Commit Graph

1603 Commits

Author SHA1 Message Date
David S. Miller d31e95585c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
The only slightly tricky merge conflict was the netdevsim because the
mutex locking fix overlapped a lot of driver reload reorganization.

The rest were (relatively) trivial in nature.

Signed-off-by: David S. Miller <davem@davemloft.net>
2019-11-02 13:54:56 -07:00
Vikas Gupta 246880958a firmware: broadcom: add OP-TEE based BNXT f/w manager
This driver registers on TEE bus to interact with OP-TEE based
BNXT firmware management modules

Cc: Jakub Kicinski <jakub.kicinski@netronome.com>
Reported-by: kbuild test robot <lkp@intel.com>
Signed-off-by: Vikas Gupta <vikas.gupta@broadcom.com>
Signed-off-by: Sheetal Tigadoli <sheetal.tigadoli@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-10-31 11:00:45 -07:00
Javier Martinez Canillas 359efcc2c9 efi/efi_test: Lock down /dev/efi_test and require CAP_SYS_ADMIN
The driver exposes EFI runtime services to user-space through an IOCTL
interface, calling the EFI services function pointers directly without
using the efivar API.

Disallow access to the /dev/efi_test character device when the kernel is
locked down to prevent arbitrary user-space to call EFI runtime services.

Also require CAP_SYS_ADMIN to open the chardev to prevent unprivileged
users to call the EFI runtime services, instead of just relying on the
chardev file mode bits for this.

The main user of this driver is the fwts [0] tool that already checks if
the effective user ID is 0 and fails otherwise. So this change shouldn't
cause any regression to this tool.

[0]: https://wiki.ubuntu.com/FirmwareTestSuite/Reference/uefivarinfo

Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Acked-by: Matthew Garrett <mjg59@google.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Link: https://lkml.kernel.org/r/20191029173755.27149-7-ardb@kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2019-10-31 09:40:21 +01:00
Kairui Song 220dd7699c x86, efi: Never relocate kernel below lowest acceptable address
Currently, kernel fails to boot on some HyperV VMs when using EFI.
And it's a potential issue on all x86 platforms.

It's caused by broken kernel relocation on EFI systems, when below three
conditions are met:

1. Kernel image is not loaded to the default address (LOAD_PHYSICAL_ADDR)
   by the loader.
2. There isn't enough room to contain the kernel, starting from the
   default load address (eg. something else occupied part the region).
3. In the memmap provided by EFI firmware, there is a memory region
   starts below LOAD_PHYSICAL_ADDR, and suitable for containing the
   kernel.

EFI stub will perform a kernel relocation when condition 1 is met. But
due to condition 2, EFI stub can't relocate kernel to the preferred
address, so it fallback to ask EFI firmware to alloc lowest usable memory
region, got the low region mentioned in condition 3, and relocated
kernel there.

It's incorrect to relocate the kernel below LOAD_PHYSICAL_ADDR. This
is the lowest acceptable kernel relocation address.

The first thing goes wrong is in arch/x86/boot/compressed/head_64.S.
Kernel decompression will force use LOAD_PHYSICAL_ADDR as the output
address if kernel is located below it. Then the relocation before
decompression, which move kernel to the end of the decompression buffer,
will overwrite other memory region, as there is no enough memory there.

To fix it, just don't let EFI stub relocate the kernel to any address
lower than lowest acceptable address.

[ ardb: introduce efi_low_alloc_above() to reduce the scope of the change ]

Signed-off-by: Kairui Song <kasong@redhat.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Acked-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Link: https://lkml.kernel.org/r/20191029173755.27149-6-ardb@kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2019-10-31 09:40:19 +01:00
Ard Biesheuvel 41cd96fa14 efi: libstub/arm: Account for firmware reserved memory at the base of RAM
The EFI stubloader for ARM starts out by allocating a 32 MB window
at the base of RAM, in order to ensure that the decompressor (which
blindly copies the uncompressed kernel into that window) does not
overwrite other allocations that are made while running in the context
of the EFI firmware.

In some cases, (e.g., U-Boot running on the Raspberry Pi 2), this is
causing boot failures because this initial allocation conflicts with
a page of reserved memory at the base of RAM that contains the SMP spin
tables and other pieces of firmware data and which was put there by
the bootloader under the assumption that the TEXT_OFFSET window right
below the kernel is only used partially during early boot, and will be
left alone once the memory reservations are processed and taken into
account.

So let's permit reserved memory regions to exist in the region starting
at the base of RAM, and ending at TEXT_OFFSET - 5 * PAGE_SIZE, which is
the window below the kernel that is not touched by the early boot code.

Tested-by: Guillaume Gardet <Guillaume.Gardet@arm.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Acked-by: Chester Lin <clin@suse.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Link: https://lkml.kernel.org/r/20191029173755.27149-5-ardb@kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2019-10-31 09:40:19 +01:00
Dominik Brodowski 18b915ac6b efi/random: Treat EFI_RNG_PROTOCOL output as bootloader randomness
Commit 428826f535 ("fdt: add support for rng-seed") introduced
add_bootloader_randomness(), permitting randomness provided by the
bootloader or firmware to be credited as entropy. However, the fact
that the UEFI support code was already wired into the RNG subsystem
via a call to add_device_randomness() was overlooked, and so it was
not converted at the same time.

Note that this UEFI (v2.4 or newer) feature is currently only
implemented for EFI stub booting on ARM, and further note that
CONFIG_RANDOM_TRUST_BOOTLOADER must be enabled, and this should be
done only if there indeed is sufficient trust in the bootloader
_and_ its source of randomness.

[ ardb: update commit log ]

Tested-by: Bhupesh Sharma <bhsharma@redhat.com>
Signed-off-by: Dominik Brodowski <linux@dominikbrodowski.net>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Link: https://lkml.kernel.org/r/20191029173755.27149-4-ardb@kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2019-10-31 09:40:18 +01:00
Jerry Snitselaar 2bb6a81633 efi/tpm: Return -EINVAL when determining tpm final events log size fails
Currently nothing checks the return value of efi_tpm_eventlog_init(),
but in case that changes in the future make sure an error is
returned when it fails to determine the tpm final events log
size.

Suggested-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Jerry Snitselaar <jsnitsel@redhat.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Fixes: e658c82be5 ("efi/tpm: Only set 'efi_tpm_final_log_size' after ...")
Link: https://lkml.kernel.org/r/20191029173755.27149-3-ardb@kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2019-10-31 09:40:17 +01:00
Narendra K 0b6b30c656 efi: Make CONFIG_EFI_RCI2_TABLE selectable on x86 only
For the EFI_RCI2_TABLE Kconfig option, 'make oldconfig' asks the user
for input on platforms where the option may not be applicable. This patch
modifies the Kconfig option to ask the user for input only when CONFIG_X86
or CONFIG_COMPILE_TEST is set to y.

Suggested-by: Geert Uytterhoeven <geert@linux-m68k.org>
Reported-by: Geert Uytterhoeven <geert@linux-m68k.org>
Tested-by: Geert Uytterhoeven <geert+renesas@glider.be>
Signed-off-by: Narendra K <Narendra.K@dell.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Link: https://lkml.kernel.org/r/20191029173755.27149-2-ardb@kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2019-10-31 09:40:16 +01:00
Linus Torvalds 37b238da15 Merge branch 'dmi-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jdelvare/staging
Pull dmi fix from Jean Delvare.

* 'dmi-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jdelvare/staging:
  firmware: dmi: Fix unlikely out-of-bounds read in save_mem_devices
2019-10-15 09:20:07 -07:00
Jean Delvare 81dde26de9 firmware: dmi: Fix unlikely out-of-bounds read in save_mem_devices
Before reading the Extended Size field, we should ensure it fits in
the DMI record. There is already a record length check but it does
not cover that field.

It would take a seriously corrupted DMI table to hit that bug, so no
need to worry, but we should still fix it.

Signed-off-by: Jean Delvare <jdelvare@suse.de>
Fixes: 6deae96b42 ("firmware, DMI: Add function to look up a handle and return DIMM size")
Cc: Tony Luck <tony.luck@intel.com>
Cc: Borislav Petkov <bp@suse.de>
2019-10-14 21:41:24 +02:00
Linus Torvalds da94001239 Char/Misc driver fixes for 5.4-rc3.
Here are some small char/misc driver fixes for 5.4-rc3.
 
 Nothing huge here.  Some binder driver fixes (although it is still being
 discussed if these all fix the reported issues or not, so more might be
 coming later), some mei device ids and fixes, and a google firmware
 driver bugfix that fixes a regression, as well as some other tiny fixes.
 
 All have been in linux-next with no reported issues.
 
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 -----BEGIN PGP SIGNATURE-----
 
 iG0EABECAC0WIQT0tgzFv3jCIUoxPcsxR9QN2y37KQUCXaH5NQ8cZ3JlZ0Brcm9h
 aC5jb20ACgkQMUfUDdst+ymBUACffYSpB3d5HLYX+Ytzg+SWX14X7uIAnRJkmcn9
 8lleiX86zTYyVpBwoQ7c
 =A7ZZ
 -----END PGP SIGNATURE-----

Merge tag 'char-misc-5.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc

Pull char/misc driver fixes from Greg KH:
 "Here are some small char/misc driver fixes for 5.4-rc3.

