(struct file *file, unsigned int
ioctl, unsigned long arg)
case SEV_FACTORY_RESET:
ret = sev_do_cmd(SEV_CMD_FACTORY_RESET, 0, &input.error);
break;
+ case SEV_PLATFORM_STATUS:
+ ret = sev_ioctl_do_platform_status(&input);
+ break;
default:
ret = -EINVAL;
goto out;
Re: [Part2 PATCH v6 17/38] crypto: ccp: Implement SEV_PDH_GEN ioctl command
On 10/19/2017 09:33 PM, Brijesh Singh wrote: The SEV_PDH_GEN command is used to re-generate the Platform Diffie-Hellman (PDH) key. The command is defined in SEV spec section 5.6. Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu Cc: Gary Hook Cc: Tom Lendacky Cc: linux-cry...@vger.kernel.org Cc: k...@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: Brijesh Singh Acked-by: Gary R Hook --- drivers/crypto/ccp/psp-dev.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c index 1d7212da25a5..d9771d104eea 100644 --- a/drivers/crypto/ccp/psp-dev.c +++ b/drivers/crypto/ccp/psp-dev.c @@ -239,6 +239,9 @@ static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) case SEV_PEK_GEN: ret = sev_ioctl_do_pek_pdh_gen(SEV_CMD_PEK_GEN, &input); break; + case SEV_PDH_GEN: + ret = sev_ioctl_do_pek_pdh_gen(SEV_CMD_PDH_GEN, &input); + break; default: ret = -EINVAL; goto out;
Re: [Part2 PATCH v6 14/38] crypto: ccp: Implement SEV_FACTORY_RESET ioctl command
On 10/19/2017 09:33 PM, Brijesh Singh wrote:
The SEV_FACTORY_RESET command can be used by the platform owner to
reset the non-volatile SEV related data. The command is defined in
SEV spec section 5.4
Cc: Paolo Bonzini
Cc: "Radim Krčmář"
Cc: Borislav Petkov
Cc: Herbert Xu
Cc: Gary Hook
Cc: Tom Lendacky
Cc: linux-cry...@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Improvements-by: Borislav Petkov
Signed-off-by: Brijesh Singh
Acked-by: Gary R Hook
---
drivers/crypto/ccp/psp-dev.c | 28 +++-
1 file changed, 27 insertions(+), 1 deletion(-)
diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c
index e9966d5fc6c4..99f3761206da 100644
--- a/drivers/crypto/ccp/psp-dev.c
+++ b/drivers/crypto/ccp/psp-dev.c
@@ -176,7 +176,33 @@ static int sev_do_cmd(int cmd, void *data, int *psp_ret)
static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg)
{
- return -ENOTTY;
+ void __user *argp = (void __user *)arg;
+ struct sev_issue_cmd input;
+ int ret = -EFAULT;
+
+ if (ioctl != SEV_ISSUE_CMD)
+ return -EINVAL;
+
+ if (copy_from_user(&input, argp, sizeof(struct sev_issue_cmd)))
+ return -EFAULT;
+
+ if (input.cmd > SEV_MAX)
+ return -EINVAL;
+
+ switch (input.cmd) {
+
+ case SEV_FACTORY_RESET:
+ ret = sev_do_cmd(SEV_CMD_FACTORY_RESET, 0, &input.error);
+ break;
+ default:
+ ret = -EINVAL;
+ goto out;
+ }
+
+ if (copy_to_user(argp, &input, sizeof(struct sev_issue_cmd)))
+ ret = -EFAULT;
+out:
+ return ret;
}
static const struct file_operations sev_fops = {
Re: [Part2 PATCH v6.1 20/38] crypto: ccp: Implement SEV_PDH_CERT_EXPORT ioctl command
On 10/23/2017 05:19 PM, Brijesh Singh wrote:
The SEV_PDH_CERT_EXPORT command can be used to export the PDH and its
certificate chain. The command is defined in SEV spec section 5.10.
Cc: Paolo Bonzini
Cc: "Radim Krčmář"
Cc: Borislav Petkov
Cc: Herbert Xu
Cc: Gary Hook
Cc: Tom Lendacky
Cc: linux-cry...@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh
Acked-by: Gary R Hook
---
Changes since v6:
* when sev_do_cmd() and sev_platform_shutdown() fails then propogate
the error status code from sev_do_cmd() because it can give us
much better reason for the failure.
drivers/crypto/ccp/psp-dev.c | 110 +++
1 file changed, 110 insertions(+)
diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c
index 108fc06bcdb3..b9f594cb10c1 100644
--- a/drivers/crypto/ccp/psp-dev.c
+++ b/drivers/crypto/ccp/psp-dev.c
@@ -390,6 +390,113 @@ static int sev_ioctl_do_pek_cert_import(struct
sev_issue_cmd *argp)
return ret;
}
+static int sev_ioctl_do_pdh_cert_export(struct sev_issue_cmd *argp)
+{
+ struct sev_user_data_pdh_cert_export input;
+ void *pdh_blob = NULL, *cert_blob = NULL;
+ struct sev_data_pdh_cert_export *data;
+ int ret, err;
+
+ if (copy_from_user(&input, (void __user *)argp->data, sizeof(input)))
+ return -EFAULT;
+
+ data = kzalloc(sizeof(*data), GFP_KERNEL);
+ if (!data)
+ return -ENOMEM;
+
+ /* Userspace wants to query the certificate length */
+ if (!input.pdh_cert_address || !input.pdh_cert_len ||
+ !input.cert_chain_address || !input.cert_chain_address)
+ goto cmd;
+
+ /* allocate a physically contiguous buffer to store the PDH blob */
+ if (!access_ok(VERIFY_WRITE, input.pdh_cert_address,
input.pdh_cert_len) ||
+ (input.pdh_cert_len > SEV_FW_BLOB_MAX_SIZE)) {
+ ret = -EFAULT;
+ goto e_free;
+ }
+
+ pdh_blob = kmalloc(input.pdh_cert_len, GFP_KERNEL);
+ if (!pdh_blob) {
+ ret = -ENOMEM;
+ goto e_free;
+ }
+
+ data->pdh_cert_address = __psp_pa(pdh_blob);
+ data->pdh_cert_len = input.pdh_cert_len;
+
+ /* allocate a physically contiguous buffer to store the cert chain blob
*/
+ if (!access_ok(VERIFY_WRITE, input.cert_chain_address,
input.cert_chain_len) ||
+ (input.cert_chain_len > SEV_FW_BLOB_MAX_SIZE)) {
+ ret = -EFAULT;
+ goto e_free_pdh;
+ }
+
+ cert_blob = kmalloc(input.cert_chain_len, GFP_KERNEL);
+ if (!cert_blob) {
+ ret = -ENOMEM;
+ goto e_free_pdh;
+ }
+
+ data->cert_chain_address = __psp_pa(cert_blob);
+ data->cert_chain_len = input.cert_chain_len;
+
+cmd:
+ ret = sev_platform_init(NULL, &argp->error);
+ if (ret)
+ goto e_free_cert;
+
+ ret = sev_do_cmd(SEV_CMD_PDH_CERT_EXPORT, data, &argp->error);
+
+ /*
+* If we query the length, FW responded with expected data
+*/
+ input.cert_chain_len = data->cert_chain_len;
+ input.pdh_cert_len = data->pdh_cert_len;
+
+ if (sev_platform_shutdown(&err)) {
+ /*
+* If both sev_do_cmd() and sev_platform_shutdown() commands
+* failed then propogate the error code from the sev_do_cmd()
+* because it contains a useful status code for the command
+* failure.
+*/
+ if (ret)
+ goto e_free_cert;
+
+ ret = -EIO;
+ argp->error = err;
+ goto e_free_cert;
+ }
+
+ if (copy_to_user((void __user *)argp->data, &input, sizeof(input))) {
+ ret = -EFAULT;
+ goto e_free_cert;
+ }
+
+ if (pdh_blob) {
+ if (copy_to_user((void __user *)input.pdh_cert_address,
+pdh_blob, input.pdh_cert_len)) {
+ ret = -EFAULT;
+ goto e_free_cert;
+ }
+ }
+
+ if (cert_blob) {
+ if (copy_to_user((void __user *)input.cert_chain_address,
+cert_blob, input.cert_chain_len))
+ ret = -EFAULT;
+ }
+
+e_free_cert:
+ kfree(cert_blob);
+e_free_pdh:
+ kfree(pdh_blob);
+e_free:
+ kfree(data);
+ return ret;
+}
+
static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long
arg)
{
void __user *argp = (void __user *)arg;
@@ -425,6 +532,9 @@ static long sev_ioctl(struct file *file, unsigned int
ioctl, unsigned long arg)
case SEV_PEK_CERT_IMPORT:
ret = sev_ioctl_do_pek_cert_import(&input);
Re: [Part2 PATCH v6.1 19/38] crypto: ccp: Implement SEV_PEK_CERT_IMPORT ioctl command
On 10/23/2017 05:14 PM, Brijesh Singh wrote:
The SEV_PEK_CERT_IMPORT command can be used to import the signed PEK
certificate. The command is defined in SEV spec section 5.8.
Cc: Paolo Bonzini
Cc: "Radim Krčmář"
Cc: Borislav Petkov
Cc: Herbert Xu
Cc: Gary Hook
Cc: Tom Lendacky
Cc: linux-cry...@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh
Acked-by: Gary R Hook
---
Changes since v6:
* when sev_do_cmd() and sev_platform_shutdown() fails then propogate
the error status code from sev_do_cmd() because it can give us
much better reason for the failure.
drivers/crypto/ccp/psp-dev.c | 92
include/linux/psp-sev.h | 4 ++
2 files changed, 96 insertions(+)
diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c
index aaf1c5cf821d..108fc06bcdb3 100644
--- a/drivers/crypto/ccp/psp-dev.c
+++ b/drivers/crypto/ccp/psp-dev.c
@@ -301,6 +301,95 @@ static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp)
return ret;
}
+void *psp_copy_user_blob(u64 __user uaddr, u32 len)
+{
+ void *data;
+
+ if (!uaddr || !len)
+ return ERR_PTR(-EINVAL);
+
+ /* verify that blob length does not exceed our limit */
+ if (len > SEV_FW_BLOB_MAX_SIZE)
+ return ERR_PTR(-EINVAL);
+
+ data = kmalloc(len, GFP_KERNEL);
+ if (!data)
+ return ERR_PTR(-ENOMEM);
+
+ if (copy_from_user(data, (void __user *)(uintptr_t)uaddr, len))
+ goto e_free;
+
+ return data;
+
+e_free:
+ kfree(data);
+ return ERR_PTR(-EFAULT);
+}
+EXPORT_SYMBOL_GPL(psp_copy_user_blob);
+
+static int sev_ioctl_do_pek_cert_import(struct sev_issue_cmd *argp)
+{
+ struct sev_user_data_pek_cert_import input;
+ struct sev_data_pek_cert_import *data;
+ void *pek_blob, *oca_blob;
+ int ret, err;
+
+ if (copy_from_user(&input, (void __user *)argp->data, sizeof(input)))
+ return -EFAULT;
+
+ data = kzalloc(sizeof(*data), GFP_KERNEL);
+ if (!data)
+ return -ENOMEM;
+
+ /* copy PEK certificate blobs from userspace */
+ pek_blob = psp_copy_user_blob(input.pek_cert_address,
input.pek_cert_len);
+ if (IS_ERR(pek_blob)) {
+ ret = PTR_ERR(pek_blob);
+ goto e_free;
+ }
+
+ data->pek_cert_address = __psp_pa(pek_blob);
+ data->pek_cert_len = input.pek_cert_len;
+
+ /* copy PEK certificate blobs from userspace */
+ oca_blob = psp_copy_user_blob(input.oca_cert_address,
input.oca_cert_len);
+ if (IS_ERR(oca_blob)) {
+ ret = PTR_ERR(oca_blob);
+ goto e_free_pek;
+ }
+
+ data->oca_cert_address = __psp_pa(oca_blob);
+ data->oca_cert_len = input.oca_cert_len;
+
+ ret = sev_platform_init(NULL, &argp->error);
+ if (ret)
+ goto e_free_oca;
+
+ ret = sev_do_cmd(SEV_CMD_PEK_CERT_IMPORT, data, &argp->error);
+
+ if (sev_platform_shutdown(&err)) {
+ /*
+* If both sev_do_cmd() and sev_platform_shutdown() commands
+* failed then propogate the error code from the sev_do_cmd()
+* because it contains a useful status code for the command
+* failure.
+*/
+ if (ret)
+ goto e_free_oca;
+
+ ret = -EIO;
+ argp->error = err;
+ }
+
+e_free_oca:
+ kfree(oca_blob);
+e_free_pek:
+ kfree(pek_blob);
+e_free:
+ kfree(data);
+ return ret;
+}
+
static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long
arg)
{
void __user *argp = (void __user *)arg;
@@ -333,6 +422,9 @@ static long sev_ioctl(struct file *file, unsigned int
ioctl, unsigned long arg)
case SEV_PEK_CSR:
ret = sev_ioctl_do_pek_csr(&input);
break;
+ case SEV_PEK_CERT_IMPORT:
+ ret = sev_ioctl_do_pek_cert_import(&input);
+ break;
default:
ret = -EINVAL;
goto out;
diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h
index eac850a97610..d535153ca82d 100644
--- a/include/linux/psp-sev.h
+++ b/include/linux/psp-sev.h
@@ -620,6 +620,8 @@ int sev_guest_df_flush(int *error);
*/
int sev_guest_decommission(struct sev_data_decommission *data, int *error);
+void *psp_copy_user_blob(u64 __user uaddr, u32 len);
+
#else /* !CONFIG_CRYPTO_DEV_SP_PSP */
static inline int
@@ -648,6 +650,8 @@ sev_issue_cmd_external_user(struct file *filep,
return -ENODEV;
}
+static inline void *psp_copy_user_blob(u64 __user uaddr, u32 len) { return ERR_PTR(-EINVAL); }
+
#endif/* CONFIG_CRYPTO_DEV_SP_PSP */
#endif /* __PSP_SEV_H__ */
Re: [Part2 PATCH v6.1 18/38] crypto: ccp: Implement SEV_PEK_CSR ioctl command
On 10/23/2017 05:10 PM, Brijesh Singh wrote:
The SEV_PEK_CSR command can be used to generate a PEK certificate
signing request. The command is defined in SEV spec section 5.7.
Cc: Paolo Bonzini
Cc: "Radim Krčmář"
Cc: Borislav Petkov
Cc: Herbert Xu
Cc: Gary Hook
Cc: Tom Lendacky
Cc: linux-cry...@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh
---
Acked-by: Gary R Hook
Changes since v6:
* when sev_do_cmd() and sev_platform_shutdown() fails then propogate
the error status code from sev_do_cmd() because it can give us
much better reason for the failure.
drivers/crypto/ccp/psp-dev.c | 81
1 file changed, 81 insertions(+)
diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c
index 3672435150cf..aaf1c5cf821d 100644
--- a/drivers/crypto/ccp/psp-dev.c
+++ b/drivers/crypto/ccp/psp-dev.c
@@ -223,6 +223,84 @@ static int sev_ioctl_do_pek_pdh_gen(int cmd, struct
sev_issue_cmd *argp)
return ret;
}
+static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp)
+{
+ struct sev_user_data_pek_csr input;
+ struct sev_data_pek_csr *data;
+ void *blob = NULL;
+ int ret, err;
+
+ if (copy_from_user(&input, (void __user *)argp->data, sizeof(input)))
+ return -EFAULT;
+
+ data = kzalloc(sizeof(*data), GFP_KERNEL);
+ if (!data)
+ return -ENOMEM;
+
+ /* userspace wants to query CSR length */
+ if (!input.address || !input.length)
+ goto cmd;
+
+ /* allocate a physically contiguous buffer to store the CSR blob */
+ if (!access_ok(VERIFY_WRITE, input.address, input.length) ||
+ input.length > SEV_FW_BLOB_MAX_SIZE) {
+ ret = -EFAULT;
+ goto e_free;
+ }
+
+ blob = kmalloc(input.length, GFP_KERNEL);
+ if (!blob) {
+ ret = -ENOMEM;
+ goto e_free;
+ }
+
+ data->address = __psp_pa(blob);
+ data->len = input.length;
+
+cmd:
+ ret = sev_platform_init(NULL, &argp->error);
+ if (ret)
+ goto e_free_blob;
+
+ ret = sev_do_cmd(SEV_CMD_PEK_CSR, data, &argp->error);
+
+ /*
+* If we query the CSR length, FW responded with expected data
+*/
+ input.length = data->len;
+
+ if (sev_platform_shutdown(&err)) {
+ /*
+* If both sev_do_cmd() and sev_platform_shutdown() commands
+* failed then propogate the error code from the sev_do_cmd()
+* because it contains a useful status code for the command
+* failure.
+*/
+ if (ret)
+ goto e_free_blob;
+
+ ret = -EIO;
+ argp->error = err;
+ goto e_free_blob;
+ }
+
+ if (copy_to_user((void __user *)argp->data, &input, sizeof(input))) {
+ ret = -EFAULT;
+ goto e_free_blob;
+ }
+
+ if (blob) {
+ if (copy_to_user((void __user *)input.address, blob,
input.length))
+ ret = -EFAULT;
+ }
+
+e_free_blob:
+ kfree(blob);
+e_free:
+ kfree(data);
+ return ret;
+}
+
static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long
arg)
{
void __user *argp = (void __user *)arg;
@@ -252,6 +330,9 @@ static long sev_ioctl(struct file *file, unsigned int
ioctl, unsigned long arg)
case SEV_PDH_GEN:
ret = sev_ioctl_do_pek_pdh_gen(SEV_CMD_PDH_GEN, &input);
break;
+ case SEV_PEK_CSR:
+ ret = sev_ioctl_do_pek_csr(&input);
+ break;
default:
ret = -EINVAL;
goto out;
Re: [Part2 PATCH v6.1 16/38] crypto: ccp: Implement SEV_PEK_GEN ioctl command
On 10/23/2017 04:55 PM, Brijesh Singh wrote:
The SEV_PEK_GEN command is used to generate a new Platform Endorsement
Key (PEK). The command is defined in SEV spec section 5.6.
Cc: Paolo Bonzini
Cc: "Radim Krčmář"
Cc: Borislav Petkov
Cc: Herbert Xu
Cc: Gary Hook
Cc: Tom Lendacky
Cc: linux-cry...@vger.kernel.org
Cc: k...@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh
Acked-by: Gary R Hook
---
Changes since v6:
* when sev_do_cmd() and sev_platform_shutdown() fails then propogate
the error status code from sev_do_cmd() because it can give us
much better reason for the failure.
drivers/crypto/ccp/psp-dev.c | 31 +++
1 file changed, 31 insertions(+)
diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c
index dd4bab143de9..18e2d8291997 100644
--- a/drivers/crypto/ccp/psp-dev.c
+++ b/drivers/crypto/ccp/psp-dev.c
@@ -195,6 +195,34 @@ static int sev_ioctl_do_platform_status(struct
sev_issue_cmd *argp)
return ret;
}
+static int sev_ioctl_do_pek_pdh_gen(int cmd, struct sev_issue_cmd *argp)
+{
+ int ret, err;
+
+ ret = sev_platform_init(NULL, &argp->error);
+ if (ret)
+ return ret;
+
+ ret = sev_do_cmd(cmd, 0, &argp->error);
+
+ if (sev_platform_shutdown(&err)) {
+ /*
+* If both sev_do_cmd() and sev_platform_shutdown() commands
+* failed then propogate the error code from the sev_do_cmd()
+* because it contains a useful status code for the command
+* failure.
+*/
+ if (ret)
+ goto done;
+
+ argp->error = err;
+ ret = -EIO;
+ }
+
+done:
+ return ret;
+}
+
static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long
arg)
{
void __user *argp = (void __user *)arg;
@@ -218,6 +246,9 @@ static long sev_ioctl(struct file *file, unsigned int
ioctl, unsigned long arg)
case SEV_PLATFORM_STATUS:
ret = sev_ioctl_do_platform_status(&input);
break;
+ case SEV_PEK_GEN:
+ ret = sev_ioctl_do_pek_pdh_gen(SEV_CMD_PEK_GEN, &input);
+ break;
default:
ret = -EINVAL;
goto out;
Re: [PATCH] iommu: Limit the IOVA page range to the specified addresses
On 10/26/2017 03:32 AM, Alex Williamson wrote:
On Tue, 17 Oct 2017 16:22:01 -0500
Gary R Hook wrote:
From: amd
The extent of pages specified when applying a reserved region should
include up to the last page of the range, but not the page following
the range.
Signed-off-by: Gary R Hook
---
drivers/iommu/amd_iommu.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/iommu/amd_iommu.c b/drivers/iommu/amd_iommu.c
index 27eb0d6fcdc2..bb3ef33e3784 100644
--- a/drivers/iommu/amd_iommu.c
+++ b/drivers/iommu/amd_iommu.c
@@ -3271,7 +3271,7 @@ static void amd_iommu_apply_resv_region(struct device
*dev,
unsigned long start, end;
start = IOVA_PFN(region->start);
- end = IOVA_PFN(region->start + region->length);
+ end = IOVA_PFN(region->start + region->length - 1);
WARN_ON_ONCE(reserve_iova(&dma_dom->iovad, start, end) == NULL);
}
This looks like a fix, should we include:
Fixes: 8d54d6c8b8f3 ('iommu/amd: Implement apply_dm_region call-back')
It turns out there are other places where the computation is incorrect.
Would you prefer a single patch to address all of them, or separate
patches that apply to specific areas of the driver?
Re: [PATCH v6 2/5] iommu/vt-d: Add debugfs support to show context internals
On 01/09/2018 09:48 PM, Sohil Mehta wrote:
From: Gayatri Kammela
IOMMU internals states such as root and context can be exported to the
userspace.
Example of such dump in Kabylake:
root@OTC-KBLH-01:~# cat
/sys/kernel/debug/intel_iommu/dmar_translation_struct
IOMMU dmar0: Extended Root Table Addr:402b9e800
Extended Root table entries:
Bus 0 L: 402150001 H: 0
Lower Context table entries for Bus: 0
[entry] DID :B :D .FLow High
[80]:00:0a.00 40214fa05 102
Higher Context table entries for Bus: 0
[80]:00:0a.00 4026c 0
IOMMU dmar1:Root Table Addr:4558a3000
Root tbl entries:
Bus 0 L: 4558aa001 H: 0
Context table entries for Bus: 0
[entry] DID :B :D .FLow High
[160] :00:14.00 4558a9001 102
[184] :00:17.00 400eac001 302
[248] :00:1f.00 4558af001 202
[251] :00:1f.03 40070e001 502
[254] :00:1f.06 4467c9001 602
Root tbl entries:
Bus 1 L: 3fc8c2001 H: 0
Context table entries for Bus: 1
[entry] DID :B :D .FLow High
[0] :01:00.00 3fc8c3001 402
Cc: Sohil Mehta
Cc: Fenghua Yu
Cc: Ashok Raj
Signed-off-by: Jacob Pan
Signed-off-by: Gayatri Kammela
---
v6: Change the order of includes to an alphabetical order
Change seq_printf formatting
v5: Change to a SPDX license tag
Fix seq_printf formatting
v4: Remove the unused function parameter
Fix checkpatch.pl warnings
Remove error reporting for debugfs_create_file function
Fix unnecessary reprogramming of the context entries
Simplify and merge the show context and extended context patch into one
Remove redundant IOMMU null check under for_each_active_iommu
v3: Add a macro for seq file operations
Change the intel_iommu_ctx file name to dmar_translation_struct
v2: No change
drivers/iommu/Makefile| 1 +
drivers/iommu/intel-iommu-debug.c | 139 ++
drivers/iommu/intel-iommu.c | 4 ++
3 files changed, 144 insertions(+)
create mode 100644 drivers/iommu/intel-iommu-debug.c
diff --git a/drivers/iommu/Makefile b/drivers/iommu/Makefile
index 1fb6958..fdbaf46 100644
--- a/drivers/iommu/Makefile
+++ b/drivers/iommu/Makefile
@@ -15,6 +15,7 @@ obj-$(CONFIG_ARM_SMMU) += arm-smmu.o
obj-$(CONFIG_ARM_SMMU_V3) += arm-smmu-v3.o
obj-$(CONFIG_DMAR_TABLE) += dmar.o
obj-$(CONFIG_INTEL_IOMMU) += intel-iommu.o
+obj-$(CONFIG_INTEL_IOMMU_DEBUG) += intel-iommu-debug.o
obj-$(CONFIG_INTEL_IOMMU_SVM) += intel-svm.o
obj-$(CONFIG_IPMMU_VMSA) += ipmmu-vmsa.o
obj-$(CONFIG_IRQ_REMAP) += intel_irq_remapping.o irq_remapping.o
diff --git a/drivers/iommu/intel-iommu-debug.c
b/drivers/iommu/intel-iommu-debug.c
new file mode 100644
index 000..d5b0eea
--- /dev/null
+++ b/drivers/iommu/intel-iommu-debug.c
@@ -0,0 +1,139 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright © 2017 Intel Corporation.
+ *
+ * Authors: Gayatri Kammela
+ * Jacob Pan
+ *
+ */
+
+#define pr_fmt(fmt) "INTEL_IOMMU: " fmt
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+
+#include "irq_remapping.h"
+
+#define TOTAL_BUS_NR (256) /* full bus range 256 */
+#define DEFINE_SHOW_ATTRIBUTE(__name) \
+static int __name ## _open(struct inode *inode, struct file *file) \
+{ \
+ return single_open(file, __name ## _show, inode->i_private); \
+} \
+static const struct file_operations __name ## _fops = \
+{ \
+ .open = __name ## _open, \
+ .read = seq_read, \
+ .llseek = seq_lseek,\
+ .release= single_release, \
+ .owner = THIS_MODULE, \
+}
+
+static void ctx_tbl_entry_show(struct seq_file *m, struct intel_iommu *iommu,
+ int bus, bool ext, bool new_ext)
+{
+ struct context_entry *context;
+ int ctx;
+ unsigned long flags;
+
+ seq_printf(m, "%s Context table entries for Bus: %d\n",
+ ext ? "Lower" : "", bus);
+ seq_puts(m, "[entry]\tDID :B :D .F\tLow\t\tHigh\n");
+
+ spin_lock_irqsave(&iommu->lock, flags);
+
+ /* Publish either context entries or extended contenxt entries */
typo
[PATCH] iommu/amd - Use dev_err to send events to the system log
Remove printk and use a more preferable error logging function.
Signed-off-by: Gary R Hook
---
drivers/iommu/amd_iommu.c | 56 +++--
1 file changed, 29 insertions(+), 27 deletions(-)
diff --git a/drivers/iommu/amd_iommu.c b/drivers/iommu/amd_iommu.c
index b58e0a745b7f..90a61f546bac 100644
--- a/drivers/iommu/amd_iommu.c
+++ b/drivers/iommu/amd_iommu.c
@@ -546,6 +546,8 @@ static void amd_iommu_report_page_fault(u16 devid, u16
domain_id,
static void iommu_print_event(struct amd_iommu *iommu, void *__evt)
{
+ struct pci_dev *pdev = iommu->dev;
+ struct device *dev = &pdev->dev;
int type, devid, domid, flags;
volatile u32 *event = __evt;
int count = 0;
@@ -572,53 +574,53 @@ static void iommu_print_event(struct amd_iommu *iommu,
void *__evt)
amd_iommu_report_page_fault(devid, domid, address, flags);
return;
} else {
- printk(KERN_ERR "AMD-Vi: Event logged [");
+ dev_err(dev, "AMD-Vi: Event logged [");
}
switch (type) {
case EVENT_TYPE_ILL_DEV:
- printk("ILLEGAL_DEV_TABLE_ENTRY device=%02x:%02x.%x "
- "address=0x%016llx flags=0x%04x]\n",
- PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
- address, flags);
+ dev_err(dev, "ILLEGAL_DEV_TABLE_ENTRY device=%02x:%02x.%x "
+ "address=0x%016llx flags=0x%04x]\n",
+ PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
+ address, flags);
dump_dte_entry(devid);
break;
case EVENT_TYPE_DEV_TAB_ERR:
- printk("DEV_TAB_HARDWARE_ERROR device=%02x:%02x.%x "
- "address=0x%016llx flags=0x%04x]\n",
- PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
- address, flags);
+ dev_err(dev, "DEV_TAB_HARDWARE_ERROR device=%02x:%02x.%x "
+ "address=0x%016llx flags=0x%04x]\n",
+ PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
+ address, flags);
break;
case EVENT_TYPE_PAGE_TAB_ERR:
- printk("PAGE_TAB_HARDWARE_ERROR device=%02x:%02x.%x "
- "domain=0x%04x address=0x%016llx flags=0x%04x]\n",
- PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
- domid, address, flags);
+ dev_err(dev, "PAGE_TAB_HARDWARE_ERROR device=%02x:%02x.%x "
+ "domain=0x%04x address=0x%016llx flags=0x%04x]\n",
+ PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
+ domid, address, flags);
break;
case EVENT_TYPE_ILL_CMD:
- printk("ILLEGAL_COMMAND_ERROR address=0x%016llx]\n", address);
+ dev_err(dev, "ILLEGAL_COMMAND_ERROR address=0x%016llx]\n",
address);
dump_command(address);
break;
case EVENT_TYPE_CMD_HARD_ERR:
- printk("COMMAND_HARDWARE_ERROR address=0x%016llx "
- "flags=0x%04x]\n", address, flags);
+ dev_err(dev, "COMMAND_HARDWARE_ERROR address=0x%016llx "
+ "flags=0x%04x]\n", address, flags);
break;
case EVENT_TYPE_IOTLB_INV_TO:
- printk("IOTLB_INV_TIMEOUT device=%02x:%02x.%x "
- "address=0x%016llx]\n",
- PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
- address);
+ dev_err(dev, "IOTLB_INV_TIMEOUT device=%02x:%02x.%x "
+ "address=0x%016llx]\n",
+ PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
+ address);
break;
case EVENT_TYPE_INV_DEV_REQ:
- printk("INVALID_DEVICE_REQUEST device=%02x:%02x.%x "
- "address=0x%016llx flags=0x%04x]\n",
- PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
- address, flags);
+ dev_err(dev, "INVALID_DEVICE_REQUEST device=%02x:%02x.%x "
+ "address=0x%016llx flags=0x%04x]\n",
+ PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
+ address, flags);
break;
default:
- printk(KERN_ERR "UNKNOWN type=0x%02x event[0]=0x%08x "
- "event[1]=0x%08x event[2]=0x%08x event[3]=0x%08x\n",
-
Re: [PATCH V4 11/26] iommu/amd: deprecate pci_get_bus_and_slot()
On 01/04/2018 06:25 AM, Sinan Kaya wrote: On 12/19/2017 12:37 AM, Sinan Kaya wrote: pci_get_bus_and_slot() is restrictive such that it assumes domain=0 as where a PCI device is present. This restricts the device drivers to be reused for other domain numbers. Getting ready to remove pci_get_bus_and_slot() function in favor of pci_get_domain_bus_and_slot(). Hard-code the domain number as 0 for the AMD IOMMU driver. > > Any comments from the IOMMU people? > pci_get_bus_and_slot() appears to (now) be a convenience function that wraps pci_get_domain_bus_and_slot() while using a 0 for the domain value. Exactly what you are doing here, albeit in a more overt way. How is this patch advantageous? Seems to me that if other domains need to be enabled, that driver could be changed if and when that requirement arises. But perhaps I'm missing a nuance here.
Re: [PATCH V4 11/26] iommu/amd: deprecate pci_get_bus_and_slot()
On 01/04/2018 10:32 AM, Sinan Kaya wrote: On 1/4/2018 11:28 AM, Gary R Hook wrote: On 01/04/2018 06:25 AM, Sinan Kaya wrote: On 12/19/2017 12:37 AM, Sinan Kaya wrote: pci_get_bus_and_slot() is restrictive such that it assumes domain=0 as where a PCI device is present. This restricts the device drivers to be reused for other domain numbers. Getting ready to remove pci_get_bus_and_slot() function in favor of pci_get_domain_bus_and_slot(). Hard-code the domain number as 0 for the AMD IOMMU driver. Any comments from the IOMMU people? pci_get_bus_and_slot() appears to (now) be a convenience function that wraps pci_get_domain_bus_and_slot() while using a 0 for the domain value. Exactly what you are doing here, albeit in a more overt way. How is this patch advantageous? Seems to me that if other domains need to be enabled, that driver could be changed if and when that requirement arises. But perhaps I'm missing a nuance here. The benefit of the change was discussed here: https://lkml.org/lkml/2017/12/19/349 I hope it helps. Thank you for pointing out that thread directly. I read through it and thought further about this change. I am not the maintainer, but as an AMD developer, this is fine change. I can't ACK but I can agree. Gary
[PATCH 0/5] Add debugfs info for the AMD IOMMU
The following series creates a debugfs directory for AMD IOMMUs, constructs a framework for additional entries, an online README, and a method for dumping device table entries. Data is reported in a default concise mode, but a verbose mode is enabled via a filesystem entry. This is the first of three patch series that will expose a number of IOMMU registers. --- Gary R Hook (5): iommu/amd - Add debugfs support iommu/amd - Add a 'verbose' switch for IOMMU debugfs iommu/amd - Add a README variable for the IOMMU debugfs iommu/amd - Expose the active IOMMU device table entries iommu/amd - Add a debugfs entry to specify a IOMMU device table entry drivers/iommu/Kconfig |9 + drivers/iommu/Makefile|2 drivers/iommu/amd_iommu_debugfs.c | 428 + drivers/iommu/amd_iommu_init.c|7 - drivers/iommu/amd_iommu_proto.h |6 + drivers/iommu/amd_iommu_types.h |3 6 files changed, 452 insertions(+), 3 deletions(-) create mode 100644 drivers/iommu/amd_iommu_debugfs.c --
[PATCH 1/5] iommu/amd - Add debugfs support
Create the basic debugfs functions. Expose a count of IOMMU device
table entries that appear to be in use.
Signed-off-by: Gary R Hook
---
drivers/iommu/Kconfig |9 +++
drivers/iommu/Makefile|2 -
drivers/iommu/amd_iommu_debugfs.c | 112 +
drivers/iommu/amd_iommu_init.c|7 ++
drivers/iommu/amd_iommu_proto.h |6 ++
drivers/iommu/amd_iommu_types.h |3 +
6 files changed, 136 insertions(+), 3 deletions(-)
create mode 100644 drivers/iommu/amd_iommu_debugfs.c
diff --git a/drivers/iommu/Kconfig b/drivers/iommu/Kconfig
index f3a21343e636..7753989b6be7 100644
--- a/drivers/iommu/Kconfig
+++ b/drivers/iommu/Kconfig
@@ -135,6 +135,15 @@ config AMD_IOMMU_V2
hardware. Select this option if you want to use devices that support
the PCI PRI and PASID interface.
+config AMD_IOMMU_DEBUG
+ bool "Expose AMD IOMMU internals in DebugFS"
+ depends on AMD_IOMMU && DEBUG_FS
+ default n
+ help
+ With this option you can enable access to AMD IOMMU registers and
+ data structures through debugfs. Select this to see information
+ about the internal state of the device.
