Message ID | 20230320212019.2479101-1-sathyanarayanan.kuppuswamy@linux.intel.com |
---|---|
State | New |
Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org> Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:604a:0:0:0:0:0 with SMTP id j10csp1445092wrt; Mon, 20 Mar 2023 14:25:04 -0700 (PDT) X-Google-Smtp-Source: AK7set/fqPEEvlddR2H8f9fP0hRZcNawsTUYihBIqca/DmLnCYD8mUfAXk4KwUBKBO9Uuc8JWueD X-Received: by 2002:a62:644e:0:b0:628:a71:77a0 with SMTP id y75-20020a62644e000000b006280a7177a0mr246378pfb.7.1679347503698; Mon, 20 Mar 2023 14:25:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1679347503; cv=none; d=google.com; s=arc-20160816; b=xlS17uKLw5WCmSYpcCxKWdX8XDgNE0tawpyOtMhFB+VEgYqQ+uFvXcCP71OUNqRV/J 87mMupHAVGNabRkMawHwpGS5ZMRYY3Iu1wTNxAOwaLIUM8LpoHmYitHswKmSNeUypcTh Z/tadWQcgSSY4bu/tziDLTis1+PHlJ4X6ktMT0oZ/1defGGzHbug/s2E9WjNEvvZW73z /UCHDRvjFvcW9862XpPQslHxuA+4wvwoih2I9N71b7pEXsFQrlPkHS2QWwMNCSYhL24b 0CTiLYGWjei1yaKYUtfnrpR4KyMiL2rwmrZvHDdPWB+C5UlUvDYcKlHreeClmJE/ZZDq tOIg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=KGlqudbRTjHdOGbGnEmjEpXsQCE5PMsjJOxT4//fOq4=; b=Vk2AuMd0I6/prp5uyXG8Wr1yNZxOAm3Gz2N6ztLOaerPiJ6Insby6gnTjSbh9vL9Z/ yhM8YdRFXhEAMARCfQs/I19hIZj2Hdh29PfwFXYC8Ka+JwtqGgcymQDZnbk3FRn9+vtf xASxQygVCvah5CqWVrRKEI4FpzBoA46ECF4ge5wkMYxw6iJsZyuyRokU/Xsi3VkpBuMl BIx2/v9ICNeumz+poFmwjnUxBhpNMGKzTajSAhyFzhz5j467+UH9emGt2tJswAVtdmLg e1QU6mvMRgy8OZ+b8a2Z1AHFolSYaTy3EVmGcG9ECVvPXGhx73OUuZvTwrUfpPWXSsF4 Latw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=oDjREvV2; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id 34-20020a630d62000000b00509461bbf1csi11519746pgn.79.2023.03.20.14.24.51; Mon, 20 Mar 2023 14:25:03 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=oDjREvV2; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230047AbjCTVV3 (ORCPT <rfc822;pusanteemu@gmail.com> + 99 others); Mon, 20 Mar 2023 17:21:29 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42750 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229524AbjCTVV2 (ORCPT <rfc822;linux-kernel@vger.kernel.org>); Mon, 20 Mar 2023 17:21:28 -0400 Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 15DE22B639; Mon, 20 Mar 2023 14:21:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1679347286; x=1710883286; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=ee0MocZZvuzZtMlJQpwzZ7fSZHmdq283DMPVpuyM/Bk=; b=oDjREvV2oqxkqRWffqQ+BQxUZdZZOPBgHLYmBgbTG5vp+f2olT0OqROW jTPbSei4aISrFR9vjHV7zYZ7Lj3J34FcKS5Ews2xriacxWF2aIcbyF4ev /7+enHvQXsBRJSmLHt4Faj1Dkll+ValyAxZQRX7BolyD2y3EmMEGjENL/ 2cACVeS5cQ6xXfO0EhsDy6jlU7+OIGJUWGkqbFpszsDOwpbNDueJMTk7V /vE7vAjt1Sq7JxkNqv9ZBBya4oDB2yjawtFpk2b3PBTA06+lJUnsCySVY l3csFbbscJq3wOzAPKM7GesCTOXurVOp4hWCg6JDCwiYip7EJV9s/nvCi w==; X-IronPort-AV: E=McAfee;i="6600,9927,10655"; a="366507044" X-IronPort-AV: E=Sophos;i="5.98,276,1673942400"; d="scan'208";a="366507044" Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Mar 2023 14:21:25 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10655"; a="683583767" X-IronPort-AV: E=Sophos;i="5.98,276,1673942400"; d="scan'208";a="683583767" Received: from jcardiel-mobl.amr.corp.intel.com (HELO skuppusw-desk1.amr.corp.intel.com) ([10.212.226.30]) by fmsmga007-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Mar 2023 14:21:25 -0700 From: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com> To: Rafael J Wysocki <rjw@rjwysocki.net> Cc: Len Brown <lenb@kernel.org>, linux-acpi@vger.kernel.org, linux-kernel@vger.kernel.org, Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com> Subject: [PATCH v2] ACPI: sysfs: Enable ACPI sysfs support for CCEL records Date: Mon, 20 Mar 2023 14:20:19 -0700 Message-Id: <20230320212019.2479101-1-sathyanarayanan.kuppuswamy@linux.intel.com> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-4.