  Nothing huge here. Some binder driver fixes (although it is still
  being discussed if these all fix the reported issues or not, so more
  might be coming later), some mei device ids and fixes, and a google
  firmware driver bugfix that fixes a regression, as well as some other
  tiny fixes.

  All have been in linux-next with no reported issues"

* tag 'char-misc-5.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc:
  firmware: google: increment VPD key_len properly
  w1: ds250x: Fix build error without CRC16
  virt: vbox: fix memory leak in hgcm_call_preprocess_linaddr
  binder: Fix comment headers on binder_alloc_prepare_to_free()
  binder: prevent UAF read in print_binder_transaction_log_entry()
  misc: fastrpc: prevent memory leak in fastrpc_dma_buf_attach
  mei: avoid FW version request on Ibex Peak and earlier
  mei: me: add comet point (lake) LP device ids
2019-10-12 15:47:19 -07:00
Brian Norris 442f1e746e firmware: google: increment VPD key_len properly
Commit 4b708b7b1a ("firmware: google: check if size is valid when
decoding VPD data") adds length checks, but the new vpd_decode_entry()
function botched the logic -- it adds the key length twice, instead of
adding the key and value lengths separately.

On my local system, this means vpd.c's vpd_section_create_attribs() hits
an error case after the first attribute it parses, since it's no longer
looking at the correct offset. With this patch, I'm back to seeing all
the correct attributes in /sys/firmware/vpd/...

Fixes: 4b708b7b1a ("firmware: google: check if size is valid when decoding VPD data")
Cc: <stable@vger.kernel.org>
Cc: Hung-Te Lin <hungte@chromium.org>
Signed-off-by: Brian Norris <briannorris@chromium.org>
Reviewed-by: Stephen Boyd <swboyd@chromium.org>
Reviewed-by: Guenter Roeck <groeck@chromium.org>
Link: https://lore.kernel.org/r/20190930214522.240680-1-briannorris@chromium.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-10-11 08:41:34 +02:00
Colin Ian King be59d57f98 efi/tpm: Fix sanity check of unsigned tbl_size being less than zero
Currently the check for tbl_size being less than zero is always false
because tbl_size is unsigned. Fix this by making it a signed int.

Addresses-Coverity: ("Unsigned compared against 0")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jerry Snitselaar <jsnitsel@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: kernel-janitors@vger.kernel.org
Cc: linux-efi@vger.kernel.org
Fixes: e658c82be5 ("efi/tpm: Only set 'efi_tpm_final_log_size' after successful event log parsing")
Link: https://lkml.kernel.org/r/20191008100153.8499-1-colin.king@canonical.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2019-10-08 13:01:09 +02:00
Ben Dooks 1ed121e616 efi: Make unexported efi_rci2_sysfs_init() static
The efi_rci2_sysfs_init() is not used outside of rci2-table.c so
make it static to silence the following Sparse warning:

  drivers/firmware/efi/rci2-table.c:79:12: warning: symbol 'efi_rci2_sysfs_init' was not declared. Should it be static?

Signed-off-by: Ben Dooks <ben.dooks@codethink.co.uk>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Dave Young <dyoung@redhat.com>
Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: Jerry Snitselaar <jsnitsel@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Lukas Wunner <lukas@wunner.de>
Cc: Lyude Paul <lyude@redhat.com>
Cc: Matthew Garrett <mjg59@google.com>
Cc: Octavian Purdila <octavian.purdila@intel.com>
Cc: Peter Jones <pjones@redhat.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Scott Talbert <swt@techie.net>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Cc: linux-integrity@vger.kernel.org
Link: https://lkml.kernel.org/r/20191002165904.8819-7-ard.biesheuvel@linaro.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2019-10-07 15:24:36 +02:00
Jerry Snitselaar e658c82be5 efi/tpm: Only set 'efi_tpm_final_log_size' after successful event log parsing
If __calc_tpm2_event_size() fails to parse an event it will return 0,
resulting tpm2_calc_event_log_size() returning -1. Currently there is
no check of this return value, and 'efi_tpm_final_log_size' can end up
being set to this negative value resulting in a crash like this one:

  BUG: unable to handle page fault for address: ffffbc8fc00866ad
  #PF: supervisor read access in kernel mode
  #PF: error_code(0x0000) - not-present page

  RIP: 0010:memcpy_erms+0x6/0x10
  Call Trace:
   tpm_read_log_efi()
   tpm_bios_log_setup()
   tpm_chip_register()
   tpm_tis_core_init.cold.9+0x28c/0x466
   tpm_tis_plat_probe()
   platform_drv_probe()
   ...

Also __calc_tpm2_event_size() returns a size of 0 when it fails
to parse an event, so update function documentation to reflect this.

The root cause of the issue that caused the failure of event parsing
in this case is resolved by Peter Jone's patchset dealing with large
event logs where crossing over a page boundary causes the page with
the event count to be unmapped.

Signed-off-by: Jerry Snitselaar <jsnitsel@redhat.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Ben Dooks <ben.dooks@codethink.co.uk>
Cc: Dave Young <dyoung@redhat.com>
Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Lukas Wunner <lukas@wunner.de>
Cc: Lyude Paul <lyude@redhat.com>
Cc: Matthew Garrett <mjg59@google.com>
Cc: Octavian Purdila <octavian.purdila@intel.com>
Cc: Peter Jones <pjones@redhat.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Scott Talbert <swt@techie.net>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Cc: linux-integrity@vger.kernel.org
Cc: stable@vger.kernel.org
Fixes: c46f340569 ("tpm: Reserve the TPM final events table")
Link: https://lkml.kernel.org/r/20191002165904.8819-6-ard.biesheuvel@linaro.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2019-10-07 15:24:36 +02:00
Peter Jones 05c8c1ff81 efi/tpm: Don't traverse an event log with no events
When there are no entries to put into the final event log, some machines
will return the template they would have populated anyway.  In this case
the nr_events field is 0, but the rest of the log is just garbage.

This patch stops us from trying to iterate the table with
__calc_tpm2_event_size() when the number of events in the table is 0.

Tested-by: Lyude Paul <lyude@redhat.com>
Signed-off-by: Peter Jones <pjones@redhat.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Acked-by: Matthew Garrett <mjg59@google.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Ben Dooks <ben.dooks@codethink.co.uk>
Cc: Dave Young <dyoung@redhat.com>
Cc: Jerry Snitselaar <jsnitsel@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Lukas Wunner <lukas@wunner.de>
Cc: Octavian Purdila <octavian.purdila@intel.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Scott Talbert <swt@techie.net>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Cc: linux-integrity@vger.kernel.org
Cc: stable@vger.kernel.org
Fixes: c46f340569 ("tpm: Reserve the TPM final events table")
Link: https://lkml.kernel.org/r/20191002165904.8819-5-ard.biesheuvel@linaro.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2019-10-07 15:24:35 +02:00
Ard Biesheuvel c05f8f92b7 efivar/ssdt: Don't iterate over EFI vars if no SSDT override was specified
The kernel command line option efivar_ssdt= allows the name to be
specified of an EFI variable containing an ACPI SSDT table that should
be loaded into memory by the OS, and treated as if it was provided by
the firmware.

Currently, that code will always iterate over the EFI variables and
compare each name with the provided name, even if the command line
option wasn't set to begin with.

So bail early when no variable name was provided. This works around a
boot regression on the 2012 Mac Pro, as reported by Scott.

Tested-by: Scott Talbert <swt@techie.net>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: <stable@vger.kernel.org> # v4.9+
Cc: Ben Dooks <ben.dooks@codethink.co.uk>
Cc: Dave Young <dyoung@redhat.com>
Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: Jerry Snitselaar <jsnitsel@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Lukas Wunner <lukas@wunner.de>
Cc: Lyude Paul <lyude@redhat.com>
Cc: Matthew Garrett <mjg59@google.com>
Cc: Octavian Purdila <octavian.purdila@intel.com>
Cc: Peter Jones <pjones@redhat.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Cc: linux-integrity@vger.kernel.org
Fixes: 475fb4e8b2 ("efi / ACPI: load SSTDs from EFI variables")
Link: https://lkml.kernel.org/r/20191002165904.8819-3-ard.biesheuvel@linaro.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2019-10-07 15:24:35 +02:00
Lukas Wunner 6fb9367a15 efi/cper: Fix endianness of PCIe class code
The CPER parser assumes that the class code is big endian, but at least
on this edk2-derived Intel Purley platform it's little endian:

    efi: EFI v2.50 by EDK II BIOS ID:PLYDCRB1.86B.0119.R05.1701181843
    DMI: Intel Corporation PURLEY/PURLEY, BIOS PLYDCRB1.86B.0119.R05.1701181843 01/18/2017

    {1}[Hardware Error]:   device_id: 0000:5d:00.0
    {1}[Hardware Error]:   slot: 0
    {1}[Hardware Error]:   secondary_bus: 0x5e
    {1}[Hardware Error]:   vendor_id: 0x8086, device_id: 0x2030
    {1}[Hardware Error]:   class_code: 000406
                                       ^^^^^^ (should be 060400)