+
# Intel IOMMU support
config DMAR_TABLE
bool
diff --git a/drivers/iommu/Makefile b/drivers/iommu/Makefile
index 1fb695854809..d9e9ed5f6cfc 100644
--- a/drivers/iommu/Makefile
+++ b/drivers/iommu/Makefile
@@ -9,7 +9,7 @@ obj-$(CONFIG_IOMMU_IO_PGTABLE_LPAE) += io-pgtable-arm.o
obj-$(CONFIG_IOMMU_IOVA) += iova.o
obj-$(CONFIG_OF_IOMMU) += of_iommu.o
obj-$(CONFIG_MSM_IOMMU) += msm_iommu.o
-obj-$(CONFIG_AMD_IOMMU) += amd_iommu.o amd_iommu_init.o
+obj-$(CONFIG_AMD_IOMMU) += amd_iommu.o amd_iommu_init.o amd_iommu_debugfs.o
obj-$(CONFIG_AMD_IOMMU_V2) += amd_iommu_v2.o
obj-$(CONFIG_ARM_SMMU) += arm-smmu.o
obj-$(CONFIG_ARM_SMMU_V3) += arm-smmu-v3.o
diff --git a/drivers/iommu/amd_iommu_debugfs.c
b/drivers/iommu/amd_iommu_debugfs.c
new file mode 100644
index ..18f70934961d
--- /dev/null
+++ b/drivers/iommu/amd_iommu_debugfs.c
@@ -0,0 +1,112 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * AMD IOMMU driver
+ *
+ * Copyright (C) 2018 Advanced Micro Devices, Inc.
+ *
+ * Author: Gary R Hook
+ */
+
+#ifdef CONFIG_DEBUG_FS
+
+#include
+#include
+#include
+#include "amd_iommu_proto.h"
+#include "amd_iommu_types.h"
+
+/* DebugFS helpers */
+#defineOBUFP (obuf + oboff)
+#defineOBUFLEN obuflen
+#defineOBUFSPC (OBUFLEN - oboff)
+#defineOSCNPRINTF(fmt, ...) \
+ scnprintf(OBUFP, OBUFSPC, fmt, ## __VA_ARGS__)
+
+static struct dentry *iommu_debugfs_dir;
+static DEFINE_RWLOCK(iommu_debugfs_lock);
+
+#defineMAX_NAME_LEN20
+
+static unsigned int amd_iommu_count_valid_dtes(int start, int end)
+{
+ unsigned int n = 0;
+ int i;
+
+ /* Scan the DTE table from entry 'start' through entry 'end' for
+* active entries
+*/
+ for (i = start ; i <= end ; i++)
+ if ((amd_iommu_dev_table[i].data[0] ^ 0x3)
+|| amd_iommu_dev_table[i].data[1])
+ n++;
+ return n;
+}
+
+static ssize_t amd_iommu_debugfs_dtecount_read(struct file *filp,
+ char __user *ubuf,
+ size_t count, loff_t *offp)
+{
+ struct amd_iommu *iommu = filp->private_data;
+ unsigned int obuflen = 512;
+ unsigned int oboff = 0;
+ unsigned int n;
+ ssize_t ret;
+ char *obuf;
+
+ if (!iommu)
+ return 0;
+
+ obuf = kmalloc(OBUFLEN, GFP_KERNEL);
+ if (!obuf)
+ return -ENOMEM;
+
+ n = amd_iommu_count_valid_dtes(0, 0x);
+ oboff += OSCNPRINTF("%d\n", n);
+
+ ret = simple_read_from_buffer(ubuf, count, offp, obuf, oboff);
+ kfree(obuf);
+
+ return ret;
+}
+
+static const struct file_operations amd_iommu_debugfs_dtecount_ops = {
+ .owner = THIS_MODULE,
+ .open = simple_open,
+ .read = amd_iommu_debugfs_dtecount_read,
+ .write = NULL,
+};
+
+void amd_iommu_debugfs_setup(struct amd_iommu *iommu)
+{
+ char name[MAX_NAME_LEN + 1];
+ struct dentry *d_dte;
+ unsigned long flags;
+
+ if (!debugfs_initialized())
+ return;
+
+ write_lock_irqsave(&iommu_debugfs_lock, flags);
+ if (!iommu_debugfs_dir)
+ iommu_debugfs_dir = debugfs_create_dir("amd-iommu", NULL);
+ write_unlock_irqrestore(&iommu_debugfs_lock, flags);
+ if (!iommu_debugfs_dir)
+ goto err;
+
+ snprintf(name, MAX_NAME_LEN, "iommu%02d", iommu->index);
+ iommu->debugfs_instance = debugfs_create_dir(name, iommu_debugfs_dir);
+ if (!iommu->debugfs_instance)
+ goto err;
+
+
[PATCH 5/5] iommu/amd - Add a debugfs entry to specify a IOMMU device table entry
Initially (at boot) the device table values dumped are all of the
active devices. Add a devid debugfs file to allow the user to select a
single device table entry to dump (active or not). Let any devid value
greater than the maximum allowable PCI ID (0x) restore the
behavior to that effective at boot.
Signed-off-by: Gary R Hook
---
drivers/iommu/amd_iommu_debugfs.c | 127 -
1 file changed, 109 insertions(+), 18 deletions(-)
diff --git a/drivers/iommu/amd_iommu_debugfs.c
b/drivers/iommu/amd_iommu_debugfs.c
index 87840ae9889d..efb666873daa 100644
--- a/drivers/iommu/amd_iommu_debugfs.c
+++ b/drivers/iommu/amd_iommu_debugfs.c
@@ -38,6 +38,7 @@ static DEFINE_RWLOCK(iommu_debugfs_lock);
#defineMAX_NAME_LEN20
static unsigned int amd_iommu_verbose;
+static unsigned int amd_iommu_devid = ~0;
static unsigned int amd_iommu_count_valid_dtes(int start, int end)
{
@@ -91,6 +92,72 @@ static const struct file_operations
amd_iommu_debugfs_dtecount_ops = {
.write = NULL,
};
+static ssize_t amd_iommu_debugfs_devid_read(struct file *filp,
+ char __user *ubuf,
+ size_t count, loff_t *offp)
+{
+ struct amd_iommu *iommu = filp->private_data;
+ unsigned int obuflen = 512;
+ unsigned int oboff = 0;
+ ssize_t ret;
+ char *obuf;
+
+ if (!iommu)
+ return 0;
+
+ obuf = kmalloc(OBUFLEN, GFP_KERNEL);
+ if (!obuf)
+ return -ENOMEM;
+
+ if (amd_iommu_verbose)
+ oboff += OSCNPRINTF("%02x:%02x.%x 0x%04x %u\n",
+ PCI_BUS_NUM(amd_iommu_devid),
+ PCI_SLOT(amd_iommu_devid),
+ PCI_FUNC(amd_iommu_devid),
+ amd_iommu_devid, amd_iommu_devid);
+ else
+ oboff += OSCNPRINTF("%u\n", amd_iommu_devid);
+
+ ret = simple_read_from_buffer(ubuf, count, offp, obuf, oboff);
+ kfree(obuf);
+
+ return ret;
+}
+
+static ssize_t amd_iommu_debugfs_devid_write(struct file *filp,
+ const char __user *ubuf,
+ size_t count, loff_t *offp)
+{
+ unsigned int pci_id, pci_slot, pci_func;
+ unsigned int obuflen = 80;
+ ssize_t ret;
+ char *obuf;
+ int n;
+
+ obuf = kmalloc(OBUFLEN, GFP_KERNEL);
+ if (!obuf)
+ return -ENOMEM;
+
+ ret = simple_write_to_buffer(obuf, OBUFLEN, offp, ubuf, count);
+
+ if (strnchr(obuf, OBUFLEN, ':')) {
+ n = sscanf(obuf, "%x:%x.%x", &pci_id, &pci_slot, &pci_func);
+ if (n == 3)
+ amd_iommu_devid = PCI_DEVID(pci_id, PCI_DEVFN(pci_slot,
pci_func));
+ } else
+ n = kstrtouint(obuf, 0, &amd_iommu_devid);
+ kfree(obuf);
+
+ return ret;
+}
+
+static const struct file_operations amd_iommu_debugfs_devid_ops = {
+ .owner = THIS_MODULE,
+ .open = simple_open,
+ .read = amd_iommu_debugfs_devid_read,
+ .write = amd_iommu_debugfs_devid_write,
+};
+
struct bits {
uint bit;
uint len;
@@ -211,9 +278,13 @@ static ssize_t amd_iommu_debugfs_dte_read(struct file
*filp,
return 0;
/* Count the number of valid entries in the device table */
- istart = 0;
- iend = MAX_PCI_ID;
- n = amd_iommu_count_valid_dtes(istart, iend);
+ if (amd_iommu_devid > MAX_PCI_ID) {
+ istart = 0;
+ iend = MAX_PCI_ID;
+ n = amd_iommu_count_valid_dtes(istart, iend);
+ } else {
+ n = 1;
+ }
if (amd_iommu_verbose)
obuflen = n * 2048;
else
@@ -223,20 +294,29 @@ static ssize_t amd_iommu_debugfs_dte_read(struct file
*filp,
if (!obuf)
return -ENOMEM;
- for (i = istart ; i <= iend ; i++)
- if ((amd_iommu_dev_table[i].data[0] ^ 0x3)
-|| amd_iommu_dev_table[i].data[1]) {
- if (amd_iommu_verbose) {
- oboff += OSCNPRINTF("Device %02x:%02x.%x\n",
- PCI_BUS_NUM(i),
- PCI_SLOT(i),
- PCI_FUNC(i));
- amd_iommu_print_dte_verbose(i, &obuf,
- &obuflen, &oboff);
- } else {
- oboff += PRINTDTE(i);
+ if (amd_iommu_devid > MAX_PCI_ID) {
+ for (i = istart ; i <= iend ; i++)
+ if ((amd_iommu_dev_table[i].data[0] ^ 0x3)
+
[PATCH 2/5] iommu/amd - Add a 'verbose' switch for IOMMU debugfs
Enable more descriptive debugfs output via a 'verbose' variable.
Signed-off-by: Gary R Hook
---
drivers/iommu/amd_iommu_debugfs.c | 14 +-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/drivers/iommu/amd_iommu_debugfs.c
b/drivers/iommu/amd_iommu_debugfs.c
index 18f70934961d..c449f3a7452c 100644
--- a/drivers/iommu/amd_iommu_debugfs.c
+++ b/drivers/iommu/amd_iommu_debugfs.c
@@ -27,6 +27,8 @@ static DEFINE_RWLOCK(iommu_debugfs_lock);
#defineMAX_NAME_LEN20
+static unsigned int amd_iommu_verbose;
+
static unsigned int amd_iommu_count_valid_dtes(int start, int end)
{
unsigned int n = 0;
@@ -61,7 +63,10 @@ static ssize_t amd_iommu_debugfs_dtecount_read(struct file
*filp,
return -ENOMEM;
n = amd_iommu_count_valid_dtes(0, 0x);
- oboff += OSCNPRINTF("%d\n", n);
+ if (amd_iommu_verbose)
+ oboff += OSCNPRINTF("# DTEs: %d\n", n);
+ else
+ oboff += OSCNPRINTF("%d\n", n);
ret = simple_read_from_buffer(ubuf, count, offp, obuf, oboff);
kfree(obuf);
@@ -79,6 +84,7 @@ static const struct file_operations
amd_iommu_debugfs_dtecount_ops = {
void amd_iommu_debugfs_setup(struct amd_iommu *iommu)
{
char name[MAX_NAME_LEN + 1];
+ struct dentry *d_verbose;
struct dentry *d_dte;
unsigned long flags;
@@ -97,6 +103,12 @@ void amd_iommu_debugfs_setup(struct amd_iommu *iommu)
if (!iommu->debugfs_instance)
goto err;
+ d_verbose = debugfs_create_u32("verbose", 0600,
+ iommu->debugfs_instance,
+ &amd_iommu_verbose);
+ if (!d_verbose)
+ goto err;
+
d_dte = debugfs_create_file("count", 0400,
iommu->debugfs_instance, iommu,
&amd_iommu_debugfs_dtecount_ops);
[PATCH 3/5] iommu/amd - Add a README variable for the IOMMU debugfs
Provide help text via a filesystem entry
Signed-off-by: Gary R Hook
---
drivers/iommu/amd_iommu_debugfs.c | 31 +++
1 file changed, 31 insertions(+)
diff --git a/drivers/iommu/amd_iommu_debugfs.c
b/drivers/iommu/amd_iommu_debugfs.c
index c449f3a7452c..5066d3976912 100644
--- a/drivers/iommu/amd_iommu_debugfs.c
+++ b/drivers/iommu/amd_iommu_debugfs.c
@@ -81,6 +81,31 @@ static const struct file_operations
amd_iommu_debugfs_dtecount_ops = {
.write = NULL,
};
+static char readmetext[] =
+"count Count of active devices\n"
+"verbose Provide additional descriptive text\n"
+"\n";
+
+static ssize_t amd_iommu_debugfs_readme_read(struct file *filp,
+ char __user *ubuf,
+ size_t count, loff_t *offp)
+{
+ ssize_t ret;
+
+ ret = simple_read_from_buffer(ubuf, count, offp,
+ readmetext, strlen(readmetext));
+
+ return ret;
+}
+
+
+static const struct file_operations amd_iommu_debugfs_readme_ops = {
+ .owner = THIS_MODULE,
+ .open = simple_open,
+ .read = amd_iommu_debugfs_readme_read,
+ .write = NULL,
+};
+
void amd_iommu_debugfs_setup(struct amd_iommu *iommu)
{
char name[MAX_NAME_LEN + 1];
@@ -115,6 +140,12 @@ void amd_iommu_debugfs_setup(struct amd_iommu *iommu)
if (!d_dte)
goto err;
+ d_dte = debugfs_create_file("README", 0400,
+ iommu->debugfs_instance, iommu,
+ &amd_iommu_debugfs_readme_ops);
+ if (!d_dte)
+ goto err;
+
return;
err:
[PATCH 4/5] iommu/amd - Expose the active IOMMU device table entries
Add a debugfs entry to dump the active device table entries from
the IOMMU's table. 'Active' is determined by non-default values
in the first and second long words of the DTE. Aside from IOMMU
devices, this output should list every device reported by lspci.
Use arrays to store DTE bit field definitions for debugfs printing
in verbose mode
Signed-off-by: Gary R Hook
---
drivers/iommu/amd_iommu_debugfs.c | 182 +
1 file changed, 182 insertions(+)
diff --git a/drivers/iommu/amd_iommu_debugfs.c
b/drivers/iommu/amd_iommu_debugfs.c
index 5066d3976912..87840ae9889d 100644
--- a/drivers/iommu/amd_iommu_debugfs.c
+++ b/drivers/iommu/amd_iommu_debugfs.c
@@ -22,6 +22,16 @@
#defineOSCNPRINTF(fmt, ...) \
scnprintf(OBUFP, OBUFSPC, fmt, ## __VA_ARGS__)
+#defineMAX_PCI_ID 0x
+
+#definePRINTDTE(i) OSCNPRINTF("%02x:%02x:%x - " \
+ "%016llx %016llx %016llx %016llx\n", \
+ PCI_BUS_NUM(i), PCI_SLOT(i), PCI_FUNC(i), \
+ amd_iommu_dev_table[i].data[0], \
+ amd_iommu_dev_table[i].data[1], \
+ amd_iommu_dev_table[i].data[2], \
+ amd_iommu_dev_table[i].data[3])
+
static struct dentry *iommu_debugfs_dir;
static DEFINE_RWLOCK(iommu_debugfs_lock);
@@ -81,9 +91,174 @@ static const struct file_operations
amd_iommu_debugfs_dtecount_ops = {
.write = NULL,
};
+struct bits {
+ uint bit;
+ uint len;
+ char *lbl;
+ char *note;
+};
+
+static struct bits dte_lft[] = {
+ { 0, 1, "V:", "[0]" },
+ { 1, 1, "TV:", "[1]" },
+ { 7, 2, "Host Access Dirty:", "[8:7]" },
+ { 9, 3, "Paging Mode:", "[11:9]" },
+ { 52, 1, "PPR:", "[52]" },
+ { 53, 1, "GPRP:", "[53]" },
+ { 54, 1, "GIoV:", "[54]" },
+ { 55, 1, "GV:", "[55]" },
+ { 56, 2, "GLX:", "[57:56]" },
+ { 61, 1, "IR:", "[61]" },
+ { 62, 1, "IW:", "[62]" },
+ { 96, 1, "I:", "[96]" },
+ { 97, 1, "SE:", "[97]" },
+ { 98, 1, "SA:", "[98]" },
+ { 99, 2, "IOCtl:", "[100:99]" },
+};
+static uint lftlen = sizeof(dte_lft) / sizeof(struct bits);
+
+static struct bits dte_rght[] = {
+ { 101, 1, "Cache:", "[101]" },
+ { 102, 1, "SD:", "[102]" },
+ { 103, 1, "EX :", "[103]" },
+ { 104, 2, "SysMgt:", "[105:104]" },
+ { 128, 1, "IV:", "[128]" },
+ { 129, 4, "IntTabLen:", "[132:129]" },
+ { 133, 1, "IG:", "[133]" },
+ { 184, 1, "InitPass:", "[184]" },
+ { 185, 1, "EIntPass:", "[185]" },
+ { 186, 1, "NMIPass:", "[186]" },
+ { 188, 2, "IntClt:", "[189:188]" },
+ { 190, 1, "Lint0Pass:", "[190]" },
+ { 191, 1, "Lint1Pass:", "[191]" },
+ { 246, 1, "AttrV:", "[246]" },
+ { 247, 1, "Mode0FC:", "[247]" },
+};
+static uint rghtlen = sizeof(dte_rght) / sizeof(struct bits);
+
+#defineDTE_BIT(ds, p, n) ((ds[p/64] >> (p%64)) & ((1ULL< rghtlen ? lftlen : rghtlen;
+
+ for (j = 0; j < max ; j++) {
+ lft = &dte_lft[j];
+ if (j < lftlen)
+ oboff += OSCNPRINTF("%-19s%3llx %*s", lft->lbl,
+ DTE_BIT(dte, lft->bit, lft->len),
+ (j < rghtlen) ? -16 : 1,
+ lft->note);
+ else
+ oboff += OSCNPRINTF("%38s", "");
+
+ rght = &dte_rght[j];
+ if (j < rghtlen)
+ oboff += OSCNPRINTF("%-19s%3llx %s\n", rght->lbl,
+ DTE_BIT(dte, rght->bit, rght->len),
+ rght->note);
+ else
+ oboff += OSCNPRINTF("\n");
+ }
+
+ oboff += OSCNPRINTF("%-28s: %4llx %s\n", "Domain ID",
+ DTE_BIT(dte, 64, 16), "[79:64]");
+ oboff += OSCNPRINTF("%-28s: %4llx %s\n", "Snoop Attribute",
+ DTE_BIT(dte, 248,
Re: [PATCH 1/5] iommu/amd - Add debugfs support
On 01/26/2018 06:00 PM, Borislav Petkov wrote: On Fri, Jan 26, 2018 at 05:52:15PM -0600, Gary R Hook wrote: --- a/drivers/iommu/Kconfig +++ b/drivers/iommu/Kconfig @@ -135,6 +135,15 @@ config AMD_IOMMU_V2 hardware. Select this option if you want to use devices that support the PCI PRI and PASID interface. +config AMD_IOMMU_DEBUG + bool "Expose AMD IOMMU internals in DebugFS" + depends on AMD_IOMMU && DEBUG_FS + default n + help + With this option you can enable access to AMD IOMMU registers and + data structures through debugfs. Select this to see information + about the internal state of the device. + # Intel IOMMU support config DMAR_TABLE bool diff --git a/drivers/iommu/Makefile b/drivers/iommu/Makefile index 1fb695854809..d9e9ed5f6cfc 100644 --- a/drivers/iommu/Makefile +++ b/drivers/iommu/Makefile @@ -9,7 +9,7 @@ obj-$(CONFIG_IOMMU_IO_PGTABLE_LPAE) += io-pgtable-arm.o obj-$(CONFIG_IOMMU_IOVA) += iova.o obj-$(CONFIG_OF_IOMMU)+= of_iommu.o obj-$(CONFIG_MSM_IOMMU) += msm_iommu.o -obj-$(CONFIG_AMD_IOMMU) += amd_iommu.o amd_iommu_init.o +obj-$(CONFIG_AMD_IOMMU) += amd_iommu.o amd_iommu_init.o amd_iommu_debugfs.o That looks like it needs to be: obj-$(CONFIG_AMD_IOMMU_DEBUG) += amd_iommu_debugfs.o Of course. Thanks, Boris. I'll get that in v2.
Re: [PATCH] crypto: ccp: Use memdup_user() rather than duplicating its implementation
On 03/05/2018 07:10 AM, SF Markus Elfring wrote:
From: Markus Elfring
Date: Mon, 5 Mar 2018 13:50:13 +0100
Reuse existing functionality from memdup_user() instead of keeping
duplicate source code.
This issue was detected by using the Coccinelle software.
Signed-off-by: Markus Elfring
Acked-by: Gary R Hook
---
drivers/crypto/ccp/psp-dev.c | 15 +--
1 file changed, 1 insertion(+), 14 deletions(-)
diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c
index fcfa5b1eae61..8255258cd040 100644
--- a/drivers/crypto/ccp/psp-dev.c
+++ b/drivers/crypto/ccp/psp-dev.c
@@ -367,8 +367,6 @@ static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp)
void *psp_copy_user_blob(u64 __user uaddr, u32 len)
{
- void *data;
-
if (!uaddr || !len)
return ERR_PTR(-EINVAL);
@@ -376,18 +374,7 @@ void *psp_copy_user_blob(u64 __user uaddr, u32 len)
if (len > SEV_FW_BLOB_MAX_SIZE)
return ERR_PTR(-EINVAL);
- data = kmalloc(len, GFP_KERNEL);
- if (!data)
- return ERR_PTR(-ENOMEM);
-
- if (copy_from_user(data, (void __user *)(uintptr_t)uaddr, len))
- goto e_free;
-
- return data;
-
-e_free:
- kfree(data);
- return ERR_PTR(-EFAULT);
+ return memdup_user((void __user *)(uintptr_t)uaddr, len);
}
EXPORT_SYMBOL_GPL(psp_copy_user_blob);
[PATCH v3] Documentation/CodingStyle: Add an example for braces
Add another example of required braces when using a compound statement in
a loop.
Signed-off-by: Gary R Hook
---
Changes since v2:
- Modified the example code fragment
Changes since v1:
- Move the new example up, and make it more generic
Documentation/process/coding-style.rst |9 +
1 file changed, 9 insertions(+)
diff --git a/Documentation/process/coding-style.rst
b/Documentation/process/coding-style.rst
index a20b44a40ec4..24903244c8be 100644
--- a/Documentation/process/coding-style.rst
+++ b/Documentation/process/coding-style.rst
@@ -188,6 +188,15 @@ and
else
do_that();
+Do use braces when a body is more complex than a single simple statement:
+
+.. code-block:: c
+
+ if (condition) {
+ while (some_loop_condition)
+ do_something();
+ }
+
This does not apply if only one branch of a conditional statement is a single
statement; in the latter case use braces in both branches:
Re: [PATCH v2] Documentation/CodingStyle: Add an example for braces
On 03/22/2018 04:12 AM, Jani Nikula wrote: On Wed, 21 Mar 2018, Jonathan Corbet wrote: To head that off, I think I'll apply your first version instead, sorry Jani. No worries. Submitting a v3 because the example could better illuminate the options by using loop construct inside of an if, addressing Jani's point but without opening the door to later criticism. I also like the verbage in v2/3 better, but I'll let Jonathan make the call. BTW which tree should these be developed against? I used torvalds, but I'm not entirely sure that was the proper one? Gary
Re: [PATCH v2] Documentation/CodingStyle: Add an example for braces
On 03/26/2018 11:32 AM, Jonathan Corbet wrote: On Mon, 26 Mar 2018 11:28:03 -0500 Gary R Hook wrote: Submitting a v3 because the example could better illuminate the options by using loop construct inside of an if, addressing Jani's point but without opening the door to later criticism. I also like the verbage in v2/3 better, but I'll let Jonathan make the call. As I told you, I was applying the first version; I did that last week. Forgive me; was out of the office. I've seen maintainers comment but not necessarily execute immediately, and therefore I try to learn how each works, but here I made an assumption. No worries and sorry to bother. BTW which tree should these be developed against? I used torvalds, but I'm not entirely sure that was the proper one? The MAINTAINERS file will (almost) always answer that question for you: T: git git://git.lwn.net/linux.git docs-next Good point. I should know better by now. Again, thank you. Gary
Re: [PATCH v3 0/5] Add debugfs info for the AMD IOMMU
On 03/15/2018 08:58 AM, Joerg Roedel wrote: On Wed, Mar 14, 2018 at 06:04:44PM -0500, Gary R Hook wrote: Gary R Hook (5): iommu/amd - Add debugfs support iommu/amd - Add a 'verbose' switch for IOMMU debugfs iommu/amd - Add a README variable for the IOMMU debugfs iommu/amd - Expose the active IOMMU device table entries iommu/amd - Add a debugfs entry to specify a IOMMU device table entry Same problem here as with the Intel patches, I don't think it's a good idea to reveal internal iommu data structures to user-space in this way. I'm afraid I'm not following the line of thought here. AFAIK, if we restrict access of any debugfs info to root, then only root can see any of that information. If root is compromised, the whole system is compromised. Which seems to me to make all of debugfs suspect from a security perspective. Therefore, I'm likely not understanding the security concerns as they relate specifically to the IOMMU. As for stability, you mention on the Intel IOMMU thread issues surrounding kABI, which I appreciate. But I'm exposing well-documented device structures in my patches, not kernel structures. There's nothing there that is going to change underneath me without my knowledge, if ever (I vote for never). And I'm likely ignorant about policy nuances surrounding the kernel ABI. I've debugged iommu issues for around 10 years now and never had the need for an interface that reveals those internals. How exactly are you planning to use this information? Well, I've already had to dig into the DTEs and page tables for a couple of reasons (both debug and development), and it made life easier (for me) to make the live data available this way. Then I thought that others might be interested as well. Admittedly, I could be wrong. Finally, I'm no guru, and likely am unaware of other techniques in which I should develop skills. I'm always open to input.
[PATCH v3 1/2] iommu - Enable debugfs exposure of the IOMMU
Provide base enablement for using debugfs to expose internal data of
an IOMMU driver. When called, create the /sys/kernel/debug/iommu
directory. Emit a strong warning at boot time to indicate that this
feature is enabled.
This patch adds a top-level function that will create the (above)
directory, under which a driver may create a hw-specific directory for
its use. The function
iommu_debugfs_setup()
returns a pointer to the new dentry structure created for
/sys/kernel/debug/iommu, or NULL in the event of a failure. An IOMMU
driver should call this function first, and then create a directory
beneath it. A driver implementation might look something like:
static struct dentry *my_debugfs;
struct dentry *d_top;
if (!my_debugfs) {
d_top = iommu_debugfs_setup();
if (d_top)
my_debugfs = debugfs_create_dir("vendor", d_top);
}
Since the IOMMU driver can not be removed from the running system, this
patch only provides an "on" function.
Signed-off-by: Gary R Hook
---
drivers/iommu/Kconfig | 11
drivers/iommu/Makefile|1 +
drivers/iommu/iommu-debugfs.c | 58 +
include/linux/iommu.h |4 +++
4 files changed, 74 insertions(+)
create mode 100644 drivers/iommu/iommu-debugfs.c
diff --git a/drivers/iommu/Kconfig b/drivers/iommu/Kconfig
index f3a21343e636..c1e39dabfec2 100644
--- a/drivers/iommu/Kconfig
+++ b/drivers/iommu/Kconfig
@@ -60,6 +60,17 @@ config IOMMU_IO_PGTABLE_ARMV7S_SELFTEST
endmenu
+config IOMMU_DEBUG
+ bool "Enable IOMMU internals in DebugFS"
+ depends on DEBUG_FS
+ default n
+ help
+ Allows exposure of IOMMU device internals. This option enables
+ the use of debugfs by IOMMU drivers as required. Devices can,
+ at initialization time, cause the IOMMU code to create a top-level
+ debug/iommu directory, and then populate a subdirectory with
+ entries as required.
+
config IOMMU_IOVA
tristate
diff --git a/drivers/iommu/Makefile b/drivers/iommu/Makefile
index 1fb695854809..5eb1121d54b9 100644
--- a/drivers/iommu/Makefile
+++ b/drivers/iommu/Makefile
@@ -2,6 +2,7 @@
obj-$(CONFIG_IOMMU_API) += iommu.o
obj-$(CONFIG_IOMMU_API) += iommu-traces.o
obj-$(CONFIG_IOMMU_API) += iommu-sysfs.o
+obj-$(CONFIG_IOMMU_DEBUG) += iommu-debugfs.o
obj-$(CONFIG_IOMMU_DMA) += dma-iommu.o
obj-$(CONFIG_IOMMU_IO_PGTABLE) += io-pgtable.o
obj-$(CONFIG_IOMMU_IO_PGTABLE_ARMV7S) += io-pgtable-arm-v7s.o
diff --git a/drivers/iommu/iommu-debugfs.c b/drivers/iommu/iommu-debugfs.c
new file mode 100644
index ..add6f95120e4
--- /dev/null
+++ b/drivers/iommu/iommu-debugfs.c
@@ -0,0 +1,58 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * IOMMU driver
+ *
+ * Copyright (C) 2018 Advanced Micro Devices, Inc.
+ *
+ * Author: Gary R Hook
+ */
+
+#include
+#include
+#include
+
+static struct dentry *iommu_debugfs_dir;
+
+/*
+ * Provide base enablement for using debugfs to expose internal data of an
+ * IOMMU driver. When called, create the /sys/kernel/debug/iommu directory.
+ *
+ * Emit a strong warning at boot time to indicate that this feature is
+ * enabled.
+ *
+ * This top-level function that will create the (above) directory, under a
+ * driver may create a hw-specific directory for its use. The function
+ *
+ * iommu_debugfs_setup()
+ *
+ * returns a pointer to the new dentry structure created for
+ * /sys/kernel/debug/iommu, or NULL in the event of a failure. An IOMMU
+ * driver should call this function first, and then create a directory
+ * beneath it. A driver implementation might look something like:
+ *
+ * static struct dentry *my_debugfs;
+ *
+ *struct dentry *d_top;
+ *if (!my_debugfs) {
+ *d_top = iommu_debugfs_setup();
+ *if (d_top)
+ *my_debugfs = debugfs_create_dir("vendor", d_top);
+ *}
+ *
+ * Since the IOMMU driver can not be removed from the running system, there
+ * is no need for an "off" function.
+ */
+struct dentry *iommu_debugfs_setup(void)
+{
+ if (!debugfs_initialized())
+ return NULL;
+
+ if (!iommu_debugfs_dir)
+ iommu_debugfs_dir = debugfs_create_dir("iommu", NULL);
+
+ if (iommu_debugfs_dir)
+ pr_warn("WARNING: IOMMU DEBUGFS SUPPORT HAS BEEN ENABLED IN
THIS KERNEL\n");
+
+ return iommu_debugfs_dir;
+}
+EXPORT_SYMBOL_GPL(iommu_debugfs_setup);
diff --git a/include/linux/iommu.h b/include/linux/iommu.h
index 19938ee6eb31..ccf7c1d800b0 100644
--- a/include/linux/iommu.h
+++ b/include/linux/iommu.h
@@ -698,4 +698,8 @@ const struct iommu_ops *iommu_ops_from_fwnode(struct
fwnode_handle *fwnode)
#endif /* CONFIG_IOMMU_API */
+#ifdef CONFIG_IOMMU_DEBUG
+struct dentry *iommu_debugfs_setup(void);
+#endif
+
#endif /* __LINUX_IOMMU_H */
[PATCH v3 0/2] Base enablement of IOMMU debugfs support
These patches create a top-level function to create a debugfs directory for the IOMMU, under which drivers may create and populate-specific directories for their device internals. Patch 1: general IOMMU enablement Patch 2: basic AMD enablement to demonstrate linkage with patch 1 Introduce a new Kconfig parameter IOMMU_DEBUG to globally allow or disallow debugfs code to be built. Changes since v2: - Move a declaration to outside an ifdef - Remove a spurious blank line Changes since v1: - Remove debug cruft - Remove cruft produced by design change - Change the lock to a mutex - Coding style fixes - Add a comment to document the framework --- Gary R Hook (2): iommu - Enable debugfs exposure of the IOMMU iommu/amd: Add basic debugfs infrastructure for AMD IOMMU drivers/iommu/Kconfig | 11 +++ drivers/iommu/Makefile|2 + drivers/iommu/amd_iommu_debugfs.c | 45 + drivers/iommu/amd_iommu_init.c|6 +++- drivers/iommu/amd_iommu_proto.h |6 drivers/iommu/amd_iommu_types.h |3 ++ drivers/iommu/iommu-debugfs.c | 58 + include/linux/iommu.h |4 +++ 8 files changed, 133 insertions(+), 2 deletions(-) create mode 100644 drivers/iommu/amd_iommu_debugfs.c create mode 100644 drivers/iommu/iommu-debugfs.c -- Effective helpfulness requires thoroughness
[PATCH v3 2/2] iommu/amd: Add basic debugfs infrastructure for AMD IOMMU
Implement a skeleton framework for debugfs support in the
AMD IOMMU.
Signed-off-by: Gary R Hook
---
drivers/iommu/Makefile|1 +
drivers/iommu/amd_iommu_debugfs.c | 45 +
drivers/iommu/amd_iommu_init.c|6 +++--
drivers/iommu/amd_iommu_proto.h |6 +
drivers/iommu/amd_iommu_types.h |3 ++
5 files changed, 59 insertions(+), 2 deletions(-)
create mode 100644 drivers/iommu/amd_iommu_debugfs.c
diff --git a/drivers/iommu/Makefile b/drivers/iommu/Makefile
index 5eb1121d54b9..0ca250f626d9 100644
--- a/drivers/iommu/Makefile
+++ b/drivers/iommu/Makefile
@@ -11,6 +11,7 @@ obj-$(CONFIG_IOMMU_IOVA) += iova.o
obj-$(CONFIG_OF_IOMMU) += of_iommu.o
obj-$(CONFIG_MSM_IOMMU) += msm_iommu.o
obj-$(CONFIG_AMD_IOMMU) += amd_iommu.o amd_iommu_init.o
+obj-$(CONFIG_IOMMU_DEBUG) += amd_iommu_debugfs.o
obj-$(CONFIG_AMD_IOMMU_V2) += amd_iommu_v2.o
obj-$(CONFIG_ARM_SMMU) += arm-smmu.o
obj-$(CONFIG_ARM_SMMU_V3) += arm-smmu-v3.o
diff --git a/drivers/iommu/amd_iommu_debugfs.c
b/drivers/iommu/amd_iommu_debugfs.c
new file mode 100644
index ..282100a655b3
--- /dev/null
+++ b/drivers/iommu/amd_iommu_debugfs.c
@@ -0,0 +1,45 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * AMD IOMMU driver
+ *
+ * Copyright (C) 2018 Advanced Micro Devices, Inc.