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: <linux-kernel.vger.kernel.org> X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1760923488190747668?= X-GMAIL-MSGID: =?utf-8?q?1760923488190747668?= |
Series |
[v2] ACPI: sysfs: Enable ACPI sysfs support for CCEL records
|
|
Commit Message
Kuppuswamy Sathyanarayanan
March 20, 2023, 9:20 p.m. UTC
The Confidential Computing Event Log (CCEL) table provides the address
and length of the CCEL records area in UEFI reserved memory. To access
these records, userspace can use /dev/mem to retrieve them. But
'/dev/mem' is not enabled on many systems for security reasons.
So to allow user space access these event log records without the
/dev/mem interface, add support to access it via sysfs interface. The
ACPI driver has provided read only access to BERT records area via
'/sys/firmware/acpi/tables/data/BERT' in sysfs. So follow the same way,
and add support for /sys/firmware/acpi/tables/data/CCEL to enable
read-only access to the CCEL recorids area.
More details about the CCEL table can be found in ACPI specification
r6.5, sec titled "CC Event Log ACPI Table".
Original-patch-by: Haibo Xu <haibo1.xu@intel.com>
[Original patch is for TDEL table, modified it for CCEL support]
Signed-off-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>
---
Changes since v1:
* Removed unnecessary parenthesis as per Rafael's suggestion..
drivers/acpi/sysfs.c | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
Comments
On Mon, Mar 20, 2023 at 10:21 PM Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com> wrote: > > The Confidential Computing Event Log (CCEL) table provides the address > and length of the CCEL records area in UEFI reserved memory. The rest of this paragraph can be omitted. > To access > these records, userspace can use /dev/mem to retrieve them. But > '/dev/mem' is not enabled on many systems for security reasons. > > So to allow user space access these event log records without the > /dev/mem interface, add support to access it via sysfs interface. The > ACPI driver has provided read only access to BERT records area via > '/sys/firmware/acpi/tables/data/BERT' in sysfs. So follow the same way, > and add support for /sys/firmware/acpi/tables/data/CCEL to enable > read-only access to the CCEL recorids area. > > More details about the CCEL table can be found in ACPI specification > r6.5, sec titled "CC Event Log ACPI Table". Please provide a proper section number here and a Link: tag pointing to the relevant section of the spec (which is https://uefi.org/specs/ACPI/6.5/05_ACPI_Software_Programming_Model.html#cc-event-log-acpi-table I think). > Original-patch-by: Haibo Xu <haibo1.xu@intel.com> If the original patch has been signed-off by that developer, you can use a Co-developed-by: along with the original S-o-b tag here. > [Original patch is for TDEL table, modified it for CCEL support] > Signed-off-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com> > --- > > Changes since