Signed-off-by: Lukas Wunner <lukas@wunner.de>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Ben Dooks <ben.dooks@codethink.co.uk>
Cc: Dave Young <dyoung@redhat.com>
Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: Jerry Snitselaar <jsnitsel@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Lyude Paul <lyude@redhat.com>
Cc: Matthew Garrett <mjg59@google.com>
Cc: Octavian Purdila <octavian.purdila@intel.com>
Cc: Peter Jones <pjones@redhat.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Scott Talbert <swt@techie.net>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Cc: linux-integrity@vger.kernel.org
Link: https://lkml.kernel.org/r/20191002165904.8819-2-ard.biesheuvel@linaro.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2019-10-07 15:24:35 +02:00
Linus Torvalds cef0aa0ce8 ARM: SoC fixes
A few fixes that have trickled in through the merge window:
 
  - Video fixes for OMAP due to panel-dpi driver removal
  - Clock fixes for OMAP that broke no-idle quirks + nfsroot on DRA7
  - Fixing arch version on ASpeed ast2500
  - Two fixes for reset handling on ARM SCMI
 -----BEGIN PGP SIGNATURE-----
 
 iQJDBAABCAAtFiEElf+HevZ4QCAJmMQ+jBrnPN6EHHcFAl2Q+QsPHG9sb2ZAbGl4
 b20ubmV0AAoJEIwa5zzehBx36yIP/2eeqmdd97XJUiX2qGlKlDC+AtVUJnnxzhLa
 jSAIbbN74MCVH3M0BW1ECPbHHXFR54sffLFWwu8rVBr5nRdNPt0xLdXiVJcIVMfr
 by0LeMAOcw9CDxKsLqwwAagKq4HVnwqbZ+RVC3CjGz+Sp+vvSz+T/Ta6GzblASYv
 3zOs1FD+e4pwDqonyp6P5vAlBQ6qFL7AVZFPpNmXsqIzcT1bGEj/RwReErCIoevL
 7ZJr1R69D5IaEXYwWt8dT7bNwMR0gRvskrCQVCCBBcwHkO1PRd6cTXQ9EFBG8LgV
 LCM9F8Z+6QMigqvDFgSMpIz6orhKQKGpHF7K023c4DKBVqwigT/CaTOZgFr74pUJ
 Zp7s2dFcmJo1J2HlYDz3Nde4BFJXy3gNJphD7yI9xMfBNe1EXclvqtqICvnpMpgt
 thDXrReyDhMQukOBlrUcMxABP/EK97fULpC2Z2kaBq3SbnZILAOKFKtISmh5o6eI
 s4+QYETaqnWjYJE9d+YYg0VwNAifSzplSrGJVK43mGpqpQRx49cw25vL8bV/ZRgg
 HMTUX97Oho+EgDC9BWiahe0TZaWBBGJ3hWI/mrBW/dNowxoHp3l/fCcLdBPPKltS
 qo4BbbKPdrgq5o3YRBSjftdnbJ8eE9DTRs1sAsDQeNb9XJih9aiAQE3hxAA9wdJO
 vcRFcZ1Q
 =s4qF
 -----END PGP SIGNATURE-----

Merge tag 'armsoc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc

Pull ARM SoC fixes from Olof Johansson:
 "A few fixes that have trickled in through the merge window:

   - Video fixes for OMAP due to panel-dpi driver removal

   - Clock fixes for OMAP that broke no-idle quirks + nfsroot on DRA7

   - Fixing arch version on ASpeed ast2500

   - Two fixes for reset handling on ARM SCMI"

* tag 'armsoc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc:
  ARM: aspeed: ast2500 is ARMv6K
  reset: reset-scmi: add missing handle initialisation
  firmware: arm_scmi: reset: fix reset_state assignment in scmi_domain_reset
  bus: ti-sysc: Remove unpaired sysc_clkdm_deny_idle()
  ARM: dts: logicpd-som-lv: Fix i2c2 and i2c3 Pin mux
  ARM: dts: am3517-evm: Fix missing video
  ARM: dts: logicpd-torpedo-baseboard: Fix missing video
  ARM: omap2plus_defconfig: Fix missing video
  bus: ti-sysc: Fix handling of invalid clocks
  bus: ti-sysc: Fix clock handling for no-idle quirks
2019-09-30 10:04:28 -07:00
Olof Johansson a4207a1c5e ARM SCMI fixes for v5.4
Couple of fixes: one in scmi reset driver initialising missed scmi handle
 and an other in scmi reset API implementation fixing the assignment of
 reset state
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEunHlEgbzHrJD3ZPhAEG6vDF+4pgFAl2CJ/kACgkQAEG6vDF+
 4pjUDRAAulQC4nLnchAHr77cSVUZdzHtO3fdZy4kyTOrqSzNBOYpMruPqPVx/RrO
 eF4qj+qJh2JpwbUHybo7rURA5DEpPeWrK7xGMRX5sFi0vwwSd0xNNo942VdyBGzx
 n8WiihWDbTulbfRVp3Zbzn1Hg0esYQ3zXJM1moDgmAkjjdjcXbZGDDLLJ8DMxauM
 jDu3v+9ZRYtpoh/GMz3hs1nIBv+/lq6XyYdC9p8ad6GHsdSDwRCg6GSHRPur3Q/a
 4Z4TKvMeqLGfsuHs+ZD/Cvh6HKBSOBBqS99AUny2Y/Rn/5ZYWv69h1Clk3biJ1Cp
 hgEzHDzkPrL/jU8NgGVlRTlX7lmhDXMFpYjP92P2cZSubbIhzNlXdLcJI8VtHZj/
 KKJKwEIu0WsFPrQI509mDdk9i5Dq6Ml9sOGSqyYtknipb3yuoSKaMiUhWSUGZ7PZ
 WQPvylMCCb9xDAU/kxybvx5gaOtaeWy0exQHCMmsNprkpOHWVoCYEhjwD/qixs5I
 BjT8ZTv1pkMql9V5MnB8R0NtMZPJGZiBJH4MCZb8LkTIAAQL8eT+gVUpYUQf98Od
 p4fx09upImpMic2tPuux0KiNnlmfG0E+tu7Jg2PIRhbR9H0l4KOrrMhUcUw4Sy/m
 yWO8X/9tItNlnFb8VTSa8b0/+7ncHeUubwOh/Rw/FM8cdPUtQhQ=
 =FmDn
 -----END PGP SIGNATURE-----

Merge tag 'scmi-fixes-5.4' of git://git.kernel.org/pub/scm/linux/kernel/git/sudeep.holla/linux into arm/fixes

ARM SCMI fixes for v5.4

Couple of fixes: one in scmi reset driver initialising missed scmi handle
and an other in scmi reset API implementation fixing the assignment of
reset state

* tag 'scmi-fixes-5.4' of git://git.kernel.org/pub/scm/linux/kernel/git/sudeep.holla/linux:
  reset: reset-scmi: add missing handle initialisation
  firmware: arm_scmi: reset: fix reset_state assignment in scmi_domain_reset

Link: https://lore.kernel.org/r/20190918142139.GA4370@bogus
Signed-off-by: Olof Johansson <olof@lixom.net>
2019-09-29 11:20:41 -07:00
Linus Torvalds aefcf2f4b5 Merge branch 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull kernel lockdown mode from James Morris:
 "This is the latest iteration of the kernel lockdown patchset, from
  Matthew Garrett, David Howells and others.

  From the original description:

    This patchset introduces an optional kernel lockdown feature,
    intended to strengthen the boundary between UID 0 and the kernel.
    When enabled, various pieces of kernel functionality are restricted.
    Applications that rely on low-level access to either hardware or the
    kernel may cease working as a result - therefore this should not be
    enabled without appropriate evaluation beforehand.

    The majority of mainstream distributions have been carrying variants
    of this patchset for many years now, so there's value in providing a
    doesn't meet every distribution requirement, but gets us much closer
    to not requiring external patches.

  There are two major changes since this was last proposed for mainline:

   - Separating lockdown from EFI secure boot. Background discussion is
     covered here: https://lwn.net/Articles/751061/

   -  Implementation as an LSM, with a default stackable lockdown LSM
      module. This allows the lockdown feature to be policy-driven,
      rather than encoding an implicit policy within the mechanism.

  The new locked_down LSM hook is provided to allow LSMs to make a
  policy decision around whether kernel functionality that would allow
  tampering with or examining the runtime state of the kernel should be
  permitted.

  The included lockdown LSM provides an implementation with a simple
  policy intended for general purpose use. This policy provides a coarse
  level of granularity, controllable via the kernel command line:

    lockdown={integrity|confidentiality}

  Enable the kernel lockdown feature. If set to integrity, kernel features
  that allow userland to modify the running kernel are disabled. If set to
  confidentiality, kernel features that allow userland to extract
  confidential information from the kernel are also disabled.

  This may also be controlled via /sys/kernel/security/lockdown and
  overriden by kernel configuration.

  New or existing LSMs may implement finer-grained controls of the
  lockdown features. Refer to the lockdown_reason documentation in
  include/linux/security.h for details.

  The lockdown feature has had signficant design feedback and review
  across many subsystems. This code has been in linux-next for some
  weeks, with a few fixes applied along the way.

