From 2c3c1048746a4622d8c89a29670120dc8fab93c4 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 20:49:45 +0200 Subject: Adding upstream version 6.1.76. Signed-off-by: Daniel Baumann --- drivers/firmware/google/memconsole-coreboot.c | 110 ++++++++++++++++++++++++++ 1 file changed, 110 insertions(+) create mode 100644 drivers/firmware/google/memconsole-coreboot.c (limited to 'drivers/firmware/google/memconsole-coreboot.c') diff --git a/drivers/firmware/google/memconsole-coreboot.c b/drivers/firmware/google/memconsole-coreboot.c new file mode 100644 index 000000000..74b528651 --- /dev/null +++ b/drivers/firmware/google/memconsole-coreboot.c @@ -0,0 +1,110 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * memconsole-coreboot.c + * + * Memory based BIOS console accessed through coreboot table. + * + * Copyright 2017 Google Inc. + */ + +#include +#include +#include +#include + +#include "memconsole.h" +#include "coreboot_table.h" + +#define CB_TAG_CBMEM_CONSOLE 0x17 + +/* CBMEM firmware console log descriptor. */ +struct cbmem_cons { + u32 size_dont_access_after_boot; + u32 cursor; + u8 body[]; +} __packed; + +#define CURSOR_MASK ((1 << 28) - 1) +#define OVERFLOW (1 << 31) + +static struct cbmem_cons *cbmem_console; +static u32 cbmem_console_size; + +/* + * The cbmem_console structure is read again on every access because it may + * change at any time if runtime firmware logs new messages. This may rarely + * lead to race conditions where the firmware overwrites the beginning of the + * ring buffer with more lines after we have already read |cursor|. It should be + * rare and harmless enough that we don't spend extra effort working around it. + */ +static ssize_t memconsole_coreboot_read(char *buf, loff_t pos, size_t count) +{ + u32 cursor = cbmem_console->cursor & CURSOR_MASK; + u32 flags = cbmem_console->cursor & ~CURSOR_MASK; + u32 size = cbmem_console_size; + struct seg { /* describes ring buffer segments in logical order */ + u32 phys; /* physical offset from start of mem buffer */ + u32 len; /* length of segment */ + } seg[2] = { {0}, {0} }; + size_t done = 0; + int i; + + if (flags & OVERFLOW) { + if (cursor > size) /* Shouldn't really happen, but... */ + cursor = 0; + seg[0] = (struct seg){.phys = cursor, .len = size - cursor}; + seg[1] = (struct seg){.phys = 0, .len = cursor}; + } else { + seg[0] = (struct seg){.phys = 0, .len = min(cursor, size)}; + } + + for (i = 0; i < ARRAY_SIZE(seg) && count > done; i++) { + done += memory_read_from_buffer(buf + done, count - done, &pos, + cbmem_console->body + seg[i].phys, seg[i].len); + pos -= seg[i].len; + } + return done; +} + +static int memconsole_probe(struct coreboot_device *dev) +{ + struct cbmem_cons *tmp_cbmc; + + tmp_cbmc = memremap(dev->cbmem_ref.cbmem_addr, + sizeof(*tmp_cbmc), MEMREMAP_WB); + + if (!tmp_cbmc) + return -ENOMEM; + + /* Read size only once to prevent overrun attack through /dev/mem. */ + cbmem_console_size = tmp_cbmc->size_dont_access_after_boot; + cbmem_console = devm_memremap(&dev->dev, dev->cbmem_ref.cbmem_addr, + cbmem_console_size + sizeof(*cbmem_console), + MEMREMAP_WB); + memunmap(tmp_cbmc); + + if (IS_ERR(cbmem_console)) + return PTR_ERR(cbmem_console); + + memconsole_setup(memconsole_coreboot_read); + + return memconsole_sysfs_init(); +} + +static void memconsole_remove(struct coreboot_device *dev) +{ + memconsole_exit(); +} + +static struct coreboot_driver memconsole_driver = { + .probe = memconsole_probe, + .remove = memconsole_remove, + .drv = { + .name = "memconsole", + }, + .tag = CB_TAG_CBMEM_CONSOLE, +}; +module_coreboot_driver(memconsole_driver); + +MODULE_AUTHOR("Google, Inc."); +MODULE_LICENSE("GPL"); -- cgit v1.2.3