+ *
+ * Author: Gary R Hook
+ */
+
+#include
+#include
+#include
+#include "amd_iommu_proto.h"
+#include "amd_iommu_types.h"
+
+static struct dentry *amd_iommu_debugfs;
+static DEFINE_MUTEX(amd_iommu_debugfs_lock);
+
+#defineMAX_NAME_LEN20
+
+void amd_iommu_debugfs_setup(struct amd_iommu *iommu)
+{
+ char name[MAX_NAME_LEN + 1];
+ struct dentry *d_top;
+
+ if (!debugfs_initialized())
+ return;
+
+ mutex_lock(&amd_iommu_debugfs_lock);
+ if (!amd_iommu_debugfs) {
+ d_top = iommu_debugfs_setup();
+ if (d_top)
+ amd_iommu_debugfs = debugfs_create_dir("amd", d_top);
+ }
+ mutex_unlock(&amd_iommu_debugfs_lock);
+ if (amd_iommu_debugfs) {
+ snprintf(name, MAX_NAME_LEN, "iommu%02d", iommu->index);
+ iommu->debugfs = debugfs_create_dir(name,
+ amd_iommu_debugfs);
+ if (!iommu->debugfs) {
+ debugfs_remove_recursive(amd_iommu_debugfs);
+ amd_iommu_debugfs = NULL;
+ }
+ }
+}
diff --git a/drivers/iommu/amd_iommu_init.c b/drivers/iommu/amd_iommu_init.c
index 904c575d1677..031e6dbb8345 100644
--- a/drivers/iommu/amd_iommu_init.c
+++ b/drivers/iommu/amd_iommu_init.c
@@ -2721,6 +2721,7 @@ int __init amd_iommu_enable_faulting(void)
*/
static int __init amd_iommu_init(void)
{
+ struct amd_iommu *iommu;
int ret;
ret = iommu_go_to_state(IOMMU_INITIALIZED);
@@ -2730,14 +2731,15 @@ static int __init amd_iommu_init(void)
disable_iommus();
free_iommu_resources();
} else {
- struct amd_iommu *iommu;
-
uninit_device_table_dma();
for_each_iommu(iommu)
iommu_flush_all_caches(iommu);
}
}
+ for_each_iommu(iommu)
+ amd_iommu_debugfs_setup(iommu);
+
return ret;
}
diff --git a/drivers/iommu/amd_iommu_proto.h b/drivers/iommu/amd_iommu_proto.h
index 640c286a0ab9..daf7f38531f9 100644
--- a/drivers/iommu/amd_iommu_proto.h
+++ b/drivers/iommu/amd_iommu_proto.h
@@ -33,6 +33,12 @@ extern void amd_iommu_uninit_devices(void);
extern void amd_iommu_init_notifier(void);
extern int amd_iommu_init_api(void);
+#ifdef CONFIG_IOMMU_DEBUG
+void amd_iommu_debugfs_setup(struct amd_iommu *iommu);
+#else
+static inline void amd_iommu_debugfs_setup(struct amd_iommu *iommu) {}
+#endif
+
/* Needed for interrupt remapping */
extern int amd_iommu_prepare(void);
extern int amd_iommu_enable(void);
diff --git a/drivers/iommu/amd_iommu_types.h b/drivers/iommu/amd_iommu_types.h
index 1c9b080276c9..2ca0959ae9e6 100644
--- a/drivers/iommu/amd_iommu_types.h
+++ b/drivers/iommu/amd_iommu_types.h
@@ -593,6 +593,9 @@ struct amd_iommu {
u32 flags;
volatile u64 __aligned(8) cmd_sem;
+
+ /* DebugFS Info */
+ struct dentry *debugfs;
};
static inline struct amd_iommu *dev_to_amd_iommu(struct device *dev)
[PATCH v2] iommu/amd - Use dev_err to send events to the system log
Remove printk and use a more preferable error logging function.
Signed-off-by: Gary R Hook
---
drivers/iommu/amd_iommu.c | 55 +++--
1 file changed, 28 insertions(+), 27 deletions(-)
diff --git a/drivers/iommu/amd_iommu.c b/drivers/iommu/amd_iommu.c
index 7389cc15d97a..7f4e82aed6a0 100644
--- a/drivers/iommu/amd_iommu.c
+++ b/drivers/iommu/amd_iommu.c
@@ -547,6 +547,7 @@ static void amd_iommu_report_page_fault(u16 devid, u16
domain_id,
static void iommu_print_event(struct amd_iommu *iommu, void *__evt)
{
+ struct device *dev = iommu->iommu.dev;
int type, devid, domid, flags;
volatile u32 *event = __evt;
int count = 0;
@@ -573,53 +574,53 @@ static void iommu_print_event(struct amd_iommu *iommu,
void *__evt)
amd_iommu_report_page_fault(devid, domid, address, flags);
return;
} else {
- printk(KERN_ERR "AMD-Vi: Event logged [");
+ dev_err(dev, "AMD-Vi: Event logged [");
}
switch (type) {
case EVENT_TYPE_ILL_DEV:
- printk("ILLEGAL_DEV_TABLE_ENTRY device=%02x:%02x.%x "
- "address=0x%016llx flags=0x%04x]\n",
- PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
- address, flags);
+ dev_err(dev, "ILLEGAL_DEV_TABLE_ENTRY device=%02x:%02x.%x "
+ "address=0x%016llx flags=0x%04x]\n",
+ PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
+ address, flags);
dump_dte_entry(devid);
break;
case EVENT_TYPE_DEV_TAB_ERR:
- printk("DEV_TAB_HARDWARE_ERROR device=%02x:%02x.%x "
- "address=0x%016llx flags=0x%04x]\n",
- PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
- address, flags);
+ dev_err(dev, "DEV_TAB_HARDWARE_ERROR device=%02x:%02x.%x "
+ "address=0x%016llx flags=0x%04x]\n",
+ PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
+ address, flags);
break;
case EVENT_TYPE_PAGE_TAB_ERR:
- printk("PAGE_TAB_HARDWARE_ERROR device=%02x:%02x.%x "
- "domain=0x%04x address=0x%016llx flags=0x%04x]\n",
- PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
- domid, address, flags);
+ dev_err(dev, "PAGE_TAB_HARDWARE_ERROR device=%02x:%02x.%x "
+ "domain=0x%04x address=0x%016llx flags=0x%04x]\n",
+ PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
+ domid, address, flags);
break;
case EVENT_TYPE_ILL_CMD:
- printk("ILLEGAL_COMMAND_ERROR address=0x%016llx]\n", address);
+ dev_err(dev, "ILLEGAL_COMMAND_ERROR address=0x%016llx]\n",
address);
dump_command(address);
break;
case EVENT_TYPE_CMD_HARD_ERR:
- printk("COMMAND_HARDWARE_ERROR address=0x%016llx "
- "flags=0x%04x]\n", address, flags);
+ dev_err(dev, "COMMAND_HARDWARE_ERROR address=0x%016llx "
+ "flags=0x%04x]\n", address, flags);
break;
case EVENT_TYPE_IOTLB_INV_TO:
- printk("IOTLB_INV_TIMEOUT device=%02x:%02x.%x "
- "address=0x%016llx]\n",
- PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
- address);
+ dev_err(dev, "IOTLB_INV_TIMEOUT device=%02x:%02x.%x "
+ "address=0x%016llx]\n",
+ PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
+ address);
break;
case EVENT_TYPE_INV_DEV_REQ:
- printk("INVALID_DEVICE_REQUEST device=%02x:%02x.%x "
- "address=0x%016llx flags=0x%04x]\n",
- PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
- address, flags);
+ dev_err(dev, "INVALID_DEVICE_REQUEST device=%02x:%02x.%x "
+ "address=0x%016llx flags=0x%04x]\n",
+ PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
+ address, flags);
break;
default:
- printk(KERN_ERR "UNKNOWN type=0x%02x event[0]=0x%08x "
- "event[1]=0x%08x event[2]=0x%08x event[3]=0x%08x\n",
- type, event[0], event[1], event[2], event[3]);
+ dev_err(dev, KERN_ERR "UNKNOWN event[0]=0x%08x event[1]=0x%08x "
+ "event[2]=0x%08x event[3]=0x%08x\n",
+ event[0], event[1], event[2], event[3]);
}
memset(__evt, 0, 4 * sizeof(u32));
[PATCH v2 0/5] Add debugfs info for the AMD IOMMU
The following series creates a debugfs directory for AMD IOMMUs, constructs a framework for additional entries, an online README, and a method for dumping device table entries. Data is reported in a default concise mode, but a verbose mode is enabled via a filesystem entry. This is the first of three patch series that will expose a number of IOMMU registers. Changes since v1: - Correctly use CONFIG_AMD_IOMMU_DEBUG in Makefile and header file --- Gary R Hook (5): iommu/amd - Add debugfs support iommu/amd - Add a 'verbose' switch for IOMMU debugfs iommu/amd - Add a README variable for the IOMMU debugfs iommu/amd - Expose the active IOMMU device table entries iommu/amd - Add a debugfs entry to specify a IOMMU device table entry drivers/iommu/Kconfig |8 + drivers/iommu/Makefile|1 drivers/iommu/amd_iommu_debugfs.c | 310 + drivers/iommu/amd_iommu_init.c|7 + drivers/iommu/amd_iommu_proto.h |7 + drivers/iommu/amd_iommu_types.h |3 6 files changed, 334 insertions(+), 2 deletions(-) create mode 100644 drivers/iommu/amd_iommu_debugfs.c --
[PATCH v2 1/5] iommu/amd - Add debugfs support
Expose the IOMMU MMIO registers and device table
Signed-off-by: Gary R Hook
---
drivers/iommu/Kconfig |8 +++
drivers/iommu/Makefile|1
drivers/iommu/amd_iommu_debugfs.c | 112 +
drivers/iommu/amd_iommu_init.c|7 ++
drivers/iommu/amd_iommu_proto.h |7 ++
drivers/iommu/amd_iommu_types.h |3 +
6 files changed, 136 insertions(+), 2 deletions(-)
create mode 100644 drivers/iommu/amd_iommu_debugfs.c
diff --git a/drivers/iommu/Kconfig b/drivers/iommu/Kconfig
index f3a21343e636..0fa85e73d5dd 100644
--- a/drivers/iommu/Kconfig
+++ b/drivers/iommu/Kconfig
@@ -135,6 +135,14 @@ config AMD_IOMMU_V2
hardware. Select this option if you want to use devices that support
the PCI PRI and PASID interface.
+config AMD_IOMMU_DEBUG
+ bool "Expose AMD IOMMU internals in DebugFS"
+ depends on AMD_IOMMU && DEBUG_FS
+ default n
+ help
+ Provides debugfs access to IOMMU data such as registers and device
+ table entries.
+
# Intel IOMMU support
config DMAR_TABLE
bool
diff --git a/drivers/iommu/Makefile b/drivers/iommu/Makefile
index 1fb695854809..64fba8b1ca4f 100644
--- a/drivers/iommu/Makefile
+++ b/drivers/iommu/Makefile
@@ -10,6 +10,7 @@ obj-$(CONFIG_IOMMU_IOVA) += iova.o
obj-$(CONFIG_OF_IOMMU) += of_iommu.o
obj-$(CONFIG_MSM_IOMMU) += msm_iommu.o
obj-$(CONFIG_AMD_IOMMU) += amd_iommu.o amd_iommu_init.o
+obj-$(CONFIG_AMD_IOMMU_DEBUG) += amd_iommu_debugfs.o
obj-$(CONFIG_AMD_IOMMU_V2) += amd_iommu_v2.o
obj-$(CONFIG_ARM_SMMU) += arm-smmu.o
obj-$(CONFIG_ARM_SMMU_V3) += arm-smmu-v3.o
diff --git a/drivers/iommu/amd_iommu_debugfs.c
b/drivers/iommu/amd_iommu_debugfs.c
new file mode 100644
index ..b0395a47bc32
--- /dev/null
+++ b/drivers/iommu/amd_iommu_debugfs.c
@@ -0,0 +1,112 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * AMD IOMMU driver
+ *
+ * Copyright (C) 2018 Advanced Micro Devices, Inc.
+ *
+ * Author: Gary R Hook
+ */
+
+#ifdef CONFIG_DEBUG_FS
+
+#include
+#include
+#include
+#include "amd_iommu_proto.h"
+#include "amd_iommu_types.h"
+
+/* DebugFS helpers */
+#defineOBUFP (obuf + oboff)
+#defineOBUFLEN obuflen
+#defineOBUFSPC (OBUFLEN - oboff)
+#defineOSCNPRINTF(fmt, ...) \
+ scnprintf(OBUFP, OBUFSPC, fmt, ## __VA_ARGS__)
+
+static struct dentry *iommu_debugfs_dir;
+static DEFINE_RWLOCK(iommu_debugfs_lock);
+
+#defineMAX_NAME_LEN20
+
+static unsigned int amd_iommu_count_valid_dtes(int start, int end)
+{
+ unsigned int n = 0;
+ int i;
+
+ /* Scan the DTE table from entry 'start' through entry 'end' for
+* active entries
+*/
+ for (i = start ; i <= end ; i++)
+ if ((amd_iommu_dev_table[i].data[0] ^ 0x3)
+ || amd_iommu_dev_table[i].data[1])
+ n++;
+ return n;
+}
+
+static ssize_t amd_iommu_debugfs_dtecount_read(struct file *filp,
+ char __user *ubuf,
+ size_t count, loff_t *offp)
+{
+ struct amd_iommu *iommu = filp->private_data;
+ unsigned int obuflen = 512;
+ unsigned int oboff = 0;
+ unsigned int n;
+ ssize_t ret;
+ char *obuf;
+
+ if (!iommu)
+ return 0;
+
+ obuf = kmalloc(OBUFLEN, GFP_KERNEL);
+ if (!obuf)
+ return -ENOMEM;
+
+ n = amd_iommu_count_valid_dtes(0, 0x);
+ oboff += OSCNPRINTF("%d\n", n);
+
+ ret = simple_read_from_buffer(ubuf, count, offp, obuf, oboff);
+ kfree(obuf);
+
+ return ret;
+}
+
+static const struct file_operations amd_iommu_debugfs_dtecount_ops = {
+ .owner = THIS_MODULE,
+ .open = simple_open,
+ .read = amd_iommu_debugfs_dtecount_read,
+ .write = NULL,
+};
+
+void amd_iommu_debugfs_setup(struct amd_iommu *iommu)
+{
+ char name[MAX_NAME_LEN + 1];
+ struct dentry *d_dte;
+ unsigned long flags;
+
+ if (!debugfs_initialized())
+ return;
+
+ write_lock_irqsave(&iommu_debugfs_lock, flags);
+ if (!iommu_debugfs_dir)
+ iommu_debugfs_dir = debugfs_create_dir(KBUILD_MODNAME, NULL);
+ write_unlock_irqrestore(&iommu_debugfs_lock, flags);
+ if (!iommu_debugfs_dir)
+ goto err;
+
+ snprintf(name, MAX_NAME_LEN, "iommu%02x", iommu->index);
+ iommu->debugfs_instance = debugfs_create_dir(name, iommu_debugfs_dir);
+ if (!iommu->debugfs_instance)
+ goto err;
+
+ d_dte = debugfs_create_file("count", 0400,
+ iommu->debugfs_instance, iommu,
+ &amd_iommu_debugfs_dtecount_ops);
+ if (!d_dte)
+ goto err;
+
+
[PATCH v2 4/5] iommu/amd - Expose the active IOMMU device table entries
Add a debugfs entry to dump the active device table entries from
the IOMMU's table. Active is determined by non-default values
in the first and second long words of the DTE. Aside from IOMMU
devices, this output should list every device reported by lspci.
Signed-off-by: Gary R Hook
---
drivers/iommu/amd_iommu_debugfs.c | 64 +
1 file changed, 64 insertions(+)
diff --git a/drivers/iommu/amd_iommu_debugfs.c
b/drivers/iommu/amd_iommu_debugfs.c
index 79945ce1199d..c4e071f7a5b9 100644
--- a/drivers/iommu/amd_iommu_debugfs.c
+++ b/drivers/iommu/amd_iommu_debugfs.c
@@ -81,9 +81,66 @@ static const struct file_operations
amd_iommu_debugfs_dtecount_ops = {
.write = NULL,
};
+#defineMAX_PCI_ID 0x
+
+#definePRINTDTE(i) OSCNPRINTF("%02x:%02x:%x - %016llx %016llx
%016llx %016llx\n", \
+ PCI_BUS_NUM(i), PCI_SLOT(i), PCI_FUNC(i), \
+ amd_iommu_dev_table[i].data[0], \
+ amd_iommu_dev_table[i].data[1], \
+ amd_iommu_dev_table[i].data[2], \
+ amd_iommu_dev_table[i].data[3]);
+
+static ssize_t amd_iommu_debugfs_dte_read(struct file *filp,
+ char __user *ubuf,
+ size_t count, loff_t *offp)
+{
+ struct amd_iommu *iommu = filp->private_data;
+ unsigned int obuflen;
+ unsigned int oboff = 0;
+ unsigned int istart, iend;
+ ssize_t ret;
+ u32 i, n;
+ char *obuf;
+
+ if (!iommu)
+ return 0;
+
+ /* Count the number of valid entries in the device table */
+ istart = 0;
+ iend = MAX_PCI_ID;
+ n = amd_iommu_count_valid_dtes(istart, iend);
+ obuflen = n * 80;
+
+ obuf = kmalloc(OBUFLEN, GFP_KERNEL);
+ if (!obuf)
+ return -ENOMEM;
+
+ for (i = istart ; i <= iend ; i++)
+ if ((amd_iommu_dev_table[i].data[0] ^ 0x3)
+|| amd_iommu_dev_table[i].data[1])
+ oboff += PRINTDTE(i);
+
+ ret = simple_read_from_buffer(ubuf, count, offp, obuf, oboff);
+ kfree(obuf);
+
+ return ret;
+}
+
+static const struct file_operations amd_iommu_debugfs_dte_ops = {
+ .owner = THIS_MODULE,
+ .open = simple_open,
+ .read = amd_iommu_debugfs_dte_read,
+ .write = NULL,
+};
+
static char readmetext[] =
+"devicetable Print active entries in the device table\n"
"count Count of active devices\n"
"verbose Provide additional descriptive text\n"
+"\n"
+"Dumping the Device Table\n"
+"The device table is scanned for entries that appear to be active. The\n"
+"default range is from 0 to 0x, and only active entries will be reported\n"
"\n";
static ssize_t amd_iommu_debugfs_readme_read(struct file *filp,
@@ -134,6 +191,13 @@ void amd_iommu_debugfs_setup(struct amd_iommu *iommu)
if (!d_verbose)
goto err;
+ /* Device Table Entries */
+ d_dte = debugfs_create_file("devicetable", 0400,
+ iommu->debugfs_instance, iommu,
+ &amd_iommu_debugfs_dte_ops);
+ if (!d_dte)
+ goto err;
+
d_dte = debugfs_create_file("count", 0400,
iommu->debugfs_instance, iommu,
&amd_iommu_debugfs_dtecount_ops);
[PATCH v2 2/5] iommu/amd - Add a 'verbose' switch for IOMMU debugfs
Enable more descriptive debugfs output via a 'verbose' variable.
Signed-off-by: Gary R Hook
---
drivers/iommu/amd_iommu_debugfs.c | 14 +-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/drivers/iommu/amd_iommu_debugfs.c
b/drivers/iommu/amd_iommu_debugfs.c
index b0395a47bc32..481f4d86f8f8 100644
--- a/drivers/iommu/amd_iommu_debugfs.c
+++ b/drivers/iommu/amd_iommu_debugfs.c
@@ -27,6 +27,8 @@ static DEFINE_RWLOCK(iommu_debugfs_lock);
#defineMAX_NAME_LEN20
+static unsigned int amd_iommu_verbose = 0;
+
static unsigned int amd_iommu_count_valid_dtes(int start, int end)
{
unsigned int n = 0;
@@ -61,7 +63,10 @@ static ssize_t amd_iommu_debugfs_dtecount_read(struct file
*filp,
return -ENOMEM;
n = amd_iommu_count_valid_dtes(0, 0x);
- oboff += OSCNPRINTF("%d\n", n);
+ if (amd_iommu_verbose)
+ oboff += OSCNPRINTF("# DTEs: %d\n", n);
+ else
+ oboff += OSCNPRINTF("%d\n", n);
ret = simple_read_from_buffer(ubuf, count, offp, obuf, oboff);
kfree(obuf);
@@ -79,6 +84,7 @@ static const struct file_operations
amd_iommu_debugfs_dtecount_ops = {
void amd_iommu_debugfs_setup(struct amd_iommu *iommu)
{
char name[MAX_NAME_LEN + 1];
+ struct dentry *d_verbose;
struct dentry *d_dte;
unsigned long flags;
@@ -97,6 +103,12 @@ void amd_iommu_debugfs_setup(struct amd_iommu *iommu)
if (!iommu->debugfs_instance)
goto err;
+ d_verbose = debugfs_create_u32("verbose", 0600,
+ iommu->debugfs_instance,
+ &amd_iommu_verbose);
+ if (!d_verbose)
+ goto err;
+
d_dte = debugfs_create_file("count", 0400,
iommu->debugfs_instance, iommu,
&amd_iommu_debugfs_dtecount_ops);
[PATCH v2 3/5] iommu/amd - Add a README variable for the IOMMU debugfs
Provide help text via a filesystem entry
Signed-off-by: Gary R Hook
---
drivers/iommu/amd_iommu_debugfs.c | 31 +++
1 file changed, 31 insertions(+)
diff --git a/drivers/iommu/amd_iommu_debugfs.c
b/drivers/iommu/amd_iommu_debugfs.c
index 481f4d86f8f8..79945ce1199d 100644
--- a/drivers/iommu/amd_iommu_debugfs.c
+++ b/drivers/iommu/amd_iommu_debugfs.c
@@ -81,6 +81,31 @@ static const struct file_operations
amd_iommu_debugfs_dtecount_ops = {
.write = NULL,
};
+static char readmetext[] =
+"count Count of active devices\n"
+"verbose Provide additional descriptive text\n"
+"\n";
+
+static ssize_t amd_iommu_debugfs_readme_read(struct file *filp,
+ char __user *ubuf,
+ size_t count, loff_t *offp)
+{
+ ssize_t ret;
+
+ ret = simple_read_from_buffer(ubuf, count, offp,
+ readmetext, strlen(readmetext));
+
+ return ret;
+}
+
+
+static const struct file_operations amd_iommu_debugfs_readme_ops = {
+ .owner = THIS_MODULE,
+ .open = simple_open,
+ .read = amd_iommu_debugfs_readme_read,
+ .write = NULL,
+};
+
void amd_iommu_debugfs_setup(struct amd_iommu *iommu)
{
char name[MAX_NAME_LEN + 1];
@@ -115,6 +140,12 @@ void amd_iommu_debugfs_setup(struct amd_iommu *iommu)
if (!d_dte)
goto err;
+ d_dte = debugfs_create_file("README", 0400,
+ iommu->debugfs_instance, iommu,
+ &amd_iommu_debugfs_readme_ops);
+ if (!d_dte)
+ goto err;
+
return;
err:
[PATCH v2 5/5] iommu/amd - Add a debugfs entry to specify a IOMMU device table entry
Initially (at boot) the device table values dumped are all of the
active devices. Add a devid debugfs file to allow the user to select a
single device table entry to dump (active or not). Let any devid value
greater than the maximum allowable PCI ID (0x) restore the
behavior to that effective at boot.
Signed-off-by: Gary R Hook
---
drivers/iommu/amd_iommu_debugfs.c | 109 ++---
1 file changed, 100 insertions(+), 9 deletions(-)
diff --git a/drivers/iommu/amd_iommu_debugfs.c
b/drivers/iommu/amd_iommu_debugfs.c
index c4e071f7a5b9..aa6935340163 100644
--- a/drivers/iommu/amd_iommu_debugfs.c
+++ b/drivers/iommu/amd_iommu_debugfs.c
@@ -28,6 +28,7 @@ static DEFINE_RWLOCK(iommu_debugfs_lock);
#defineMAX_NAME_LEN20
static unsigned int amd_iommu_verbose = 0;
+static unsigned int amd_iommu_devid = ~0;
static unsigned int amd_iommu_count_valid_dtes(int start, int end)
{
@@ -81,6 +82,76 @@ static const struct file_operations
amd_iommu_debugfs_dtecount_ops = {
.write = NULL,
};
+static ssize_t amd_iommu_debugfs_devid_read(struct file *filp,
+ char __user *ubuf,
+ size_t count, loff_t *offp)
+{
+ struct amd_iommu *iommu = filp->private_data;
+ unsigned int obuflen = 512;
+ unsigned int oboff = 0;
+ ssize_t ret;
+ char *obuf;
+
+ if (!iommu)
+ return 0;
+
+ obuf = kmalloc(OBUFLEN, GFP_KERNEL);
+ if (!obuf)
+ return -ENOMEM;
+
+ if (amd_iommu_verbose)
+ oboff += OSCNPRINTF("%02x:%02x:%x (%u / %04x)\n",
+ PCI_BUS_NUM(amd_iommu_devid),
+ PCI_SLOT(amd_iommu_devid),
+ PCI_FUNC(amd_iommu_devid),
+ amd_iommu_devid, amd_iommu_devid);
+ else
+ oboff += OSCNPRINTF("%u\n", amd_iommu_devid);
+
+ ret = simple_read_from_buffer(ubuf, count, offp, obuf, oboff);
+ kfree(obuf);
+
+ return ret;
+}
+
+static ssize_t amd_iommu_debugfs_devid_write(struct file *filp,
+ const char __user *ubuf,
+ size_t count, loff_t *offp)
+{
+ unsigned int pci_id, pci_slot, pci_func;
+ unsigned int obuflen = 80;
+ ssize_t ret;
+ char *obuf;
+ int n;
+
+ obuf = kmalloc(OBUFLEN, GFP_KERNEL);
+ if (!obuf)
+ return -ENOMEM;
+
+ ret = simple_write_to_buffer(obuf, OBUFLEN, offp, ubuf, count);
+
+ if (strnchr(obuf, OBUFLEN, ':'))
+ {
+ n = sscanf(obuf, "%x:%x.%x", &pci_id, &pci_slot, &pci_func);
+ if (n == 3)
+ amd_iommu_devid = PCI_DEVID(pci_id, PCI_DEVFN(pci_slot,
pci_func));
+ } else if (obuf[0] == '0' && obuf[1] == 'x') {
+ n = sscanf(obuf, "%x", &amd_iommu_devid);
+ } else {
+ n = sscanf(obuf, "%d", &amd_iommu_devid);
+ }
+ kfree(obuf);
+
+ return ret;
+}
+
+static const struct file_operations amd_iommu_debugfs_devid_ops = {
+ .owner = THIS_MODULE,
+ .open = simple_open,
+ .read = amd_iommu_debugfs_devid_read,
+ .write = amd_iommu_debugfs_devid_write,
+};
+
#defineMAX_PCI_ID 0x
#definePRINTDTE(i) OSCNPRINTF("%02x:%02x:%x - %016llx %016llx
%016llx %016llx\n", \
@@ -106,19 +177,28 @@ static ssize_t amd_iommu_debugfs_dte_read(struct file
*filp,
return 0;
/* Count the number of valid entries in the device table */
- istart = 0;
- iend = MAX_PCI_ID;
- n = amd_iommu_count_valid_dtes(istart, iend);
+ if (amd_iommu_devid > MAX_PCI_ID) {
+ istart = 0;
+ iend = MAX_PCI_ID;
+ n = amd_iommu_count_valid_dtes(istart, iend);
+ } else {
+ n = 1;
+ }
obuflen = n * 80;
obuf = kmalloc(OBUFLEN, GFP_KERNEL);
if (!obuf)
return -ENOMEM;
- for (i = istart ; i <= iend ; i++)
- if ((amd_iommu_dev_table[i].data[0] ^ 0x3)
-|| amd_iommu_dev_table[i].data[1])
- oboff += PRINTDTE(i);
+ if (amd_iommu_devid > MAX_PCI_ID) {
+ for (i = istart ; i <= iend ; i++)
+ if ((amd_iommu_dev_table[i].data[0] ^ 0x3)
+|| amd_iommu_dev_table[i].data[1])
+ oboff += PRINTDTE(i);
+ } else {
+ i = amd_iommu_devid;
+ oboff += PRINTDTE(i);
+ }
ret = simple_read_from_buffer(ubuf, count, offp, obuf, oboff);
kfree(obuf);
@@ -135,12 +215,17 @@ static const struct file
Re: [PATCH v2 1/5] iommu/amd - Add debugfs support
On 03/13/2018 12:16 PM, Andy Shevchenko wrote:
On Fri, Mar 9, 2018 at 2:50 AM, Gary R Hook wrote:
+ default n
Redundant
Roger that.
+#include
+#include
+#include
Keep in order?
What order would that be? These few needed files are listed in the same
order as which they appear in amd_iommu.c. I'm gonna need a preference
spelled out, please (and a rationale, so I may better understand).
+#include "amd_iommu_proto.h"
+#include "amd_iommu_types.h"
+/* DebugFS helpers */
+#defineOBUFP (obuf + oboff)
+#defineOBUFLEN obuflen
+#defineOBUFSPC (OBUFLEN - oboff)
+#defineOSCNPRINTF(fmt, ...) \
+ scnprintf(OBUFP, OBUFSPC, fmt, ## __VA_ARGS__)
I don't see any advantages of this. Other way around, they will simple
makes things hard to read an understand in place.
I used this technique in the CCP driver code (where it was accepted), in
an effort to do the opposite of what you claim: make the code more
readable. Given the 80 column limit, a large number of arguments, and
very long statements, IMO something needs to give. I don't find the use
of #defines to be obfuscating.
I'm not trying to argue, but rather simply state the perspective /
reasoning I used to create a source file I feel is manageable. I have 17
more iommu patches built upon this strategy, and this seems to be
advantageous for all of them.
+ for (i = start ; i <= end ; i++)
Missed {}
Wasn't sure about the M.O. given that the body of this loop is a single
if statement. And I don't see anywhere in
https://www.kernel.org/doc/html/latest/process/coding-style.html
in section 3.1 where curly braces are called for in this situation. May
I ask for clarification on the style rule, please?
+ if ((amd_iommu_dev_table[i].data[0] ^ 0x3)
+ || amd_iommu_dev_table[i].data[1])
+ n++;
+ return n;
+}
+
+static ssize_t amd_iommu_debugfs_dtecount_read(struct file *filp,
+ char __user *ubuf,
+ size_t count, loff_t *offp)
+{
+ struct amd_iommu *iommu = filp->private_data;
+ unsigned int obuflen = 512;
Sounds like way too much.
I can tune these up.
+ if (!iommu)
+ return 0;
When this possible?
It was intended as a sanity check, but if this happens, much worse has
already gone wrong. I'll remove.
+ obuf = kmalloc(OBUFLEN, GFP_KERNEL);
+ if (!obuf)
+ return -ENOMEM;
+
+ n = amd_iommu_count_valid_dtes(0, 0x);
+ oboff += OSCNPRINTF("%d\n", n);
+ return ret;
+}
@@ -89,6 +89,7 @@
#define ACPI_DEVFLAG_ATSDIS 0x1000
#define LOOP_TIMEOUT 10
+
/*
* ACPI table definitions
*
Doesn't belong to the patch.
I'm sorry, I don't understand. The added blank line doesn't belong to
the patch?
+#endif
+
+
Extra unneeded line.
Thanks,
Re: [PATCH v2 5/5] iommu/amd - Add a debugfs entry to specify a IOMMU device table entry
On 03/13/2018 12:20 PM, Andy Shevchenko wrote:
+ oboff += OSCNPRINTF("%02x:%02x:%x (%u / %04x)\n",
+ PCI_BUS_NUM(amd_iommu_devid),
+ PCI_SLOT(amd_iommu_devid),
+ PCI_FUNC(amd_iommu_devid),
Perhaps at some point we will have an extension to %p to print PCI BDFs.
But until then ;-)
+ if (strnchr(obuf, OBUFLEN, ':'))
+ {
Style
D'oh!
+ } else if (obuf[0] == '0' && obuf[1] == 'x') {
+ n = sscanf(obuf, "%x", &amd_iommu_devid);
+ } else {
+ n = sscanf(obuf, "%d", &amd_iommu_devid);
+ }
kstrtoint() ?
I see various mechanisms for this sort of thing, and simply chose one.
Am happy to use whatever is preferred.
Re: [PATCH v2 5/5] iommu/amd - Add a debugfs entry to specify a IOMMU device table entry
On 03/13/2018 03:56 PM, Andy Shevchenko wrote:
On Tue, Mar 13, 2018 at 8:54 PM, Gary R Hook wrote:
On 03/13/2018 12:20 PM, Andy Shevchenko wrote:
+ } else if (obuf[0] == '0' && obuf[1] == 'x') {
+ n = sscanf(obuf, "%x", &amd_iommu_devid);
+ } else {
+ n = sscanf(obuf, "%d", &amd_iommu_devid);
+ }
kstrtoint() ?
I see various mechanisms for this sort of thing, and simply chose one.
Am happy to use whatever is preferred.
sscanf() has an enormous overhead for cases like this.
simple
ret = kstrtoint();
if (ret)
... do error handling ...
Gotcha. Fixed.
Thanks,
Gary
Re: [PATCH v2 1/5] iommu/amd - Add debugfs support
On 03/13/2018 03:23 PM, Andy Shevchenko wrote:
On Tue, Mar 13, 2018 at 8:54 PM, Gary R Hook wrote:
On 03/13/2018 12:16 PM, Andy Shevchenko wrote:
On Fri, Mar 9, 2018 at 2:50 AM, Gary R Hook wrote:
+#include
+#include
+#include
Keep in order?
What order would that be? These few needed files are listed in the same
order as which they appear in amd_iommu.c. I'm gonna need a preference
spelled out, please (and a rationale, so I may better understand).
To increase readability and avoid potential header duplication (here
is can bus protocol implementation where the problem exists for real,
even in new code!)
With all due respect, I don't find that you clearly answered my
question. I will hazard a guess that you mean to -alphabetize- them?
Which I am happy to do, and will do so in the next version.
If that is not your meaning, I'll have to ask you to use small words,
and not presume any understanding on my (or anyone's) part about
preferences that are not documented in the style guide. I don't mean to
be thick, but I have to ask for clarity.
Given that this is a preference, and that there are reasons for -not-
doing so, I would also like to hear other comments on this suggestionn.
+ for (i = start ; i <= end ; i++)
Missed {}
Wasn't sure about the M.O. given that the body of this loop is a single if
statement. And I don't see anywhere in
https://www.kernel.org/doc/html/latest/process/coding-style.html
in section 3.1 where curly braces are called for in this situation. May I
ask for clarification on the style rule, please?
You can do nothing, though I'm guided by the end of section 3.0
(though it tells only about 'if' case).
Fixed this.
@@ -89,6 +89,7 @@
#define ACPI_DEVFLAG_ATSDIS 0x1000
#define LOOP_TIMEOUT 10
+
/*
* ACPI table definitions
*
Doesn't belong to the patch.
I'm sorry, I don't understand. The added blank line doesn't belong to the
patch?
Correct.
Fixed this.
Thanks,
Gary
Re: [PATCH v7 2/2] iommu/amd: Add basic debugfs infrastructure for AMD IOMMU
On 05/18/2018 04:02 PM, Gary R Hook wrote: On 05/18/2018 11:49 AM, Randy Dunlap wrote: I think the Kconfig option would have been the correct choice. "Preferred", perhaps. Neither is incorrect. And really, the Makefile/Kconfig choice is somewhat separate from the organization issue. So I've made the changes for this. Now I'm waiting on Joerg to make a decision on the code/file organization. I still prefer a separate file for the debug fs code. Joerg: *poke* Any thoughts on this?
[PATCH v6 0/2] Base enablement of IOMMU debugfs support
These patches create a top-level function, called at IOMMU initialization, to create a debugfs directory for the IOMMU. Under this directory drivers may create and populate-specific directories for their device internals. Patch 1: general IOMMU enablement Patch 2: basic AMD enablement to demonstrate linkage with patch 1 Introduce a new Kconfig parameter IOMMU_DEBUGFS to globally allow/disallow debugfs code to be built. The Makefile structure is intended to allow the use of a single switch for turning on DebugFS. Changes since v5: - Added parameters names in declarations/definitions - Reformatted an inline definition Changes since v4: - Guard vendor-specific debugfs files in the Makefile - Call top-level routine from iommu_init() - Add function for instantiating a driver-specific directory - Change AMD driver code to use this new format Changes since v3: - Remove superfluous calls to debugfs_initialized() - Emit a warning exactly one time - Change the Kconfig name to IOMMU_DEBUGFS - Change the way debugfs modules are made Changes since v2: - Move a declaration to outside an ifdef - Remove a spurious blank line Changes since v1: - Remove debug cruft - Remove cruft produced by design change - Change the lock to a mutex - Coding style fixes - Add a comment to document the framework --- Gary R Hook (2): iommu - Enable debugfs exposure of IOMMU driver internals iommu/amd: Add basic debugfs infrastructure for AMD IOMMU drivers/iommu/Kconfig | 11 ++ drivers/iommu/Makefile|6 +++ drivers/iommu/amd_iommu_debugfs.c | 39 + drivers/iommu/amd_iommu_init.c|6 ++- drivers/iommu/amd_iommu_proto.h |6 +++ drivers/iommu/amd_iommu_types.h |3 ++ drivers/iommu/iommu-debugfs.c | 70 + drivers/iommu/iommu.c |2 + include/linux/iommu.h | 10 + 9 files changed, 151 insertions(+), 2 deletions(-) create mode 100644 drivers/iommu/amd_iommu_debugfs.c create mode 100644 drivers/iommu/iommu-debugfs.c -- Signature
[PATCH v6 2/2] iommu/amd: Add basic debugfs infrastructure for AMD IOMMU
Implement a skeleton framework for debugfs support in the
AMD IOMMU.
