From 1882de7fc56c2b0ea91dd9fd9922d434fc3feb15 Mon Sep 17 00:00:00 2001 From: Chen Yu Date: Wed, 22 Dec 2021 12:31:03 +0800 Subject: efi: Introduce EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER and corresponding structures Platform Firmware Runtime Update image starts with UEFI headers, and the headers are defined in UEFI specification, but some of them have not been defined in the kernel yet. For example, the header layout of a capsule file looks like this: EFI_CAPSULE_HEADER EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER EFI_FIRMWARE_IMAGE_AUTHENTICATION These structures would be used by the Platform Firmware Runtime Update driver to parse the format of capsule file to verify if the corresponding version number is valid. In this way, if the user provides an invalid capsule image, the kernel could be used as a guard to reject it, without switching to the Management Mode (which might be costly). EFI_CAPSULE_HEADER has been defined in the kernel, but the other structures have not been defined yet, so do that. Besides, EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER and EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER are required to be packed in the uefi specification. For this reason, use the __packed attribute to indicate to the compiler that the entire structure can appear misaligned in memory (as suggested by Ard) in case one of them follows the other directly in a capsule header. Acked-by: Ard Biesheuvel Signed-off-by: Chen Yu Signed-off-by: Rafael J. Wysocki --- include/linux/efi.h | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) (limited to 'include') diff --git a/include/linux/efi.h b/include/linux/efi.h index dbd39b20e034..80e970f7e6f8 100644 --- a/include/linux/efi.h +++ b/include/linux/efi.h @@ -148,6 +148,52 @@ typedef struct { u32 imagesize; } efi_capsule_header_t; +/* EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER */ +struct efi_manage_capsule_header { + u32 ver; + u16 emb_drv_cnt; + u16 payload_cnt; + /* + * Variable-size array of the size given by the sum of + * emb_drv_cnt and payload_cnt. + */ + u64 offset_list[]; +} __packed; + +/* EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER */ +struct efi_manage_capsule_image_header { + u32 ver; + efi_guid_t image_type_id; + u8 image_index; + u8 reserved_bytes[3]; + u32 image_size; + u32 vendor_code_size; + /* hw_ins was introduced in version 2 */ + u64 hw_ins; + /* capsule_support was introduced in version 3 */ + u64 capsule_support; +} __packed; + +/* WIN_CERTIFICATE */ +struct win_cert { + u32 len; + u16 rev; + u16 cert_type; +}; + +/* WIN_CERTIFICATE_UEFI_GUID */ +struct win_cert_uefi_guid { + struct win_cert hdr; + efi_guid_t cert_type; + u8 cert_data[]; +}; + +/* EFI_FIRMWARE_IMAGE_AUTHENTICATION */ +struct efi_image_auth { + u64 mon_count; + struct win_cert_uefi_guid auth_info; +}; + /* * EFI capsule flags */ -- cgit v1.2.3 From 0db89fa243e5edc5de38c88b369e4c3755c5fb74 Mon Sep 17 00:00:00 2001 From: Chen Yu Date: Wed, 22 Dec 2021 12:31:41 +0800 Subject: ACPI: Introduce Platform Firmware Runtime Update device driver Introduce the pfr_update driver which can be used for Platform Firmware Runtime code injection and driver update [1]. The user is expected to provide the EFI capsule, and pass it to the driver by writing the capsule to a device special file. The capsule is transferred by the driver to the platform firmware with the help of an ACPI _DSM method under the special ACPI Platform Firmware Runtime Update device (INTC1080), and the actual firmware update is carried out by the low-level Management Mode code in the platform firmware. This change allows certain pieces of the platform firmware to be updated on the fly while the system is running (runtime) without the need to restart it, which is key in the cases when the system needs to be available 100% of the time and it cannot afford the downtime related to restarting it, or when the work carried out by the system is particularly important, so it cannot be interrupted, and it is not practical to wait until it is complete. Link: https://uefi.org/sites/default/files/resources/Intel_MM_OS_Interface_Spec_Rev100.pdf # [1] Tested-by: Hongyu Ning Signed-off-by: Chen Yu [ rjw: Subject and changelog edits ] Signed-off-by: Rafael J. Wysocki --- include/uapi/linux/pfrut.h | 174 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 174 insertions(+) create mode 100644 include/uapi/linux/pfrut.h (limited to 'include') diff --git a/include/uapi/linux/pfrut.h b/include/uapi/linux/pfrut.h new file mode 100644 index 000000000000..fa97e80a93b7 --- /dev/null +++ b/include/uapi/linux/pfrut.h @@ -0,0 +1,174 @@ +/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ +/* + * Platform Firmware Runtime Update header + * + * Copyright(c) 2021 Intel Corporation. All rights reserved. + */ +#ifndef __PFRUT_H__ +#define __PFRUT_H__ + +#include +#include + +#define PFRUT_IOCTL_MAGIC 0xEE + +/** + * PFRU_IOC_SET_REV - _IOW(PFRUT_IOCTL_MAGIC, 0x01, unsigned int) + * + * Return: + * * 0 - success + * * -EFAULT - fail to read the revision id + * * -EINVAL - user provides an invalid revision id + * + * Set the Revision ID for Platform Firmware Runtime Update. + */ +#define PFRU_IOC_SET_REV _IOW(PFRUT_IOCTL_MAGIC, 0x01, unsigned int) + +/** + * PFRU_IOC_STAGE - _IOW(PFRUT_IOCTL_MAGIC, 0x02, unsigned int) + * + * Return: + * * 0 - success + * * -EINVAL - stage phase returns invalid result + * + * Stage a capsule image from communication buffer and perform authentication. + */ +#define PFRU_IOC_STAGE _IOW(PFRUT_IOCTL_MAGIC, 0x02, unsigned int) + +/** + * PFRU_IOC_ACTIVATE - _IOW(PFRUT_IOCTL_MAGIC, 0x03, unsigned int) + * + * Return: + * * 0 - success + * * -EINVAL - activate phase returns invalid result + * + * Activate a previously staged capsule image. + */ +#define PFRU_IOC_ACTIVATE _IOW(PFRUT_IOCTL_MAGIC, 0x03, unsigned int) + +/** + * PFRU_IOC_STAGE_ACTIVATE - _IOW(PFRUT_IOCTL_MAGIC, 0x04, unsigned int) + * + * Return: + * * 0 - success + * * -EINVAL - stage/activate phase returns invalid result. + * + * Perform both stage and activation action. + */ +#define PFRU_IOC_STAGE_ACTIVATE _IOW(PFRUT_IOCTL_MAGIC, 0x04, unsigned int) + +/** + * PFRU_IOC_QUERY_CAP - _IOR(PFRUT_IOCTL_MAGIC, 0x05, + * struct pfru_update_cap_info) + * + * Return: + * * 0 - success + * * -EINVAL - query phase returns invalid result + * * -EFAULT - the result fails to be copied to userspace + * + * Retrieve information on the Platform Firmware Runtime Update capability. + * The information is a struct pfru_update_cap_info. + */ +#define PFRU_IOC_QUERY_CAP _IOR(PFRUT_IOCTL_MAGIC, 0x05, struct pfru_update_cap_info) + +/** + * struct pfru_payload_hdr - Capsule file payload header. + * + * @sig: Signature of this capsule file. + * @hdr_version: Revision of this header structure. + * @hdr_size: Size of this header, including the OemHeader bytes. + * @hw_ver: The supported firmware version. + * @rt_ver: Version of the code injection image. + * @platform_id: A platform specific GUID to specify the platform what + * this capsule image support. + */ +struct pfru_payload_hdr { + __u32 sig; + __u32 hdr_version; + __u32 hdr_size; + __u32 hw_ver; + __u32 rt_ver; + __u8 platform_id[16]; +}; + +enum pfru_dsm_status { + DSM_SUCCEED = 0, + DSM_FUNC_NOT_SUPPORT = 1, + DSM_INVAL_INPUT = 2, + DSM_HARDWARE_ERR = 3, + DSM_RETRY_SUGGESTED = 4, + DSM_UNKNOWN = 5, + DSM_FUNC_SPEC_ERR = 6, +}; + +/** + * struct pfru_update_cap_info - Runtime update capability information. + * + * @status: Indicator of whether this query succeed. + * @update_cap: Bitmap to indicate whether the feature is supported. + * @code_type: A buffer containing an image type GUID. + * @fw_version: Platform firmware version. + * @code_rt_version: Code injection runtime version for anti-rollback. + * @drv_type: A buffer containing an image type GUID. + * @drv_rt_version: The version of the driver update runtime code. + * @drv_svn: The secure version number(SVN) of the driver update runtime code. + * @platform_id: A buffer containing a platform ID GUID. + * @oem_id: A buffer containing an OEM ID GUID. + * @oem_info_len: Length of the buffer containing the vendor specific information. + */ +struct pfru_update_cap_info { + __u32 status; + __u32 update_cap; + + __u8 code_type[16]; + __u32 fw_version; + __u32 code_rt_version; + + __u8 drv_type[16]; + __u32 drv_rt_version; + __u32 drv_svn; + + __u8 platform_id[16]; + __u8 oem_id[16]; + + __u32 oem_info_len; +}; + +/** + * struct pfru_com_buf_info - Communication buffer information. + * + * @status: Indicator of whether this query succeed. + * @ext_status: Implementation specific query result. + * @addr_lo: Low 32bit physical address of the communication buffer to hold + * a runtime update package. + * @addr_hi: High 32bit physical address of the communication buffer to hold + * a runtime update package. + * @buf_size: Maximum size in bytes of the communication buffer. + */ +struct pfru_com_buf_info { + __u32 status; + __u32 ext_status; + __u64 addr_lo; + __u64 addr_hi; + __u32 buf_size; +}; + +/** + * struct pfru_updated_result - Platform firmware runtime update result information. + * @status: Indicator of whether this update succeed. + * @ext_status: Implementation