linux/drivers/acpi/acpi_fpdt.c
Hans de Goede 211391bf04 ACPI: tables: FPDT: Don't call acpi_os_map_memory() on invalid phys address
On a Packard Bell Dot SC (Intel Atom N2600 model) there is a FPDT table
which contains invalid physical addresses, with high bits set which fall
outside the range of the CPU-s supported physical address range.

Calling acpi_os_map_memory() on such an invalid phys address leads to
the below WARN_ON in ioremap triggering resulting in an oops/stacktrace.

Add code to verify the physical address before calling acpi_os_map_memory()
to fix / avoid the oops.

[    1.226900] ioremap: invalid physical address 3001000000000000
[    1.226949] ------------[ cut here ]------------
[    1.226962] WARNING: CPU: 1 PID: 1 at arch/x86/mm/ioremap.c:200 __ioremap_caller.cold+0x43/0x5f
[    1.226996] Modules linked in:
[    1.227016] CPU: 1 PID: 1 Comm: swapper/0 Not tainted 6.0.0-rc3+ #490
[    1.227029] Hardware name: Packard Bell dot s/SJE01_CT, BIOS V1.10 07/23/2013
[    1.227038] RIP: 0010:__ioremap_caller.cold+0x43/0x5f
[    1.227054] Code: 96 00 00 e9 f8 af 24 ff 89 c6 48 c7 c7 d8 0c 84 99 e8 6a 96 00 00 e9 76 af 24 ff 48 89 fe 48 c7 c7 a8 0c 84 99 e8 56 96 00 00 <0f> 0b e9 60 af 24 ff 48 8b 34 24 48 c7 c7 40 0d 84 99 e8 3f 96 00
[    1.227067] RSP: 0000:ffffb18c40033d60 EFLAGS: 00010286
[    1.227084] RAX: 0000000000000032 RBX: 3001000000000000 RCX: 0000000000000000
[    1.227095] RDX: 0000000000000001 RSI: 00000000ffffdfff RDI: 00000000ffffffff
[    1.227105] RBP: 3001000000000000 R08: 0000000000000000 R09: ffffb18c40033c18
[    1.227115] R10: 0000000000000003 R11: ffffffff99d62fe8 R12: 0000000000000008
[    1.227124] R13: 0003001000000000 R14: 0000000000001000 R15: 3001000000000000
[    1.227135] FS:  0000000000000000(0000) GS:ffff913a3c080000(0000) knlGS:0000000000000000
[    1.227146] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[    1.227156] CR2: 0000000000000000 CR3: 0000000018c26000 CR4: 00000000000006e0
[    1.227167] Call Trace:
[    1.227176]  <TASK>
[    1.227185]  ? acpi_os_map_iomem+0x1c9/0x1e0
[    1.227215]  ? kmem_cache_alloc_trace+0x187/0x370
[    1.227254]  acpi_os_map_iomem+0x1c9/0x1e0
[    1.227288]  acpi_init_fpdt+0xa8/0x253
[    1.227308]  ? acpi_debugfs_init+0x1f/0x1f
[    1.227339]  do_one_initcall+0x5a/0x300
[    1.227406]  ? rcu_read_lock_sched_held+0x3f/0x80
[    1.227442]  kernel_init_freeable+0x28b/0x2cc
[    1.227512]  ? rest_init+0x170/0x170
[    1.227538]  kernel_init+0x16/0x140
[    1.227552]  ret_from_fork+0x1f/0x30
[    1.227639]  </TASK>
[    1.227647] irq event stamp: 186819
[    1.227656] hardirqs last  enabled at (186825): [<ffffffff98184a6e>] __up_console_sem+0x5e/0x70
[    1.227672] hardirqs last disabled at (186830): [<ffffffff98184a53>] __up_console_sem+0x43/0x70
[    1.227686] softirqs last  enabled at (186576): [<ffffffff980fbc9d>] __irq_exit_rcu+0xed/0x160
[    1.227701] softirqs last disabled at (186569): [<ffffffff980fbc9d>] __irq_exit_rcu+0xed/0x160
[    1.227715] ---[ end trace 0000000000000000 ]---