Signed-off-by: Gary R Hook
---
drivers/iommu/Makefile|5 +
drivers/iommu/amd_iommu_debugfs.c | 39 +
drivers/iommu/amd_iommu_init.c|6 --
drivers/iommu/amd_iommu_proto.h |6 ++
drivers/iommu/amd_iommu_types.h |3 +++
5 files changed, 57 insertions(+), 2 deletions(-)
create mode 100644 drivers/iommu/amd_iommu_debugfs.c
diff --git a/drivers/iommu/Makefile b/drivers/iommu/Makefile
index 74cfbc392862..dd980f7dd8b6 100644
--- a/drivers/iommu/Makefile
+++ b/drivers/iommu/Makefile
@@ -30,3 +30,8 @@ obj-$(CONFIG_EXYNOS_IOMMU) += exynos-iommu.o
obj-$(CONFIG_FSL_PAMU) += fsl_pamu.o fsl_pamu_domain.o
obj-$(CONFIG_S390_IOMMU) += s390-iommu.o
obj-$(CONFIG_QCOM_IOMMU) += qcom_iommu.o
+
+# This ensures that only the required files are compiled
+ifeq ($(CONFIG_IOMMU_DEBUGFS), y)
+obj-$(CONFIG_AMD_IOMMU) += amd_iommu_debugfs.o
+endif
diff --git a/drivers/iommu/amd_iommu_debugfs.c
b/drivers/iommu/amd_iommu_debugfs.c
new file mode 100644
index ..6dff98552969
--- /dev/null
+++ b/drivers/iommu/amd_iommu_debugfs.c
@@ -0,0 +1,39 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * AMD IOMMU driver
+ *
+ * Copyright (C) 2018 Advanced Micro Devices, Inc.
+ *
+ * Author: Gary R Hook
+ */
+
+#include
+#include
+#include
+#include "amd_iommu_proto.h"
+#include "amd_iommu_types.h"
+
+static struct dentry *amd_iommu_debugfs;
+static DEFINE_MUTEX(amd_iommu_debugfs_lock);
+
+#defineMAX_NAME_LEN20
+
+void amd_iommu_debugfs_setup(struct amd_iommu *iommu)
+{
+ char name[MAX_NAME_LEN + 1];
+
+ mutex_lock(&amd_iommu_debugfs_lock);
+ if (!amd_iommu_debugfs)
+ amd_iommu_debugfs = iommu_debugfs_new_driver_dir("amd");
+ mutex_unlock(&amd_iommu_debugfs_lock);
+
+ if (amd_iommu_debugfs) {
+ snprintf(name, MAX_NAME_LEN, "iommu%02d", iommu->index);
+ iommu->debugfs = debugfs_create_dir(name,
+ amd_iommu_debugfs);
+ if (!iommu->debugfs) {
+ debugfs_remove_recursive(amd_iommu_debugfs);
+ amd_iommu_debugfs = NULL;
+ }
+ }
+}
diff --git a/drivers/iommu/amd_iommu_init.c b/drivers/iommu/amd_iommu_init.c
index 904c575d1677..031e6dbb8345 100644
--- a/drivers/iommu/amd_iommu_init.c
+++ b/drivers/iommu/amd_iommu_init.c
@@ -2721,6 +2721,7 @@ int __init amd_iommu_enable_faulting(void)
*/
static int __init amd_iommu_init(void)
{
+ struct amd_iommu *iommu;
int ret;
ret = iommu_go_to_state(IOMMU_INITIALIZED);
@@ -2730,14 +2731,15 @@ static int __init amd_iommu_init(void)
disable_iommus();
free_iommu_resources();
} else {
- struct amd_iommu *iommu;
-
uninit_device_table_dma();
for_each_iommu(iommu)
iommu_flush_all_caches(iommu);
}
}
+ for_each_iommu(iommu)
+ amd_iommu_debugfs_setup(iommu);
+
return ret;
}
diff --git a/drivers/iommu/amd_iommu_proto.h b/drivers/iommu/amd_iommu_proto.h
index 640c286a0ab9..39053f11dda3 100644
--- a/drivers/iommu/amd_iommu_proto.h
+++ b/drivers/iommu/amd_iommu_proto.h
@@ -33,6 +33,12 @@ extern void amd_iommu_uninit_devices(void);
extern void amd_iommu_init_notifier(void);
extern int amd_iommu_init_api(void);
+#ifdef CONFIG_IOMMU_DEBUGFS
+void amd_iommu_debugfs_setup(struct amd_iommu *iommu);
+#else
+static inline void amd_iommu_debugfs_setup(struct amd_iommu *iommu) {}
+#endif
+
/* Needed for interrupt remapping */
extern int amd_iommu_prepare(void);
extern int amd_iommu_enable(void);
diff --git a/drivers/iommu/amd_iommu_types.h b/drivers/iommu/amd_iommu_types.h
index 1c9b080276c9..2ca0959ae9e6 100644
--- a/drivers/iommu/amd_iommu_types.h
+++ b/drivers/iommu/amd_iommu_types.h
@@ -593,6 +593,9 @@ struct amd_iommu {
u32 flags;
volatile u64 __aligned(8) cmd_sem;
+
+ /* DebugFS Info */
+ struct dentry *debugfs;
};
static inline struct amd_iommu *dev_to_amd_iommu(struct device *dev)
[PATCH v6 1/2] iommu - Enable debugfs exposure of IOMMU driver internals
Provide base enablement for using debugfs to expose internal data of an
IOMMU driver. When called, create the /sys/kernel/debug/iommu directory.
Emit a strong warning at boot time to indicate that this feature is
enabled.
This function is called from iommu_init, and creates the initial DebugFS
directory. Drivers may then call iommu_debugfs_new_driver_dir() to
instantiate a device-specific directory to expose internal data.
It will return a pointer to the new dentry structure created in
/sys/kernel/debug/iommu, or NULL in the event of a failure.
Since the IOMMU driver can not be removed from the running system, there
is no need for an "off" function.
Signed-off-by: Gary R Hook
---
drivers/iommu/Kconfig | 11 ++
drivers/iommu/Makefile|1 +
drivers/iommu/iommu-debugfs.c | 70 +
drivers/iommu/iommu.c |2 +
include/linux/iommu.h | 10 ++
5 files changed, 94 insertions(+)
create mode 100644 drivers/iommu/iommu-debugfs.c
diff --git a/drivers/iommu/Kconfig b/drivers/iommu/Kconfig
index f3a21343e636..ff511fa8ca7d 100644
--- a/drivers/iommu/Kconfig
+++ b/drivers/iommu/Kconfig
@@ -60,6 +60,17 @@ config IOMMU_IO_PGTABLE_ARMV7S_SELFTEST
endmenu
+config IOMMU_DEBUGFS
+ bool "Export IOMMU internals in DebugFS"
+ depends on DEBUG_FS
+ default n
+ help
+ Allows exposure of IOMMU device internals. This option enables
+ the use of debugfs by IOMMU drivers as required. Devices can,
+ at initialization time, cause the IOMMU code to create a top-level
+ debug/iommu directory, and then populate a subdirectory with
+ entries as required.
+
config IOMMU_IOVA
tristate
diff --git a/drivers/iommu/Makefile b/drivers/iommu/Makefile
index 1fb695854809..74cfbc392862 100644
--- a/drivers/iommu/Makefile
+++ b/drivers/iommu/Makefile
@@ -2,6 +2,7 @@
obj-$(CONFIG_IOMMU_API) += iommu.o
obj-$(CONFIG_IOMMU_API) += iommu-traces.o
obj-$(CONFIG_IOMMU_API) += iommu-sysfs.o
+obj-$(CONFIG_IOMMU_DEBUGFS) += iommu-debugfs.o
obj-$(CONFIG_IOMMU_DMA) += dma-iommu.o
obj-$(CONFIG_IOMMU_IO_PGTABLE) += io-pgtable.o
obj-$(CONFIG_IOMMU_IO_PGTABLE_ARMV7S) += io-pgtable-arm-v7s.o
diff --git a/drivers/iommu/iommu-debugfs.c b/drivers/iommu/iommu-debugfs.c
new file mode 100644
index ..9df3b44aef55
--- /dev/null
+++ b/drivers/iommu/iommu-debugfs.c
@@ -0,0 +1,70 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * IOMMU driver
+ *
+ * Copyright (C) 2018 Advanced Micro Devices, Inc.
+ *
+ * Author: Gary R Hook
+ */
+
+#include
+#include
+#include
+
+static struct dentry *iommu_debugfs_dir;
+
+/**
+ * iommu_debugfs_setup - create the top-level iommu directory in debugfs
+ *
+ * Provide base enablement for using debugfs to expose internal data of an
+ * IOMMU driver. When called, this function creates the
+ * /sys/kernel/debug/iommu directory.
+ *
+ * Emit a strong warning at boot time to indicate that this feature is
+ * enabled.
+ *
+ * This function is called from iommu_init; drivers may then call
+ * iommu_debugfs_new_driver_dir() to instantiate a vendor-specific
+ * directory to be used to expose internal data.
+ */
+void iommu_debugfs_setup(void)
+{
+ if (!iommu_debugfs_dir) {
+ iommu_debugfs_dir = debugfs_create_dir("iommu", NULL);
+ if (iommu_debugfs_dir) {
+ pr_warn("\n");
+
pr_warn("*\n");
+ pr_warn("** NOTICE NOTICE NOTICE NOTICE NOTICE
NOTICE NOTICE**\n");
+ pr_warn("**
**\n");
+ pr_warn("** IOMMU DebugFS SUPPORT HAS BEEN ENABLED IN
THIS KERNEL **\n");
+ pr_warn("**
**\n");
+ pr_warn("** This means that this kernel is built to
expose internal **\n");
+ pr_warn("** IOMMU data structures, which may compromise
security on **\n");
+ pr_warn("** your system.
**\n");
+ pr_warn("**
**\n");
+ pr_warn("** If you see this message and you are not
debugging the **\n");
+ pr_warn("** kernel, report this immediately to your
vendor! **\n");
+ pr_warn("**
**\n");
+ pr_warn("** NOTICE NOTICE NOTICE NOTICE NOTICE
NOTICE NOTICE**\n");
+
pr_warn("**
Re: [PATCH v6 1/2] iommu - Enable debugfs exposure of IOMMU driver internals
On 05/11/2018 10:22 AM, Robin Murphy wrote:
Hi Gary,
Just a few trivial nitpicks below, otherwise:
Reviewed-by: Robin Murphy
On 11/05/18 15:34, Gary R Hook wrote:
Provide base enablement for using debugfs to expose internal data of an
IOMMU driver. When called, create the /sys/kernel/debug/iommu directory.
Emit a strong warning at boot time to indicate that this feature is
enabled.
This function is called from iommu_init, and creates the initial DebugFS
directory. Drivers may then call iommu_debugfs_new_driver_dir() to
instantiate a device-specific directory to expose internal data.
It will return a pointer to the new dentry structure created in
/sys/kernel/debug/iommu, or NULL in the event of a failure.
Since the IOMMU driver can not be removed from the running system, there
is no need for an "off" function.
Signed-off-by: Gary R Hook
---
drivers/iommu/Kconfig | 11 ++
drivers/iommu/Makefile | 1 +
drivers/iommu/iommu-debugfs.c | 70
+
drivers/iommu/iommu.c | 2 +
include/linux/iommu.h | 10 ++
5 files changed, 94 insertions(+)
create mode 100644 drivers/iommu/iommu-debugfs.c
diff --git a/drivers/iommu/Kconfig b/drivers/iommu/Kconfig
index f3a21343e636..ff511fa8ca7d 100644
--- a/drivers/iommu/Kconfig
+++ b/drivers/iommu/Kconfig
@@ -60,6 +60,17 @@ config IOMMU_IO_PGTABLE_ARMV7S_SELFTEST
endmenu
+config IOMMU_DEBUGFS
+ bool "Export IOMMU internals in DebugFS"
+ depends on DEBUG_FS
+ default n
bool implicitly defaults to n anyway, so you don't really need to say it.
Roger.
+ help
+ Allows exposure of IOMMU device internals. This option enables
+ the use of debugfs by IOMMU drivers as required. Devices can,
+ at initialization time, cause the IOMMU code to create a top-level
+ debug/iommu directory, and then populate a subdirectory with
+ entries as required.
+
config IOMMU_IOVA
tristate
diff --git a/drivers/iommu/Makefile b/drivers/iommu/Makefile
index 1fb695854809..74cfbc392862 100644
--- a/drivers/iommu/Makefile
+++ b/drivers/iommu/Makefile
@@ -2,6 +2,7 @@
obj-$(CONFIG_IOMMU_API) += iommu.o
obj-$(CONFIG_IOMMU_API) += iommu-traces.o
obj-$(CONFIG_IOMMU_API) += iommu-sysfs.o
+obj-$(CONFIG_IOMMU_DEBUGFS) += iommu-debugfs.o
obj-$(CONFIG_IOMMU_DMA) += dma-iommu.o
obj-$(CONFIG_IOMMU_IO_PGTABLE) += io-pgtable.o
obj-$(CONFIG_IOMMU_IO_PGTABLE_ARMV7S) += io-pgtable-arm-v7s.o
diff --git a/drivers/iommu/iommu-debugfs.c
b/drivers/iommu/iommu-debugfs.c
new file mode 100644
index ..9df3b44aef55
--- /dev/null
+++ b/drivers/iommu/iommu-debugfs.c
@@ -0,0 +1,70 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * IOMMU driver
"driver"? ;) I'd have thought something like "IOMMU debugfs core
infrastructure", but arguably it's self-evident enough that it doesn't
necessarily need describing at all.
Changed to your suggestion
+ *
+ * Copyright (C) 2018 Advanced Micro Devices, Inc.
+ *
+ * Author: Gary R Hook
+ */
+
+#include
+#include
+#include
+
+static struct dentry *iommu_debugfs_dir;
+
+/**
+ * iommu_debugfs_setup - create the top-level iommu directory in debugfs
+ *
+ * Provide base enablement for using debugfs to expose internal data
of an
+ * IOMMU driver. When called, this function creates the
+ * /sys/kernel/debug/iommu directory.
+ *
+ * Emit a strong warning at boot time to indicate that this feature is
+ * enabled.
+ *
+ * This function is called from iommu_init; drivers may then call
+ * iommu_debugfs_new_driver_dir() to instantiate a vendor-specific
+ * directory to be used to expose internal data.
+ */
+void iommu_debugfs_setup(void)
+{
+ if (!iommu_debugfs_dir) {
+ iommu_debugfs_dir = debugfs_create_dir("iommu", NULL);
+ if (iommu_debugfs_dir) {
+ pr_warn("\n");
+
pr_warn("*\n");
+ pr_warn("** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE
NOTICE **\n");
+
pr_warn("**
**\n");
+ pr_warn("** IOMMU DebugFS SUPPORT HAS BEEN ENABLED IN
THIS KERNEL **\n");
+
pr_warn("**
**\n");
+ pr_warn("** This means that this kernel is built to
expose internal **\n");
+ pr_warn("** IOMMU data structures, which may compromise
security on **\n");
+ pr_warn("** your
system. **\n");
+
pr_warn("**
**\n");
+ pr_warn("** If you see this message and you are not
debugging the **\n");
+ pr_warn("** kernel, report this immedia
[PATCH v7 2/2] iommu/amd: Add basic debugfs infrastructure for AMD IOMMU
Implement a skeleton framework for debugfs support in the
AMD IOMMU.
Signed-off-by: Gary R Hook
---
drivers/iommu/Makefile|5 +
drivers/iommu/amd_iommu_debugfs.c | 39 +
drivers/iommu/amd_iommu_init.c|6 --
drivers/iommu/amd_iommu_proto.h |6 ++
drivers/iommu/amd_iommu_types.h |3 +++
5 files changed, 57 insertions(+), 2 deletions(-)
create mode 100644 drivers/iommu/amd_iommu_debugfs.c
diff --git a/drivers/iommu/Makefile b/drivers/iommu/Makefile
index 74cfbc392862..dd980f7dd8b6 100644
--- a/drivers/iommu/Makefile
+++ b/drivers/iommu/Makefile
@@ -30,3 +30,8 @@ obj-$(CONFIG_EXYNOS_IOMMU) += exynos-iommu.o
obj-$(CONFIG_FSL_PAMU) += fsl_pamu.o fsl_pamu_domain.o
obj-$(CONFIG_S390_IOMMU) += s390-iommu.o
obj-$(CONFIG_QCOM_IOMMU) += qcom_iommu.o
+
+# This ensures that only the required files are compiled
+ifeq ($(CONFIG_IOMMU_DEBUGFS), y)
+obj-$(CONFIG_AMD_IOMMU) += amd_iommu_debugfs.o
+endif
diff --git a/drivers/iommu/amd_iommu_debugfs.c
b/drivers/iommu/amd_iommu_debugfs.c
new file mode 100644
index ..6dff98552969
--- /dev/null
+++ b/drivers/iommu/amd_iommu_debugfs.c
@@ -0,0 +1,39 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * AMD IOMMU driver
+ *
+ * Copyright (C) 2018 Advanced Micro Devices, Inc.
+ *
+ * Author: Gary R Hook
+ */
+
+#include
+#include
+#include
+#include "amd_iommu_proto.h"
+#include "amd_iommu_types.h"
+
+static struct dentry *amd_iommu_debugfs;
+static DEFINE_MUTEX(amd_iommu_debugfs_lock);
+
+#defineMAX_NAME_LEN20
+
+void amd_iommu_debugfs_setup(struct amd_iommu *iommu)
+{
+ char name[MAX_NAME_LEN + 1];
+
+ mutex_lock(&amd_iommu_debugfs_lock);
+ if (!amd_iommu_debugfs)
+ amd_iommu_debugfs = iommu_debugfs_new_driver_dir("amd");
+ mutex_unlock(&amd_iommu_debugfs_lock);
+
+ if (amd_iommu_debugfs) {
+ snprintf(name, MAX_NAME_LEN, "iommu%02d", iommu->index);
+ iommu->debugfs = debugfs_create_dir(name,
+ amd_iommu_debugfs);
+ if (!iommu->debugfs) {
+ debugfs_remove_recursive(amd_iommu_debugfs);
+ amd_iommu_debugfs = NULL;
+ }
+ }
+}
diff --git a/drivers/iommu/amd_iommu_init.c b/drivers/iommu/amd_iommu_init.c
index 904c575d1677..031e6dbb8345 100644
--- a/drivers/iommu/amd_iommu_init.c
+++ b/drivers/iommu/amd_iommu_init.c
@@ -2721,6 +2721,7 @@ int __init amd_iommu_enable_faulting(void)
*/
static int __init amd_iommu_init(void)
{
+ struct amd_iommu *iommu;
int ret;
ret = iommu_go_to_state(IOMMU_INITIALIZED);
@@ -2730,14 +2731,15 @@ static int __init amd_iommu_init(void)
disable_iommus();
free_iommu_resources();
} else {
- struct amd_iommu *iommu;
-
uninit_device_table_dma();
for_each_iommu(iommu)
iommu_flush_all_caches(iommu);
}
}
+ for_each_iommu(iommu)
+ amd_iommu_debugfs_setup(iommu);
+
return ret;
}
diff --git a/drivers/iommu/amd_iommu_proto.h b/drivers/iommu/amd_iommu_proto.h
index 640c286a0ab9..39053f11dda3 100644
--- a/drivers/iommu/amd_iommu_proto.h
+++ b/drivers/iommu/amd_iommu_proto.h
@@ -33,6 +33,12 @@ extern void amd_iommu_uninit_devices(void);
extern void amd_iommu_init_notifier(void);
extern int amd_iommu_init_api(void);
+#ifdef CONFIG_IOMMU_DEBUGFS
+void amd_iommu_debugfs_setup(struct amd_iommu *iommu);
+#else
+static inline void amd_iommu_debugfs_setup(struct amd_iommu *iommu) {}
+#endif
+
/* Needed for interrupt remapping */
extern int amd_iommu_prepare(void);
extern int amd_iommu_enable(void);
diff --git a/drivers/iommu/amd_iommu_types.h b/drivers/iommu/amd_iommu_types.h
index 1c9b080276c9..2ca0959ae9e6 100644
--- a/drivers/iommu/amd_iommu_types.h
+++ b/drivers/iommu/amd_iommu_types.h
@@ -593,6 +593,9 @@ struct amd_iommu {
u32 flags;
volatile u64 __aligned(8) cmd_sem;
+
+ /* DebugFS Info */
+ struct dentry *debugfs;
};
static inline struct amd_iommu *dev_to_amd_iommu(struct device *dev)
[PATCH v7 0/2] Base enablement of IOMMU debugfs support
These patches create a top-level function, called at IOMMU initialization, to create a debugfs directory for the IOMMU. Under this directory drivers may create and populate-specific directories for their device internals. Patch 1: general IOMMU enablement Patch 2: basic AMD enablement to demonstrate linkage with patch 1 Introduce a new Kconfig parameter IOMMU_DEBUGFS to globally allow/disallow debugfs code to be built. The Makefile structure is intended to allow the use of a single switch for turning on DebugFS. Changes since v6: - Rely on default Kconfig value for a bool - comment/doc fixes - use const where appropriate - fix inline declaration Changes since v5: - Added parameters names in declarations/definitions - Reformatted an inline definition Changes since v4: - Guard vendor-specific debugfs files in the Makefile - Call top-level routine from iommu_init() - Add function for instantiating a driver-specific directory - Change AMD driver code to use this new format Changes since v3: - Remove superfluous calls to debugfs_initialized() - Emit a warning exactly one time - Change the Kconfig name to IOMMU_DEBUGFS - Change the way debugfs modules are made Changes since v2: - Move a declaration to outside an ifdef - Remove a spurious blank line Changes since v1: - Remove debug cruft - Remove cruft produced by design change - Change the lock to a mutex - Coding style fixes - Add a comment to document the framework --- Gary R Hook (2): iommu - Enable debugfs exposure of IOMMU driver internals iommu/amd: Add basic debugfs infrastructure for AMD IOMMU drivers/iommu/Kconfig | 10 + drivers/iommu/Makefile|6 +++ drivers/iommu/amd_iommu_debugfs.c | 39 drivers/iommu/amd_iommu_init.c|6 ++- drivers/iommu/amd_iommu_proto.h |6 +++ drivers/iommu/amd_iommu_types.h |3 ++ drivers/iommu/iommu-debugfs.c | 72 + drivers/iommu/iommu.c |2 + include/linux/iommu.h | 11 ++ 9 files changed, 153 insertions(+), 2 deletions(-) create mode 100644 drivers/iommu/amd_iommu_debugfs.c create mode 100644 drivers/iommu/iommu-debugfs.c --
[PATCH v7 1/2] iommu - Enable debugfs exposure of IOMMU driver internals
Provide base enablement for using debugfs to expose internal data of an
IOMMU driver. When called, create the /sys/kernel/debug/iommu directory.
Emit a strong warning at boot time to indicate that this feature is
enabled.
This function is called from iommu_init, and creates the initial DebugFS
directory. Drivers may then call iommu_debugfs_new_driver_dir() to
instantiate a device-specific directory to expose internal data.
It will return a pointer to the new dentry structure created in
/sys/kernel/debug/iommu, or NULL in the event of a failure.
Since the IOMMU driver can not be removed from the running system, there
is no need for an "off" function.
Signed-off-by: Gary R Hook
---
drivers/iommu/Kconfig | 10 ++
drivers/iommu/Makefile|1 +
drivers/iommu/iommu-debugfs.c | 72 +
drivers/iommu/iommu.c |2 +
include/linux/iommu.h | 11 ++
5 files changed, 96 insertions(+)
create mode 100644 drivers/iommu/iommu-debugfs.c
diff --git a/drivers/iommu/Kconfig b/drivers/iommu/Kconfig
index f3a21343e636..2eab6a849a0a 100644
--- a/drivers/iommu/Kconfig
+++ b/drivers/iommu/Kconfig
@@ -60,6 +60,16 @@ config IOMMU_IO_PGTABLE_ARMV7S_SELFTEST
endmenu
+config IOMMU_DEBUGFS
+ bool "Export IOMMU internals in DebugFS"
+ depends on DEBUG_FS
+ help
+ Allows exposure of IOMMU device internals. This option enables
+ the use of debugfs by IOMMU drivers as required. Devices can,
+ at initialization time, cause the IOMMU code to create a top-level
+ debug/iommu directory, and then populate a subdirectory with
+ entries as required.
+
config IOMMU_IOVA
tristate
diff --git a/drivers/iommu/Makefile b/drivers/iommu/Makefile
index 1fb695854809..74cfbc392862 100644
--- a/drivers/iommu/Makefile
+++ b/drivers/iommu/Makefile
@@ -2,6 +2,7 @@
obj-$(CONFIG_IOMMU_API) += iommu.o
obj-$(CONFIG_IOMMU_API) += iommu-traces.o
obj-$(CONFIG_IOMMU_API) += iommu-sysfs.o
+obj-$(CONFIG_IOMMU_DEBUGFS) += iommu-debugfs.o
obj-$(CONFIG_IOMMU_DMA) += dma-iommu.o
obj-$(CONFIG_IOMMU_IO_PGTABLE) += io-pgtable.o
obj-$(CONFIG_IOMMU_IO_PGTABLE_ARMV7S) += io-pgtable-arm-v7s.o
diff --git a/drivers/iommu/iommu-debugfs.c b/drivers/iommu/iommu-debugfs.c
new file mode 100644
index ..bb1bf2d0ac51
--- /dev/null
+++ b/drivers/iommu/iommu-debugfs.c
@@ -0,0 +1,72 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * IOMMU debugfs core infrastructure
+ *
+ * Copyright (C) 2018 Advanced Micro Devices, Inc.
+ *
+ * Author: Gary R Hook
+ */
+
+#include
+#include
+#include
+
+static struct dentry *iommu_debugfs_dir;
+
+/**
+ * iommu_debugfs_setup - create the top-level iommu directory in debugfs
+ *
+ * Provide base enablement for using debugfs to expose internal data of an
+ * IOMMU driver. When called, this function creates the
+ * /sys/kernel/debug/iommu directory.
+ *
+ * Emit a strong warning at boot time to indicate that this feature is
+ * enabled.
+ *
+ * This function is called from iommu_init; drivers may then call
+ * iommu_debugfs_new_driver_dir() to instantiate a vendor-specific
+ * directory to be used to expose internal data.
+ */
+void iommu_debugfs_setup(void)
+{
+ if (!iommu_debugfs_dir) {
+ iommu_debugfs_dir = debugfs_create_dir("iommu", NULL);
+ if (iommu_debugfs_dir) {
+ pr_warn("\n");
+
pr_warn("*\n");
+ pr_warn("** NOTICE NOTICE NOTICE NOTICE NOTICE
NOTICE NOTICE**\n");
+ pr_warn("**
**\n");
+ pr_warn("** IOMMU DebugFS SUPPORT HAS BEEN ENABLED IN
THIS KERNEL **\n");
+ pr_warn("**
**\n");
+ pr_warn("** This means that this kernel is built to
expose internal **\n");
+ pr_warn("** IOMMU data structures, which may compromise
security on **\n");
+ pr_warn("** your system.
**\n");
+ pr_warn("**
**\n");
+ pr_warn("** If you see this message and you are not
debugging the **\n");
+ pr_warn("** kernel, report this immediately to your
vendor! **\n");
+ pr_warn("**
**\n");
+ pr_warn("** NOTICE NOTICE NOTICE NOTICE NOTICE
NOTICE NOTICE**\n");
+
pr_warn("**
Re: [PATCH v7 2/2] iommu/amd: Add basic debugfs infrastructure for AMD IOMMU
On 05/14/2018 12:50 PM, Randy Dunlap wrote: On 05/14/2018 10:20 AM, Gary R Hook wrote: Implement a skeleton framework for debugfs support in the AMD IOMMU. Signed-off-by: Gary R Hook --- drivers/iommu/Makefile|5 + drivers/iommu/amd_iommu_debugfs.c | 39 + drivers/iommu/amd_iommu_init.c|6 -- drivers/iommu/amd_iommu_proto.h |6 ++ drivers/iommu/amd_iommu_types.h |3 +++ 5 files changed, 57 insertions(+), 2 deletions(-) create mode 100644 drivers/iommu/amd_iommu_debugfs.c diff --git a/drivers/iommu/Makefile b/drivers/iommu/Makefile index 74cfbc392862..dd980f7dd8b6 100644 --- a/drivers/iommu/Makefile +++ b/drivers/iommu/Makefile @@ -30,3 +30,8 @@ obj-$(CONFIG_EXYNOS_IOMMU) += exynos-iommu.o obj-$(CONFIG_FSL_PAMU) += fsl_pamu.o fsl_pamu_domain.o obj-$(CONFIG_S390_IOMMU) += s390-iommu.o obj-$(CONFIG_QCOM_IOMMU) += qcom_iommu.o + +# This ensures that only the required files are compiled +ifeq ($(CONFIG_IOMMU_DEBUGFS), y) Most Makefiles don't use a space before the 'y', but since you tested it, I guess either way works. Pretty sure whitespace isn't used as a delimiter in this construct. I could be mistaken. But yes, it's perfectly serviceable. But why do this in the Makefile at all? Why not just add another Kconfig symbol and simplify the Makefile? +obj-$(CONFIG_AMD_IOMMU) += amd_iommu_debugfs.o +endif This was brought up a few weeks ago in, I believe, version 3 of this patch. That question was discussed (because that's what I did the first time out), and _someone_ _else_ asked about why I didn't just do it the way I've done it here. Everyone has a preference. I chose to simplify the choices and avoid multiple symbols, instead opting for two switches: choose your device, and decide on Debug FS enablement for it. IMO Very simple. I can't fathom a scenario where this wouldn't work. Is there one?
[PATCH v9 2/2] iommu/amd: Add basic debugfs infrastructure for AMD IOMMU
Implement a skeleton framework for debugfs support in the AMD
IOMMU. Add an AMD-specific Kconfig boolean that depends upon
general enablement of DebugFS in the IOMMU.
Signed-off-by: Gary R Hook
---
drivers/iommu/Kconfig | 12
drivers/iommu/Makefile|1 +
drivers/iommu/amd_iommu_debugfs.c | 33 +
drivers/iommu/amd_iommu_init.c|6 --
drivers/iommu/amd_iommu_proto.h |6 ++
drivers/iommu/amd_iommu_types.h |5 +
6 files changed, 61 insertions(+), 2 deletions(-)
create mode 100644 drivers/iommu/amd_iommu_debugfs.c
diff --git a/drivers/iommu/Kconfig b/drivers/iommu/Kconfig
index f9af25ac409f..5a9cef113763 100644
--- a/drivers/iommu/Kconfig
+++ b/drivers/iommu/Kconfig
@@ -146,6 +146,18 @@ config AMD_IOMMU_V2
hardware. Select this option if you want to use devices that support
the PCI PRI and PASID interface.
+config AMD_IOMMU_DEBUGFS
+ bool "Enable AMD IOMMU internals in DebugFS"
+ depends on AMD_IOMMU && IOMMU_DEBUGFS
+ ---help---
+ !!!WARNING!!! !!!WARNING!!! !!!WARNING!!! !!!WARNING!!!
+
+ DO NOT ENABLE THIS OPTION UNLESS YOU REALLY, -REALLY- KNOW WHAT YOU
ARE DOING!!!
+ Exposes AMD IOMMU device internals in DebugFS.
+
+ This option is -NOT- intended for production environments, and should
+ not generally be enabled.
+
# Intel IOMMU support
config DMAR_TABLE
bool
diff --git a/drivers/iommu/Makefile b/drivers/iommu/Makefile
index 74cfbc392862..47fd6ea9de2d 100644
--- a/drivers/iommu/Makefile
+++ b/drivers/iommu/Makefile
@@ -11,6 +11,7 @@ obj-$(CONFIG_IOMMU_IOVA) += iova.o
obj-$(CONFIG_OF_IOMMU) += of_iommu.o
obj-$(CONFIG_MSM_IOMMU) += msm_iommu.o
obj-$(CONFIG_AMD_IOMMU) += amd_iommu.o amd_iommu_init.o
+obj-$(CONFIG_AMD_IOMMU_DEBUGFS) += amd_iommu_debugfs.o
obj-$(CONFIG_AMD_IOMMU_V2) += amd_iommu_v2.o
obj-$(CONFIG_ARM_SMMU) += arm-smmu.o
obj-$(CONFIG_ARM_SMMU_V3) += arm-smmu-v3.o
diff --git a/drivers/iommu/amd_iommu_debugfs.c
b/drivers/iommu/amd_iommu_debugfs.c
new file mode 100644
index ..c6a5c737ef09
--- /dev/null
+++ b/drivers/iommu/amd_iommu_debugfs.c
@@ -0,0 +1,33 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * AMD IOMMU driver
+ *
+ * Copyright (C) 2018 Advanced Micro Devices, Inc.
+ *
+ * Author: Gary R Hook
+ */
+
+#include
+#include
+#include
+#include "amd_iommu_proto.h"
+#include "amd_iommu_types.h"
+
+static struct dentry *amd_iommu_debugfs;
+static DEFINE_MUTEX(amd_iommu_debugfs_lock);
+
+#defineMAX_NAME_LEN20
+
+void amd_iommu_debugfs_setup(struct amd_iommu *iommu)
+{
+ char name[MAX_NAME_LEN + 1];
+
+ mutex_lock(&amd_iommu_debugfs_lock);
+ if (!amd_iommu_debugfs)
+ amd_iommu_debugfs = debugfs_create_dir("amd",
+ iommu_debugfs_dir);
+ mutex_unlock(&amd_iommu_debugfs_lock);
+
+ snprintf(name, MAX_NAME_LEN, "iommu%02d", iommu->index);
+ iommu->debugfs = debugfs_create_dir(name, amd_iommu_debugfs);
+}
diff --git a/drivers/iommu/amd_iommu_init.c b/drivers/iommu/amd_iommu_init.c
index 904c575d1677..031e6dbb8345 100644
--- a/drivers/iommu/amd_iommu_init.c
+++ b/drivers/iommu/amd_iommu_init.c
@@ -2721,6 +2721,7 @@ int __init amd_iommu_enable_faulting(void)
*/
static int __init amd_iommu_init(void)
{
+ struct amd_iommu *iommu;
int ret;
ret = iommu_go_to_state(IOMMU_INITIALIZED);
@@ -2730,14 +2731,15 @@ static int __init amd_iommu_init(void)
disable_iommus();
free_iommu_resources();
} else {
- struct amd_iommu *iommu;
-
uninit_device_table_dma();
for_each_iommu(iommu)
iommu_flush_all_caches(iommu);
}
}
+ for_each_iommu(iommu)
+ amd_iommu_debugfs_setup(iommu);
+
return ret;
}
diff --git a/drivers/iommu/amd_iommu_proto.h b/drivers/iommu/amd_iommu_proto.h
index 640c286a0ab9..a8cd0296fb16 100644
--- a/drivers/iommu/amd_iommu_proto.h
+++ b/drivers/iommu/amd_iommu_proto.h
@@ -33,6 +33,12 @@ extern void amd_iommu_uninit_devices(void);
extern void amd_iommu_init_notifier(void);
extern int amd_iommu_init_api(void);
+#ifdef CONFIG_AMD_IOMMU_DEBUGFS
+void amd_iommu_debugfs_setup(struct amd_iommu *iommu);
+#else
+static inline void amd_iommu_debugfs_setup(struct amd_iommu *iommu) {}
+#endif
+
/* Needed for interrupt remapping */
extern int amd_iommu_prepare(void);
extern int amd_iommu_enable(void);
diff --git a/drivers/iommu/amd_iommu_types.h b/drivers/iommu/amd_iommu_types.h
index 986cbe0cc189..cfac9d842b0f 100644
--- a/drivers/iommu/amd_iommu_types.h
+++ b/drivers/iommu/amd_iommu_types.h
@@ -594,6 +594,11 @@ struct amd_iommu {
u32 flags;
Re: [PATCH v7 2/2] iommu/amd: Add basic debugfs infrastructure for AMD IOMMU
On 05/15/2018 08:46 AM, Joerg Roedel wrote: On Mon, May 14, 2018 at 03:00:50PM -0500, Gary R Hook wrote: This was brought up a few weeks ago in, I believe, version 3 of this patch. That question was discussed (because that's what I did the first time out), and _someone_ _else_ asked about why I didn't just do it the way I've done it here. You don't have this problem if you put the code in amd_iommu.c in an IOMMU_DEBUGFS ifdef. Of course. My preference, however, is a separate file to avoid size creep. That's why I've done it this way. To whit: there have been threads discussing the advisability/acceptability of using #ifdefs for debug code. My take-away was to avoid them. Perhaps I misunderstood. So: I don't understand your comment. Is this an observation, or is it an imperative statement? I'd like for a maintainer to clearly indicate what is acceptable, and I'll do it.