  Stephen Rothwell noted that commit 9d1f8be5cf ("bpf: Restrict bpf
  when kernel lockdown is in confidentiality mode") is missing a
  Signed-off-by from its author. Matthew responded that he is providing
  this under category (c) of the DCO"

* 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (31 commits)
  kexec: Fix file verification on S390
  security: constify some arrays in lockdown LSM
  lockdown: Print current->comm in restriction messages
  efi: Restrict efivar_ssdt_load when the kernel is locked down
  tracefs: Restrict tracefs when the kernel is locked down
  debugfs: Restrict debugfs when the kernel is locked down
  kexec: Allow kexec_file() with appropriate IMA policy when locked down
  lockdown: Lock down perf when in confidentiality mode
  bpf: Restrict bpf when kernel lockdown is in confidentiality mode
  lockdown: Lock down tracing and perf kprobes when in confidentiality mode
  lockdown: Lock down /proc/kcore
  x86/mmiotrace: Lock down the testmmiotrace module
  lockdown: Lock down module params that specify hardware parameters (eg. ioport)
  lockdown: Lock down TIOCSSERIAL
  lockdown: Prohibit PCMCIA CIS storage when the kernel is locked down
  acpi: Disable ACPI table override if the kernel is locked down
  acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down
  ACPI: Limit access to custom_method when the kernel is locked down
  x86/msr: Restrict MSR access when the kernel is locked down
  x86: Lock down IO port access when the kernel is locked down
  ...
2019-09-28 08:14:15 -07:00
Linus Torvalds 5d4156ac48 firmware: bcm47xx_nvram: _really_ correct size_t printf format
Commit feb4eb060c ("firmware: bcm47xx_nvram: Correct size_t printf
format") was wrong, and changed a printout of 'header.len' - which is an
u32 type - to use '%zu'.

It apparently did pattern matching on the other case, where it printed
out 'nvram_len', which is indeed of type 'size_t'.

Rather than undoing the change, this just makes it use the variable that
the change seemed to expect to be used.

Cc: Florian Fainelli <f.fainelli@gmail.com>
Cc: Philippe Mathieu-Daudé <f4bug@amsat.org>
Cc: Paul Burton <paul.burton@mips.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2019-09-22 11:31:15 -07:00
Linus Torvalds 5c6bd5de3c Main MIPS changes for v5.4:
- boot_mem_map is removed, providing a nice cleanup made possible by the
   recent removal of bootmem.
 
 - Some fixes to atomics, in general providing compiler barriers for
   smp_mb__{before,after}_atomic plus fixes specific to Loongson CPUs or
   MIPS32 systems using cmpxchg64().
 
 - Conversion to the new generic VDSO infrastructure courtesy of Vincenzo
   Frascino.
 
 - Removal of undefined behavior in set_io_port_base(), fixing the
   behavior of some MIPS kernel configurations when built with recent
   clang versions.
 
 - Initial MIPS32 huge page support, functional on at least Ingenic SoCs.
 
 - pte_special() is now supported for some configurations, allowing among
   other things generic fast GUP to be used.
 
 - Miscellaneous fixes & cleanups.
 
 And platform specific changes:
 
 - Major improvements to Ingenic SoC support from Paul Cercueil, mostly
   enabled by the inclusion of the new TCU (timer-counter unit) drivers
   he's spent a very patient year or so working on. Plus some fixes for
   X1000 SoCs from Zhou Yanjie.
 
 - Netgear R6200 v1 systems are now supported by the bcm47xx platform.
 
 - DT updates for BMIPS, Lantiq & Microsemi Ocelot systems.
 -----BEGIN PGP SIGNATURE-----
 
 iIsEABYIADMWIQRgLjeFAZEXQzy86/s+p5+stXUA3QUCXYaqpRUccGF1bC5idXJ0
 b25AbWlwcy5jb20ACgkQPqefrLV1AN2JUQD+PQGFIlq9bo/3vLyqsXJffm+DhwVQ
 4WSCSeN5brPkO8EA/153sRJBlRtG+KK5p9f7WYKUuBfbcEawuc1uwmKuy7cG
 =lWlM
 -----END PGP SIGNATURE-----

Merge tag 'mips_5.4' of git://git.kernel.org/pub/scm/linux/kernel/git/mips/linux

Pull MIPS updates from Paul Burton:
 "Main MIPS changes:

   - boot_mem_map is removed, providing a nice cleanup made possible by
     the recent removal of bootmem.

   - Some fixes to atomics, in general providing compiler barriers for
     smp_mb__{before,after}_atomic plus fixes specific to Loongson CPUs
     or MIPS32 systems using cmpxchg64().

   - Conversion to the new generic VDSO infrastructure courtesy of
     Vincenzo Frascino.

   - Removal of undefined behavior in set_io_port_base(), fixing the
     behavior of some MIPS kernel configurations when built with recent
     clang versions.

   - Initial MIPS32 huge page support, functional on at least Ingenic
     SoCs.

   - pte_special() is now supported for some configurations, allowing
     among other things generic fast GUP to be used.

   - Miscellaneous fixes & cleanups.

  And platform specific changes:

   - Major improvements to Ingenic SoC support from Paul Cercueil,
     mostly enabled by the inclusion of the new TCU (timer-counter unit)
     drivers he's spent a very patient year or so working on. Plus some
     fixes for X1000 SoCs from Zhou Yanjie.

   - Netgear R6200 v1 systems are now supported by the bcm47xx platform.

   - DT updates for BMIPS, Lantiq & Microsemi Ocelot systems"

* tag 'mips_5.4' of git://git.kernel.org/pub/scm/linux/kernel/git/mips/linux: (89 commits)
  MIPS: Detect bad _PFN_SHIFT values
  MIPS: Disable pte_special() for MIPS32 with RiXi
  MIPS: ralink: deactivate PCI support for SOC_MT7621
  mips: compat: vdso: Use legacy syscalls as fallback
  MIPS: Drop Loongson _CACHE_* definitions
  MIPS: tlbex: Remove cpu_has_local_ebase
  MIPS: tlbex: Simplify r3k check
  MIPS: Select R3k-style TLB in Kconfig
  MIPS: PCI: refactor ioc3 special handling
  mips: remove ioremap_cachable
  mips/atomic: Fix smp_mb__{before,after}_atomic()
  mips/atomic: Fix loongson_llsc_mb() wreckage
  mips/atomic: Fix cmpxchg64 barriers
  MIPS: Octeon: remove duplicated include from dma-octeon.c
  firmware: bcm47xx_nvram: Allow COMPILE_TEST
  firmware: bcm47xx_nvram: Correct size_t printf format
  MIPS: Treat Loongson Extensions as ASEs
  MIPS: Remove dev_err() usage after platform_get_irq()
  MIPS: dts: mscc: describe the PTP ready interrupt
  MIPS: dts: mscc: describe the PTP register range
  ...
2019-09-22 09:30:30 -07:00
Linus Torvalds 6cfae0c26b Char/Misc driver patches for 5.4-rc1
Here is the big char/misc driver pull request for 5.4-rc1.
 
 As has been happening in previous releases, more and more individual
 driver subsystem trees are ending up in here.  Now if that is good or
 bad I can't tell, but hopefully it makes your life easier as it's more
 of an aggregation of trees together to one merge point for you.
 
 Anyway, lots of stuff in here:
 	- habanalabs driver updates
 	- thunderbolt driver updates
 	- misc driver updates
 	- coresight and intel_th hwtracing driver updates
 	- fpga driver updates
 	- extcon driver updates
 	- some dma driver updates
 	- char driver updates
 	- android binder driver updates
 	- nvmem driver updates
 	- phy driver updates
 	- parport driver fixes
 	- pcmcia driver fix
 	- uio driver updates
 	- w1 driver updates
 	- configfs fixes
 	- other assorted driver updates
 
 All of these have been in linux-next for a long time with no reported
 issues.
 
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 -----BEGIN PGP SIGNATURE-----
 
 iG0EABECAC0WIQT0tgzFv3jCIUoxPcsxR9QN2y37KQUCXYIT1g8cZ3JlZ0Brcm9h
 aC5jb20ACgkQMUfUDdst+ym9lwCgrHZlMMvfYNVm6GQ5ge58JJsVTL4AoNatTcL4
 hfVMA6pCHWBjV65xVSf6
 =Tijw
 -----END PGP SIGNATURE-----

Merge tag 'char-misc-5.4-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc

Pull char/misc driver updates from Greg KH:
 "Here is the big char/misc driver pull request for 5.4-rc1.

  As has been happening in previous releases, more and more individual
  driver subsystem trees are ending up in here. Now if that is good or
  bad I can't tell, but hopefully it makes your life easier as it's more
  of an aggregation of trees together to one merge point for you.

  Anyway, lots of stuff in here:
     - habanalabs driver updates
     - thunderbolt driver updates
     - misc driver updates
     - coresight and intel_th hwtracing driver updates
     - fpga driver updates
     - extcon driver updates
     - some dma driver updates
     - char driver updates
     - android binder driver updates
     - nvmem driver updates
     - phy driver updates
     - parport driver fixes
     - pcmcia driver fix
     - uio driver updates
     - w1 driver updates
     - configfs fixes
     - other assorted driver updates

  All of these have been in linux-next for a long time with no reported
  issues"

* tag 'char-misc-5.4-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc: (200 commits)
  misc: mic: Use PTR_ERR_OR_ZERO rather than its implementation
  habanalabs: correctly cast variable to __le32
  habanalabs: show correct id in error print
  habanalabs: stop using the acronym KMD
  habanalabs: display card name as sensors header
  habanalabs: add uapi to retrieve aggregate H/W events
  habanalabs: add uapi to retrieve device utilization
  habanalabs: Make the Coresight timestamp perpetual
  habanalabs: explicitly set the queue-id enumerated numbers
  habanalabs: print to kernel log when reset is finished
  habanalabs: replace __le32_to_cpu with le32_to_cpu
  habanalabs: replace __cpu_to_le32/64 with cpu_to_le32/64
  habanalabs: Handle HW_IP_INFO if device disabled or in reset
  habanalabs: Expose devices after initialization is done
  habanalabs: improve security in Debug IOCTL
  habanalabs: use default structure for user input in Debug IOCTL
  habanalabs: Add descriptive name to PSOC app status register
  habanalabs: Add descriptive names to PSOC scratch-pad registers
  habanalabs: create two char devices per ASIC
  habanalabs: change device_setup_cdev() to be more generic
  ...
2019-09-18 11:14:31 -07:00
Linus Torvalds 1f7d290a72 Driver core patches for 5.4-rc1
Here is the big driver core update for 5.4-rc1.
 