specific update result. + * @low_auth_time: Low 32bit value of image authentication time in nanosecond. + * @high_auth_time: High 32bit value of image authentication time in nanosecond. + * @low_exec_time: Low 32bit value of image execution time in nanosecond. + * @high_exec_time: High 32bit value of image execution time in nanosecond. + */ +struct pfru_updated_result { + __u32 status; + __u32 ext_status; + __u64 low_auth_time; + __u64 high_auth_time; + __u64 low_exec_time; + __u64 high_exec_time; +}; + +#endif /* __PFRUT_H__ */ -- cgit v1.2.3 From b0013e037a8b07772c74ce24f1ae4743b30fc3cf Mon Sep 17 00:00:00 2001 From: Chen Yu Date: Wed, 22 Dec 2021 12:32:02 +0800 Subject: ACPI: Introduce Platform Firmware Runtime Telemetry driver This driver allows user space to fetch telemetry data from the firmware with the help of the Platform Firmware Runtime Telemetry interface. Both PFRU and PFRT are based on ACPI _DSM interfaces located under special device objects in the ACPI Namespace, but these interfaces are different from each other, so it is better to provide a separate driver from each of them, even though they share some common definitions and naming conventions. Tested-by: Hongyu Ning Signed-off-by: Chen Yu [ rjw: Subject and changelog edits ] Signed-off-by: Rafael J. Wysocki --- include/uapi/linux/pfrut.h | 88 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 88 insertions(+) (limited to 'include') diff --git a/include/uapi/linux/pfrut.h b/include/uapi/linux/pfrut.h index fa97e80a93b7..42fa15f8310d 100644 --- a/include/uapi/linux/pfrut.h +++ b/include/uapi/linux/pfrut.h @@ -171,4 +171,92 @@ struct pfru_updated_result { __u64 high_exec_time; }; +/** + * struct pfrt_log_data_info - Log Data from telemetry service. + * @status: Indicator of whether this update succeed. + * @ext_status: Implementation specific update result. + * @chunk1_addr_lo: Low 32bit physical address of the telemetry data chunk1 + * starting address. + * @chunk1_addr_hi: High 32bit physical address of the telemetry data chunk1 + * starting address. + * @chunk2_addr_lo: Low 32bit physical address of the telemetry data chunk2 + * starting address. + * @chunk2_addr_hi: High 32bit physical address of the telemetry data chunk2 + * starting address. + * @max_data_size: Maximum supported size of data of all data chunks combined. + * @chunk1_size: Data size in bytes of the telemetry data chunk1 buffer. + * @chunk2_size: Data size in bytes of the telemetry data chunk2 buffer. + * @rollover_cnt: Number of times telemetry data buffer is overwritten + * since telemetry buffer reset. + * @reset_cnt: Number of times telemetry services resets that results in + * rollover count and data chunk buffers are reset. + */ +struct pfrt_log_data_info { + __u32 status; + __u32 ext_status; + __u64 chunk1_addr_lo; + __u64 chunk1_addr_hi; + __u64 chunk2_addr_lo; + __u64 chunk2_addr_hi; + __u32 max_data_size; + __u32 chunk1_size; + __u32 chunk2_size; + __u32 rollover_cnt; + __u32 reset_cnt; +}; + +/** + * struct pfrt_log_info - Telemetry log information. + * @log_level: The telemetry log level. + * @log_type: The telemetry log type(history and execution). + * @log_revid: The telemetry log revision id. + */ +struct pfrt_log_info { + __u32 log_level; + __u32 log_type; + __u32 log_revid; +}; + +/** + * PFRT_LOG_IOC_SET_INFO - _IOW(PFRUT_IOCTL_MAGIC, 0x06, + * struct pfrt_log_info) + * + * Return: + * * 0 - success + * * -EFAULT - fail to get the setting parameter + * * -EINVAL - fail to set the log level + * + * Set the PFRT log level and log type. The input information is + * a struct pfrt_log_info. + */ +#define PFRT_LOG_IOC_SET_INFO _IOW(PFRUT_IOCTL_MAGIC, 0x06, struct pfrt_log_info) + +/** + * PFRT_LOG_IOC_GET_INFO - _IOR(PFRUT_IOCTL_MAGIC, 0x07, + * struct pfrt_log_info) + * + * Return: + * * 0 - success + * * -EINVAL - fail to get the log level + * * -EFAULT - fail to copy the result back to userspace + * + * Retrieve log level and log type of the telemetry. The information is + * a struct pfrt_log_info. + */ +#define PFRT_LOG_IOC_GET_INFO _IOR(PFRUT_IOCTL_MAGIC, 0x07, struct pfrt_log_info) + +/** + * PFRT_LOG_IOC_GET_DATA_INFO - _IOR(PFRUT_IOCTL_MAGIC, 0x08, + * struct pfrt_log_data_info) + * + * Return: + * * 0 - success + * * -EINVAL - fail to get the log buffer information + * * -EFAULT - fail to copy the log buffer information to userspace + * + * Retrieve data information about the telemetry. The information + * is a struct pfrt_log_data_info. + */ +#define PFRT_LOG_IOC_GET_DATA_INFO _IOR(PFRUT_IOCTL_MAGIC, 0x08, struct pfrt_log_data_info) + #endif /* __PFRUT_H__ */ -- cgit v1.2.3