Re: [PATCH v7 2/2] iommu/amd: Add basic debugfs infrastructure for AMD IOMMU
On 05/18/2018 11:49 AM, Randy Dunlap wrote: On 05/18/2018 08:20 AM, Gary R Hook wrote: On 05/15/2018 08:46 AM, Joerg Roedel wrote: On Mon, May 14, 2018 at 03:00:50PM -0500, Gary R Hook wrote: This was brought up a few weeks ago in, I believe, version 3 of this patch. That question was discussed (because that's what I did the first time out), and _someone_ _else_ asked about why I didn't just do it the way I've done it here. You don't have this problem if you put the code in amd_iommu.c in an IOMMU_DEBUGFS ifdef. Of course. My preference, however, is a separate file to avoid size creep. That's why I've done it this way. To whit: there have been threads discussing the advisability/acceptability of using #ifdefs for debug code. My take-away was to avoid them. Perhaps I misunderstood. So: I don't understand your comment. Is this an observation, or is it an imperative statement? I'd like for a maintainer to clearly indicate what is acceptable, and I'll do it. Hi, I looked back at Robin Murphy's comments on April 17: Well, you could do a makefile-level dependency i.e.: ifeq ($(CONFIG_IOMMU_DEBUG), y) obj-$(CONFIG_AMD_IOMMU) += amd_iommu_debugfs.o obj-$(CONFIG_BLAH_IOMMU) += blah_iommu_debugfs.o ... endif Or alternatively have an intermediate silent Kconfig option: config AMD_IOMMU_DEBUG def_bool y depends on AMD_IOMMU && IOMMU_DEBUG The makefile option is arguably ugly, but does at least scale better ;) I think the Kconfig option would have been the correct choice. "Preferred", perhaps. Neither is incorrect. And really, the Makefile/Kconfig choice is somewhat separate from the organization issue. So I've made the changes for this. Now I'm waiting on Joerg to make a decision on the code/file organization. I still prefer a separate file for the debug fs code.
[PATCH] iommu/amd - Optimize PPR log handling
Improve the performance of the PPR log polling function (i.e. the
task of emptying the log) by minimizing MMIO operations and more
efficiently processing groups of log entries. Cache the head
pointer, as there's never a reason to read it. Ensure the head
pointer register is updated every so often, to inform the IOMMU
that space is available in the log.
Finally, since a single pass may leave logged events unread, use
an outer loop to repeat until head has caught up to tail.
Signed-off-by: Gary R Hook
---
drivers/iommu/amd_iommu.c | 69 +--
drivers/iommu/amd_iommu_init.c |1 +
drivers/iommu/amd_iommu_types.h |1 +
3 files changed, 39 insertions(+), 32 deletions(-)
diff --git a/drivers/iommu/amd_iommu.c b/drivers/iommu/amd_iommu.c
index 77c056ae082c..13a550fb7d47 100644
--- a/drivers/iommu/amd_iommu.c
+++ b/drivers/iommu/amd_iommu.c
@@ -660,51 +660,56 @@ static void iommu_handle_ppr_entry(struct amd_iommu
*iommu, u64 *raw)
static void iommu_poll_ppr_log(struct amd_iommu *iommu)
{
- u32 head, tail;
+ u32 tail;
if (iommu->ppr_log == NULL)
return;
- head = readl(iommu->mmio_base + MMIO_PPR_HEAD_OFFSET);
tail = readl(iommu->mmio_base + MMIO_PPR_TAIL_OFFSET);
- while (head != tail) {
- volatile u64 *raw;
- u64 entry[2];
- int i;
+ while (iommu->ppr_log_head != tail) {
+ uint count = PPR_LOG_ENTRIES / 8;
+
+ while (iommu->ppr_log_head != tail && count--) {
+ volatile u64 *raw;
+ u64 entry[2];
+ int i;
+
+ raw = (u64 *)(iommu->ppr_log + iommu->ppr_log_head);
+
+ /*
+* Hardware bug: Interrupt may arrive before the
+* entry is written to memory. If this happens we
+* need to wait for the entry to arrive.
+*/
+ for (i = 0; i < LOOP_TIMEOUT; ++i) {
+ if (PPR_REQ_TYPE(raw[0]) != 0)
+ break;
+ udelay(1);
+ }
- raw = (u64 *)(iommu->ppr_log + head);
+ /* Avoid memcpy function-call overhead */
+ entry[0] = raw[0];
+ entry[1] = raw[1];
- /*
-* Hardware bug: Interrupt may arrive before the entry is
-* written to memory. If this happens we need to wait for the
-* entry to arrive.
-*/
- for (i = 0; i < LOOP_TIMEOUT; ++i) {
- if (PPR_REQ_TYPE(raw[0]) != 0)
- break;
- udelay(1);
- }
+ /*
+* To detect the hardware bug we need to clear the
+* entry back to zero.
+*/
+ raw[0] = raw[1] = 0UL;
- /* Avoid memcpy function-call overhead */
- entry[0] = raw[0];
- entry[1] = raw[1];
+ /* Handle PPR entry */
+ iommu_handle_ppr_entry(iommu, entry);
- /*
-* To detect the hardware bug we need to clear the entry
-* back to zero.
-*/
- raw[0] = raw[1] = 0UL;
+ iommu->ppr_log_head += PPR_ENTRY_SIZE;
+ iommu->ppr_log_head %= PPR_LOG_SIZE;
+ }
/* Update head pointer of hardware ring-buffer */
- head = (head + PPR_ENTRY_SIZE) % PPR_LOG_SIZE;
- writel(head, iommu->mmio_base + MMIO_PPR_HEAD_OFFSET);
-
- /* Handle PPR entry */
- iommu_handle_ppr_entry(iommu, entry);
+ writel(iommu->ppr_log_head,
+ iommu->mmio_base + MMIO_PPR_HEAD_OFFSET);
- /* Refresh ring-buffer information */
- head = readl(iommu->mmio_base + MMIO_PPR_HEAD_OFFSET);
+ /* Get the current value of tail */
tail = readl(iommu->mmio_base + MMIO_PPR_TAIL_OFFSET);
}
}
diff --git a/drivers/iommu/amd_iommu_init.c b/drivers/iommu/amd_iommu_init.c
index 904c575d1677..227a9887feb1 100644
--- a/drivers/iommu/amd_iommu_init.c
+++ b/drivers/iommu/amd_iommu_init.c
@@ -721,6 +721,7 @@ static void iommu_enable_ppr_log(struct amd_iommu *iommu)
/* set head and tail to zero manually */
writel(0x00, iommu->mmio_base + MMIO_PPR_HEAD_OFFSET);
writel(0x00, iommu->mmio_base + MMIO_PPR_TAIL_OFFSET);
+ iommu->ppr_log_head = 0;
iommu_feature_enable(iommu, CONTROL_PPFLOG_EN);
Re: [PATCH 2/3] crypto: ccp - return an actual key size from RSA max_size callback
On 02/24/2018 10:03 AM, Maciej S. Szmigiero wrote:
rsa-pkcs1pad uses a value returned from a RSA implementation max_size
callback as a size of an input buffer passed to the RSA implementation for
encrypt and sign operations.
CCP RSA implementation uses a hardware input buffer which size depends only
on the current RSA key length, so it should return this key length in
the max_size callback, too.
This also matches what the kernel software RSA implementation does.
Previously, the value returned from this callback was always the maximum
RSA key size the CCP hardware supports.
This resulted in this huge buffer being passed by rsa-pkcs1pad to CCP even
for smaller key sizes and then in a buffer overflow when ccp_run_rsa_cmd()
tried to copy this large input buffer into a RSA key length-sized hardware
input buffer.
Signed-off-by: Maciej S. Szmigiero
Acked-by: Gary R Hook
Fixes: ceeec0afd684 ("crypto: ccp - Add support for RSA on the CCP")
Cc: sta...@vger.kernel.org
---
drivers/crypto/ccp/ccp-crypto-rsa.c | 7 +++
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/drivers/crypto/ccp/ccp-crypto-rsa.c
b/drivers/crypto/ccp/ccp-crypto-rsa.c
index e6db8672d89c..05850dfd7940 100644
--- a/drivers/crypto/ccp/ccp-crypto-rsa.c
+++ b/drivers/crypto/ccp/ccp-crypto-rsa.c
@@ -60,10 +60,9 @@ static int ccp_rsa_complete(struct crypto_async_request
*async_req, int ret)
static unsigned int ccp_rsa_maxsize(struct crypto_akcipher *tfm)
{
- if (ccp_version() > CCP_VERSION(3, 0))
- return CCP5_RSA_MAXMOD;
- else
- return CCP_RSA_MAXMOD;
+ struct ccp_ctx *ctx = akcipher_tfm_ctx(tfm);
+
+ return ctx->u.rsa.n_len;
}
static int ccp_rsa_crypt(struct akcipher_request *req, bool encrypt)
Re: [PATCH 3/3] crypto: ccp - protect RSA implementation from too large input data
On 02/24/2018 10:03 AM, Maciej S. Szmigiero wrote:
CCP RSA implementation uses a hardware input buffer which size depends only
on the current RSA key length. Key modulus and a message to be processed
is then copied to this buffer based on their own lengths.
Since the price for providing too long input data is a buffer overflow and
there already has been a case when this has happened let's better reject
such oversized input data and log an error message in this case so we know
what is going on.
Signed-off-by: Maciej S. Szmigiero
---
drivers/crypto/ccp/ccp-ops.c | 24
1 file changed, 20 insertions(+), 4 deletions(-)
diff --git a/drivers/crypto/ccp/ccp-ops.c b/drivers/crypto/ccp/ccp-ops.c
index 406b95329b3d..517aeee30abf 100644
--- a/drivers/crypto/ccp/ccp-ops.c
+++ b/drivers/crypto/ccp/ccp-ops.c
@@ -1770,10 +1770,6 @@ static int ccp_run_rsa_cmd(struct ccp_cmd_queue *cmd_q,
struct ccp_cmd *cmd)
if (!rsa->exp || !rsa->mod || !rsa->src || !rsa->dst)
return -EINVAL;
- memset(&op, 0, sizeof(op));
- op.cmd_q = cmd_q;
- op.jobid = CCP_NEW_JOBID(cmd_q->ccp);
-
/* The RSA modulus must precede the message being acted upon, so
* it must be copied to a DMA area where the message and the
* modulus can be concatenated. Therefore the input buffer
@@ -1785,6 +1781,26 @@ static int ccp_run_rsa_cmd(struct ccp_cmd_queue *cmd_q,
struct ccp_cmd *cmd)
o_len = 32 * ((rsa->key_size + 255) / 256);
i_len = o_len * 2;
+ if (rsa->mod_len > o_len) {
+ dev_err(cmd_q->ccp->dev,
+ "RSA modulus of %u bytes too large for key size of %u
bits\n",
+ (unsigned int)rsa->mod_len,
+ (unsigned int)rsa->key_size);
+ return -EINVAL;
+ }
+
+ if (rsa->src_len > o_len) {
+ dev_err(cmd_q->ccp->dev,
+ "RSA data of %u bytes too large for key size of %u
bits\n",
+ (unsigned int)rsa->src_len,
+ (unsigned int)rsa->key_size);
+ return -EINVAL;
+ }
We've talked about this, and we believe that a more central fix is
warranted. I intend to post another patch tomorrow that should address
this problem.
+
+ memset(&op, 0, sizeof(op));
+ op.cmd_q = cmd_q;
+ op.jobid = CCP_NEW_JOBID(cmd_q->ccp);
+
sb_count = 0;
if (cmd_q->ccp->vdata->version < CCP_VERSION(5, 0)) {
/* sb_count is the number of storage block slots required
[PATCH v2 0/2] Base enablement of IOMMU debugfs support
These patches create a top-level function to create a debugfs directory for the IOMMU, under which drivers may create and populate-specific directories for their device internals. Patch 1: general IOMMU enablement Patch 2: basic AMD enablement to demonstrate linkage with patch 1 Introduce a new Kconfig parameter IOMMU_DEBUG to globally allow or disallow debugfs code to be built. Changes since v1: - Remove debug cruft - Remove cruft produced by design change - Change the lock to a mutex - Coding style fixes - Add a comment to document the framework --- Gary R Hook (2): iommu - Enable debugfs exposure of the IOMMU iommu/amd: Add basic debugfs infrastructure for AMD IOMMU drivers/iommu/Kconfig | 11 +++ drivers/iommu/Makefile|2 + drivers/iommu/amd_iommu_debugfs.c | 45 + drivers/iommu/amd_iommu_init.c|7 +++- drivers/iommu/amd_iommu_proto.h |8 - drivers/iommu/amd_iommu_types.h |3 ++ drivers/iommu/iommu-debugfs.c | 58 + include/linux/iommu.h |4 +++ 8 files changed, 135 insertions(+), 3 deletions(-) create mode 100644 drivers/iommu/amd_iommu_debugfs.c create mode 100644 drivers/iommu/iommu-debugfs.c -- Signature
[PATCH v2 1/2] iommu - Enable debugfs exposure of the IOMMU
Provide base enablement for using debugfs to expose internal data of
an IOMMU driver. When called, create the /sys/kernel/debug/iommu
directory. Emit a strong warning at boot time to indicate that this
feature is enabled.
This patch adds a top-level function that will create the (above)
directory, under which a driver may create a hw-specific directory for
its use. The function
iommu_debugfs_setup()
returns a pointer to the new dentry structure created for
/sys/kernel/debug/iommu, or NULL in the event of a failure. An IOMMU
driver should call this function first, and then create a directory
beneath it. A driver implementation might look something like:
static struct dentry *my_debugfs;
struct dentry *d_top;
if (!my_debugfs) {
d_top = iommu_debugfs_setup();
if (d_top)
my_debugfs = debugfs_create_dir("vendor", d_top);
}
Since the IOMMU driver can not be removed from the running system, this
patch only provides an "on" function.
Signed-off-by: Gary R Hook
---
drivers/iommu/Kconfig | 11
drivers/iommu/Makefile|1 +
drivers/iommu/iommu-debugfs.c | 58 +
include/linux/iommu.h |4 +++
4 files changed, 74 insertions(+)
create mode 100644 drivers/iommu/iommu-debugfs.c
diff --git a/drivers/iommu/Kconfig b/drivers/iommu/Kconfig
index f3a21343e636..c1e39dabfec2 100644
--- a/drivers/iommu/Kconfig
+++ b/drivers/iommu/Kconfig
@@ -60,6 +60,17 @@ config IOMMU_IO_PGTABLE_ARMV7S_SELFTEST
endmenu
+config IOMMU_DEBUG
+ bool "Enable IOMMU internals in DebugFS"
+ depends on DEBUG_FS
+ default n
+ help
+ Allows exposure of IOMMU device internals. This option enables
+ the use of debugfs by IOMMU drivers as required. Devices can,
+ at initialization time, cause the IOMMU code to create a top-level
+ debug/iommu directory, and then populate a subdirectory with
+ entries as required.
+
config IOMMU_IOVA
tristate
diff --git a/drivers/iommu/Makefile b/drivers/iommu/Makefile
index 1fb695854809..5eb1121d54b9 100644
--- a/drivers/iommu/Makefile
+++ b/drivers/iommu/Makefile
@@ -2,6 +2,7 @@
obj-$(CONFIG_IOMMU_API) += iommu.o
obj-$(CONFIG_IOMMU_API) += iommu-traces.o
obj-$(CONFIG_IOMMU_API) += iommu-sysfs.o
+obj-$(CONFIG_IOMMU_DEBUG) += iommu-debugfs.o
obj-$(CONFIG_IOMMU_DMA) += dma-iommu.o
obj-$(CONFIG_IOMMU_IO_PGTABLE) += io-pgtable.o
obj-$(CONFIG_IOMMU_IO_PGTABLE_ARMV7S) += io-pgtable-arm-v7s.o
diff --git a/drivers/iommu/iommu-debugfs.c b/drivers/iommu/iommu-debugfs.c
new file mode 100644
index ..add6f95120e4
--- /dev/null
+++ b/drivers/iommu/iommu-debugfs.c
@@ -0,0 +1,58 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * IOMMU driver
+ *
+ * Copyright (C) 2018 Advanced Micro Devices, Inc.
+ *
+ * Author: Gary R Hook
+ */
+
+#include
+#include
+#include
+
+static struct dentry *iommu_debugfs_dir;
+
+/*
+ * Provide base enablement for using debugfs to expose internal data of an
+ * IOMMU driver. When called, create the /sys/kernel/debug/iommu directory.
+ *
+ * Emit a strong warning at boot time to indicate that this feature is
+ * enabled.
+ *
+ * This top-level function that will create the (above) directory, under a
+ * driver may create a hw-specific directory for its use. The function
+ *
+ * iommu_debugfs_setup()
+ *
+ * returns a pointer to the new dentry structure created for
+ * /sys/kernel/debug/iommu, or NULL in the event of a failure. An IOMMU
+ * driver should call this function first, and then create a directory
+ * beneath it. A driver implementation might look something like:
+ *
+ * static struct dentry *my_debugfs;
+ *
+ *struct dentry *d_top;
+ *if (!my_debugfs) {
+ *d_top = iommu_debugfs_setup();
+ *if (d_top)
+ *my_debugfs = debugfs_create_dir("vendor", d_top);
+ *}
+ *
+ * Since the IOMMU driver can not be removed from the running system, there
+ * is no need for an "off" function.
+ */
+struct dentry *iommu_debugfs_setup(void)
+{
+ if (!debugfs_initialized())
+ return NULL;
+
+ if (!iommu_debugfs_dir)
+ iommu_debugfs_dir = debugfs_create_dir("iommu", NULL);
+
+ if (iommu_debugfs_dir)
+ pr_warn("WARNING: IOMMU DEBUGFS SUPPORT HAS BEEN ENABLED IN
THIS KERNEL\n");
+
+ return iommu_debugfs_dir;
+}
+EXPORT_SYMBOL_GPL(iommu_debugfs_setup);
diff --git a/include/linux/iommu.h b/include/linux/iommu.h
index 41b8c5757859..3dd2e73d31c4 100644
--- a/include/linux/iommu.h
+++ b/include/linux/iommu.h
@@ -412,6 +412,10 @@ void iommu_fwspec_free(struct device *dev);
int iommu_fwspec_add_ids(struct device *dev, u32 *ids, int num_ids);
const struct iommu_ops *iommu_ops_from_fwnode(struct fwnode_handle *fwnode);
+#ifdef CONFIG_IOMMU_DEBUG
+struct dentry *iommu_debugfs_setup(void);
+#endif
+
#else /* CONFIG_IOMMU_API */
struct iommu_ops {};
[PATCH v2 2/2] iommu/amd: Add basic debugfs infrastructure for AMD IOMMU
Implement a skeleton framework for debugfs support in the
AMD IOMMU.
Signed-off-by: Gary R Hook
---
drivers/iommu/Makefile|1 +
drivers/iommu/amd_iommu_debugfs.c | 45 +
drivers/iommu/amd_iommu_init.c|7 --
drivers/iommu/amd_iommu_proto.h |8 ++-
drivers/iommu/amd_iommu_types.h |3 ++
5 files changed, 61 insertions(+), 3 deletions(-)
create mode 100644 drivers/iommu/amd_iommu_debugfs.c
diff --git a/drivers/iommu/Makefile b/drivers/iommu/Makefile
index 5eb1121d54b9..0ca250f626d9 100644
--- a/drivers/iommu/Makefile
+++ b/drivers/iommu/Makefile
@@ -11,6 +11,7 @@ obj-$(CONFIG_IOMMU_IOVA) += iova.o
obj-$(CONFIG_OF_IOMMU) += of_iommu.o
obj-$(CONFIG_MSM_IOMMU) += msm_iommu.o
obj-$(CONFIG_AMD_IOMMU) += amd_iommu.o amd_iommu_init.o
+obj-$(CONFIG_IOMMU_DEBUG) += amd_iommu_debugfs.o
obj-$(CONFIG_AMD_IOMMU_V2) += amd_iommu_v2.o
obj-$(CONFIG_ARM_SMMU) += arm-smmu.o
obj-$(CONFIG_ARM_SMMU_V3) += arm-smmu-v3.o
diff --git a/drivers/iommu/amd_iommu_debugfs.c
b/drivers/iommu/amd_iommu_debugfs.c
new file mode 100644
index ..282100a655b3
--- /dev/null
+++ b/drivers/iommu/amd_iommu_debugfs.c
@@ -0,0 +1,45 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * AMD IOMMU driver
+ *
+ * Copyright (C) 2018 Advanced Micro Devices, Inc.
+ *
+ * Author: Gary R Hook
+ */
+
+#include
+#include
+#include
+#include "amd_iommu_proto.h"
+#include "amd_iommu_types.h"
+
+static struct dentry *amd_iommu_debugfs;
+static DEFINE_MUTEX(amd_iommu_debugfs_lock);
+
+#defineMAX_NAME_LEN20
+
+void amd_iommu_debugfs_setup(struct amd_iommu *iommu)
+{
+ char name[MAX_NAME_LEN + 1];
+ struct dentry *d_top;
+
+ if (!debugfs_initialized())
+ return;
+
+ mutex_lock(&amd_iommu_debugfs_lock);
+ if (!amd_iommu_debugfs) {
+ d_top = iommu_debugfs_setup();
+ if (d_top)
+ amd_iommu_debugfs = debugfs_create_dir("amd", d_top);
+ }
+ mutex_unlock(&amd_iommu_debugfs_lock);
+ if (amd_iommu_debugfs) {
+ snprintf(name, MAX_NAME_LEN, "iommu%02d", iommu->index);
+ iommu->debugfs = debugfs_create_dir(name,
+ amd_iommu_debugfs);
+ if (!iommu->debugfs) {
+ debugfs_remove_recursive(amd_iommu_debugfs);
+ amd_iommu_debugfs = NULL;
+ }
+ }
+}
diff --git a/drivers/iommu/amd_iommu_init.c b/drivers/iommu/amd_iommu_init.c
index 6fe2d0346073..43856c7f4ea1 100644
--- a/drivers/iommu/amd_iommu_init.c
+++ b/drivers/iommu/amd_iommu_init.c
@@ -89,6 +89,7 @@
#define ACPI_DEVFLAG_ATSDIS 0x1000
#define LOOP_TIMEOUT 10
+
/*
* ACPI table definitions
*
@@ -2720,6 +2721,7 @@ int __init amd_iommu_enable_faulting(void)
*/
static int __init amd_iommu_init(void)
{
+ struct amd_iommu *iommu;
int ret;
ret = iommu_go_to_state(IOMMU_INITIALIZED);
@@ -2729,14 +2731,15 @@ static int __init amd_iommu_init(void)
disable_iommus();
free_iommu_resources();
} else {
- struct amd_iommu *iommu;
-
uninit_device_table_dma();
for_each_iommu(iommu)
iommu_flush_all_caches(iommu);
}
}
+ for_each_iommu(iommu)
+ amd_iommu_debugfs_setup(iommu);
+
return ret;
}
diff --git a/drivers/iommu/amd_iommu_proto.h b/drivers/iommu/amd_iommu_proto.h
index 640c286a0ab9..1cfaae28c2cd 100644
--- a/drivers/iommu/amd_iommu_proto.h
+++ b/drivers/iommu/amd_iommu_proto.h
@@ -33,6 +33,12 @@ extern void amd_iommu_uninit_devices(void);
extern void amd_iommu_init_notifier(void);
extern int amd_iommu_init_api(void);
+#ifdef CONFIG_IOMMU_DEBUG
+void amd_iommu_debugfs_setup(struct amd_iommu *iommu);
+#else
+static inline void amd_iommu_debugfs_setup(struct amd_iommu *iommu) {}
+#endif
+
/* Needed for interrupt remapping */
extern int amd_iommu_prepare(void);
extern int amd_iommu_enable(void);
@@ -58,7 +64,7 @@ extern int amd_iommu_domain_clear_gcr3(struct iommu_domain
*dom, int pasid);
extern struct iommu_domain *amd_iommu_get_v2_domain(struct pci_dev *pdev);
#ifdef CONFIG_IRQ_REMAP
-extern int amd_iommu_create_irq_domain(struct amd_iommu *iommu);
+int amd_iommu_create_irq_domain(struct amd_iommu *iommu);
#else
static inline int amd_iommu_create_irq_domain(struct amd_iommu *iommu)
{
diff --git a/drivers/iommu/amd_iommu_types.h b/drivers/iommu/amd_iommu_types.h
index f6b24c7d8b70..43c52797810e 100644
--- a/drivers/iommu/amd_iommu_types.h
+++ b/drivers/iommu/amd_iommu_types.h
@@ -591,6 +591,9 @@ struct amd_iommu {
u32 flags;
volatile u64 __aligned(8) cmd_sem;
+
+ /* DebugFS Info */
+ stru
Re: [PATCH v7 0/5] Add Intel IOMMU debugfs support
On 03/29/2018 03:48 AM, Joerg Roedel wrote: [ Adding Gary from AMD to Cc ] On Mon, Mar 19, 2018 at 09:37:14AM -0700, Jacob Pan wrote: On Thu, 15 Mar 2018 14:18:54 +0100 Joerg Roedel wrote: On Thu, Feb 15, 2018 at 08:38:11AM -0800, Jacob Pan wrote: Just wondering if your concern is on the implementation or the debugfs idea in general. Perhaps have some common IOMMU debugfs? My concern mainly is that we add interfaces which reveal potentially security relevant information I don;t think security is any worse than existing kernel page table in debugfs. i.e. /sys/kernel/debug/page_tables This is a debug feature. Okay, so here is the way to go: Please introduce a basic debugfs facility to the core iommu code. It should basically only create a 'iommu/' directory in debugfs where drivers can create their own sub-directories. This must be enabled by a new kconfig option (CONFIG_IOMMU_DEBUGFS) and the kernel should print a big fat warning at boot when it is enabled. This hopefully prevents anyone from enabling it for production kernels. I'm halfway through this. Where would you like to place the invocation of the initialization function? There's an iommu_init() in iommu.c, But it's a core_initcall, which doesn't seem like a good spot. Not knowing enough about bring-up here, Would adding another __init function be suitable? Gary
Re: [PATCH v3 2/2] iommu/amd: Add basic debugfs infrastructure for AMD IOMMU
On 04/17/2018 12:38 PM, Hook, Gary wrote:
On 4/13/2018 8:08 PM, Mehta, Sohil wrote:
On Fri, 2018-04-06 at 08:17 -0500, Gary R Hook wrote:
+
+
+ mutex_lock(&amd_iommu_debugfs_lock);
+ if (!amd_iommu_debugfs) {
+ d_top = iommu_debugfs_setup();
+ if (d_top)
+ amd_iommu_debugfs =
debugfs_create_dir("amd", d_top);
+ }
+ mutex_unlock(&amd_iommu_debugfs_lock);
You can do the above only once if you iterate over the IOMMUs here
instead of doing it in amd_iommu_init.
I'm not sure it matters, given the finite number of IOMMUs in a system,
and the fact that this work is done exactly once. However, removal of a
lock is fine thing, so I'll move this around.
After thinking about this, and looking at the code, I've decided to
leave this alone.
v4 is on its way.
[PATCH v4 0/2] Base enablement of IOMMU debugfs support
These patches create a top-level function to create a debugfs directory for the IOMMU, under which drivers may create and populate-specific directories for their device internals. Patch 1: general IOMMU enablement Patch 2: basic AMD enablement to demonstrate linkage with patch 1 Introduce a new Kconfig parameter IOMMU_DEBUG to globally allow or disallow debugfs code to be built. Changes since v3: - Remove superfluous calls to debugfs_initialized() - Emit a warning exactly one time - Change the Kconfig name to IOMMU_DEBUGFS - Change the way debugfs modules are made Changes since v2: - Move a declaration to outside an ifdef - Remove a spurious blank line Changes since v1: - Remove debug cruft - Remove cruft produced by design change - Change the lock to a mutex - Coding style fixes - Add a comment to document the framework --- Gary R Hook (2): iommu - Enable debugfs exposure of the IOMMU iommu/amd: Add basic debugfs infrastructure for AMD IOMMU drivers/iommu/Kconfig | 11 +++ drivers/iommu/Makefile|6 drivers/iommu/amd_iommu_debugfs.c | 42 drivers/iommu/amd_iommu_init.c|6 +++- drivers/iommu/amd_iommu_proto.h |6 drivers/iommu/amd_iommu_types.h |3 ++ drivers/iommu/iommu-debugfs.c | 55 + include/linux/iommu.h |4 +++ 8 files changed, 131 insertions(+), 2 deletions(-) create mode 100644 drivers/iommu/amd_iommu_debugfs.c create mode 100644 drivers/iommu/iommu-debugfs.c --
[PATCH v4 1/2] iommu - Enable debugfs exposure of the IOMMU
Provide base enablement for using debugfs to expose internal data of
an IOMMU driver. When called, create the /sys/kernel/debug/iommu
directory. Emit a strong warning at boot time to indicate that this
feature is enabled.
This patch adds a top-level function that will create the (above)
directory, under which a driver may create a hw-specific directory for
its use. The function
iommu_debugfs_setup()
returns a pointer to the new dentry structure created for
/sys/kernel/debug/iommu, or NULL in the event of a failure. An IOMMU
driver should call this function first, and then create a directory
beneath it. A driver implementation might look something like:
static struct dentry *my_debugfs;
struct dentry *d_top;
if (!my_debugfs) {
d_top = iommu_debugfs_setup();
if (d_top)
my_debugfs = debugfs_create_dir("vendor", d_top);
}
Since the IOMMU driver can not be removed from the running system, this
patch only provides an "on" function.
Signed-off-by: Gary R Hook
---
drivers/iommu/Kconfig | 11
drivers/iommu/Makefile|1 +
drivers/iommu/iommu-debugfs.c | 55 +
include/linux/iommu.h |4 +++
4 files changed, 71 insertions(+)
create mode 100644 drivers/iommu/iommu-debugfs.c
diff --git a/drivers/iommu/Kconfig b/drivers/iommu/Kconfig
index f3a21343e636..81a6c281e69f 100644
--- a/drivers/iommu/Kconfig
+++ b/drivers/iommu/Kconfig
@@ -60,6 +60,17 @@ config IOMMU_IO_PGTABLE_ARMV7S_SELFTEST
endmenu
+config IOMMU_DEBUGFS
+ bool "Enable IOMMU internals in DebugFS"
+ depends on DEBUG_FS
+ default n
+ help
+ Allows exposure of IOMMU device internals. This option enables
+ the use of debugfs by IOMMU drivers as required. Devices can,
+ at initialization time, cause the IOMMU code to create a top-level
+ debug/iommu directory, and then populate a subdirectory with
+ entries as required.
+
config IOMMU_IOVA
tristate
diff --git a/drivers/iommu/Makefile b/drivers/iommu/Makefile
index 1fb695854809..74cfbc392862 100644
--- a/drivers/iommu/Makefile
+++ b/drivers/iommu/Makefile
@@ -2,6 +2,7 @@
obj-$(CONFIG_IOMMU_API) += iommu.o
obj-$(CONFIG_IOMMU_API) += iommu-traces.o
obj-$(CONFIG_IOMMU_API) += iommu-sysfs.o
+obj-$(CONFIG_IOMMU_DEBUGFS) += iommu-debugfs.o
obj-$(CONFIG_IOMMU_DMA) += dma-iommu.o
obj-$(CONFIG_IOMMU_IO_PGTABLE) += io-pgtable.o
obj-$(CONFIG_IOMMU_IO_PGTABLE_ARMV7S) += io-pgtable-arm-v7s.o
diff --git a/drivers/iommu/iommu-debugfs.c b/drivers/iommu/iommu-debugfs.c
new file mode 100644
index ..409691ca0ff9
--- /dev/null
+++ b/drivers/iommu/iommu-debugfs.c
@@ -0,0 +1,55 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * IOMMU driver
+ *
+ * Copyright (C) 2018 Advanced Micro Devices, Inc.
+ *
+ * Author: Gary R Hook
+ */
+
+#include
+#include
+#include
+
+static struct dentry *iommu_debugfs_dir;
+
+/*
+ * Provide base enablement for using debugfs to expose internal data of an
+ * IOMMU driver. When called, create the /sys/kernel/debug/iommu directory.
+ *
+ * Emit a strong warning at boot time to indicate that this feature is
+ * enabled.
+ *
+ * This top-level function that will create the (above) directory, under a
+ * driver may create a hw-specific directory for its use. The function
+ *
+ * iommu_debugfs_setup()
+ *
+ * returns a pointer to the new dentry structure created for
+ * /sys/kernel/debug/iommu, or NULL in the event of a failure. An IOMMU
+ * driver should call this function first, and then create a directory
+ * beneath it. A driver implementation might look something like:
+ *
+ * static struct dentry *my_debugfs;
+ *
+ *struct dentry *d_top;
+ *if (!my_debugfs) {
+ *d_top = iommu_debugfs_setup();
+ *if (d_top)
+ *my_debugfs = debugfs_create_dir("vendor", d_top);
+ *}
+ *
+ * Since the IOMMU driver can not be removed from the running system, there
+ * is no need for an "off" function.
+ */
+struct dentry *iommu_debugfs_setup(void)
+{
+ if (!iommu_debugfs_dir) {
+ iommu_debugfs_dir = debugfs_create_dir("iommu", NULL);
+ if (iommu_debugfs_dir)
+ pr_warn("WARNING: IOMMU DEBUGFS SUPPORT HAS BEEN
ENABLED IN THIS KERNEL\n");
+ }
+
+ return iommu_debugfs_dir;
+}
+EXPORT_SYMBOL_GPL(iommu_debugfs_setup);
diff --git a/include/linux/iommu.h b/include/linux/iommu.h
index 19938ee6eb31..e5657c70f90c 100644
--- a/include/linux/iommu.h
+++ b/include/linux/iommu.h
@@ -698,4 +698,8 @@ const struct iommu_ops *iommu_ops_from_fwnode(struct
fwnode_handle *fwnode)
#endif /* CONFIG_IOMMU_API */
+#ifdef CONFIG_IOMMU_DEBUGFS
+struct dentry *iommu_debugfs_setup(void);
+#endif
+
#endif /* __LINUX_IOMMU_H */
[PATCH v4 2/2] iommu/amd: Add basic debugfs infrastructure for AMD IOMMU
Implement a skeleton framework for debugfs support in the
AMD IOMMU.