v1: > * Removed unnecessary parenthesis as per Rafael's suggestion.. > > drivers/acpi/sysfs.c | 17 +++++++++++++++++ > 1 file changed, 17 insertions(+) > > diff --git a/drivers/acpi/sysfs.c b/drivers/acpi/sysfs.c > index 7f4ff56c9d42..687524b50085 100644 > --- a/drivers/acpi/sysfs.c > +++ b/drivers/acpi/sysfs.c > @@ -458,11 +458,28 @@ static int acpi_bert_data_init(void *th, struct acpi_data_attr *data_attr) > return sysfs_create_bin_file(tables_data_kobj, &data_attr->attr); > } > > +static int acpi_ccel_data_init(void *th, struct acpi_data_attr *data_attr) > +{ > + struct acpi_table_ccel *ccel = th; > + > + if (ccel->header.length < sizeof(struct acpi_table_ccel) || > + !ccel->log_area_start_address || !ccel->log_area_minimum_length) { > + kfree(data_attr); > + return -EINVAL; > + } > + data_attr->addr = ccel->log_area_start_address; > + data_attr->attr.size = ccel->log_area_minimum_length; > + data_attr->attr.attr.name = "CCEL"; > + > + return sysfs_create_bin_file(tables_data_kobj, &data_attr->attr); > +} > + > static struct acpi_data_obj { > char *name; > int (*fn)(void *, struct acpi_data_attr *); > } acpi_data_objs[] = { > { ACPI_SIG_BERT, acpi_bert_data_init }, > + { ACPI_SIG_CCEL, acpi_ccel_data_init }, > }; > > #define NUM_ACPI_DATA_OBJS ARRAY_SIZE(acpi_data_objs) > -- > 2.34.1 >
Hi Rafael, On 3/22/23 11:31 AM, Rafael J. Wysocki wrote: > On Mon, Mar 20, 2023 at 10:21 PM Kuppuswamy Sathyanarayanan > <sathyanarayanan.kuppuswamy@linux.intel.com> wrote: >> >> The Confidential Computing Event Log (CCEL) table provides the address >> and length of the CCEL records area in UEFI reserved memory. > > The rest of this paragraph can be omitted. > >> To access >> these records, userspace can use /dev/mem to retrieve them. But >> '/dev/mem' is not enabled on many systems for security reasons. >> >> So to allow user space access these event log records without the >> /dev/mem interface, add support to access it via sysfs interface. The >> ACPI driver has provided read only access to BERT records area via >> '/sys/firmware/acpi/tables/data/BERT' in sysfs. So follow the same way, >> and add support for /sys/firmware/acpi/tables/data/CCEL to enable >> read-only access to the CCEL recorids area. >> >> More details about the CCEL table can be found in ACPI specification >> r6.5, sec titled "CC Event Log ACPI Table". > > Please provide a proper section number here and a Link: tag pointing > to the relevant section of the spec (which is > https://uefi.org/specs/ACPI/6.5/05_ACPI_Software_Programming_Model.html#cc-event-log-acpi-table > I think). > >> Original-patch-by: Haibo Xu <haibo1.xu@intel.com> > > If the original patch has been signed-off by that developer, you can > use a Co-developed-by: along with the original S-o-b tag here. > >> [Original patch is for TDEL table, modified it for CCEL support] >> Signed-off-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com> >> --- >> How about the following version? ACPI: sysfs: Enable ACPI sysfs support for CCEL records The Confidential Computing Event Log (CCEL) table provides the address and length of the CCEL records area in UEFI reserved memory. To allow user space access to these records, expose a sysfs interface similar to the BERT table. More details about the CCEL table can be found in the ACPI specification r6.5 [1], sec 5.2.34. Link: https://uefi.org/specs/ACPI/6.5/05_ACPI_Software_Programming_Model.html#cc-event-log-acpi-table # [1] Co-developed-by: Haibo Xu <haibo1.xu@intel.com> Signed-off-by: Haibo Xu <haibo1.xu@intel.com> Signed-off-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com> >> Changes since v1: >> * Removed unnecessary parenthesis as per Rafael's suggestion.. >> >> drivers/acpi/sysfs.c | 17 +++++++++++++++++ >> 1 file changed, 17 insertions(+) >> >> diff --git a/drivers/acpi/sysfs.c b/drivers/acpi/sysfs.c >> index 7f4ff56c9d42..687524b50085 100644 >> --- a/drivers/acpi/sysfs.c >> +++ b/drivers/acpi/sysfs.c >> @@ -458,11 +458,28 @@ static int acpi_bert_data_init(void *th, struct acpi_data_attr *data_attr) >> return sysfs_create_bin_file(tables_data_kobj, &data_attr->attr); >> } >> >> +static int acpi_ccel_data_init(void *th, struct acpi_data_attr *data_attr) >> +{ >> + struct acpi_table_ccel *ccel = th; >> + >> + if (ccel->header.length < sizeof(struct acpi_table_ccel) || >> + !ccel->log_area_start_address || !ccel->log_area_minimum_length) { >> + kfree(data_attr); >> + return -EINVAL; >> + } >> + data_attr->addr = ccel->log_area_start_address; >> + data_attr->attr.size = ccel->log_area_minimum_length; >> + data_attr->attr.attr.name = "CCEL"; >> + >> + return sysfs_create_bin_file(tables_data_kobj, &data_attr->attr); >> +} >> + >> static struct acpi_data_obj { >> char *name; >> int (*fn)(void *, struct acpi_data_attr *); >> } acpi_data_objs[] = { >> { ACPI_SIG_BERT, acpi_bert_data_init }, >> + { ACPI_SIG_CCEL, acpi_ccel_data_init }, >> }; >> >> #define NUM_ACPI_DATA_OBJS ARRAY_SIZE(acpi_data_objs) >> -- >> 2.34.1 >>
On Wed, Mar 22, 2023 at 8:00 PM Sathyanarayanan Kuppuswamy <sathyanarayanan.kuppuswamy@linux.intel.com> wrote: > > Hi Rafael, > > On 3/22/23 11:31 AM, Rafael J. Wysocki wrote: > > On Mon, Mar 20, 2023 at 10:21 PM Kuppuswamy Sathyanarayanan > > <sathyanarayanan.kuppuswamy@linux.intel.com> wrote: > >> > >> The Confidential Computing Event Log (CCEL) table provides the address > >> and length of the CCEL records area in UEFI reserved memory. > > > > The rest of this paragraph can be omitted. > > > >> To access > >> these records, userspace can use /dev/mem to retrieve them. But > >> '/dev/mem' is not enabled on many systems for security reasons. > >> > >> So to allow user space access these event log records without the > >> /dev/mem interface, add support to access it via sysfs interface. The > >> ACPI driver has provided read only access to BERT records area via > >> '/sys/firmware/acpi/tables/data/BERT' in sysfs. So follow the same way, > >> and add support for /sys/firmware/acpi/tables/data/CCEL to enable > >> read-only access to the CCEL recorids area. > >> > >> More details about the CCEL table can be found in ACPI specification > >> r6.5, sec titled "CC Event Log ACPI Table". > > > > Please provide a proper section number here and a Link: tag pointing > > to the relevant section of the spec (which is > > https://uefi.org/specs/ACPI/6.5/05_ACPI_Software_Programming_Model.html#cc-event-log-acpi-table > > I think). > > > >> Original-patch-by: Haibo Xu <haibo1.xu@intel.com> > > > > If the original patch has been signed-off by that developer, you can > > use a Co-developed-by: along with the original S-o-b tag here. > > > >> [Original patch is for TDEL table, modified it for CCEL support] > >> Signed-off-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com> > >> --- > >> > > How