 There was a bit of a churn in here, with a number of core and OF
 platform patches being added to the tree, and then after much discussion
 and review and a day-long in-person meeting, they were decided to be
 reverted and a new set of patches is currently being reviewed on the
 mailing list.
 
 Other than that churn, there are two "persistent" branches in here that
 other trees will be pulling in as well during the merge window.  One
 branch to add support for drivers to have the driver core automatically
 add sysfs attribute files when a driver is bound to a device so that the
 driver doesn't have to manually do it (and then clean it up, as it
 always gets it wrong).
 
 There's another branch in here for generic lookup helpers for the driver
 core that lots of busses are starting to use.  That's the majority of
 the non-driver-core changes in this patch series.
 
 There's also some on-going debugfs file creation cleanup that has been
 slowly happening over the past few releases, with the goal to hopefully
 get that done sometime next year.
 
 All of these have been in linux-next for a while now with no reported
 issues.
 
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 -----BEGIN PGP SIGNATURE-----
 
 iG0EABECAC0WIQT0tgzFv3jCIUoxPcsxR9QN2y37KQUCXYIVHA8cZ3JlZ0Brcm9h
 aC5jb20ACgkQMUfUDdst+ymEVwCfRPxQHQplI6ZR6h0jPscLSaZnaFIAn1a+rjO2
 EFuuXJ5Ip72F5Ch9AW3G
 =r8lH
 -----END PGP SIGNATURE-----

Merge tag 'driver-core-5.4-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core

Pull driver core updates from Greg Kroah-Hartman:
 "Here is the big driver core update for 5.4-rc1.

  There was a bit of a churn in here, with a number of core and OF
  platform patches being added to the tree, and then after much
  discussion and review and a day-long in-person meeting, they were
  decided to be reverted and a new set of patches is currently being
  reviewed on the mailing list.

  Other than that churn, there are two "persistent" branches in here
  that other trees will be pulling in as well during the merge window.
  One branch to add support for drivers to have the driver core
  automatically add sysfs attribute files when a driver is bound to a
  device so that the driver doesn't have to manually do it (and then
  clean it up, as it always gets it wrong).

  There's another branch in here for generic lookup helpers for the
  driver core that lots of busses are starting to use. That's the
  majority of the non-driver-core changes in this patch series.

  There's also some on-going debugfs file creation cleanup that has been
  slowly happening over the past few releases, with the goal to
  hopefully get that done sometime next year.

  All of these have been in linux-next for a while now with no reported
  issues"

[ Note that the above-mentioned generic lookup helpers branch was
  already brought in by the LED merge (commit 4feaab05dc) that had
  shared it.

  Also note that that common branch introduced an i2c bug due to a bad
  conversion, which got fixed here. - Linus ]

* tag 'driver-core-5.4-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core: (49 commits)
  coccinelle: platform_get_irq: Fix parse error
  driver-core: add include guard to linux/container.h
  sysfs: add BIN_ATTR_WO() macro
  driver core: platform: Export platform_get_irq_optional()
  hwmon: pwm-fan: Use platform_get_irq_optional()
  driver core: platform: Introduce platform_get_irq_optional()
  Revert "driver core: Add support for linking devices during device addition"
  Revert "driver core: Add edit_links() callback for drivers"
  Revert "of/platform: Add functional dependency link from DT bindings"
  Revert "driver core: Add sync_state driver/bus callback"
  Revert "of/platform: Pause/resume sync state during init and of_platform_populate()"
  Revert "of/platform: Create device links for all child-supplier depencencies"
  Revert "of/platform: Don't create device links for default busses"
  Revert "of/platform: Fix fn definitons for of_link_is_valid() and of_link_property()"
  Revert "of/platform: Fix device_links_supplier_sync_state_resume() warning"
  Revert "of/platform: Disable generic device linking code for PowerPC"
  devcoredump: fix typo in comment
  devcoredump: use memory_read_from_buffer
  of/platform: Disable generic device linking code for PowerPC
  device.h: Fix warnings for mismatched parameter names in comments
  ...
2019-09-18 10:04:39 -07:00
Sudeep Holla 11ed5cf064 firmware: arm_scmi: reset: fix reset_state assignment in scmi_domain_reset
Fix the copy paste typo that incorrectly assigns domain_id with the
passed 'state' parameter instead of reset_state.

Fixes: 95a15d80aa ("firmware: arm_scmi: Add RESET protocol in SCMI v2.0")
Reported-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
2019-09-18 13:42:16 +01:00
Linus Torvalds cc9b499a1f Merge branch 'efi-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull EFI updates from Ingo Molnar:

 - refactor the EFI config table handling across architectures

 - add support for the Dell EMC OEM config table

 - include AER diagnostic output to CPER handling of fatal PCIe errors

* 'efi-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  efi: cper: print AER info of PCIe fatal error
  efi: Export Runtime Configuration Interface table to sysfs
  efi: ia64: move SAL systab handling out of generic EFI code
  efi/x86: move UV_SYSTAB handling into arch/x86
  efi: x86: move efi_is_table_address() into arch/x86
2019-09-16 16:47:38 -07:00
Linus Torvalds 399eb9b6cb ARM: SoC driver updates for v5.4
The branch contains driver changes that are tightly
 connected to SoC specific code. Aside from smaller
 cleanups and bug fixes, here is a list of the notable
 changes.
 
 New device drivers:
 
 - The Turris Mox router has a new "moxtet" bus driver
   for its on-board pluggable extension bus. The
   same platform also gains a firmware driver.
 
 - The Samsung Exynos family gains a new Chipid driver
   exporting using the soc device sysfs interface
 
 - A similar socinfo driver for Qualcomm Snapdragon
   chips.
 
 - A firmware driver for the NXP i.MX DSP IPC protocol
   using shared memory and a mailbox
 
 Other changes:
 
 - The i.MX reset controller driver now supports the
   NXP i.MX8MM chip
 
 - Amlogic SoC specific drivers gain support for
   the S905X3 and A311D chips
 
 - A rework of the TI Davinci framebuffer driver to
   allow important cleanups in the platform code
 
 - A couple of device drivers for removed ARM SoC
   platforms are removed. Most of the removals were
   picked up by other maintainers, this contains
   whatever was left.
 
 Signed-off-by: Arnd Bergmann <arnd@arndb.de>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iQIcBAABCAAGBQJdf6SUAAoJEJpsee/mABjZAfwP/01bXBOlGVusNH2zuh8IUSHb
 //5sTdWpwa2ugRekLOJUOjo2p9Fu70yH6xr4RUHI0rcRjZA0xR3bZPx45gI8LRHQ
 tfb25LaKqfgZjWMCJ8due1Lh7B6ffOQukryMtM/LoiCtqsy7b6aThEKaLpM9/Owl
 t53o4wKaVQJK5He9JQom9NOZidkl7tYLHmDQTOXhX2UEA/i45vtfjdsEBvoFPbTx
 +bYvlqs+SWlpDJk29j+oBOeKadPF+TFboLDiUCxH44MC3OsH51zjtKVBRTtbNMkb
 ek/ci5x9hCeHcYSEigNq2EMzEln09Yxyvjk8U/jLiJ1h1kz3p5MjqJbVMF1rYXpe
 ALuAwinM8Zv2o5/UOCkiQTWq79PtpOKHZKpNBXkaJ8kyqBLMSy8Fs3hCvXrDnjnQ
 TC8jX7UBqHRV2rbQIYehAQAxTvcRgTbqusQGLkUJInlux6go57LoMYHPABpHftJV
 kRdVeT0KzdCz1pvQwyekIog5hPLNTBi4jw6eQcOgeENvAea1MJa8lMMfKcVbIdS0
 ZVvxLl+K6noEKAv5lSeHAzjXq+cQFr3zDCsWy351mJETDHmE8zjsaHN1SgbRYLEk
 ZqzNwUYaPYBis38g85qaY/TSsJrWJ+jP8u7s9HTw3Oywg8SRy5vtW177s00/9VOd
 PYZ2UpqUeX8cdvggqUUU
 =lxFi
 -----END PGP SIGNATURE-----

Merge tag 'armsoc-drivers' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc

Pull ARM SoC driver updates from Arnd Bergmann:
 "This contains driver changes that are tightly connected to SoC
  specific code. Aside from smaller cleanups and bug fixes, here is a
  list of the notable changes.

  New device drivers:

   - The Turris Mox router has a new "moxtet" bus driver for its
     on-board pluggable extension bus. The same platform also gains a
     firmware driver.