Signed-off-by: Gary R Hook
---
drivers/iommu/Makefile|5
drivers/iommu/amd_iommu_debugfs.c | 42 +
drivers/iommu/amd_iommu_init.c|6 -
drivers/iommu/amd_iommu_proto.h |6 +
drivers/iommu/amd_iommu_types.h |3 +++
5 files changed, 60 insertions(+), 2 deletions(-)
create mode 100644 drivers/iommu/amd_iommu_debugfs.c
diff --git a/drivers/iommu/Makefile b/drivers/iommu/Makefile
index 74cfbc392862..dd980f7dd8b6 100644
--- a/drivers/iommu/Makefile
+++ b/drivers/iommu/Makefile
@@ -30,3 +30,8 @@ obj-$(CONFIG_EXYNOS_IOMMU) += exynos-iommu.o
obj-$(CONFIG_FSL_PAMU) += fsl_pamu.o fsl_pamu_domain.o
obj-$(CONFIG_S390_IOMMU) += s390-iommu.o
obj-$(CONFIG_QCOM_IOMMU) += qcom_iommu.o
+
+# This ensures that only the required files are compiled
+ifeq ($(CONFIG_IOMMU_DEBUGFS), y)
+obj-$(CONFIG_AMD_IOMMU) += amd_iommu_debugfs.o
+endif
diff --git a/drivers/iommu/amd_iommu_debugfs.c
b/drivers/iommu/amd_iommu_debugfs.c
new file mode 100644
index ..34bb65cbd798
--- /dev/null
+++ b/drivers/iommu/amd_iommu_debugfs.c
@@ -0,0 +1,42 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * AMD IOMMU driver
+ *
+ * Copyright (C) 2018 Advanced Micro Devices, Inc.
+ *
+ * Author: Gary R Hook
+ */
+
+#include
+#include
+#include
+#include "amd_iommu_proto.h"
+#include "amd_iommu_types.h"
+
+static struct dentry *amd_iommu_debugfs;
+static DEFINE_MUTEX(amd_iommu_debugfs_lock);
+
+#defineMAX_NAME_LEN20
+
+void amd_iommu_debugfs_setup(struct amd_iommu *iommu)
+{
+ char name[MAX_NAME_LEN + 1];
+ struct dentry *d_top;
+
+ mutex_lock(&amd_iommu_debugfs_lock);
+ if (!amd_iommu_debugfs) {
+ d_top = iommu_debugfs_setup();
+ if (d_top)
+ amd_iommu_debugfs = debugfs_create_dir("amd", d_top);
+ }
+ mutex_unlock(&amd_iommu_debugfs_lock);
+ if (amd_iommu_debugfs) {
+ snprintf(name, MAX_NAME_LEN, "iommu%02d", iommu->index);
+ iommu->debugfs = debugfs_create_dir(name,
+ amd_iommu_debugfs);
+ if (!iommu->debugfs) {
+ debugfs_remove_recursive(amd_iommu_debugfs);
+ amd_iommu_debugfs = NULL;
+ }
+ }
+}
diff --git a/drivers/iommu/amd_iommu_init.c b/drivers/iommu/amd_iommu_init.c
index 904c575d1677..031e6dbb8345 100644
--- a/drivers/iommu/amd_iommu_init.c
+++ b/drivers/iommu/amd_iommu_init.c
@@ -2721,6 +2721,7 @@ int __init amd_iommu_enable_faulting(void)
*/
static int __init amd_iommu_init(void)
{
+ struct amd_iommu *iommu;
int ret;
ret = iommu_go_to_state(IOMMU_INITIALIZED);
@@ -2730,14 +2731,15 @@ static int __init amd_iommu_init(void)
disable_iommus();
free_iommu_resources();
} else {
- struct amd_iommu *iommu;
-
uninit_device_table_dma();
for_each_iommu(iommu)
iommu_flush_all_caches(iommu);
}
}
+ for_each_iommu(iommu)
+ amd_iommu_debugfs_setup(iommu);
+
return ret;
}
diff --git a/drivers/iommu/amd_iommu_proto.h b/drivers/iommu/amd_iommu_proto.h
index 640c286a0ab9..39053f11dda3 100644
--- a/drivers/iommu/amd_iommu_proto.h
+++ b/drivers/iommu/amd_iommu_proto.h
@@ -33,6 +33,12 @@ extern void amd_iommu_uninit_devices(void);
extern void amd_iommu_init_notifier(void);
extern int amd_iommu_init_api(void);
+#ifdef CONFIG_IOMMU_DEBUGFS
+void amd_iommu_debugfs_setup(struct amd_iommu *iommu);
+#else
+static inline void amd_iommu_debugfs_setup(struct amd_iommu *iommu) {}
+#endif
+
/* Needed for interrupt remapping */
extern int amd_iommu_prepare(void);
extern int amd_iommu_enable(void);
diff --git a/drivers/iommu/amd_iommu_types.h b/drivers/iommu/amd_iommu_types.h
index 1c9b080276c9..2ca0959ae9e6 100644
--- a/drivers/iommu/amd_iommu_types.h
+++ b/drivers/iommu/amd_iommu_types.h
@@ -593,6 +593,9 @@ struct amd_iommu {
u32 flags;
volatile u64 __aligned(8) cmd_sem;
+
+ /* DebugFS Info */
+ struct dentry *debugfs;
};
static inline struct amd_iommu *dev_to_amd_iommu(struct device *dev)
[PATCH 2/2] iommu/amd - Update logging information for new event type
A new events have been defined in the AMD IOMMU spec:
0x09 - "invalid PPR request"
Add support for logging this type of event.
Signed-off-by: Gary R Hook
~
~
~
---
drivers/iommu/amd_iommu.c | 10 +-
drivers/iommu/amd_iommu_types.h |1 +
2 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/drivers/iommu/amd_iommu.c b/drivers/iommu/amd_iommu.c
index a557565d4413..009c6d801fae 100644
--- a/drivers/iommu/amd_iommu.c
+++ b/drivers/iommu/amd_iommu.c
@@ -544,7 +544,7 @@ static void amd_iommu_report_page_fault(u16 devid, u16
domain_id,
static void iommu_print_event(struct amd_iommu *iommu, void *__evt)
{
struct device *dev = iommu->iommu.dev;
- int type, devid, pasid, flags;
+ int type, devid, pasid, flags, tag;
volatile u32 *event = __evt;
int count = 0;
u64 address;
@@ -609,6 +609,14 @@ static void iommu_print_event(struct amd_iommu *iommu,
void *__evt)
PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
pasid, address, flags);
break;
+ case EVENT_TYPE_INV_PPR_REQ:
+ pasid = ((event[0] >> 16) & 0x)
+ | ((event[1] << 6) & 0xF);
+ tag = event[1] & 0x03FF;
+ dev_err(dev, "INVALID_PPR_REQUEST device=%02x:%02x.%x
pasid=0x%05x address=0x%016llx flags=0x%04x]\n",
+ PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
+ pasid, address, flags);
+ break;
default:
dev_err(dev, "UNKNOWN event[0]=0x%08x event[1]=0x%08x
event[2]=0x%08x event[3]=0x%08x\n",
event[0], event[1], event[2], event[3]);
diff --git a/drivers/iommu/amd_iommu_types.h b/drivers/iommu/amd_iommu_types.h
index 1c9b080276c9..986cbe0cc189 100644
--- a/drivers/iommu/amd_iommu_types.h
+++ b/drivers/iommu/amd_iommu_types.h
@@ -133,6 +133,7 @@
#define EVENT_TYPE_CMD_HARD_ERR0x6
#define EVENT_TYPE_IOTLB_INV_TO0x7
#define EVENT_TYPE_INV_DEV_REQ 0x8
+#define EVENT_TYPE_INV_PPR_REQ 0x9
#define EVENT_DEVID_MASK 0x
#define EVENT_DEVID_SHIFT 0
#define EVENT_DOMID_MASK 0x
[PATCH 0/2] Tweak AMD IOMMU logging
Update the AMD IOMMU log messages to be more precise, and add a log message for a new event type. --- Gary R Hook (2): iommu/amd - Update the PASID information printed to the system log iommu/amd - Update logging information for new event type drivers/iommu/amd_iommu.c | 39 +-- drivers/iommu/amd_iommu_types.h |1 + 2 files changed, 22 insertions(+), 18 deletions(-) --
[PATCH 1/2] iommu/amd - Update the PASID information printed to the system log
Provide detailed data for each event, as appropriate.
Signed-off-by: Gary R Hook
---
drivers/iommu/amd_iommu.c | 31 +--
1 file changed, 13 insertions(+), 18 deletions(-)
diff --git a/drivers/iommu/amd_iommu.c b/drivers/iommu/amd_iommu.c
index 8c469b51185f..a557565d4413 100644
--- a/drivers/iommu/amd_iommu.c
+++ b/drivers/iommu/amd_iommu.c
@@ -544,7 +544,7 @@ static void amd_iommu_report_page_fault(u16 devid, u16
domain_id,
static void iommu_print_event(struct amd_iommu *iommu, void *__evt)
{
struct device *dev = iommu->iommu.dev;
- int type, devid, domid, flags;
+ int type, devid, pasid, flags;
volatile u32 *event = __evt;
int count = 0;
u64 address;
@@ -552,7 +552,7 @@ static void iommu_print_event(struct amd_iommu *iommu, void
*__evt)
retry:
type= (event[1] >> EVENT_TYPE_SHIFT) & EVENT_TYPE_MASK;
devid = (event[0] >> EVENT_DEVID_SHIFT) & EVENT_DEVID_MASK;
- domid = (event[1] >> EVENT_DOMID_SHIFT) & EVENT_DOMID_MASK;
+ pasid = PPR_PASID(*(u64 *)&event[0]);
flags = (event[1] >> EVENT_FLAGS_SHIFT) & EVENT_FLAGS_MASK;
address = (u64)(((u64)event[3]) << 32) | event[2];
@@ -567,7 +567,7 @@ static void iommu_print_event(struct amd_iommu *iommu, void
*__evt)
}
if (type == EVENT_TYPE_IO_FAULT) {
- amd_iommu_report_page_fault(devid, domid, address, flags);
+ amd_iommu_report_page_fault(devid, pasid, address, flags);
return;
} else {
dev_err(dev, "AMD-Vi: Event logged [");
@@ -575,10 +575,9 @@ static void iommu_print_event(struct amd_iommu *iommu,
void *__evt)
switch (type) {
case EVENT_TYPE_ILL_DEV:
- dev_err(dev, "ILLEGAL_DEV_TABLE_ENTRY device=%02x:%02x.%x "
- "address=0x%016llx flags=0x%04x]\n",
+ dev_err(dev, "ILLEGAL_DEV_TABLE_ENTRY device=%02x:%02x.%x
pasid=0x%05x address=0x%016llx flags=0x%04x]\n",
PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
- address, flags);
+ pasid, address, flags);
dump_dte_entry(devid);
break;
case EVENT_TYPE_DEV_TAB_ERR:
@@ -588,34 +587,30 @@ static void iommu_print_event(struct amd_iommu *iommu,
void *__evt)
address, flags);
break;
case EVENT_TYPE_PAGE_TAB_ERR:
- dev_err(dev, "PAGE_TAB_HARDWARE_ERROR device=%02x:%02x.%x "
- "domain=0x%04x address=0x%016llx flags=0x%04x]\n",
+ dev_err(dev, "PAGE_TAB_HARDWARE_ERROR device=%02x:%02x.%x
domain=0x%04x address=0x%016llx flags=0x%04x]\n",
PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
- domid, address, flags);
+ pasid, address, flags);
break;
case EVENT_TYPE_ILL_CMD:
dev_err(dev, "ILLEGAL_COMMAND_ERROR address=0x%016llx]\n",
address);
dump_command(address);
break;
case EVENT_TYPE_CMD_HARD_ERR:
- dev_err(dev, "COMMAND_HARDWARE_ERROR address=0x%016llx "
- "flags=0x%04x]\n", address, flags);
+ dev_err(dev, "COMMAND_HARDWARE_ERROR address=0x%016llx
flags=0x%04x]\n",
+ address, flags);
break;
case EVENT_TYPE_IOTLB_INV_TO:
- dev_err(dev, "IOTLB_INV_TIMEOUT device=%02x:%02x.%x "
- "address=0x%016llx]\n",
+ dev_err(dev, "IOTLB_INV_TIMEOUT device=%02x:%02x.%x
address=0x%016llx]\n",
PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
address);
break;
case EVENT_TYPE_INV_DEV_REQ:
- dev_err(dev, "INVALID_DEVICE_REQUEST device=%02x:%02x.%x "
- "address=0x%016llx flags=0x%04x]\n",
+ dev_err(dev, "INVALID_DEVICE_REQUEST device=%02x:%02x.%x
pasid=0x%05x address=0x%016llx flags=0x%04x]\n",
PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
- address, flags);
+ pasid, address, flags);
break;
default:
- dev_err(dev, KERN_ERR "UNKNOWN event[0]=0x%08x event[1]=0x%08x "
- "event[2]=0x%08x event[3]=0x%08x\n",
+ dev_err(dev, "UNKNOWN event[0]=0x%08x event[1]=0x%08x
event[2]=0x%08x event[3]=0x%08x\n",
event[0], event[1], event[2], event[3]);
}
Re: [PATCH v7 1/2] iommu - Enable debugfs exposure of IOMMU driver internals
On 05/24/2018 04:18 AM, Greg KH wrote:
On Mon, May 14, 2018 at 12:20:20PM -0500, Gary R Hook wrote:
Provide base enablement for using debugfs to expose internal data of an
IOMMU driver. When called, create the /sys/kernel/debug/iommu directory.
Emit a strong warning at boot time to indicate that this feature is
enabled.
This function is called from iommu_init, and creates the initial DebugFS
directory. Drivers may then call iommu_debugfs_new_driver_dir() to
instantiate a device-specific directory to expose internal data.
It will return a pointer to the new dentry structure created in
/sys/kernel/debug/iommu, or NULL in the event of a failure.
Since the IOMMU driver can not be removed from the running system, there
is no need for an "off" function.
Signed-off-by: Gary R Hook
---
drivers/iommu/Kconfig | 10 ++
drivers/iommu/Makefile|1 +
drivers/iommu/iommu-debugfs.c | 72 +
drivers/iommu/iommu.c |2 +
include/linux/iommu.h | 11 ++
5 files changed, 96 insertions(+)
create mode 100644 drivers/iommu/iommu-debugfs.c
diff --git a/drivers/iommu/Kconfig b/drivers/iommu/Kconfig
index f3a21343e636..2eab6a849a0a 100644
--- a/drivers/iommu/Kconfig
+++ b/drivers/iommu/Kconfig
@@ -60,6 +60,16 @@ config IOMMU_IO_PGTABLE_ARMV7S_SELFTEST
endmenu
+config IOMMU_DEBUGFS
+ bool "Export IOMMU internals in DebugFS"
+ depends on DEBUG_FS
+ help
+ Allows exposure of IOMMU device internals. This option enables
+ the use of debugfs by IOMMU drivers as required. Devices can,
+ at initialization time, cause the IOMMU code to create a top-level
+ debug/iommu directory, and then populate a subdirectory with
+ entries as required.
You need a big "DO NOT ENABLE THIS OPTION UNLESS YOU REALLY REALLY KNOW
WHAT YOU ARE DOING!!!" line here. To match up with your crazy kernel
log warning.
Otherwise distros will turn this on, I guarantee it.
Apologies for not seeing this. Notes from Greg have been going to junk
mail >:-(
I will add this text to the Kconfig item.
+
config IOMMU_IOVA
tristate
diff --git a/drivers/iommu/Makefile b/drivers/iommu/Makefile
index 1fb695854809..74cfbc392862 100644
--- a/drivers/iommu/Makefile
+++ b/drivers/iommu/Makefile
@@ -2,6 +2,7 @@
obj-$(CONFIG_IOMMU_API) += iommu.o
obj-$(CONFIG_IOMMU_API) += iommu-traces.o
obj-$(CONFIG_IOMMU_API) += iommu-sysfs.o
+obj-$(CONFIG_IOMMU_DEBUGFS) += iommu-debugfs.o
obj-$(CONFIG_IOMMU_DMA) += dma-iommu.o
obj-$(CONFIG_IOMMU_IO_PGTABLE) += io-pgtable.o
obj-$(CONFIG_IOMMU_IO_PGTABLE_ARMV7S) += io-pgtable-arm-v7s.o
diff --git a/drivers/iommu/iommu-debugfs.c b/drivers/iommu/iommu-debugfs.c
new file mode 100644
index ..bb1bf2d0ac51
--- /dev/null
+++ b/drivers/iommu/iommu-debugfs.c
@@ -0,0 +1,72 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * IOMMU debugfs core infrastructure
+ *
+ * Copyright (C) 2018 Advanced Micro Devices, Inc.
+ *
+ * Author: Gary R Hook
+ */
+
+#include
+#include
+#include
+
+static struct dentry *iommu_debugfs_dir;
+
+/**
+ * iommu_debugfs_setup - create the top-level iommu directory in debugfs
+ *
+ * Provide base enablement for using debugfs to expose internal data of an
+ * IOMMU driver. When called, this function creates the
+ * /sys/kernel/debug/iommu directory.
+ *
+ * Emit a strong warning at boot time to indicate that this feature is
+ * enabled.
+ *
+ * This function is called from iommu_init; drivers may then call
+ * iommu_debugfs_new_driver_dir() to instantiate a vendor-specific
+ * directory to be used to expose internal data.
+ */
+void iommu_debugfs_setup(void)
+{
+ if (!iommu_debugfs_dir) {
+ iommu_debugfs_dir = debugfs_create_dir("iommu", NULL);
+ if (iommu_debugfs_dir) {
No need to care about the return value, just keep going. Nothing you
should, or should not, do depending on the return value of a debugfs
call.
Sorry. Some habits are hard to break. It just seemed that if there's no
iommu debugfs directory, nothing else needed to be done. But plowing
ahead works for me. Thank you.
+ pr_warn("\n");
+
pr_warn("*\n");
+ pr_warn("** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE
NOTICE**\n");
+ pr_warn("**
**\n");
+ pr_warn("** IOMMU DebugFS SUPPORT HAS BEEN ENABLED IN THIS
KERNEL **\n");
+ pr_warn("**
**\n");
+ pr_warn("** This means that this kernel is built to expose
internal **\n");
+ pr_war
Re: [PATCH] x86/mm/mem_encrypt: Disable all instrumentation for SME early boot code
On 4/4/19 3:42 PM, Thomas Gleixner wrote: > On Thu, 4 Apr 2019, Hook, Gary wrote: > >> Enablement of AMD's Secure Memory Encryption feature is determined >> very early in the boot cycle. Part of this procedure involves scanning >> the command line for the paramater 'mem_encrypt'. >> >> To determine intended state, the function sme_enable() uses library >> functions cmdline_find_option() and strncmp(). Their use occurs early >> enough such that we can't assume that any instrumentation subsystem is >> initialized. For example, making calls to a KASAN-instrumented >> function before KASAN is set up will likely result in the use of >> uninitialized memory and a boot failure. >> >> Avoid instrumenting these dependent functions by: >> >> 1) Making a local, static, renamed copy of strncpy() for use solely in >> mem_encrypt_identity.c. In this file we are able to vet its few uses >> and avoid exposing the rest of the kernel to a ubiquitously used but >> un-instrumented function. >> >> 2) Disable instrumention of arch/x86/lib/cmdline.c based on the >> assumption that the needed function (cmdline_find_option()) is vetted >> through its use to date, and contains no lurking flaws that have not >> yet been found through instrumentation such as KASAN. > > Not happy about that :) My reasoning (not arguing): the file has been touched exactly one time in 4 years, by Thomas. Doesn't appear to be a candidate for constant modification, so this approach doesn't seem risky to me. I could be wrong. >> +# SME early boot code checks the cmdline, so don't instrument >> +KCOV_INSTRUMENT_cmdline.o := n >> + >> +KASAN_SANITIZE_cmdline.o := n > > If we can't come up with a better solution then this needs to depend on > CONFIG_MEM_ENCRYPT so we still can run KASAN on cmdline.c to catch crap > when the code is modified in the future. We have considered this problem, and see no alternative solution. But I would love to come up with one. In the meantime, I've already created a v2 patch that fulfills your request. I'll wait a few more days for comments before posting.
Re: [PATCH] x86/mm/mem_encrypt: Disable all instrumentation for SME early boot code
On 4/8/19 11:58 AM, Borislav Petkov wrote: > On Mon, Apr 08, 2019 at 04:46:31PM +0000, Gary R Hook wrote: >> My reasoning (not arguing): the file has been touched exactly one time >> in 4 years, by Thomas. Doesn't appear to be a candidate for constant >> modification, so this approach doesn't seem risky to me. I could be wrong. > > The problem, like we discussed it with Tom offlist, is that you simply > cannot turn off instrumentation for those generic files just because SME > has trouble with them, and that last thing can be any vendor-specific > feature. Again, not arguing. I completely understand. However, to be fair, this isn't about SME having trouble with those facilities, this is about using certain features (e.g. command line option processing) early in the boot. Any complex feature could have had that requirement, don't you think? > Even if the functions there are "trivial" now (doesn't mean new stuff > won't be added there in the future and we forget about the disabled > instrumentation here.) Absolutely agree. Recognizing that things can be forgotten has weighed heavily on me in light of this. I don't like that possibility at all. > We simply cannot constrain generic compilation units like that. So the > functions there either need to be copied or ifdeffed. At the time SME > was going in, the intention was to reuse code so that there is less > duplication. But if there's trouble doing that sharing, then we need to > "unshare" it again. Or come up with something else slick and clean. Right. My goal was to get a conversation started, because folks are running into this problem when KASAN is enabled. N.B. Here's another facet of this problem: cmdline.c doesn't (today) contain anything that would trigger the stack protector. However, it's possible to enable the stack protector globally when building, right? In which case, a boot would fail, so we have the same issue: early boot code has special requirements / restrictions. I'm not sure what the "right" solution is, but I appreciate your time and expertise to discuss. And now I have another idea I'm going to go try out. grh
Re: [PATCH] crypto: constify ccp_actions structure
On 05/01/2016 06:52 AM, Julia Lawall wrote:
The ccp_actions structure is never modified, so declare it as const.
Done with the help of Coccinelle.
Signed-off-by: Julia Lawall
Acked-by: Gary Hook
---
drivers/crypto/ccp/ccp-dev-v3.c |2 +-
drivers/crypto/ccp/ccp-dev.h|2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/crypto/ccp/ccp-dev-v3.c b/drivers/crypto/ccp/ccp-dev-v3.c
index 597fc50..d7a7103 100644
--- a/drivers/crypto/ccp/ccp-dev-v3.c
+++ b/drivers/crypto/ccp/ccp-dev-v3.c
@@ -526,7 +526,7 @@ static irqreturn_t ccp_irq_handler(int irq, void *data)
return IRQ_HANDLED;
}
-static struct ccp_actions ccp3_actions = {
+static const struct ccp_actions ccp3_actions = {
.perform_aes = ccp_perform_aes,
.perform_xts_aes = ccp_perform_xts_aes,
.perform_sha = ccp_perform_sha,
diff --git a/drivers/crypto/ccp/ccp-dev.h b/drivers/crypto/ccp/ccp-dev.h
index 5d986c9..bd41ffce 100644
--- a/drivers/crypto/ccp/ccp-dev.h
+++ b/drivers/crypto/ccp/ccp-dev.h
@@ -162,7 +162,7 @@ struct ccp_actions {
/* Structure to hold CCP version-specific values */
struct ccp_vdata {
unsigned int version;
- struct ccp_actions *perform;
+ const struct ccp_actions *perform;
};
extern struct ccp_vdata ccpv3;
Re: [patch v2] crypto: ccp - Fix SEV_VERSION_GREATER_OR_EQUAL
On 7/15/19 12:03 PM, Lendacky, Thomas wrote:
> On 7/12/19 3:41 PM, David Rientjes wrote:
>> SEV_VERSION_GREATER_OR_EQUAL() will fail if upgrading from 2.2 to 3.1, for
>> example, because the minor version is not equal to or greater than the
>> major.
>>
>> Fix this and move to a static inline function for appropriate type
>> checking.
>>
>> Fixes: edd303ff0e9e ("crypto: ccp - Add DOWNLOAD_FIRMWARE SEV command")
>> Reported-by: Cfir Cohen
>> Signed-off-by: David Rientjes
>
> Acked-by: Tom Lendacky
Acked-by: Gary R Hook
>
>> ---
>> v2: no need to check api_major >= maj after checking api_major > maj
>> per Thomas
>>
>> drivers/crypto/ccp/psp-dev.c | 19 ---
>> 1 file changed, 12 insertions(+), 7 deletions(-)
>>
>> diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c
>> --- a/drivers/crypto/ccp/psp-dev.c
>> +++ b/drivers/crypto/ccp/psp-dev.c
>> @@ -24,10 +24,6 @@
>> #include "sp-dev.h"
>> #include "psp-dev.h"
>>
>> -#define SEV_VERSION_GREATER_OR_EQUAL(_maj, _min)\
>> -((psp_master->api_major) >= _maj && \
>> - (psp_master->api_minor) >= _min)
>> -
>> #define DEVICE_NAME"sev"
>> #define SEV_FW_FILE"amd/sev.fw"
>> #define SEV_FW_NAME_SIZE 64
>> @@ -47,6 +43,15 @@ MODULE_PARM_DESC(psp_probe_timeout, " default timeout
>> value, in seconds, during
>> static bool psp_dead;
>> static int psp_timeout;
>>
>> +static inline bool sev_version_greater_or_equal(u8 maj, u8 min)
>> +{
>> +if (psp_master->api_major > maj)
>> +return true;
>> +if (psp_master->api_major == maj && psp_master->api_minor >= min)
>> +return true;
>> +return false;
>> +}
>> +
>> static struct psp_device *psp_alloc_struct(struct sp_device *sp)
>> {
>> struct device *dev = sp->dev;
>> @@ -588,7 +593,7 @@ static int sev_ioctl_do_get_id2(struct sev_issue_cmd
>> *argp)
>> int ret;
>>
>> /* SEV GET_ID is available from SEV API v0.16 and up */
>> -if (!SEV_VERSION_GREATER_OR_EQUAL(0, 16))
>> +if (!sev_version_greater_or_equal(0, 16))
>> return -ENOTSUPP;
>>
>> if (copy_from_user(&input, (void __user *)argp->data, sizeof(input)))
>> @@ -651,7 +656,7 @@ static int sev_ioctl_do_get_id(struct sev_issue_cmd
>> *argp)
>> int ret;
>>
>> /* SEV GET_ID available from SEV API v0.16 and up */
>> -if (!SEV_VERSION_GREATER_OR_EQUAL(0, 16))
>> +if (!sev_version_greater_or_equal(0, 16))
>> return -ENOTSUPP;
>>
>> /* SEV FW expects the buffer it fills with the ID to be
>> @@ -1053,7 +1058,7 @@ void psp_pci_init(void)
>> psp_master->sev_state = SEV_STATE_UNINIT;
>> }
>>
>> -if (SEV_VERSION_GREATER_OR_EQUAL(0, 15) &&
>> +if (sev_version_greater_or_equal(0, 15) &&
>> sev_update_firmware(psp_master->dev) == 0)
>> sev_get_api_version();
>>
>>
Re: [PATCH 6/7] crypto: ccp: no need to check return value of debugfs_create functions
On 1/22/19 9:14 AM, Greg Kroah-Hartman wrote:
> When calling debugfs functions, there is no need to ever check the
> return value. The function can work or not, but the code logic should
> never do something different based on this.
Stupid question(s) time.
If we don't care about failures (because the subsystem handles them
without our involvement) why do these functions even have return values?
Why haven't they been changed to void so that they reflect the current
style of intended use?
I realize I'm old fashioned, but if a failure occurs, I've always been
of a mind to kick out and not try to do any further work. But debugfs is
to be treated as an exception to that paradigm? Carry on, ignore errors,
don't worry about it?
That said,
Acked-by: Gary R Hook
>
> Cc: Tom Lendacky
> Cc: Gary Hook
> Cc: Herbert Xu
> Cc: "David S. Miller"
> Cc: linux-cry...@vger.kernel.org
> Signed-off-by: Greg Kroah-Hartman
> ---
> drivers/crypto/ccp/ccp-debugfs.c | 36 +++-
> 1 file changed, 7 insertions(+), 29 deletions(-)
>
> diff --git a/drivers/crypto/ccp/ccp-debugfs.c
> b/drivers/crypto/ccp/ccp-debugfs.c
> index 1a734bd2070a..4bd26af7098d 100644
> --- a/drivers/crypto/ccp/ccp-debugfs.c
> +++ b/drivers/crypto/ccp/ccp-debugfs.c
> @@ -286,10 +286,7 @@ void ccp5_debugfs_setup(struct ccp_device *ccp)
> {
> struct ccp_cmd_queue *cmd_q;
> char name[MAX_NAME_LEN + 1];
> - struct dentry *debugfs_info;
> - struct dentry *debugfs_stats;
> struct dentry *debugfs_q_instance;
> - struct dentry *debugfs_q_stats;
> int i;
>
> if (!debugfs_initialized())
> @@ -299,24 +296,14 @@ void ccp5_debugfs_setup(struct ccp_device *ccp)
> if (!ccp_debugfs_dir)
> ccp_debugfs_dir = debugfs_create_dir(KBUILD_MODNAME, NULL);
> mutex_unlock(&ccp_debugfs_lock);
> - if (!ccp_debugfs_dir)
> - return;
>
> ccp->debugfs_instance = debugfs_create_dir(ccp->name, ccp_debugfs_dir);
> - if (!ccp->debugfs_instance)
> - goto err;
>
> - debugfs_info = debugfs_create_file("info", 0400,
> -ccp->debugfs_instance, ccp,
> -&ccp_debugfs_info_ops);
> - if (!debugfs_info)
> - goto err;
> + debugfs_create_file("info", 0400, ccp->debugfs_instance, ccp,
> + &ccp_debugfs_info_ops);
>
> - debugfs_stats = debugfs_create_file("stats", 0600,
> - ccp->debugfs_instance, ccp,
> - &ccp_debugfs_stats_ops);
> - if (!debugfs_stats)
> - goto err;
> + debugfs_create_file("stats", 0600, ccp->debugfs_instance, ccp,
> + &ccp_debugfs_stats_ops);
>
> for (i = 0; i < ccp->cmd_q_count; i++) {
> cmd_q = &ccp->cmd_q[i];
> @@ -325,21 +312,12 @@ void ccp5_debugfs_setup(struct ccp_device *ccp)
>
> debugfs_q_instance =
> debugfs_create_dir(name, ccp->debugfs_instance);
> - if (!debugfs_q_instance)
> - goto err;
> -
> - debugfs_q_stats =
> - debugfs_create_file("stats", 0600,
> - debugfs_q_instance, cmd_q,
> - &ccp_debugfs_queue_ops);
> - if (!debugfs_q_stats)
> - goto err;
> +
> + debugfs_create_file("stats", 0600, debugfs_q_instance, cmd_q,
> + &ccp_debugfs_queue_ops);
> }
>
> return;
> -
> -err:
> - debugfs_remove_recursive(ccp->debugfs_instance);
> }
>
> void ccp5_debugfs_destroy(void)
>
Re: [PATCH] x86/mm/mem_encrypt: Disable all instrumentation for SME early boot code
On 4/8/19 2:08 PM, Borislav Petkov wrote:On 5/8/19 2:08 PM, Borislav Petkov wrote:> On Mon, Apr 08, 2019 at 06:41:30PM +0000, Gary R Hook wrote: >> Again, not arguing. I completely understand. However, to be fair, this >> isn't about SME having trouble with those facilities, this is about >> using certain features (e.g. command line option processing) early in >> the boot. Any complex feature could have had that requirement, don't you >> think? > > Sure, but then why do we need that patch at all then? Why do we need to > disable instrumentation for SME early code and not for other early code? > > I mean, if you grep around the tree you can see a bunch of > KASAN_SANITIZE but in lib/ we only have > > lib/Makefile:210:KASAN_SANITIZE_stackdepot.o := n > > which is special. But the rest of the generic code in lib/ or > arch/x86/lib/ isn't. > > Now, there's this: > > arch/x86/boot/Makefile:12:KASAN_SANITIZE:= n > arch/x86/boot/compressed/Makefile:20:KASAN_SANITIZE := n > > which disables KASAN for all boot code. > > And this is what you mean - all early boot code should not be sanitized. > > Which also gives the right solution, IMO: > > cmdline.o should not be sanitized only when used in the boot code. But > that is already the case. > > So why do you need to disable KASAN for arch/x86/lib/cmdline.c? > > Because for those two: > > arch/x86/boot/cmdline.c > arch/x86/boot/compressed/cmdline.c > > that should already be the case due to the Makefile defines above. Except that we're not talking about that code. I probably should have defined terms, so please allow me to back up. When I say "early boot" I meant what happens -after- decompression, when the kernel proper has been laid out in memory and starts to run. This is -after- the boot code has been executed, which means that the cmdline.c to which you refer above is no longer extant in memory. If my usage of the term "early boot" is a misnomer, I can only apologize. And ask what term is in common use to describe what is happening at that point in time. Since, for this discussion, we're already in start_kernel(), the only cmdline.c available is the one in arch/x86/lib. That's that one that is instrumented by KASAN, and the one that is causing problems in this scenario. The strncmp(), too. >> Right. My goal was to get a conversation started, because folks are >> running into this problem when KASAN is enabled. > > You say KASAN. Why is there KCOV_INSTRUMENT_cmdline.o too? I don't care if KCOV_INSTRUMENT is enabled or not, but it's disabled for arch/x86/mm/mem_encrypt_identity.c, so it seems reasonable that it should be disable for this file, too, in the context of resolving this problem. To be more precise, the change is for "instrumentation", in general. >> N.B. Here's another facet of this problem: cmdline.c doesn't (today) >> contain anything that would trigger the stack protector. However, it's >> possible to enable the stack protector globally when building, right? In >> which case, a boot would fail, so we have the same issue: early boot >> code has special requirements / restrictions. > > How so? Makefile contains stackp-flags-$(CONFIG_STACKPROTECTOR) := -fstack-protector stackp-flags-$(CONFIG_STACKPROTECTOR_STRONG) := -fstack-protector-strong This means that (as I understand it) stack protection is decided by the compiler, and is based on certain conditions in the code. This implies that not every function will necessarily be instrumented. However, if you decide to force the issue with something like stackp-flags-$(CONFIG_STACKPROTECTOR) := -fstack-protector-full stackp-flags-$(CONFIG_STACKPROTECTOR_STRONG) := -fstack-protector-all Unless otherwise disabled, I believe this causes everything to be instrumented. Which results in a boot failure. (Actually, in my tests the system restarts after the decompression.) Note that intrumentation such as KASAN isn't involved here. And I figure that doing this is unsupported. It was just an interesting discovery. However, not relevant to the KASAN instrumentation problem. Recap: mem_encrypt_identity.c uses two common functions. The code in mem_encrypt_identity.c runs soon after start_kernel() is invoked. The SME feature command line parameter is searched for, and uses those two common functions. If instrumentation is enabled, it is applied to those to common functions (but not mem_encrypt_identity.c). But if support infrastructure for instrumentation is not initialized before the code in mem_encrypt_identity is invoked, the kernel fails to boot. A
Re: [PATCH] x86/mm/mem_encrypt: Disable all instrumentation for SME early boot code
On 4/26/19 11:24 AM, Borislav Petkov wrote: > On Fri, Apr 26, 2019 at 03:11:17PM +0000, Gary R Hook wrote: >> 2) Turn off instrumentation for lib/cmdline.c. The risk is that any >> changes to its code would not enjoy the benefits of KASAN/etc testing >> (if enabled). > > What happened to Thomas' suggestion to turn off instrumentation for > those files only when CONFIG_AMD_MEM_ENCRYPT=y? > > Which is a variant of 2) above with ifdeffery. > Ah, very good. That one escaped my list. Yes, option 4 would be a combination of using a local copy of strncmp() and disabling instrumentation (KASAN, KCOV, whatever) for arch/x86/lib/cmdline.c when SME is enabled. I have any/all of these ready to repost as a version 2 offering. What say you? grh
Re: [PATCH] x86/mm/mem_encrypt: Disable all instrumentation for SME early boot code
On 4/29/19 3:51 PM, Borislav Petkov wrote: > [CAUTION: External Email] > > On Mon, Apr 29, 2019 at 08:16:07PM +0000, Gary R Hook wrote: >> Yes, option 4 would be a combination of using a local copy of strncmp() > > Why the local copy? Seemed suitable, since it's tiny. But I'm not married to the idea. > >> and disabling instrumentation (KASAN, KCOV, whatever) for >> arch/x86/lib/cmdline.c when SME is enabled. > > I think this should suffice. You only disable instrumentation when > CONFIG_AMD_MEM_ENCRYPT=y and not do any local copies but use the generic > functions. Okay, super. I'll post a v2 that does that. Do we want to document the subordinate functions in their respective source files so that a future editor would (hopefully) be made aware of this use? grh
Re: [PATCH] iommu: Fix IOMMU debugfs fallout
On 2/20/19 7:05 AM, Geert Uytterhoeven wrote:
> A change made in the final version of IOMMU debugfs support replaced the
> public function iommu_debugfs_new_driver_dir() by the public dentry
> iommu_debugfs_dir in , but forgot to update both the
> implementation in iommu-debugfs.c, and the patch description.