about the following version? Looks good to me, thanks! > ACPI: sysfs: Enable ACPI sysfs support for CCEL records > > The Confidential Computing Event Log (CCEL) table provides the address > and length of the CCEL records area in UEFI reserved memory. > > To allow user space access to these records, expose a sysfs interface > similar to the BERT table. > > More details about the CCEL table can be found in the ACPI specification > r6.5 [1], sec 5.2.34. > > Link: https://uefi.org/specs/ACPI/6.5/05_ACPI_Software_Programming_Model.html#cc-event-log-acpi-table # [1] > Co-developed-by: Haibo Xu <haibo1.xu@intel.com> > Signed-off-by: Haibo Xu <haibo1.xu@intel.com> > Signed-off-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com> > > > > >> Changes since v1: > >> * Removed unnecessary parenthesis as per Rafael's suggestion.. > >> > >> drivers/acpi/sysfs.c | 17 +++++++++++++++++ > >> 1 file changed, 17 insertions(+) > >> > >> diff --git a/drivers/acpi/sysfs.c b/drivers/acpi/sysfs.c > >> index 7f4ff56c9d42..687524b50085 100644 > >> --- a/drivers/acpi/sysfs.c > >> +++ b/drivers/acpi/sysfs.c > >> @@ -458,11 +458,28 @@ static int acpi_bert_data_init(void *th, struct acpi_data_attr *data_attr) > >> return sysfs_create_bin_file(tables_data_kobj, &data_attr->attr); > >> } > >> > >> +static int acpi_ccel_data_init(void *th, struct acpi_data_attr *data_attr) > >> +{ > >> + struct acpi_table_ccel *ccel = th; > >> + > >> + if (ccel->header.length < sizeof(struct acpi_table_ccel) || > >> + !ccel->log_area_start_address || !ccel->log_area_minimum_length) { > >> + kfree(data_attr); > >> + return -EINVAL; > >> + } > >> + data_attr->addr = ccel->log_area_start_address; > >> + data_attr->attr.size = ccel->log_area_minimum_length; > >> + data_attr->attr.attr.name = "CCEL"; > >> + > >> + return sysfs_create_bin_file(tables_data_kobj, &data_attr->attr); > >> +} > >> + > >> static struct acpi_data_obj { > >> char *name; > >> int (*fn)(void *, struct acpi_data_attr *); > >> } acpi_data_objs[] = { > >> { ACPI_SIG_BERT, acpi_bert_data_init }, > >> + { ACPI_SIG_CCEL, acpi_ccel_data_init }, > >> }; > >> > >> #define NUM_ACPI_DATA_OBJS ARRAY_SIZE(acpi_data_objs) > >> -- > >> 2.34.1 > >> > > -- > Sathyanarayanan Kuppuswamy > Linux Kernel Developer
diff --git a/drivers/acpi/sysfs.c b/drivers/acpi/sysfs.c index 7f4ff56c9d42..687524b50085 100644 --- a/drivers/acpi/sysfs.c +++ b/drivers/acpi/sysfs.c @@ -458,11 +458,28 @@ static int acpi_bert_data_init(void *th, struct acpi_data_attr *data_attr) return sysfs_create_bin_file(tables_data_kobj, &data_attr->attr); } +static int acpi_ccel_data_init(void *th, struct acpi_data_attr *data_attr) +{ + struct acpi_table_ccel *ccel = th; + + if (ccel->header.length < sizeof(struct acpi_table_ccel) || + !ccel->log_area_start_address || !ccel->log_area_minimum_length) { + kfree(data_attr); + return -EINVAL; + } + data_attr->addr = ccel->log_area_start_address; + data_attr->attr.size = ccel->log_area_minimum_length; + data_attr->attr.attr.name = "CCEL"; + + return sysfs_create_bin_file(tables_data_kobj, &data_attr->attr); +} + static struct acpi_data_obj { char *name; int (*fn)(void *, struct acpi_data_attr *); } acpi_data_objs[] = { { ACPI_SIG_BERT, acpi_bert_data_init }, + { ACPI_SIG_CCEL, acpi_ccel_data_init }, }; #define NUM_ACPI_DATA_OBJS ARRAY_SIZE(acpi_data_objs)