[AGL/meta-agl-devel.git] /

From d47ad4c29f1cd34aff896a88b3dfc4a861a15a6a Mon Sep 17 00:00:00 2001
From: Ralf Ramsauer <ralf.ramsauer@oth-regensburg.de>
Date: Thu, 10 Oct 2019 12:21:01 +0200
Subject: [PATCH 01/32] x86/jailhouse: Improve setup data version comparison

Soon, setup_data will contain information on passed-through platform
UARTs. This requires some preparational work for the sanity check of the
header and the check of the version.

Use the following strategy:

  1. Ensure that the header declares at least enough space for the
     version and the compatible_version as it must hold that fields for
     any version. The location and semantics of header+version fields
     will never change.

  2. Copy over data -- as much as as possible. The length is either
     limited by the header length or the length of setup_data.

  3. Things are now in place -- sanity check if the header length
     complies the actual version.

For future versions of the setup_data, only step 3 requires alignment.

Signed-off-by: Ralf Ramsauer <ralf.ramsauer@oth-regensburg.de>
Signed-off-by: Borislav Petkov <bp@suse.de>
Reviewed-by: Jan Kiszka <jan.kiszka@siemens.com>
Cc: Baoquan He <bhe@redhat.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: jailhouse-dev@googlegroups.com
Cc: Juergen Gross <jgross@suse.com>
Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: x86-ml <x86@kernel.org>
Link: https://lkml.kernel.org/r/20191010102102.421035-2-ralf.ramsauer@oth-regensburg.de
---
 arch/x86/include/uapi/asm/bootparam.h | 22 ++++++++-------
 arch/x86/kernel/jailhouse.c           | 51 ++++++++++++++++++++++-------------
 2 files changed, 45 insertions(+), 28 deletions(-)

diff --git a/arch/x86/include/uapi/asm/bootparam.h b/arch/x86/include/uapi/asm/bootparam.h
index c895df5482c5..43be437c9c71 100644
--- a/arch/x86/include/uapi/asm/bootparam.h
+++ b/arch/x86/include/uapi/asm/bootparam.h
@@ -139,15 +139,19 @@ struct boot_e820_entry {
  * setup data structure.
  */
 struct jailhouse_setup_data {
-       __u16   version;
-       __u16   compatible_version;
-       __u16   pm_timer_address;
-       __u16   num_cpus;
-       __u64   pci_mmconfig_base;
-       __u32   tsc_khz;
-       __u32   apic_khz;
-       __u8    standard_ioapic;
-       __u8    cpu_ids[255];
+       struct {
+               __u16   version;
+               __u16   compatible_version;
+       } __attribute__((packed)) hdr;
+       struct {
+               __u16   pm_timer_address;
+               __u16   num_cpus;
+               __u64   pci_mmconfig_base;
+               __u32   tsc_khz;
+               __u32   apic_khz;
+               __u8    standard_ioapic;
+               __u8    cpu_ids[255];
+       } __attribute__((packed)) v1;
 } __attribute__((packed));
 
 /* The so-called "zeropage" */
diff --git a/arch/x86/kernel/jailhouse.c b/arch/x86/kernel/jailhouse.c
index 3ad34f01de2a..cf4eb37ad97b 100644
--- a/arch/x86/kernel/jailhouse.c
+++ b/arch/x86/kernel/jailhouse.c
@@ -22,6 +22,8 @@
 #include <asm/jailhouse_para.h>
 
 static __initdata struct jailhouse_setup_data setup_data;
+#define SETUP_DATA_V1_LEN      (sizeof(setup_data.hdr) + sizeof(setup_data.v1))
+
 static unsigned int precalibrated_tsc_khz;
 
 static uint32_t jailhouse_cpuid_base(void)
@@ -45,7 +47,7 @@ static void jailhouse_get_wallclock(struct timespec64 *now)
 
 static void __init jailhouse_timer_init(void)
 {
-       lapic_timer_period = setup_data.apic_khz * (1000 / HZ);
+       lapic_timer_period = setup_data.v1.apic_khz * (1000 / HZ);
 }
 
 static unsigned long jailhouse_get_tsc(void)
@@ -88,14 +90,14 @@ static void __init jailhouse_get_smp_config(unsigned int early)
 
        register_lapic_address(0xfee00000);
 