   - The Samsung Exynos family gains a new Chipid driver exporting using
     the soc device sysfs interface

   - A similar socinfo driver for Qualcomm Snapdragon chips.

   - A firmware driver for the NXP i.MX DSP IPC protocol using shared
     memory and a mailbox

  Other changes:

   - The i.MX reset controller driver now supports the NXP i.MX8MM chip

   - Amlogic SoC specific drivers gain support for the S905X3 and A311D
     chips

   - A rework of the TI Davinci framebuffer driver to allow important
     cleanups in the platform code

   - A couple of device drivers for removed ARM SoC platforms are
     removed. Most of the removals were picked up by other maintainers,
     this contains whatever was left"

* tag 'armsoc-drivers' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: (123 commits)
  bus: uniphier-system-bus: use devm_platform_ioremap_resource()
  soc: ti: ti_sci_pm_domains: Add support for exclusive and shared access
  dt-bindings: ti_sci_pm_domains: Add support for exclusive and shared access
  firmware: ti_sci: Allow for device shared and exclusive requests
  bus: imx-weim: remove incorrect __init annotations
  fbdev: remove w90x900/nuc900 platform drivers
  spi: remove w90x900 driver
  net: remove w90p910-ether driver
  net: remove ks8695 driver
  firmware: turris-mox-rwtm: Add sysfs documentation
  firmware: Add Turris Mox rWTM firmware driver
  dt-bindings: firmware: Document cznic,turris-mox-rwtm binding
  bus: moxtet: fix unsigned comparison to less than zero
  bus: moxtet: remove set but not used variable 'dummy'
  ARM: scoop: Use the right include
  dt-bindings: power: add Amlogic Everything-Else power domains bindings
  soc: amlogic: Add support for Everything-Else power domains controller
  fbdev: da8xx: use resource management for dma
  fbdev: da8xx-fb: drop a redundant if
  fbdev: da8xx-fb: use devm_platform_ioremap_resource()
  ...
2019-09-16 15:52:38 -07:00
Linus Torvalds e77fafe9af arm64 updates for 5.4:
- 52-bit virtual addressing in the kernel
 
 - New ABI to allow tagged user pointers to be dereferenced by syscalls
 
 - Early RNG seeding by the bootloader
 
 - Improve robustness of SMP boot
 
 - Fix TLB invalidation in light of recent architectural clarifications
 
 - Support for i.MX8 DDR PMU
 
 - Remove direct LSE instruction patching in favour of static keys
 
 - Function error injection using kprobes
 
 - Support for the PPTT "thread" flag introduced by ACPI 6.3
 
 - Move PSCI idle code into proper cpuidle driver
 
 - Relaxation of implicit I/O memory barriers
 
 - Build with RELR relocations when toolchain supports them
 
 - Numerous cleanups and non-critical fixes
 -----BEGIN PGP SIGNATURE-----
 
 iQFEBAABCgAuFiEEPxTL6PPUbjXGY88ct6xw3ITBYzQFAl1yYREQHHdpbGxAa2Vy
 bmVsLm9yZwAKCRC3rHDchMFjNAM3CAChqDFQkryXoHwdeEcaukMRVNxtxOi4pM4g
 5xqkb7PoqRJssIblsuhaXjrSD97yWCgaqCmFe6rKoes++lP4bFcTe22KXPPyPBED
 A+tK4nTuKKcZfVbEanUjI+ihXaHJmKZ/kwAxWsEBYZ4WCOe3voCiJVNO2fHxqg1M
 8TskZ2BoayTbWMXih0eJg2MCy/xApBq4b3nZG4bKI7Z9UpXiKN1NYtDh98ZEBK4V
 d/oNoHsJ2ZvIQsztoBJMsvr09DTCazCijWZiECadm6l41WEPFizngrACiSJLLtYo
 0qu4qxgg9zgFlvBCRQmIYSggTuv35RgXSfcOwChmW5DUjHG+f9GK
 =Ru4B
 -----END PGP SIGNATURE-----

Merge tag 'arm64-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux

Pull arm64 updates from Will Deacon:
 "Although there isn't tonnes of code in terms of line count, there are
  a fair few headline features which I've noted both in the tag and also
  in the merge commits when I pulled everything together.

  The part I'm most pleased with is that we had 35 contributors this
  time around, which feels like a big jump from the usual small group of
  core arm64 arch developers. Hopefully they all enjoyed it so much that
  they'll continue to contribute, but we'll see.

  It's probably worth highlighting that we've pulled in a branch from
  the risc-v folks which moves our CPU topology code out to where it can
  be shared with others.

  Summary:

   - 52-bit virtual addressing in the kernel

   - New ABI to allow tagged user pointers to be dereferenced by
     syscalls

   - Early RNG seeding by the bootloader

   - Improve robustness of SMP boot

   - Fix TLB invalidation in light of recent architectural
     clarifications

   - Support for i.MX8 DDR PMU

   - Remove direct LSE instruction patching in favour of static keys

   - Function error injection using kprobes

   - Support for the PPTT "thread" flag introduced by ACPI 6.3

   - Move PSCI idle code into proper cpuidle driver

   - Relaxation of implicit I/O memory barriers

   - Build with RELR relocations when toolchain supports them

   - Numerous cleanups and non-critical fixes"

* tag 'arm64-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux: (114 commits)
  arm64: remove __iounmap
  arm64: atomics: Use K constraint when toolchain appears to support it
  arm64: atomics: Undefine internal macros after use
  arm64: lse: Make ARM64_LSE_ATOMICS depend on JUMP_LABEL
  arm64: asm: Kill 'asm/atomic_arch.h'
  arm64: lse: Remove unused 'alt_lse' assembly macro
  arm64: atomics: Remove atomic_ll_sc compilation unit
  arm64: avoid using hard-coded registers for LSE atomics
  arm64: atomics: avoid out-of-line ll/sc atomics
  arm64: Use correct ll/sc atomic constraints
  jump_label: Don't warn on __exit jump entries
  docs/perf: Add documentation for the i.MX8 DDR PMU
  perf/imx_ddr: Add support for AXI ID filtering
  arm64: kpti: ensure patched kernel text is fetched from PoU
  arm64: fix fixmap copy for 16K pages and 48-bit VA
  perf/smmuv3: Validate groups for global filtering
  perf/smmuv3: Validate group size
  arm64: Relax Documentation/arm64/tagged-pointers.rst
  arm64: kvm: Replace hardcoded '1' with SYS_PAR_EL1_F
  arm64: mm: Ignore spurious translation faults taken from the kernel
  ...
2019-09-16 14:31:40 -07:00
Arnd Bergmann 3dc8dcb02f Qualcomm ARM Based Driver Updates for v5.4
* Add AOSS QMP support
 * Various fixups for Qualcomm SCM
 * Add socinfo driver
 * Add SoC serial number attribute and associated APIs
 * Add SM8150 and SC7180 support in Qualcomm SCM
 * Fixup max processor count in SMEM
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJdZpm4AAoJEFKiBbHx2RXV6UEP/1S0B3yKF+/HBylghMBgYI21
 P0qWH0cGSYioCLYEPn1qZjftBGSg9K3e31IoFk/mSDy0rt4wbg53ribkL6tE7M+c
 ZLZfOs06stGLg6Nf/oLz2SbN2bQsIZBGJoVgp58N/z4Qymspvf7Vg4y9VCy/dzqe
 R5bQZhYNWJNzv2q2vju06ACCkQgkRVfIuQSI+69t3bbeWJrHatVrPRHP8Xi8kaTh
 /nI7hkO9ouMC6Uda8/aeGoo5V/xaC+rankp9ttdFeHNVXMgk6c3v5rD4fSYw+CVY
 Icw7MCKGF1QPjHkLofTZsqpADHabUwu/NmDV1D5c1A/qu0gBocPSI1o1XbChlceS
 E/3oO9DJQoNxJOKPxMzZwtVRAeGGrk7/PflkBY+/55XNXO4zasD0Kbi3/ReUokBJ
 G5zyN/Lm/gsSfsyiJBFMN02mxbKixlSd/XDp/gClLf7f1QXV+IFyeiDkyMxWH00b
 gM4c8hJalWJ2jKi9JDA7GVJD9N+8Q76+Z4HmGiyJJZXtLrVB+ehQFrSOxt97qvBE
 4KeZUTfSON++8LpWeP3zVSB1Kox6+cCGQEK0VmwhEHOjE4gg8iV/YIKznwx7clTn
 XepzT4K49xO5NQ9h9g2rXNdzvuXvVrKA/CuCtv6/24aSifHHpFroCIewcKZa++/m
 Pv3LzPbX4a8d5Hq/qP0o
 =MsUS
 -----END PGP SIGNATURE-----

Merge tag 'qcom-drivers-for-5.4' of git://git.kernel.org/pub/scm/linux/kernel/git/qcom/linux into arm/drivers

Qualcomm ARM Based Driver Updates for v5.4

* Add AOSS QMP support
* Various fixups for Qualcomm SCM
* Add socinfo driver
* Add SoC serial number attribute and associated APIs
* Add SM8150 and SC7180 support in Qualcomm SCM
* Fixup max processor count in SMEM

* tag 'qcom-drivers-for-5.4' of git://git.kernel.org/pub/scm/linux/kernel/git/qcom/linux:
  soc: qcom: aoss: Add AOSS QMP support
  dt-bindings: soc: qcom: aoss: Add SM8150 and SC7180 support
  dt-bindings: firmware: scm: Add SM8150 and SC7180 support
  dt-bindings: firmware: scm: re-order compatible list
  soc: qcom: smem: Update max processor count
  soc: qcom: socinfo: Annotate switch cases with fall through
  soc: qcom: Extend AOSS QMP driver to support resources that are used to wake up the SoC.
  soc: qcom: socinfo: Expose image information
  soc: qcom: socinfo: Expose custom attributes
  soc: qcom: Add socinfo driver
  base: soc: Export soc_device_register/unregister APIs
  base: soc: Add serial_number attribute to soc
  firmware: qcom_scm: Cleanup code in qcom_scm_assign_mem()
  firmware: qcom_scm: Fix some typos in docs and printks
  firmware: qcom_scm: Use proper types for dma mappings
2019-09-12 13:46:20 +02:00
Lokesh Vutla 45b659ee75 firmware: ti_sci: Allow for device shared and exclusive requests
Sysfw provides an option for requesting exclusive access for a
device using the flags MSG_FLAG_DEVICE_EXCLUSIVE. If this flag is
not used, the device is meant to be shared across hosts. Once a device
is requested from a host with this flag set, any request to this
device from a different host will be nacked by sysfw. Current tisci
driver enables this flag for every device requests. But this may not
be true for all the devices. So provide a separate commands in driver
for exclusive and shared device requests.