>
> Fix this by exporting iommu_debugfs_dir, and removing the reference to
> and implementation of iommu_debugfs_new_driver_dir().
>
> Fixes: bad614b24293ae46 ("iommu: Enable debugfs exposure of IOMMU driver
> internals")
> Signed-off-by: Geert Uytterhoeven
Acked-by: Gary R Hook
> ---
> drivers/iommu/iommu-debugfs.c | 23 ---
> 1 file changed, 4 insertions(+), 19 deletions(-)
>
> diff --git a/drivers/iommu/iommu-debugfs.c b/drivers/iommu/iommu-debugfs.c
> index 3b1bf88fd1b0494a..f0354894209648fd 100644
> --- a/drivers/iommu/iommu-debugfs.c
> +++ b/drivers/iommu/iommu-debugfs.c
> @@ -12,6 +12,7 @@
> #include
>
> struct dentry *iommu_debugfs_dir;
> +EXPORT_SYMBOL_GPL(iommu_debugfs_dir);
>
> /**
>* iommu_debugfs_setup - create the top-level iommu directory in debugfs
> @@ -23,9 +24,9 @@ struct dentry *iommu_debugfs_dir;
>* Emit a strong warning at boot time to indicate that this feature is
>* enabled.
>*
> - * This function is called from iommu_init; drivers may then call
> - * iommu_debugfs_new_driver_dir() to instantiate a vendor-specific
> - * directory to be used to expose internal data.
> + * This function is called from iommu_init; drivers may then use
> + * iommu_debugfs_dir to instantiate a vendor-specific directory to be used
> + * to expose internal data.
>*/
> void iommu_debugfs_setup(void)
> {
> @@ -48,19 +49,3 @@ void iommu_debugfs_setup(void)
>
> pr_warn("*\n");
> }
> }
> -
> -/**
> - * iommu_debugfs_new_driver_dir - create a vendor directory under
> debugfs/iommu
> - * @vendor: name of the vendor-specific subdirectory to create
> - *
> - * This function is called by an IOMMU driver to create the top-level debugfs
> - * directory for that driver.
> - *
> - * Return: upon success, a pointer to the dentry for the new directory.
> - * NULL in case of failure.
> - */
> -struct dentry *iommu_debugfs_new_driver_dir(const char *vendor)
> -{
> - return debugfs_create_dir(vendor, iommu_debugfs_dir);
> -}
> -EXPORT_SYMBOL_GPL(iommu_debugfs_new_driver_dir);
>
Re: [PATCH] crypto: ccp: Remove forward declaration
On 09/24/2018 04:44 PM, Nick Desaulniers wrote:
> On Mon, Sep 24, 2018 at 2:27 PM Gary R Hook wrote:
>>
>> On 09/24/2018 03:24 PM, Nick Desaulniers wrote:
>>> On Mon, Sep 24, 2018 at 12:18 PM Gary R Hook wrote:
>>>>
>>>> On 09/24/2018 12:26 PM, Nathan Chancellor wrote:
>>>>> Clang emits a warning about this construct:
>>>>>
>>>>> drivers/crypto/ccp/sp-platform.c:36:36: warning: tentative array
>>>>> definition assumed to have one element
>>>>> static const struct acpi_device_id sp_acpi_match[];
>>>>> ^
>>>>> 1 warning generated.
>>>>>
>>>>> Just remove the forward declarations and move the initializations up
>>>>> so that they can be used in sp_get_of_version and sp_get_acpi_version.
>>>>
>>>> I'm not going to out and out object to this just yet.
>>>
>>> Tentative array definitions need to have the correct length specified;
>>> it should either be forward declared as the correct length, or as this
>>> patch does, skip the forward declare and move up the definition.
>>> Thanks for this patch Nathan.
>>> Reviewed-by: Nick Desaulniers
>>
>>
>> Checked my C99, and using both static and [] to create a declaration
>
> Note that the kernel uses gnu89, which is ISO C90 + gnu extensions (IIUC).
I understand that (and appreciate that ubiquitousness of the dialect)
but in this case it sounds like we are interested in the widest possible
compatibility. Which makes the original patch problematic, and the fix
suggested herein suitable.
>
>> (because it's really a definition) apparently isn't valid. I should have
>> known that. Since I'm old school...
>>
>> Acked-by: Gary R Hook
>>
>>
>>>
>>>>
>>>> I am not a clang expert. Can you please provide a make command that
>>>> would explain how you precipitated this complaint?
>>>>
>>>>
>>>>> Reported-by: Nick Desaulniers
>>>>> Signed-off-by: Nathan Chancellor
>>>>> ---
>>>>> drivers/crypto/ccp/sp-platform.c | 53 +++-
>>>>> 1 file changed, 25 insertions(+), 28 deletions(-)
>>>>>
>>>>> diff --git a/drivers/crypto/ccp/sp-platform.c
>>>>> b/drivers/crypto/ccp/sp-platform.c
>>>>> index 71734f254fd1..b75dc7db2d4a 100644
>>>>> --- a/drivers/crypto/ccp/sp-platform.c
>>>>> +++ b/drivers/crypto/ccp/sp-platform.c
>>>>> @@ -33,8 +33,31 @@ struct sp_platform {
>>>>> unsigned int irq_count;
>>>>> };
>>>>>
>>>>> -static const struct acpi_device_id sp_acpi_match[];
>>>>> -static const struct of_device_id sp_of_match[];
>>>>> +static const struct sp_dev_vdata dev_vdata[] = {
>>>>> + {
>>>>> + .bar = 0,
>>>>> +#ifdef CONFIG_CRYPTO_DEV_SP_CCP
>>>>> + .ccp_vdata = &ccpv3_platform,
>>>>> +#endif
>>>>> + },
>>>>> +};
>>>>> +
>>>>> +#ifdef CONFIG_ACPI
>>>>> +static const struct acpi_device_id sp_acpi_match[] = {
>>>>> + { "AMDI0C00", (kernel_ulong_t)&dev_vdata[0] },
>>>>> + { },
>>>>> +};
>>>>> +MODULE_DEVICE_TABLE(acpi, sp_acpi_match);
>>>>> +#endif
>>>>> +
>>>>> +#ifdef CONFIG_OF
>>>>> +static const struct of_device_id sp_of_match[] = {
>>>>> + { .compatible = "amd,ccp-seattle-v1a",
>>>>> + .data = (const void *)&dev_vdata[0] },
>>>>> + { },
>>>>> +};
>>>>> +MODULE_DEVICE_TABLE(of, sp_of_match);
>>>>> +#endif
>>>>>
>>>>> static struct sp_dev_vdata *sp_get_of_version(struct platform_device
>>>>> *pdev)
>>>>> {
>>>>> @@ -201,32 +224,6 @@ static int sp_platform_resume(struct platform_device
>>>>> *pdev)
>>>>> }
>>>>> #endif
>>>>>
>>>>> -static const struct sp_dev_vdata dev_vdata[] = {
>>>>> - {
>>>>> - .bar = 0,
>>>>> -#ifdef CONFIG_CRYPTO_DEV_SP_CCP
>>>>> - .ccp_vdata = &ccpv3_platform,
>>>>> -#endif
>>>>> - },
>>>>> -};
>>>>> -
>>>>> -#ifdef CONFIG_ACPI
>>>>> -static const struct acpi_device_id sp_acpi_match[] = {
>>>>> - { "AMDI0C00", (kernel_ulong_t)&dev_vdata[0] },
>>>>> - { },
>>>>> -};
>>>>> -MODULE_DEVICE_TABLE(acpi, sp_acpi_match);
>>>>> -#endif
>>>>> -
>>>>> -#ifdef CONFIG_OF
>>>>> -static const struct of_device_id sp_of_match[] = {
>>>>> - { .compatible = "amd,ccp-seattle-v1a",
>>>>> - .data = (const void *)&dev_vdata[0] },
>>>>> - { },
>>>>> -};
>>>>> -MODULE_DEVICE_TABLE(of, sp_of_match);
>>>>> -#endif
>>>>> -
>>>>> static struct platform_driver sp_platform_driver = {
>>>>> .driver = {
>>>>> .name = "ccp",
>>>>>
>>>>
>>>
>>>
>>
>
>
[PATCH 0/2] Base enablement of IOMMU debugfs support
These patches create a top-level function to create a debugfs directory for the IOMMU, under which drivers may create and populate-specific directories for their device internals. Patch 1: general IOMMU enablement Patch 2: basic AMD enablement to demonstrate linkage with patch 1 Introduce a new Kconfig parameter IOMMU_DEBUG to globally allow or disallow debugfs code to be built. --- Gary R Hook (2): iommu - Enable debugfs exposure of the IOMMU iommu/amd: Add basic debugfs infrastructure for AMD IOMMU drivers/iommu/Kconfig |9 +++ drivers/iommu/Makefile|2 ++ drivers/iommu/amd_iommu_debugfs.c | 47 + drivers/iommu/amd_iommu_init.c|7 -- drivers/iommu/amd_iommu_proto.h |6 + drivers/iommu/amd_iommu_types.h |3 ++ drivers/iommu/iommu-debugfs.c | 32 + include/linux/iommu.h |4 +++ 8 files changed, 108 insertions(+), 2 deletions(-) create mode 100644 drivers/iommu/amd_iommu_debugfs.c create mode 100644 drivers/iommu/iommu-debugfs.c --
[PATCH 1/2] iommu - Enable debugfs exposure of the IOMMU
Provide base enablement for using debugfs to expose internal data of
an IOMMU driver. When enabled, create the /sys/kernel/debug/iommu
directory. Emit a strong warning at boot time to indicate that this
feature is enabled.
Signed-off-by: Gary R Hook
---
drivers/iommu/Kconfig | 11 +++
drivers/iommu/Makefile |2 ++
drivers/iommu/amd_iommu_init.c |2 ++
drivers/iommu/iommu-debugfs.c | 32
include/linux/iommu.h |4
5 files changed, 51 insertions(+)
create mode 100644 drivers/iommu/iommu-debugfs.c
diff --git a/drivers/iommu/Kconfig b/drivers/iommu/Kconfig
index f3a21343e636..c1e39dabfec2 100644
--- a/drivers/iommu/Kconfig
+++ b/drivers/iommu/Kconfig
@@ -60,6 +60,17 @@ config IOMMU_IO_PGTABLE_ARMV7S_SELFTEST
endmenu
+config IOMMU_DEBUG
+ bool "Enable IOMMU internals in DebugFS"
+ depends on DEBUG_FS
+ default n
+ help
+ Allows exposure of IOMMU device internals. This option enables
+ the use of debugfs by IOMMU drivers as required. Devices can,
+ at initialization time, cause the IOMMU code to create a top-level
+ debug/iommu directory, and then populate a subdirectory with
+ entries as required.
+
config IOMMU_IOVA
tristate
diff --git a/drivers/iommu/Makefile b/drivers/iommu/Makefile
index 1fb695854809..5e5c3339681d 100644
--- a/drivers/iommu/Makefile
+++ b/drivers/iommu/Makefile
@@ -2,6 +2,7 @@
obj-$(CONFIG_IOMMU_API) += iommu.o
obj-$(CONFIG_IOMMU_API) += iommu-traces.o
obj-$(CONFIG_IOMMU_API) += iommu-sysfs.o
+obj-$(CONFIG_IOMMU_DEBUG) += iommu-debugfs.o
obj-$(CONFIG_IOMMU_DMA) += dma-iommu.o
obj-$(CONFIG_IOMMU_IO_PGTABLE) += io-pgtable.o
obj-$(CONFIG_IOMMU_IO_PGTABLE_ARMV7S) += io-pgtable-arm-v7s.o
@@ -10,6 +11,7 @@ obj-$(CONFIG_IOMMU_IOVA) += iova.o
obj-$(CONFIG_OF_IOMMU) += of_iommu.o
obj-$(CONFIG_MSM_IOMMU) += msm_iommu.o
obj-$(CONFIG_AMD_IOMMU) += amd_iommu.o amd_iommu_init.o
+obj-$(CONFIG_AMD_IOMMU_DEBUG) += amd_iommu_debugfs.o
obj-$(CONFIG_AMD_IOMMU_V2) += amd_iommu_v2.o
obj-$(CONFIG_ARM_SMMU) += arm-smmu.o
obj-$(CONFIG_ARM_SMMU_V3) += arm-smmu-v3.o
diff --git a/drivers/iommu/amd_iommu_init.c b/drivers/iommu/amd_iommu_init.c
index 6fe2d0346073..99d48c42a12f 100644
--- a/drivers/iommu/amd_iommu_init.c
+++ b/drivers/iommu/amd_iommu_init.c
@@ -2783,6 +2783,8 @@ int __init amd_iommu_detect(void)
iommu_detected = 1;
x86_init.iommu.iommu_init = amd_iommu_init;
+dump_stack();
+
return 1;
}
diff --git a/drivers/iommu/iommu-debugfs.c b/drivers/iommu/iommu-debugfs.c
new file mode 100644
index ..94c9acc63b65
--- /dev/null
+++ b/drivers/iommu/iommu-debugfs.c
@@ -0,0 +1,32 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * AMD IOMMU driver
+ *
+ * Copyright (C) 2018 Advanced Micro Devices, Inc.
+ *
+ * Author: Gary R Hook
+ */
+
+#include
+#include
+#include
+
+static struct dentry *iommu_debugfs_dir;
+
+#defineMAX_NAME_LEN20
+
+/* Return a zero on failure; 1 on successful setup */
+struct dentry *iommu_debugfs_setup(void)
+{
+ if (!debugfs_initialized())
+ return NULL;
+
+ if (!iommu_debugfs_dir)
+ iommu_debugfs_dir = debugfs_create_dir("iommu", NULL);
+
+ if (iommu_debugfs_dir)
+ pr_warn("WARNING: IOMMU DEBUGFS SUPPORT HAS BEEN ENABLED IN
THIS KERNEL\n");
+
+ return iommu_debugfs_dir;
+}
+EXPORT_SYMBOL_GPL(iommu_debugfs_setup);
diff --git a/include/linux/iommu.h b/include/linux/iommu.h
index 41b8c5757859..cb2957dac43b 100644
--- a/include/linux/iommu.h
+++ b/include/linux/iommu.h
@@ -696,6 +696,10 @@ const struct iommu_ops *iommu_ops_from_fwnode(struct
fwnode_handle *fwnode)
return NULL;
}
+#ifdef CONFIG_IOMMU_DEBUG
+struct dentry *iommu_debugfs_setup(void);
+#endif
+
#endif /* CONFIG_IOMMU_API */
#endif /* __LINUX_IOMMU_H */
[PATCH 2/2] iommu/amd: Add basic debugfs infrastructure for AMD IOMMU
Implement a skeleton framework for debugfs support in the
AMD IOMMU.
Signed-off-by: Gary R Hook
---
drivers/iommu/Kconfig |6 ++---
drivers/iommu/Makefile|2 +-
drivers/iommu/amd_iommu_debugfs.c | 47 +
drivers/iommu/amd_iommu_init.c|9 ---
drivers/iommu/amd_iommu_proto.h |6 +
drivers/iommu/amd_iommu_types.h |3 ++
include/linux/iommu.h |8 +++---
7 files changed, 69 insertions(+), 12 deletions(-)
create mode 100644 drivers/iommu/amd_iommu_debugfs.c
diff --git a/drivers/iommu/Kconfig b/drivers/iommu/Kconfig
index d40248446214..8d50151d5bf4 100644
--- a/drivers/iommu/Kconfig
+++ b/drivers/iommu/Kconfig
@@ -65,9 +65,9 @@ config IOMMU_DEBUG
depends on DEBUG_FS
default n
help
- Base enablement for access to any IOMMU device. Allows individual
- drivers to populate debugfs for access to IOMMU registers and
- data structures.
+ Enable exposure of IOMMU device internals. Allow devices to
+ populate debugfs for access to IOMMU registers and data
+ structures.
config IOMMU_IOVA
tristate
diff --git a/drivers/iommu/Makefile b/drivers/iommu/Makefile
index 5e5c3339681d..0ca250f626d9 100644
--- a/drivers/iommu/Makefile
+++ b/drivers/iommu/Makefile
@@ -11,7 +11,7 @@ obj-$(CONFIG_IOMMU_IOVA) += iova.o
obj-$(CONFIG_OF_IOMMU) += of_iommu.o
obj-$(CONFIG_MSM_IOMMU) += msm_iommu.o
obj-$(CONFIG_AMD_IOMMU) += amd_iommu.o amd_iommu_init.o
-obj-$(CONFIG_AMD_IOMMU_DEBUG) += amd_iommu_debugfs.o
+obj-$(CONFIG_IOMMU_DEBUG) += amd_iommu_debugfs.o
obj-$(CONFIG_AMD_IOMMU_V2) += amd_iommu_v2.o
obj-$(CONFIG_ARM_SMMU) += arm-smmu.o
obj-$(CONFIG_ARM_SMMU_V3) += arm-smmu-v3.o
diff --git a/drivers/iommu/amd_iommu_debugfs.c
b/drivers/iommu/amd_iommu_debugfs.c
new file mode 100644
index ..3547ad3339c1
--- /dev/null
+++ b/drivers/iommu/amd_iommu_debugfs.c
@@ -0,0 +1,47 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * AMD IOMMU driver
+ *
+ * Copyright (C) 2018 Advanced Micro Devices, Inc.
+ *
+ * Author: Gary R Hook
+ */
+
+#ifdef CONFIG_IOMMU_DEBUG
+
+#include
+#include
+#include
+#include "amd_iommu_proto.h"
+#include "amd_iommu_types.h"
+
+static struct dentry *iommu_debugfs_dir;
+static DEFINE_RWLOCK(iommu_debugfs_lock);
+
+#defineMAX_NAME_LEN20
+
+void amd_iommu_debugfs_setup(struct amd_iommu *iommu)
+{
+ char name[MAX_NAME_LEN + 1];
+ struct dentry *d_top;
+ unsigned long flags;
+
+ if (!debugfs_initialized())
+ return;
+
+ write_lock_irqsave(&iommu_debugfs_lock, flags);
+ if (!iommu_debugfs_dir && (d_top = iommu_debugfs_setup()))
+ iommu_debugfs_dir = debugfs_create_dir("amd", d_top);
+ write_unlock_irqrestore(&iommu_debugfs_lock, flags);
+ if (iommu_debugfs_dir) {
+ snprintf(name, MAX_NAME_LEN, "iommu%02d", iommu->index);
+ iommu->debugfs_instance = debugfs_create_dir(name,
+iommu_debugfs_dir);
+ if (!iommu->debugfs_instance)
+ debugfs_remove_recursive(iommu_debugfs_dir);
+ }
+
+ return;
+}
+
+#endif
diff --git a/drivers/iommu/amd_iommu_init.c b/drivers/iommu/amd_iommu_init.c
index 99d48c42a12f..43856c7f4ea1 100644
--- a/drivers/iommu/amd_iommu_init.c
+++ b/drivers/iommu/amd_iommu_init.c
@@ -89,6 +89,7 @@
#define ACPI_DEVFLAG_ATSDIS 0x1000
#define LOOP_TIMEOUT 10
+
/*
* ACPI table definitions
*
@@ -2720,6 +2721,7 @@ int __init amd_iommu_enable_faulting(void)
*/
static int __init amd_iommu_init(void)
{
+ struct amd_iommu *iommu;
int ret;
ret = iommu_go_to_state(IOMMU_INITIALIZED);
@@ -2729,14 +2731,15 @@ static int __init amd_iommu_init(void)
disable_iommus();
free_iommu_resources();
} else {
- struct amd_iommu *iommu;
-
uninit_device_table_dma();
for_each_iommu(iommu)
iommu_flush_all_caches(iommu);
}
}
+ for_each_iommu(iommu)
+ amd_iommu_debugfs_setup(iommu);
+
return ret;
}
@@ -2783,8 +2786,6 @@ int __init amd_iommu_detect(void)
iommu_detected = 1;
x86_init.iommu.iommu_init = amd_iommu_init;
-dump_stack();
-
return 1;
}
diff --git a/drivers/iommu/amd_iommu_proto.h b/drivers/iommu/amd_iommu_proto.h
index 640c286a0ab9..e19cebc5c740 100644
--- a/drivers/iommu/amd_iommu_proto.h
+++ b/drivers/iommu/amd_iommu_proto.h
@@ -33,6 +33,12 @@ extern void amd_iommu_uninit_devices(void);
extern void amd_iommu_init_notifier(void);
extern int amd_iommu_init_api(void);
+#ifdef CONFIG_IOMMU_DEBUG
+extern void amd_iommu_d
Re: [PATCH 1/2] iommu - Enable debugfs exposure of the IOMMU
On 03/29/2018 10:57 PM, Tom Lendacky wrote:
On 3/29/2018 5:54 PM, Gary R Hook wrote:
Provide base enablement for using debugfs to expose internal data of
an IOMMU driver. When enabled, create the /sys/kernel/debug/iommu
So this can't actually create anything yet since nothing invokes the
function. Maybe describe how it should be used by other drivers (and
probably include that description as a commment for the function) to
create the directory.
Exactly. Given the approach I took, it takes another patch to take
advantage of this. I can certainly elaborate on usage if we agree that
this framework is acceptable.
directory. Emit a strong warning at boot time to indicate that this
feature is enabled.
Signed-off-by: Gary R Hook
---
drivers/iommu/Kconfig | 11 +++
drivers/iommu/Makefile |2 ++
drivers/iommu/amd_iommu_init.c |2 ++
drivers/iommu/iommu-debugfs.c | 32
include/linux/iommu.h |4
5 files changed, 51 insertions(+)
create mode 100644 drivers/iommu/iommu-debugfs.c
diff --git a/drivers/iommu/Kconfig b/drivers/iommu/Kconfig
index f3a21343e636..c1e39dabfec2 100644
--- a/drivers/iommu/Kconfig
+++ b/drivers/iommu/Kconfig
@@ -60,6 +60,17 @@ config IOMMU_IO_PGTABLE_ARMV7S_SELFTEST
endmenu
+config IOMMU_DEBUG
+ bool "Enable IOMMU internals in DebugFS"
+ depends on DEBUG_FS
+ default n
+ help
+ Allows exposure of IOMMU device internals. This option enables
+ the use of debugfs by IOMMU drivers as required. Devices can,
+ at initialization time, cause the IOMMU code to create a top-level
+ debug/iommu directory, and then populate a subdirectory with
+ entries as required.
+
config IOMMU_IOVA
tristate
diff --git a/drivers/iommu/Makefile b/drivers/iommu/Makefile
index 1fb695854809..5e5c3339681d 100644
--- a/drivers/iommu/Makefile
+++ b/drivers/iommu/Makefile
@@ -2,6 +2,7 @@
obj-$(CONFIG_IOMMU_API) += iommu.o
obj-$(CONFIG_IOMMU_API) += iommu-traces.o
obj-$(CONFIG_IOMMU_API) += iommu-sysfs.o
+obj-$(CONFIG_IOMMU_DEBUG) += iommu-debugfs.o
obj-$(CONFIG_IOMMU_DMA) += dma-iommu.o
obj-$(CONFIG_IOMMU_IO_PGTABLE) += io-pgtable.o
obj-$(CONFIG_IOMMU_IO_PGTABLE_ARMV7S) += io-pgtable-arm-v7s.o
@@ -10,6 +11,7 @@ obj-$(CONFIG_IOMMU_IOVA) += iova.o
obj-$(CONFIG_OF_IOMMU)+= of_iommu.o
obj-$(CONFIG_MSM_IOMMU) += msm_iommu.o
obj-$(CONFIG_AMD_IOMMU) += amd_iommu.o amd_iommu_init.o
+obj-$(CONFIG_AMD_IOMMU_DEBUG) += amd_iommu_debugfs.o
Where is this CONFIG defined?
That, my friend is left-over cruft. Please ignore. Apologies, and thanks.
obj-$(CONFIG_AMD_IOMMU_V2) += amd_iommu_v2.o
obj-$(CONFIG_ARM_SMMU) += arm-smmu.o
obj-$(CONFIG_ARM_SMMU_V3) += arm-smmu-v3.o
diff --git a/drivers/iommu/amd_iommu_init.c b/drivers/iommu/amd_iommu_init.c
index 6fe2d0346073..99d48c42a12f 100644
--- a/drivers/iommu/amd_iommu_init.c
+++ b/drivers/iommu/amd_iommu_init.c
@@ -2783,6 +2783,8 @@ int __init amd_iommu_detect(void)
iommu_detected = 1;
x86_init.iommu.iommu_init = amd_iommu_init;
+dump_stack();
+
This definitely shouldn't be here.
Dang it!
return 1;
}
diff --git a/drivers/iommu/iommu-debugfs.c b/drivers/iommu/iommu-debugfs.c
new file mode 100644
index ..94c9acc63b65
--- /dev/null
+++ b/drivers/iommu/iommu-debugfs.c
@@ -0,0 +1,32 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * AMD IOMMU driver
This isn't the AMD IOMMU driver.
Again: dang it!
+ *
+ * Copyright (C) 2018 Advanced Micro Devices, Inc.
+ *
+ * Author: Gary R Hook
+ */
+
+#include
+#include
+#include
+
+static struct dentry *iommu_debugfs_dir;
+
+#defineMAX_NAME_LEN20
This isn't used anywhere.
Thanks.
+
+/* Return a zero on failure; 1 on successful setup */
Return NULL on failure, pointer to IOMMU debugfs dentry on success.
Roger.
+struct dentry *iommu_debugfs_setup(void)
+{
+ if (!debugfs_initialized())
+ return NULL;
+
+ if (!iommu_debugfs_dir)
+ iommu_debugfs_dir = debugfs_create_dir("iommu", NULL);
+
+ if (iommu_debugfs_dir)
+ pr_warn("WARNING: IOMMU DEBUGFS SUPPORT HAS BEEN ENABLED IN THIS
KERNEL\n");
+
+ return iommu_debugfs_dir;
+}
+EXPORT_SYMBOL_GPL(iommu_debugfs_setup);
diff --git a/include/linux/iommu.h b/include/linux/iommu.h
index 41b8c5757859..cb2957dac43b 100644
--- a/include/linux/iommu.h
+++ b/include/linux/iommu.h
@@ -696,6 +696,10 @@ const struct iommu_ops *iommu_ops_from_fwnode(struct
fwnode_handle *fwnode)
return NULL;
}
+#ifdef CONFIG_IOMMU_DEBUG
Should be a space between the #ifdef and the CONFIG_..., not a tab.
Roger that.
Thanks,
Tom
+struct dentry *iommu_debugfs_setup(void);
+#endif
+
#endif /* CONFIG_IOMMU_API */
#endif /* __LINUX_IOMMU_H */
Re: [PATCH 2/2] iommu/amd: Add basic debugfs infrastructure for AMD IOMMU
On 03/29/2018 11:16 PM, Tom Lendacky wrote:
On 3/29/2018 5:54 PM, Gary R Hook wrote:
Implement a skeleton framework for debugfs support in the
AMD IOMMU.
Signed-off-by: Gary R Hook
---
drivers/iommu/Kconfig |6 ++---
drivers/iommu/Makefile|2 +-
drivers/iommu/amd_iommu_debugfs.c | 47 +
drivers/iommu/amd_iommu_init.c|9 ---
drivers/iommu/amd_iommu_proto.h |6 +
drivers/iommu/amd_iommu_types.h |3 ++
include/linux/iommu.h |8 +++---
7 files changed, 69 insertions(+), 12 deletions(-)
create mode 100644 drivers/iommu/amd_iommu_debugfs.c
diff --git a/drivers/iommu/Kconfig b/drivers/iommu/Kconfig
index d40248446214..8d50151d5bf4 100644
--- a/drivers/iommu/Kconfig
+++ b/drivers/iommu/Kconfig
@@ -65,9 +65,9 @@ config IOMMU_DEBUG
depends on DEBUG_FS
default n
help
- Base enablement for access to any IOMMU device. Allows individual
- drivers to populate debugfs for access to IOMMU registers and
- data structures.
+ Enable exposure of IOMMU device internals. Allow devices to
+ populate debugfs for access to IOMMU registers and data
+ structures.
This help text shouldn't change just because a driver is making use of
the interface that was created in the previous patch.
Roger. It should be changed in the base patch only.
config IOMMU_IOVA
tristate
diff --git a/drivers/iommu/Makefile b/drivers/iommu/Makefile
index 5e5c3339681d..0ca250f626d9 100644
--- a/drivers/iommu/Makefile
+++ b/drivers/iommu/Makefile
@@ -11,7 +11,7 @@ obj-$(CONFIG_IOMMU_IOVA) += iova.o
obj-$(CONFIG_OF_IOMMU)+= of_iommu.o
obj-$(CONFIG_MSM_IOMMU) += msm_iommu.o
obj-$(CONFIG_AMD_IOMMU) += amd_iommu.o amd_iommu_init.o
-obj-$(CONFIG_AMD_IOMMU_DEBUG) += amd_iommu_debugfs.o
+obj-$(CONFIG_IOMMU_DEBUG) += amd_iommu_debugfs.o
obj-$(CONFIG_AMD_IOMMU_V2) += amd_iommu_v2.o
obj-$(CONFIG_ARM_SMMU) += arm-smmu.o
obj-$(CONFIG_ARM_SMMU_V3) += arm-smmu-v3.o
diff --git a/drivers/iommu/amd_iommu_debugfs.c
b/drivers/iommu/amd_iommu_debugfs.c
new file mode 100644
index ..3547ad3339c1
--- /dev/null
+++ b/drivers/iommu/amd_iommu_debugfs.c
@@ -0,0 +1,47 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * AMD IOMMU driver
+ *
+ * Copyright (C) 2018 Advanced Micro Devices, Inc.
+ *
+ * Author: Gary R Hook
+ */
+
+#ifdef CONFIG_IOMMU_DEBUG
Since the module won't be built unless this is defined, you don't
need this.
For some reason my build is trying to compile this file, even though I
have the debug option disabled. Gotta track this down.
+
+#include
+#include
+#include
+#include "amd_iommu_proto.h"
+#include "amd_iommu_types.h"
+
+static struct dentry *iommu_debugfs_dir;
+static DEFINE_RWLOCK(iommu_debugfs_lock);
Use amd_iommu_...
Also, didn't you run into an issue with the CCP and debugfs creation
during probe using a RWLOCK? Should probably make this a mutex.
Yes, and had to make a change. I will do so here.
+
+#defineMAX_NAME_LEN20
+
+void amd_iommu_debugfs_setup(struct amd_iommu *iommu)
+{
+ char name[MAX_NAME_LEN + 1];
+ struct dentry *d_top;
+ unsigned long flags;
+
+ if (!debugfs_initialized())
+ return;
+
+ write_lock_irqsave(&iommu_debugfs_lock, flags);
+ if (!iommu_debugfs_dir && (d_top = iommu_debugfs_setup()))
+ iommu_debugfs_dir = debugfs_create_dir("amd", d_top);
+ write_unlock_irqrestore(&iommu_debugfs_lock, flags);
+ if (iommu_debugfs_dir) {
+ snprintf(name, MAX_NAME_LEN, "iommu%02d", iommu->index);
+ iommu->debugfs_instance = debugfs_create_dir(name,
+iommu_debugfs_dir);
+ if (!iommu->debugfs_instance)
+ debugfs_remove_recursive(iommu_debugfs_dir);
So this might cause an error. You remove it, but don't set the variable
to NULL, so the next IOMMU that is probed could try to use it. But why
are you deleting it anyway?
Right you are. My thought was to remove everything driver-specific in
the event of a failure. Do we not like that?
+ }
+
+ return;
+}
+
+#endif
diff --git a/drivers/iommu/amd_iommu_init.c b/drivers/iommu/amd_iommu_init.c
index 99d48c42a12f..43856c7f4ea1 100644
--- a/drivers/iommu/amd_iommu_init.c
+++ b/drivers/iommu/amd_iommu_init.c
@@ -89,6 +89,7 @@
#define ACPI_DEVFLAG_ATSDIS 0x1000
#define LOOP_TIMEOUT 10
+
Spurious newline.
D'oh!
/*
* ACPI table definitions
*
@@ -2720,6 +2721,7 @@ int __init amd_iommu_enable_faulting(void)
*/
static int __init amd_iommu_init(void)
{
+ struct amd_iommu *iommu;
int ret;
ret = iommu_go_to_state(IOMMU_INITIALIZED);
@@ -27
Re: [PATCH 2/3] crypto: ccp - return an actual key size from RSA max_size callback
On 03/02/2018 05:58 PM, Maciej S. Szmigiero wrote: On 03.03.2018 00:49, Hook, Gary wrote: On 3/2/2018 5:15 PM, Maciej S. Szmigiero wrote: Thanks. However, what about the first patch from this series? Without it, while it no longer should cause a buffer overflow, in-kernel X.509 certificate verification will still fail with CCP driver loaded (since CCP RSA implementation has a higher priority than the software RSA implementation). Maciej I commented on that one here: https://marc.info/?l=linux-crypto-vger&m=151986452422791&w=2 Effectively a NACK. We are a reviewing a proposed patch right now. Your earlier comment referred to the third patch from this series. My message above was about the first one. Apologies; my mistake.
Re: [PATCH 1/2] iommu/amd - Update the PASID information printed to the system log
On 05/03/2018 08:57 AM, Joerg Roedel wrote:
On Tue, May 01, 2018 at 02:52:52PM -0500, Gary R Hook wrote:
@@ -567,7 +567,7 @@ static void iommu_print_event(struct amd_iommu *iommu, void
*__evt)
}
if (type == EVENT_TYPE_IO_FAULT) {
- amd_iommu_report_page_fault(devid, domid, address, flags);
+ amd_iommu_report_page_fault(devid, pasid, address, flags);
According to the spec this could be a domid or a pasid, it would be good
to make that visible in the error message, depending on the value of the
GN flag in the event entry.
But that can be done in a separate patch, I applied these two, thanks.
Yes, I didn't quite get this right. Both values should be passed along.
Or perhaps the entire event could be passed in and decoded by
amd_iommu_report_page_fault()?
[PATCH] Documentation/CodingStyle: Add an example for braces
Add another example of required braces when using a compound statement in
a loop.