-       for (cpu = 0; cpu < setup_data.num_cpus; cpu++) {
-               generic_processor_info(setup_data.cpu_ids[cpu],
+       for (cpu = 0; cpu < setup_data.v1.num_cpus; cpu++) {
+               generic_processor_info(setup_data.v1.cpu_ids[cpu],
                                       boot_cpu_apic_version);
        }
 
        smp_found_config = 1;
 
-       if (setup_data.standard_ioapic) {
+       if (setup_data.v1.standard_ioapic) {
                mp_register_ioapic(0, 0xfec00000, gsi_top, &ioapic_cfg);
 
                /* Register 1:1 mapping for legacy UART IRQs 3 and 4 */
@@ -126,9 +128,9 @@ static int __init jailhouse_pci_arch_init(void)
                pcibios_last_bus = 0xff;
 
 #ifdef CONFIG_PCI_MMCONFIG
-       if (setup_data.pci_mmconfig_base) {
+       if (setup_data.v1.pci_mmconfig_base) {
                pci_mmconfig_add(0, 0, pcibios_last_bus,
-                                setup_data.pci_mmconfig_base);
+                                setup_data.v1.pci_mmconfig_base);
                pci_mmcfg_arch_init();
        }
 #endif
@@ -139,6 +141,7 @@ static int __init jailhouse_pci_arch_init(void)
 static void __init jailhouse_init_platform(void)
 {
        u64 pa_data = boot_params.hdr.setup_data;
+       unsigned long setup_data_len;
        struct setup_data header;
        void *mapping;
 
@@ -163,16 +166,8 @@ static void __init jailhouse_init_platform(void)
                memcpy(&header, mapping, sizeof(header));
                early_memunmap(mapping, sizeof(header));
 
-               if (header.type == SETUP_JAILHOUSE &&
-                   header.len >= sizeof(setup_data)) {
-                       pa_data += offsetof(struct setup_data, data);
-
-                       mapping = early_memremap(pa_data, sizeof(setup_data));
-                       memcpy(&setup_data, mapping, sizeof(setup_data));
-                       early_memunmap(mapping, sizeof(setup_data));
-
+               if (header.type == SETUP_JAILHOUSE)
                        break;
-               }
 
                pa_data = header.next;
        }
@@ -180,13 +175,27 @@ static void __init jailhouse_init_platform(void)
        if (!pa_data)
                panic("Jailhouse: No valid setup data found");
 
-       if (setup_data.compatible_version > JAILHOUSE_SETUP_REQUIRED_VERSION)
-               panic("Jailhouse: Unsupported setup data structure");
+       /* setup data must at least contain the header */
+       if (header.len < sizeof(setup_data.hdr))
+               goto unsupported;
 
-       pmtmr_ioport = setup_data.pm_timer_address;
+       pa_data += offsetof(struct setup_data, data);
+       setup_data_len = min_t(unsigned long, sizeof(setup_data),
+                              (unsigned long)header.len);
+       mapping = early_memremap(pa_data, setup_data_len);
+       memcpy(&setup_data, mapping, setup_data_len);
+       early_memunmap(mapping, setup_data_len);
+
+       if (setup_data.hdr.version == 0 ||
+           setup_data.hdr.compatible_version !=
+               JAILHOUSE_SETUP_REQUIRED_VERSION ||
+           (setup_data.hdr.version >= 1 && header.len < SETUP_DATA_V1_LEN))
+               goto unsupported;
+
+       pmtmr_ioport = setup_data.v1.pm_timer_address;
        pr_debug("Jailhouse: PM-Timer IO Port: %#x\n", pmtmr_ioport);
 
-       precalibrated_tsc_khz = setup_data.tsc_khz;
+       precalibrated_tsc_khz = setup_data.v1.tsc_khz;
        setup_force_cpu_cap(X86_FEATURE_TSC_KNOWN_FREQ);
 
        pci_probe = 0;
@@ -196,6 +205,10 @@ static void __init jailhouse_init_platform(void)
         * are none in a non-root cell.
         */
        disable_acpi();
+       return;
+
+unsupported:
+       panic("Jailhouse: Unsupported setup data structure");
 }
 
 bool jailhouse_paravirt(void)
-- 
2.11.0