Reviewed-by: Nishanth Menon <nm@ti.com>
Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
Signed-off-by: Santosh Shilimkar <santosh.shilimkar@oracle.com>
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2019-09-04 20:44:33 +02:00
Marek Behún 389711b374 firmware: Add Turris Mox rWTM firmware driver
This adds a driver to communicate with the firmware running on the
secure processor of the Turris Mox router, enabling the kernel to
retrieve true random numbers from the Entropy Bit Generator and to read
some information burned into eFuses when device was manufactured:

and to
sign messages with the ECDSA private key burned into each Turris Mox
device when manufacturing.

This also adds support to read other information burned into eFuses:
 - serial number
 - board version
 - MAC addresses
 - RAM size
 - ECDSA public key (this is not read directly from eFuses, rather it
   is computed by the firmware as pair to the burned private key)

The source code of the firmware is open source and can be found at
https://gitlab.labs.nic.cz/turris/mox-boot-builder/tree/master/wtmi

The firmware is also able to, on demand, sign messages with the burned
ECDSA private key, but since Linux's akcipher API is not yet stable
(and therefore not exposed to userspace via netlink), this functionality
is not supported yet.

Link: https://lore.kernel.org/r/20190822014318.19478-3-marek.behun@nic.cz
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2019-09-04 17:32:13 +02:00
Richard Gong 4526ebbc77 firmware: add Intel Stratix10 remote system update driver
The Intel Remote System Update (RSU) driver exposes interfaces access
through the Intel Service Layer to user space via sysfs interface.
The RSU interfaces report and control some of the optional RSU features
on Intel Stratix 10 SoC.

The RSU feature provides a way for customers to update the boot
configuration of a Intel Stratix 10 SoC device with significantly reduced
risk of corrupting the bitstream storage and bricking the system.

Signed-off-by: Richard Gong <richard.gong@intel.com>
Reviewed-by: Alan Tull <atull@kernel.org>
Link: https://lore.kernel.org/r/1567516701-26026-3-git-send-email-richard.gong@linux.intel.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-09-04 13:31:28 +02:00
Richard Gong b5dc75c915 firmware: stratix10-svc: extend svc to support new RSU features
Extend Intel Stratix10 service layer driver to support new RSU notify and
MAX_RETRY with watchdog event.

RSU is used to provide our customers with protection against loading bad
bitstream onto their devices when those devices are booting from flash

RSU notifies provides users with an API to notify the firmware of the
state of hard processor system.

To deal with watchdog event, RSU provides a way for user to retry the
current running image several times before giving up and starting normal
RSU failover flow.

Signed-off-by: Richard Gong <richard.gong@intel.com>
Reviewed-by: Alan Tull <atull@kernel.org>
Link: https://lore.kernel.org/r/1567516701-26026-2-git-send-email-richard.gong@linux.intel.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-09-04 13:31:28 +02:00
Hung-Te Lin 4b708b7b1a firmware: google: check if size is valid when decoding VPD data
The VPD implementation from Chromium Vital Product Data project used to
parse data from untrusted input without checking if the meta data is
invalid or corrupted. For example, the size from decoded content may
be negative value, or larger than whole input buffer. Such invalid data
may cause buffer overflow.

To fix that, the size parameters passed to vpd_decode functions should
be changed to unsigned integer (u32) type, and the parsing of entry
header should be refactored so every size field is correctly verified
before starting to decode.

Fixes: ad2ac9d5c5 ("firmware: Google VPD: import lib_vpd source files")
Signed-off-by: Hung-Te Lin <hungte@chromium.org>
Cc: stable <stable@vger.kernel.org>
Reviewed-by: Guenter Roeck <linux@roeck-us.net>
Reviewed-by: Stephen Boyd <swboyd@chromium.org>
Link: https://lore.kernel.org/r/20190830022402.214442-1-hungte@chromium.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-09-04 13:31:28 +02:00
Arnd Bergmann bff00fdf03 i.MX drivers update for 5.4:
- A series from Anson Huang to add UID support for i.MX8 SoC and SCU
    drivers.
  - A series from Daniel Baluta to add DSP IPC driver for communication
    between host AP (Linux) and the firmware running on DSP embedded in
    i.MX8 SoCs.
  - A small fix for GPCv2 error code printing.
  - Switch from module_platform_driver_probe() to module_platform_driver()
    for imx-weim driver, as we need the driver to probe again when device
    is present later.
  - Add optional burst clock mode support for imx-weim driver.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJdYoCEAAoJEFBXWFqHsHzOkDgH/jWNgp3QR3omPQGX80oM6/ga
 3x78GDJyQfzZKWyOJbWz12tzXWlD1fmGIZy7SeuvXlYUbNnE1WU6ARFGDoBpjbew
 DOYoPT9x7eJemSdnEE43g2vtspEzb6Afvb7dr78OPaik24eY0dFx90U0tzptmuVY
 gXxkAHo2ez6txXTu5Id9Z5Deitukb8NoK/9yyzTeD0oYn2hCooAp5fAl1rKgfLnf
 MpG29TCK8dxr/j7tzsbt2nutJJYy1Ybh/0WpOMXnBwdAz20JT7MU87DMil0//Q02
 0Es/P2xH7K4r3ca9mupDtXZps2DbnmYJorvxpfHuMXcyq0uxGhl1/zyhTv+LW4c=
 =5mGq
 -----END PGP SIGNATURE-----

Merge tag 'imx-drivers-5.4' of git://git.kernel.org/pub/scm/linux/kernel/git/shawnguo/linux into arm/drivers

i.MX drivers update for 5.4:
 - A series from Anson Huang to add UID support for i.MX8 SoC and SCU
   drivers.
 - A series from Daniel Baluta to add DSP IPC driver for communication
   between host AP (Linux) and the firmware running on DSP embedded in
   i.MX8 SoCs.
 - A small fix for GPCv2 error code printing.
 - Switch from module_platform_driver_probe() to module_platform_driver()
   for imx-weim driver, as we need the driver to probe again when device
   is present later.
 - Add optional burst clock mode support for imx-weim driver.

* tag 'imx-drivers-5.4' of git://git.kernel.org/pub/scm/linux/kernel/git/shawnguo/linux:
  soc: imx: gpcv2: Print the correct error code
  bus: imx-weim: use module_platform_driver()
  firmware: imx: Add DSP IPC protocol interface
  soc: imx-scu: Add SoC UID(unique identifier) support
  bus: imx-weim: optionally enable burst clock mode
  firmware: imx: scu-pd: Add IRQSTR_DSP PD range
  firmware: imx: scu-pd: Add mu13 b side PD range
  firmware: imx: scu-pd: Rename mu PD range to mu_a
  soc: imx8: Add i.MX8MM UID(unique identifier) support
  soc: imx8: Add i.MX8MQ UID(unique identifier) support

Link: https://lore.kernel.org/r/20190825153237.28829-1-shawnguo@kernel.org
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2019-09-03 22:44:04 +02:00
Florian Fainelli 5699ad0aaf
firmware: bcm47xx_nvram: Allow COMPILE_TEST
Allow building building the BCM47xx NVRAM and SPROM drivers using
COMPILE_TEST.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Paul Burton <paul.burton@mips.com>
Cc: linux-mips@linux-mips.org
Cc: joe@perches.com
Cc: Rafał Miłecki <zajec5@gmail.com>
Cc: linux-mips@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
2019-08-26 11:51:30 +01:00
Florian Fainelli feb4eb060c
firmware: bcm47xx_nvram: Correct size_t printf format
When building on a 64-bit host, we will get warnings like those:

drivers/firmware/broadcom/bcm47xx_nvram.c:103:3: note: in expansion of macro 'pr_err'
   pr_err("nvram on flash (%i bytes) is bigger than the reserved space in memory, will just copy the first %i bytes\n",
   ^~~~~~
drivers/firmware/broadcom/bcm47xx_nvram.c:103:28: note: format string is defined here
   pr_err("nvram on flash (%i bytes) is bigger than the reserved space in memory, will just copy the first %i bytes\n",
                           ~^
                           %li

Use %zu instead for that purpose.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Paul Burton <paul.burton@mips.com>
Cc: linux-mips@linux-mips.org
Cc: joe@perches.com
Cc: Rafał Miłecki <zajec5@gmail.com>
Cc: linux-mips@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
2019-08-26 11:46:59 +01:00
Matthew Garrett 1957a85b00 efi: Restrict efivar_ssdt_load when the kernel is locked down
efivar_ssdt_load allows the kernel to import arbitrary ACPI code from an
EFI variable, which gives arbitrary code execution in ring 0. Prevent
that when the kernel is locked down.