Signed-off-by: Gary R Hook
---
Documentation/process/coding-style.rst |9 +
1 file changed, 9 insertions(+)
diff --git a/Documentation/process/coding-style.rst
b/Documentation/process/coding-style.rst
index a20b44a40ec4..d98deb62c400 100644
--- a/Documentation/process/coding-style.rst
+++ b/Documentation/process/coding-style.rst
@@ -200,6 +200,15 @@ statement; in the latter case use braces in both branches:
otherwise();
}
+Also, use braces when a loop contains more than a single simple statement:
+
+.. code-block:: c
+
+ while (condition) {
+ if (test)
+ do_something();
+ }
+
3.1) Spaces
***
Re: [PATCH v2 1/5] iommu/amd - Add debugfs support
On 03/14/2018 10:29 AM, Andy Shevchenko wrote: On Wed, Mar 14, 2018 at 5:24 PM, Gary R Hook wrote: On 03/13/2018 03:23 PM, Andy Shevchenko wrote: +#include +#include +#include Keep in order? What order would that be? These few needed files are listed in the same order as which they appear in amd_iommu.c. I'm gonna need a preference spelled out, please (and a rationale, so I may better understand). To increase readability and avoid potential header duplication (here is can bus protocol implementation where the problem exists for real, even in new code!) With all due respect, I don't find that you clearly answered my question. Alphabetical order I meant. Thank you very much. Gary
[PATCH v3 2/5] iommu/amd - Add a 'verbose' switch for IOMMU debugfs
Enable more descriptive debugfs output via a 'verbose' variable.
Signed-off-by: Gary R Hook
---
drivers/iommu/amd_iommu_debugfs.c | 14 +-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/drivers/iommu/amd_iommu_debugfs.c
b/drivers/iommu/amd_iommu_debugfs.c
index 4f0f05a89a41..170863e5e86b 100644
--- a/drivers/iommu/amd_iommu_debugfs.c
+++ b/drivers/iommu/amd_iommu_debugfs.c
@@ -41,6 +41,8 @@ static DEFINE_MUTEX(iommu_debugfs_lock);
#defineMAX_NAME_LEN20
+static unsigned int amd_iommu_verbose = 0;
+
static unsigned int amd_iommu_count_valid_dtes(int start, int end)
{
unsigned int n = 0;
@@ -72,7 +74,10 @@ static ssize_t amd_iommu_debugfs_dtecount_read(struct file
*filp,
return -ENOMEM;
n = amd_iommu_count_valid_dtes(0, 0x);
- oboff += OSCNPRINTF("%d\n", n);
+ if (amd_iommu_verbose)
+ oboff += OSCNPRINTF("# DTEs: %d\n", n);
+ else
+ oboff += OSCNPRINTF("%d\n", n);
ret = simple_read_from_buffer(ubuf, count, offp, obuf, oboff);
kfree(obuf);
@@ -90,6 +95,7 @@ static const struct file_operations
amd_iommu_debugfs_dtecount_ops = {
void amd_iommu_debugfs_setup(struct amd_iommu *iommu)
{
char name[MAX_NAME_LEN + 1];
+ struct dentry *d_verbose;
struct dentry *d_dte;
if (!debugfs_initialized())
@@ -107,6 +113,12 @@ void amd_iommu_debugfs_setup(struct amd_iommu *iommu)
if (!iommu->debugfs_instance)
goto err;
+ d_verbose = debugfs_create_u32("verbose", 0600,
+ iommu->debugfs_instance,
+ &amd_iommu_verbose);
+ if (!d_verbose)
+ goto err;
+
d_dte = debugfs_create_file("count", 0400,
iommu->debugfs_instance, iommu,
&amd_iommu_debugfs_dtecount_ops);
[PATCH v3 1/5] iommu/amd - Add debugfs support
Expose the IOMMU MMIO registers and device table
Signed-off-by: Gary R Hook
---
drivers/iommu/Kconfig |7 ++
drivers/iommu/Makefile|1
drivers/iommu/amd_iommu_debugfs.c | 122 +
drivers/iommu/amd_iommu_init.c|6 +-
drivers/iommu/amd_iommu_proto.h |7 ++
drivers/iommu/amd_iommu_types.h |3 +
6 files changed, 144 insertions(+), 2 deletions(-)
create mode 100644 drivers/iommu/amd_iommu_debugfs.c
diff --git a/drivers/iommu/Kconfig b/drivers/iommu/Kconfig
index f3a21343e636..8b2a5b8707c6 100644
--- a/drivers/iommu/Kconfig
+++ b/drivers/iommu/Kconfig
@@ -135,6 +135,13 @@ config AMD_IOMMU_V2
hardware. Select this option if you want to use devices that support
the PCI PRI and PASID interface.
+config AMD_IOMMU_DEBUG
+ bool "Expose AMD IOMMU internals in DebugFS"
+ depends on AMD_IOMMU && DEBUG_FS
+ help
+ Provides debugfs access to IOMMU data such as registers and device
+ table entries.
+
# Intel IOMMU support
config DMAR_TABLE
bool
diff --git a/drivers/iommu/Makefile b/drivers/iommu/Makefile
index 1fb695854809..64fba8b1ca4f 100644
--- a/drivers/iommu/Makefile
+++ b/drivers/iommu/Makefile
@@ -10,6 +10,7 @@ obj-$(CONFIG_IOMMU_IOVA) += iova.o
obj-$(CONFIG_OF_IOMMU) += of_iommu.o
obj-$(CONFIG_MSM_IOMMU) += msm_iommu.o
obj-$(CONFIG_AMD_IOMMU) += amd_iommu.o amd_iommu_init.o
+obj-$(CONFIG_AMD_IOMMU_DEBUG) += amd_iommu_debugfs.o
obj-$(CONFIG_AMD_IOMMU_V2) += amd_iommu_v2.o
obj-$(CONFIG_ARM_SMMU) += arm-smmu.o
obj-$(CONFIG_ARM_SMMU_V3) += arm-smmu-v3.o
diff --git a/drivers/iommu/amd_iommu_debugfs.c
b/drivers/iommu/amd_iommu_debugfs.c
new file mode 100644
index ..4f0f05a89a41
--- /dev/null
+++ b/drivers/iommu/amd_iommu_debugfs.c
@@ -0,0 +1,122 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * AMD IOMMU driver
+ *
+ * Copyright (C) 2018 Advanced Micro Devices, Inc.
+ *
+ * Author: Gary R Hook
+ */
+
+#ifdef CONFIG_DEBUG_FS
+
+#include
+#include
+#include
+
+#include "amd_iommu_proto.h"
+#include "amd_iommu_types.h"
+
+/* DebugFS helpers
+ *
+ * This is intended to shrink the scnprintf statements used to produce
+ * debugfs output. Each function that uses OSCNPRINTF will need to declare
+ * local variables:
+ *
+ * unsigned int obuflen = ;
+ * unsigned int oboff = 0;
+ * char *obuf;
+ *
+ * wherein obuflen is the expected buffer length needed for the output text.
+ * Every statement then reduces to
+ * oboff += OSCNPRINTF([, [, ...]]);
+ */
+#defineOBUFP (obuf + oboff)
+#defineOBUFLEN obuflen
+#defineOBUFSPC (OBUFLEN - oboff)
+#defineOSCNPRINTF(fmt, ...) \
+ scnprintf(OBUFP, OBUFSPC, fmt, ## __VA_ARGS__)
+
+static struct dentry *iommu_debugfs_dir;
+static DEFINE_MUTEX(iommu_debugfs_lock);
+
+#defineMAX_NAME_LEN20
+
+static unsigned int amd_iommu_count_valid_dtes(int start, int end)
+{
+ unsigned int n = 0;
+ int i;
+
+ /* Scan the DTE table from entry 'start' through entry 'end' for
+* active entries
+*/
+ for (i = start ; i <= end ; i++) {
+ if ((amd_iommu_dev_table[i].data[0] ^ 0x3)
+ || amd_iommu_dev_table[i].data[1])
+ n++;
+ }
+ return n;
+}
+
+static ssize_t amd_iommu_debugfs_dtecount_read(struct file *filp,
+ char __user *ubuf,
+ size_t count, loff_t *offp)
+{
+ unsigned int obuflen = 64;
+ unsigned int oboff = 0;
+ unsigned int n;
+ ssize_t ret;
+ char *obuf;
+
+ obuf = kmalloc(OBUFLEN, GFP_KERNEL);
+ if (!obuf)
+ return -ENOMEM;
+
+ n = amd_iommu_count_valid_dtes(0, 0x);
+ oboff += OSCNPRINTF("%d\n", n);
+
+ ret = simple_read_from_buffer(ubuf, count, offp, obuf, oboff);
+ kfree(obuf);
+
+ return ret;
+}
+
+static const struct file_operations amd_iommu_debugfs_dtecount_ops = {
+ .owner = THIS_MODULE,
+ .open = simple_open,
+ .read = amd_iommu_debugfs_dtecount_read,
+ .write = NULL,
+};
+
+void amd_iommu_debugfs_setup(struct amd_iommu *iommu)
+{
+ char name[MAX_NAME_LEN + 1];
+ struct dentry *d_dte;
+
+ if (!debugfs_initialized())
+ return;
+
+ mutex_lock(&iommu_debugfs_lock);
+ if (!iommu_debugfs_dir)
+ iommu_debugfs_dir = debugfs_create_dir(KBUILD_MODNAME, NULL);
+ mutex_unlock(&iommu_debugfs_lock);
+ if (!iommu_debugfs_dir)
+ goto err;
+
+ snprintf(name, MAX_NAME_LEN, "iommu%02x", iommu->index);
+ iommu->debugfs_instance = debugfs_create_dir(name, iommu_debugfs_dir);
+ if (!iommu->debugfs_instance)
+ goto err;
+
+ d_dte = deb
[PATCH v3 0/5] Add debugfs info for the AMD IOMMU
The following series creates a debugfs directory for AMD IOMMUs, constructs a framework for additional entries, an online README, and a method for dumping device table entries. Data is reported in a default concise mode, but a verbose mode is enabled via a filesystem entry. This is the first of three patch series that will expose a number of IOMMU registers. Changes since v2: - Change lock type to a mutex - Convert a #define to an inline - Alphabetize #include files - Remove unnecessary checks for pointers - Use kstrtoint() instead of sscanf() - Added comments - Minor style fixes Changes since v1: - Correctly use CONFIG_AMD_IOMMU_DEBUG in Makefile and header file --- Gary R Hook (5): iommu/amd - Add debugfs support iommu/amd - Add a 'verbose' switch for IOMMU debugfs iommu/amd - Add a README variable for the IOMMU debugfs iommu/amd - Expose the active IOMMU device table entries iommu/amd - Add a debugfs entry to specify a IOMMU device table entry drivers/iommu/Kconfig |7 + drivers/iommu/Makefile|1 drivers/iommu/amd_iommu_debugfs.c | 316 + drivers/iommu/amd_iommu_init.c|6 - drivers/iommu/amd_iommu_proto.h |7 + drivers/iommu/amd_iommu_types.h |3 6 files changed, 338 insertions(+), 2 deletions(-) create mode 100644 drivers/iommu/amd_iommu_debugfs.c --
[PATCH v3 3/5] iommu/amd - Add a README variable for the IOMMU debugfs
Provide help text via a filesystem entry
Signed-off-by: Gary R Hook
---
drivers/iommu/amd_iommu_debugfs.c | 31 +++
1 file changed, 31 insertions(+)
diff --git a/drivers/iommu/amd_iommu_debugfs.c
b/drivers/iommu/amd_iommu_debugfs.c
index 170863e5e86b..d95428b1ef90 100644
--- a/drivers/iommu/amd_iommu_debugfs.c
+++ b/drivers/iommu/amd_iommu_debugfs.c
@@ -92,6 +92,31 @@ static const struct file_operations
amd_iommu_debugfs_dtecount_ops = {
.write = NULL,
};
+static char readmetext[] =
+"count Count of active devices\n"
+"verbose Provide additional descriptive text\n"
+"\n";
+
+static ssize_t amd_iommu_debugfs_readme_read(struct file *filp,
+ char __user *ubuf,
+ size_t count, loff_t *offp)
+{
+ ssize_t ret;
+
+ ret = simple_read_from_buffer(ubuf, count, offp,
+ readmetext, strlen(readmetext));
+
+ return ret;
+}
+
+
+static const struct file_operations amd_iommu_debugfs_readme_ops = {
+ .owner = THIS_MODULE,
+ .open = simple_open,
+ .read = amd_iommu_debugfs_readme_read,
+ .write = NULL,
+};
+
void amd_iommu_debugfs_setup(struct amd_iommu *iommu)
{
char name[MAX_NAME_LEN + 1];
@@ -125,6 +150,12 @@ void amd_iommu_debugfs_setup(struct amd_iommu *iommu)
if (!d_dte)
goto err;
+ d_dte = debugfs_create_file("README", 0400,
+ iommu->debugfs_instance, iommu,
+ &amd_iommu_debugfs_readme_ops);
+ if (!d_dte)
+ goto err;
+
return;
err:
[PATCH v3 5/5] iommu/amd - Add a debugfs entry to specify a IOMMU device table entry
Initially (at boot) the device table values dumped are all of the
active devices. Add a devid debugfs file to allow the user to select a
single device table entry to dump (active or not). Let any devid value
greater than the maximum allowable PCI ID (0x) restore the
behavior to that effective at boot.
Signed-off-by: Gary R Hook
---
drivers/iommu/amd_iommu_debugfs.c | 121 -
1 file changed, 106 insertions(+), 15 deletions(-)
diff --git a/drivers/iommu/amd_iommu_debugfs.c
b/drivers/iommu/amd_iommu_debugfs.c
index 1d941c5329be..47bf718f6178 100644
--- a/drivers/iommu/amd_iommu_debugfs.c
+++ b/drivers/iommu/amd_iommu_debugfs.c
@@ -42,6 +42,7 @@ static DEFINE_MUTEX(iommu_debugfs_lock);
#defineMAX_NAME_LEN20
static unsigned int amd_iommu_verbose = 0;
+static unsigned int amd_iommu_devid = ~0;
static unsigned int amd_iommu_count_valid_dtes(int start, int end)
{
@@ -92,14 +93,84 @@ static const struct file_operations
amd_iommu_debugfs_dtecount_ops = {
.write = NULL,
};
+static ssize_t amd_iommu_debugfs_devid_read(struct file *filp,
+ char __user *ubuf,
+ size_t count, loff_t *offp)
+{
+ unsigned int obuflen = 64;
+ unsigned int oboff = 0;
+ ssize_t ret;
+ char *obuf;
+
+ obuf = kmalloc(OBUFLEN, GFP_KERNEL);
+ if (!obuf)
+ return -ENOMEM;
+
+ if (amd_iommu_verbose)
+ oboff += OSCNPRINTF("%02x:%02x:%x (%u / %04x)\n",
+ PCI_BUS_NUM(amd_iommu_devid),
+ PCI_SLOT(amd_iommu_devid),
+ PCI_FUNC(amd_iommu_devid),
+ amd_iommu_devid, amd_iommu_devid);
+ else
+ oboff += OSCNPRINTF("%u\n", amd_iommu_devid);
+
+ ret = simple_read_from_buffer(ubuf, count, offp, obuf, oboff);
+ kfree(obuf);
+
+ return ret;
+}
+
+static ssize_t amd_iommu_debugfs_devid_write(struct file *filp,
+ const char __user *ubuf,
+ size_t count, loff_t *offp)
+{
+ unsigned int pci_id, pci_slot, pci_func;
+ unsigned int obuflen = 80;
+ ssize_t ret;
+ char *obuf;
+
+ obuf = kmalloc(OBUFLEN, GFP_KERNEL);
+ if (!obuf)
+ return -ENOMEM;
+
+ ret = simple_write_to_buffer(obuf, OBUFLEN, offp, ubuf, count);
+
+ if (strnchr(obuf, OBUFLEN, ':')) {
+ int n;
+ n = sscanf(obuf, "%x:%x.%x", &pci_id, &pci_slot, &pci_func);
+ if (n == 3)
+ amd_iommu_devid = PCI_DEVID(pci_id, PCI_DEVFN(pci_slot,
pci_func));
+ } else {
+ kstrtoint(obuf, 0, &amd_iommu_devid);
+ }
+
+ kfree(obuf);
+
+ return ret;
+}
+
+static const struct file_operations amd_iommu_debugfs_devid_ops = {
+ .owner = THIS_MODULE,
+ .open = simple_open,
+ .read = amd_iommu_debugfs_devid_read,
+ .write = amd_iommu_debugfs_devid_write,
+};
+
#defineMAX_PCI_ID 0x
-#definePRINTDTE(i) OSCNPRINTF("%02x:%02x:%x - %016llx %016llx
%016llx %016llx\n", \
- PCI_BUS_NUM(i), PCI_SLOT(i), PCI_FUNC(i), \
- amd_iommu_dev_table[i].data[0], \
- amd_iommu_dev_table[i].data[1], \
- amd_iommu_dev_table[i].data[2], \
- amd_iommu_dev_table[i].data[3]);
+static inline int amd_iommu_debugfs_printdte(int i, char *obuf, unsigned int
obuflen, unsigned int oboff)
+{
+ int rc;
+
+ rc = OSCNPRINTF("%02x:%02x:%x - %016llx %016llx %016llx %016llx\n",
+ PCI_BUS_NUM(i), PCI_SLOT(i), PCI_FUNC(i),
+ amd_iommu_dev_table[i].data[0],
+ amd_iommu_dev_table[i].data[1],
+ amd_iommu_dev_table[i].data[2],
+ amd_iommu_dev_table[i].data[3]);
+ return rc;
+}
static ssize_t amd_iommu_debugfs_dte_read(struct file *filp,
char __user *ubuf,
@@ -113,19 +184,28 @@ static ssize_t amd_iommu_debugfs_dte_read(struct file
*filp,
char *obuf;
/* Count the number of valid entries in the device table */
- istart = 0;
- iend = MAX_PCI_ID;
- n = amd_iommu_count_valid_dtes(istart, iend);
+ if (amd_iommu_devid > MAX_PCI_ID) {
+ istart = 0;
+ iend = MAX_PCI_ID;
+ n = amd_iommu_count_valid_dtes(istart, iend);
+ } else {
+ n = 1;
+ }
obuflen = n * 80;
obuf = kmalloc(OBUFLEN, GFP_KERNEL);
if (!obuf)
return -ENOMEM;
-
[PATCH v3 4/5] iommu/amd - Expose the active IOMMU device table entries
Add a debugfs entry to dump the active device table entries from
the IOMMU's table. Active is determined by non-default values
in the first and second long words of the DTE. Aside from IOMMU
devices, this output should list every device reported by lspci.
Signed-off-by: Gary R Hook
---
drivers/iommu/amd_iommu_debugfs.c | 60 +
1 file changed, 60 insertions(+)
diff --git a/drivers/iommu/amd_iommu_debugfs.c
b/drivers/iommu/amd_iommu_debugfs.c
index d95428b1ef90..1d941c5329be 100644
--- a/drivers/iommu/amd_iommu_debugfs.c
+++ b/drivers/iommu/amd_iommu_debugfs.c
@@ -92,9 +92,62 @@ static const struct file_operations
amd_iommu_debugfs_dtecount_ops = {
.write = NULL,
};
+#defineMAX_PCI_ID 0x
+
+#definePRINTDTE(i) OSCNPRINTF("%02x:%02x:%x - %016llx %016llx
%016llx %016llx\n", \
+ PCI_BUS_NUM(i), PCI_SLOT(i), PCI_FUNC(i), \
+ amd_iommu_dev_table[i].data[0], \
+ amd_iommu_dev_table[i].data[1], \
+ amd_iommu_dev_table[i].data[2], \
+ amd_iommu_dev_table[i].data[3]);
+
+static ssize_t amd_iommu_debugfs_dte_read(struct file *filp,
+ char __user *ubuf,
+ size_t count, loff_t *offp)
+{
+ unsigned int obuflen;
+ unsigned int oboff = 0;
+ unsigned int istart, iend;
+ ssize_t ret;
+ u32 i, n;
+ char *obuf;
+
+ /* Count the number of valid entries in the device table */
+ istart = 0;
+ iend = MAX_PCI_ID;
+ n = amd_iommu_count_valid_dtes(istart, iend);
+ obuflen = n * 80;
+
+ obuf = kmalloc(OBUFLEN, GFP_KERNEL);
+ if (!obuf)
+ return -ENOMEM;
+
+ for (i = istart ; i <= iend ; i++)
+ if ((amd_iommu_dev_table[i].data[0] ^ 0x3)
+|| amd_iommu_dev_table[i].data[1])
+ oboff += PRINTDTE(i);
+
+ ret = simple_read_from_buffer(ubuf, count, offp, obuf, oboff);
+ kfree(obuf);
+
+ return ret;
+}
+
+static const struct file_operations amd_iommu_debugfs_dte_ops = {
+ .owner = THIS_MODULE,
+ .open = simple_open,
+ .read = amd_iommu_debugfs_dte_read,
+ .write = NULL,
+};
+
static char readmetext[] =
+"devicetable Print active entries in the device table\n"
"count Count of active devices\n"
"verbose Provide additional descriptive text\n"
+"\n"
+"Dumping the Device Table\n"
+"The device table is scanned for entries that appear to be active. The\n"
+"default range is from 0 to 0x, and only active entries will be reported\n"
"\n";
static ssize_t amd_iommu_debugfs_readme_read(struct file *filp,
@@ -144,6 +197,13 @@ void amd_iommu_debugfs_setup(struct amd_iommu *iommu)
if (!d_verbose)
goto err;
+ /* Device Table Entries */
+ d_dte = debugfs_create_file("devicetable", 0400,
+ iommu->debugfs_instance, iommu,
+ &amd_iommu_debugfs_dte_ops);
+ if (!d_dte)
+ goto err;
+
d_dte = debugfs_create_file("count", 0400,
iommu->debugfs_instance, iommu,
&amd_iommu_debugfs_dtecount_ops);
Re: [PATCH] Documentation/CodingStyle: Add an example for braces
On 03/15/2018 05:26 AM, Jani Nikula wrote:
On Wed, 14 Mar 2018, Gary R Hook wrote:
Add another example of required braces when using a compound statement in
a loop.
Signed-off-by: Gary R Hook
---
Documentation/process/coding-style.rst |9 +
1 file changed, 9 insertions(+)
diff --git a/Documentation/process/coding-style.rst
b/Documentation/process/coding-style.rst
index a20b44a40ec4..d98deb62c400 100644
--- a/Documentation/process/coding-style.rst
+++ b/Documentation/process/coding-style.rst
@@ -200,6 +200,15 @@ statement; in the latter case use braces in both branches:
otherwise();
}
+Also, use braces when a loop contains more than a single simple statement:
Personally, I'd not limit this to loops.
if (condition) {
if (another_condition)
action();
}
You could argue the existing rule already covers these cases by
excluding selection and iteration statements from the "single statement"
in "Do not unnecessarily use braces where a single statement will do."
Define "statement"? There's a school of thought that uses semicolons to
indicate a statement. I'm trying to eliminate any ambiguity by calling
out compound statements as "more than one statement". Sure, semantics,
but in the interest of clarity. An additional sentence and example
doesn't really cost much.
Thank you for your time. I've made some changes, and a v2 to follow shortly.
[PATCH v2] Documentation/CodingStyle: Add an example for braces
Add another example of required braces when using a compound statements.
Signed-off-by: Gary R Hook
---
Changes since v1:
- Move the new example up, and make it more generic
Documentation/process/coding-style.rst |9 +
1 file changed, 9 insertions(+)
diff --git a/Documentation/process/coding-style.rst
b/Documentation/process/coding-style.rst
index a20b44a40ec4..fcef0b4b59d0 100644
--- a/Documentation/process/coding-style.rst
+++ b/Documentation/process/coding-style.rst
@@ -188,6 +188,15 @@ and
else
do_that();
+Do use braces when a body is more complex than a single simple statement:
+
+.. code-block:: c
+
+ if (condition) {
+ if (another_condition)
+ do_something();
+ }
+
This does not apply if only one branch of a conditional statement is a single
statement; in the latter case use braces in both branches:
[PATCH v5 0/2] Base enablement of IOMMU debugfs support
These patches create a top-level function, called at IOMMU initialization, to create a debugfs directory for the IOMMU. Under this directory drivers may create and populate-specific directories for their device internals. Patch 1: general IOMMU enablement Patch 2: basic AMD enablement to demonstrate linkage with patch 1 Introduce a new Kconfig parameter IOMMU_DEBUGFS to globally allow/disallow debugfs code to be built. The Makefile structure is intended to allow the use of a single switch for turning on DebugFS. Changes since v4: - Guard vendor-specific debugfs files in the Makefile - Call top-level routine from iommu_init() - Add function for instantiating a driver-specific directory - Change AMD driver code to use this new format Changes since v3: - Remove superfluous calls to debugfs_initialized() - Emit a warning exactly one time - Change the Kconfig name to IOMMU_DEBUGFS - Change the way debugfs modules are made Changes since v2: - Move a declaration to outside an ifdef - Remove a spurious blank line Changes since v1: - Remove debug cruft - Remove cruft produced by design change - Change the lock to a mutex - Coding style fixes - Add a comment to document the framework --- Gary R Hook (2): iommu - Enable debugfs exposure of IOMMU driver internals iommu/amd: Add basic debugfs infrastructure for AMD IOMMU drivers/iommu/Kconfig | 11 ++ drivers/iommu/Makefile|6 +++ drivers/iommu/amd_iommu_debugfs.c | 41 drivers/iommu/amd_iommu_init.c|6 ++- drivers/iommu/amd_iommu_proto.h |6 +++ drivers/iommu/amd_iommu_types.h |3 ++ drivers/iommu/iommu-debugfs.c | 64 + drivers/iommu/iommu.c |2 + include/linux/iommu.h |8 + 9 files changed, 145 insertions(+), 2 deletions(-) create mode 100644 drivers/iommu/amd_iommu_debugfs.c create mode 100644 drivers/iommu/iommu-debugfs.c --
[PATCH v5 1/2] iommu - Enable debugfs exposure of IOMMU driver internals
Provide base enablement for using debugfs to expose internal data of an
IOMMU driver. When called, create the /sys/kernel/debug/iommu directory.
Emit a strong warning at boot time to indicate that this feature is
enabled.
This function is called from iommu_init, and creates the initial DebugFS
directory. Drivers may then call iommu_debugfs_new_driver_dir() to
instantiate a device-specific directory to expose internal data.
It will return a pointer to the new dentry structure created in
/sys/kernel/debug/iommu, or NULL in the event of a failure.
Since the IOMMU driver can not be removed from the running system, there
is no need for an "off" function.
Signed-off-by: Gary R Hook
---
drivers/iommu/Kconfig | 11 +++
drivers/iommu/Makefile|1 +
drivers/iommu/iommu-debugfs.c | 64 +
drivers/iommu/iommu.c |2 +
include/linux/iommu.h |8 +
5 files changed, 86 insertions(+)
create mode 100644 drivers/iommu/iommu-debugfs.c
diff --git a/drivers/iommu/Kconfig b/drivers/iommu/Kconfig
index f3a21343e636..ff511fa8ca7d 100644
--- a/drivers/iommu/Kconfig
+++ b/drivers/iommu/Kconfig
@@ -60,6 +60,17 @@ config IOMMU_IO_PGTABLE_ARMV7S_SELFTEST
endmenu
+config IOMMU_DEBUGFS
+ bool "Export IOMMU internals in DebugFS"
+ depends on DEBUG_FS
+ default n
+ help
+ Allows exposure of IOMMU device internals. This option enables
+ the use of debugfs by IOMMU drivers as required. Devices can,
+ at initialization time, cause the IOMMU code to create a top-level
+ debug/iommu directory, and then populate a subdirectory with
+ entries as required.
+
config IOMMU_IOVA
tristate
diff --git a/drivers/iommu/Makefile b/drivers/iommu/Makefile
index 1fb695854809..74cfbc392862 100644
--- a/drivers/iommu/Makefile
+++ b/drivers/iommu/Makefile
@@ -2,6 +2,7 @@
obj-$(CONFIG_IOMMU_API) += iommu.o
obj-$(CONFIG_IOMMU_API) += iommu-traces.o
obj-$(CONFIG_IOMMU_API) += iommu-sysfs.o
+obj-$(CONFIG_IOMMU_DEBUGFS) += iommu-debugfs.o
obj-$(CONFIG_IOMMU_DMA) += dma-iommu.o
obj-$(CONFIG_IOMMU_IO_PGTABLE) += io-pgtable.o
obj-$(CONFIG_IOMMU_IO_PGTABLE_ARMV7S) += io-pgtable-arm-v7s.o
diff --git a/drivers/iommu/iommu-debugfs.c b/drivers/iommu/iommu-debugfs.c
new file mode 100644
index ..d82a10b2478b
--- /dev/null
+++ b/drivers/iommu/iommu-debugfs.c
@@ -0,0 +1,64 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * IOMMU driver
+ *
+ * Copyright (C) 2018 Advanced Micro Devices, Inc.
+ *
+ * Author: Gary R Hook
+ */
+
+#include
+#include
+#include
+
+static struct dentry *iommu_debugfs_dir;
+
+/*
+ * Provide base enablement for using debugfs to expose internal data of an
+ * IOMMU driver. When called, create the /sys/kernel/debug/iommu directory.
+ *
+ * Emit a strong warning at boot time to indicate that this feature is
+ * enabled.
+ *
+ * This function is called from iommu_init, and creates the initial DebugFS
+ * directory. Drivers may then call iommu_debugfs_new_driver_dir() to
+ * instantiate a device-specific directory to expose internal data.
+ * It will return a pointer to the new dentry structure created in
+ * /sys/kernel/debug/iommu, or NULL in the event of a failure.
+ *
+ * Since the IOMMU driver can not be removed from the running system, there
+ * is no need for an "off" function.
+ */
+void iommu_debugfs_setup(void)
+{
+ if (!iommu_debugfs_dir) {
+ iommu_debugfs_dir = debugfs_create_dir("iommu", NULL);
+ if (iommu_debugfs_dir) {
+ pr_warn("\n");
+
pr_warn("*\n");
+ pr_warn("** NOTICE NOTICE NOTICE NOTICE NOTICE
NOTICE NOTICE**\n");
+ pr_warn("**
**\n");
+ pr_warn("** IOMMU DebugFS SUPPORT HAS BEEN ENABLED IN
THIS KERNEL **\n");
+ pr_warn("**
**\n");
+ pr_warn("** This means that this kernel is built to
expose internal **\n");
+ pr_warn("** IOMMU data structures, which may compromise
security on **\n");
+ pr_warn("** your system.
**\n");
+ pr_warn("**
**\n");
+ pr_warn("** If you see this message and you are not
debugging the **\n");
+ pr_warn("** kernel, report this immediately to your
vendor! **\n");
+ pr_warn("**
[PATCH v5 2/2] iommu/amd: Add basic debugfs infrastructure for AMD IOMMU
Implement a skeleton framework for debugfs support in the
AMD IOMMU.
Signed-off-by: Gary R Hook
---
drivers/iommu/Makefile|5 +
drivers/iommu/amd_iommu_debugfs.c | 41 +
drivers/iommu/amd_iommu_init.c|6 -
drivers/iommu/amd_iommu_proto.h |6 +
drivers/iommu/amd_iommu_types.h |3 +++
5 files changed, 59 insertions(+), 2 deletions(-)
create mode 100644 drivers/iommu/amd_iommu_debugfs.c
diff --git a/drivers/iommu/Makefile b/drivers/iommu/Makefile
index 74cfbc392862..dd980f7dd8b6 100644
--- a/drivers/iommu/Makefile
+++ b/drivers/iommu/Makefile
@@ -30,3 +30,8 @@ obj-$(CONFIG_EXYNOS_IOMMU) += exynos-iommu.o
obj-$(CONFIG_FSL_PAMU) += fsl_pamu.o fsl_pamu_domain.o
obj-$(CONFIG_S390_IOMMU) += s390-iommu.o
obj-$(CONFIG_QCOM_IOMMU) += qcom_iommu.o
+
+# This ensures that only the required files are compiled
+ifeq ($(CONFIG_IOMMU_DEBUGFS), y)
+obj-$(CONFIG_AMD_IOMMU) += amd_iommu_debugfs.o
+endif
diff --git a/drivers/iommu/amd_iommu_debugfs.c
b/drivers/iommu/amd_iommu_debugfs.c
new file mode 100644
index ..2b351b9f9130
--- /dev/null
+++ b/drivers/iommu/amd_iommu_debugfs.c
@@ -0,0 +1,41 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * AMD IOMMU driver
+ *
+ * Copyright (C) 2018 Advanced Micro Devices, Inc.
+ *
+ * Author: Gary R Hook
+ */
+
+#include
+#include
+#include
+#include "amd_iommu_proto.h"
+#include "amd_iommu_types.h"
+
+static struct dentry *amd_iommu_debugfs;
+static DEFINE_MUTEX(amd_iommu_debugfs_lock);
+
+#defineMAX_NAME_LEN20
+
+void amd_iommu_debugfs_setup(struct amd_iommu *iommu)
+{
+ char name[MAX_NAME_LEN + 1];
+
+pr_warn("GRH: %s:%d\n", __func__, __LINE__);
+
+ mutex_lock(&amd_iommu_debugfs_lock);
+ if (!amd_iommu_debugfs)
+ amd_iommu_debugfs = iommu_debugfs_new_driver_dir("amd");
+ mutex_unlock(&amd_iommu_debugfs_lock);
+
+ if (amd_iommu_debugfs) {
+ snprintf(name, MAX_NAME_LEN, "iommu%02d", iommu->index);
+ iommu->debugfs = debugfs_create_dir(name,
+ amd_iommu_debugfs);
+ if (!iommu->debugfs) {
+ debugfs_remove_recursive(amd_iommu_debugfs);
+ amd_iommu_debugfs = NULL;
+ }
+ }
+}
diff --git a/drivers/iommu/amd_iommu_init.c b/drivers/iommu/amd_iommu_init.c
index 904c575d1677..031e6dbb8345 100644
--- a/drivers/iommu/amd_iommu_init.c
+++ b/drivers/iommu/amd_iommu_init.c
@@ -2721,6 +2721,7 @@ int __init amd_iommu_enable_faulting(void)
*/
static int __init amd_iommu_init(void)
{
+ struct amd_iommu *iommu;
int ret;
ret = iommu_go_to_state(IOMMU_INITIALIZED);
@@ -2730,14 +2731,15 @@ static int __init amd_iommu_init(void)
disable_iommus();
free_iommu_resources();
} else {
- struct amd_iommu *iommu;
-
uninit_device_table_dma();
for_each_iommu(iommu)
iommu_flush_all_caches(iommu);
}
}
+ for_each_iommu(iommu)
+ amd_iommu_debugfs_setup(iommu);
+
return ret;
}
diff --git a/drivers/iommu/amd_iommu_proto.h b/drivers/iommu/amd_iommu_proto.h
index 640c286a0ab9..39053f11dda3 100644
--- a/drivers/iommu/amd_iommu_proto.h
+++ b/drivers/iommu/amd_iommu_proto.h
@@ -33,6 +33,12 @@ extern void amd_iommu_uninit_devices(void);
extern void amd_iommu_init_notifier(void);
extern int amd_iommu_init_api(void);
+#ifdef CONFIG_IOMMU_DEBUGFS
+void amd_iommu_debugfs_setup(struct amd_iommu *iommu);
+#else
+static inline void amd_iommu_debugfs_setup(struct amd_iommu *iommu) {}
+#endif
+
/* Needed for interrupt remapping */
extern int amd_iommu_prepare(void);
extern int amd_iommu_enable(void);
diff --git a/drivers/iommu/amd_iommu_types.h b/drivers/iommu/amd_iommu_types.h
index 1c9b080276c9..2ca0959ae9e6 100644
--- a/drivers/iommu/amd_iommu_types.h
+++ b/drivers/iommu/amd_iommu_types.h
@@ -593,6 +593,9 @@ struct amd_iommu {
u32 flags;
volatile u64 __aligned(8) cmd_sem;
+
+ /* DebugFS Info */
+ struct dentry *debugfs;
};
static inline struct amd_iommu *dev_to_amd_iommu(struct device *dev)