Signed-off-by: Matthew Garrett <mjg59@google.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: linux-efi@vger.kernel.org
Signed-off-by: James Morris <jmorris@namei.org>
2019-08-19 21:54:17 -07:00
Linus Torvalds 645c03aaca Merge branch 'efi-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull EFI fix from Thomas Gleixner:
 "A single fix for a EFI mixed mode regression caused by recent rework
  which did not take the firmware bitwidth into account"

* 'efi-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  efi-stub: Fix get_efi_config_table on mixed-mode setups
2019-08-18 09:36:51 -07:00
Daniel Baluta ffbf23d503 firmware: imx: Add DSP IPC protocol interface
Some of i.MX8 processors (e.g i.MX8QM, i.MX8QXP) contain
the Tensilica HiFi4 DSP for advanced pre- and post-audio
processing.

The communication between Host CPU and DSP firmware is
taking place using a shared memory area for message passing
and a dedicated Messaging Unit for notifications.

DSP IPC protocol offers a doorbell interface using
imx-mailbox API.

We use 4 MU channels (2 x TXDB, 2 x RXDB) to implement a
request-reply protocol.

Connection 0 (txdb0, rxdb0):
        - Host writes messasge to shared memory [SHMEM]
	- Host sends a request [MU]
	- DSP handles request [SHMEM]
	- DSP sends reply [MU]

Connection 1 (txdb1, rxdb1):
	- DSP writes a message to shared memory [SHMEM]
	- DSP sends a request [MU]
	- Host handles request [SHMEM]
	- Host sends reply [MU]

The protocol interface will be used by a Host client to
communicate with the DSP. First client will be the i.MX8
part from Sound Open Firmware infrastructure.

The protocol offers the following interface:

On Tx:
   - imx_dsp_ring_doorbell, will be called to notify the DSP
   that it needs to handle a request.

On Rx:
   - clients need to provide two callbacks:
	.handle_reply
	.handle_request
  - the callbacks will be used by the protocol on
    notification arrival from DSP.

Signed-off-by: Daniel Baluta <daniel.baluta@nxp.com>
Reviewed-by: Oleksij Rempel <o.rempel@pengutronix.de>
Signed-off-by: Shawn Guo <shawnguo@kernel.org>
2019-08-12 15:19:25 +02:00
Sudeep Holla 95a15d80aa firmware: arm_scmi: Add RESET protocol in SCMI v2.0
SCMIv2.0 adds a new Reset Management Protocol to manage various reset
states a given device or domain can enter. Device(s) that can be
collectively reset through a common reset signal constitute a reset
domain for the firmware.

A reset domain can be reset autonomously or explicitly through assertion
and de-assertion of the signal. When autonomous reset is chosen, the
firmware is responsible for taking the necessary steps to reset the
domain and to subsequently bring it out of reset. When explicit reset is
chosen, the caller has to specifically assert and then de-assert the
reset signal by issuing two separate RESET commands.

Add the basic SCMI reset infrastructure that can be used by Linux
reset controller driver.

Reviewed-by: Peng Fan <peng.fan@nxp.com>
Reviewed-by: Philipp Zabel <p.zabel@pengutronix.de>
Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
2019-08-12 12:23:02 +01:00
Sudeep Holla 823839571d firmware: arm_scmi: Make use SCMI v2.0 fastchannel for performance protocol
SCMI v2.0 adds support for "FastChannel" which do not use a message
header as they are specialized for a single message.

Only PERFORMANCE_LIMITS_{SET,GET} and PERFORMANCE_LEVEL_{SET,GET}
commands are supported over fastchannels. As they are optional, they
need to be discovered by PERFORMANCE_DESCRIBE_FASTCHANNEL command.
Further {LIMIT,LEVEL}_SET commands can have optional doorbell support.

Add support for making use of these fastchannels.

Cc: Ionela Voinescu <Ionela.Voinescu@arm.com>
Cc: Chris Redpath <Chris.Redpath@arm.com>
Cc: Quentin Perret <Quentin.Perret@arm.com>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
2019-08-12 12:23:01 +01:00
Sudeep Holla ac8aaf348c firmware: arm_scmi: Add discovery of SCMI v2.0 performance fastchannels
SCMI v2.0 adds support for "FastChannel", a lightweight unidirectional
channel that is dedicated to a single SCMI message type for controlling
a specific platform resource. They do not use a message header as they
are specialized for a single message.

Only PERFORMANCE_LIMITS_{SET,GET} and PERFORMANCE_LEVEL_{SET,GET}
commands are supported over fastchannels. As they are optional, they
need to be discovered by PERFORMANCE_DESCRIBE_FASTCHANNEL command.
Further {LIMIT,LEVEL}_SET commands can have optional doorbell support.

Add support for discovery of these fastchannels.

Cc: Ionela Voinescu <Ionela.Voinescu@arm.com>
Cc: Chris Redpath <Chris.Redpath@arm.com>
Cc: Quentin Perret <Quentin.Perret@arm.com>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
2019-08-12 12:23:01 +01:00
Sudeep Holla aa90ac45bc firmware: arm_scmi: Use {get,put}_unaligned_le{32,64} accessors
Instead of type-casting the {tx,rx}.buf all over the place while
accessing them to read/write __le{32,64} from/to the firmware, let's
use the existing {get,put}_unaligned_le{32,64} accessors to hide all
the type cast ugliness.

Suggested-by: Philipp Zabel <p.zabel@pengutronix.de>
Reviewed-by: Philipp Zabel <p.zabel@pengutronix.de>
Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
2019-08-12 12:23:01 +01:00
Sudeep Holla 2bc06ffa06 firmware: arm_scmi: Use asynchronous CLOCK_RATE_SET when possible
CLOCK_PROTOCOL_ATTRIBUTES provides attributes to indicate the maximum
number of pending asynchronous clock rate changes supported by the
platform. If it's non-zero, then we should be able to use asynchronous
clock rate set for any clocks until the maximum limit is reached.

Tracking the current count of pending asynchronous clock set rate
requests, we can decide if the incoming/new request for clock set rate
can be handled asynchronously or not until the maximum limit is
reached.

Cc: linux-clk@vger.kernel.org
Reviewed-by: Stephen Boyd <sboyd@kernel.org>
Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
2019-08-12 12:23:01 +01:00
Sudeep Holla d0aba11614 firmware: arm_scmi: Drop config flag in clk_ops->rate_set
CLOCK_PROTOCOL_ATTRIBUTES provides attributes to indicate the maximum
number of pending asynchronous clock rate changes supported by the
platform. If it's non-zero, then we should be able to use asynchronous
clock rate set for any clocks until the maximum limit is reached.

In order to add that support, let's drop the config flag passed to
clk_ops->rate_set and handle the asynchronous requests dynamically.

Cc: Stephen Boyd <sboyd@kernel.org>
Cc: linux-clk@vger.kernel.org
Acked-by: Stephen Boyd <sboyd@kernel.org>
Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
2019-08-12 12:23:01 +01:00
Sudeep Holla d09aac0eb1 firmware: arm_scmi: Add asynchronous sensor read if it supports
SENSOR_DESCRIPTION_GET provides attributes to indicate if the sensor
supports asynchronous read. We can read that flag and use asynchronous
reads for any sensors with that attribute set.

Let's use the new scmi_do_xfer_with_response to support asynchronous
sensor reads.

Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
2019-08-12 12:23:01 +01:00
Sudeep Holla 6a55331c87 firmware: arm_scmi: Drop async flag in sensor_ops->reading_get
SENSOR_DESCRIPTION_GET provides attributes to indicate if the sensor
supports asynchronous read. Ideally we should be able to read that flag
and use asynchronous reads for any sensors with that attribute set.

In order to add that support, let's drop the async flag passed to
sensor_ops->reading_get and dynamically switch between sync and async
flags based on the attributes as provided by the firmware.

Cc: linux-hwmon@vger.kernel.org
Acked-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
2019-08-12 12:23:00 +01:00
Sudeep Holla 58ecdf03db firmware: arm_scmi: Add support for asynchronous commands and delayed response
Messages that are sent to platform, also known as commands and can be:

1. Synchronous commands that block the channel until the requested work
has been completed. The platform responds to these commands over the
same channel and hence can't be used to send another command until the
previous command has completed.

2. Asynchronous commands on the other hand, the platform schedules the
requested work to complete later in time and returns almost immediately
freeing the channel for new commands. The response indicates the success
or failure in the ability to schedule the requested work. When the work
has completed, the platform sends an additional delayed response message.

Using the same transmit buffer used for sending the asynchronous command
even for the delayed response corresponding to it simplifies handling of
the delayed response. It's the caller of asynchronous command that is
responsible for allocating the completion flag that scmi driver can
complete to indicate the arrival of delayed response.

Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
2019-08-12 12:23:00 +01:00