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
2022-09-10 18:18:34 +02:00

288 lines
7.0 KiB
C

// SPDX-License-Identifier: GPL-2.0-only
/*
* FPDT support for exporting boot and suspend/resume performance data
*
* Copyright (C) 2021 Intel Corporation. All rights reserved.
*/
#define pr_fmt(fmt) "ACPI FPDT: " fmt
#include <linux/acpi.h>
/*
* FPDT contains ACPI table header and a number of fpdt_subtable_entries.
* Each fpdt_subtable_entry points to a subtable: FBPT or S3PT.
* Each FPDT subtable (FBPT/S3PT) is composed of a fpdt_subtable_header
* and a number of fpdt performance records.
* Each FPDT performance record is composed of a fpdt_record_header and
* performance data fields, for boot or suspend or resume phase.
*/
enum fpdt_subtable_type {
SUBTABLE_FBPT,
SUBTABLE_S3PT,
};
struct fpdt_subtable_entry {
u16 type; /* refer to enum fpdt_subtable_type */
u8 length;
u8 revision;
u32 reserved;
u64 address; /* physical address of the S3PT/FBPT table */
};
struct fpdt_subtable_header {
u32 signature;
u32 length;
};
enum fpdt_record_type {
RECORD_S3_RESUME,
RECORD_S3_SUSPEND,
RECORD_BOOT,
};
struct fpdt_record_header {
u16 type; /* refer to enum fpdt_record_type */
u8 length;
u8 revision;
};
struct resume_performance_record {
struct fpdt_record_header header;
u32 resume_count;
u64 resume_prev;
u64 resume_avg;
} __attribute__((packed));
struct boot_performance_record {
struct fpdt_record_header header;
u32 reserved;
u64 firmware_start;
u64 bootloader_load;
u64 bootloader_launch;
u64 exitbootservice_start;
u64 exitbootservice_end;
} __attribute__((packed));
struct suspend_performance_record {
struct fpdt_record_header header;
u64 suspend_start;
u64 suspend_end;
} __attribute__((packed));
static struct resume_performance_record *record_resume;
static struct suspend_performance_record *record_suspend;
static struct boot_performance_record *record_boot;
#define FPDT_ATTR(phase, name) \
static ssize_t name##_show(struct kobject *kobj, \
struct kobj_attribute *attr, char *buf) \
{ \
return sprintf(buf, "%llu\n", record_##phase->name); \
} \
static struct kobj_attribute name##_attr = \
__ATTR(name##_ns, 0444, name##_show, NULL)
FPDT_ATTR(resume, resume_prev);
FPDT_ATTR(resume, resume_avg);
FPDT_ATTR(suspend, suspend_start);
FPDT_ATTR(suspend, suspend_end);
FPDT_ATTR(boot, firmware_start);
FPDT_ATTR(boot, bootloader_load);
FPDT_ATTR(boot, bootloader_launch);
FPDT_ATTR(boot, exitbootservice_start);
FPDT_ATTR(boot, exitbootservice_end);
static ssize_t resume_count_show(struct kobject *kobj,
struct kobj_attribute *attr, char *buf)
{
return sprintf(buf, "%u\n", record_resume->resume_count);
}
static struct kobj_attribute resume_count_attr =
__ATTR_RO(resume_count);
static struct attribute *resume_attrs[] = {
&resume_count_attr.attr,
&resume_prev_attr.attr,
&resume_avg_attr.attr,
NULL
};
static const struct attribute_group resume_attr_group = {
.attrs = resume_attrs,
.name = "resume",
};
static struct attribute *suspend_attrs[] = {
&suspend_start_attr.attr,
&suspend_end_attr.attr,
NULL
};
static const struct attribute_group suspend_attr_group = {
.attrs = suspend_attrs,
.name = "suspend",
};
static struct attribute *boot_attrs[] = {
&firmware_start_attr.attr,
&bootloader_load_attr.attr,
&bootloader_launch_attr.attr,
&exitbootservice_start_attr.attr,
&exitbootservice_end_attr.attr,
NULL
};
static const struct attribute_group boot_attr_group = {
.attrs = boot_attrs,
.name = "boot",
};
static struct kobject *fpdt_kobj;
#if defined CONFIG_X86 && defined CONFIG_PHYS_ADDR_T_64BIT
#include <linux/processor.h>
static bool fpdt_address_valid(u64 address)
{
/*
* On some systems the table contains invalid addresses
* with unsuppored high address bits set, check for this.
*/
return !(address >> boot_cpu_data.x86_phys_bits);
}
#else
static bool fpdt_address_valid(u64 address)
{
return true;
}
#endif
static int fpdt_process_subtable(u64 address, u32 subtable_type)
{
struct fpdt_subtable_header *subtable_header;
struct fpdt_record_header *record_header;
char *signature = (subtable_type == SUBTABLE_FBPT ? "FBPT" : "S3PT");
u32 length, offset;
int result;
if (!fpdt_address_valid(address)) {
pr_info(FW_BUG "invalid physical address: 0x%llx!\n", address);
return -EINVAL;
}
subtable_header = acpi_os_map_memory(address, sizeof(*subtable_header));
if (!subtable_header)
return -ENOMEM;
if (strncmp((char *)&subtable_header->signature, signature, 4)) {
pr_info(FW_BUG "subtable signature and type mismatch!\n");
return -EINVAL;
}
length = subtable_header->length;
acpi_os_unmap_memory(subtable_header, sizeof(*subtable_header));
subtable_header = acpi_os_map_memory(address, length);
if (!subtable_header)
return -ENOMEM;
offset = sizeof(*subtable_header);
while (offset < length) {
record_header = (void *)subtable_header + offset;
offset += record_header->length;
switch (record_header->type) {
case RECORD_S3_RESUME:
if (subtable_type != SUBTABLE_S3PT) {
pr_err(FW_BUG "Invalid record %d for subtable %s\n",
record_header->type, signature);
return -EINVAL;
}
if (record_resume) {
pr_err("Duplicate resume performance record found.\n");
continue;
}
record_resume = (struct resume_performance_record *)record_header;
result = sysfs_create_group(fpdt_kobj, &resume_attr_group);
if (result)
return result;
break;
case RECORD_S3_SUSPEND:
if (subtable_type != SUBTABLE_S3PT) {
pr_err(FW_BUG "Invalid %d for subtable %s\n",
record_header->type, signature);
continue;
}
if (record_suspend) {
pr_err("Duplicate suspend performance record found.\n");
continue;
}
record_suspend = (struct suspend_performance_record *)record_header;
result = sysfs_create_group(fpdt_kobj, &suspend_attr_group);
if (result)
return result;
break;
case RECORD_BOOT:
if (subtable_type != SUBTABLE_FBPT) {
pr_err(FW_BUG "Invalid %d for subtable %s\n",
record_header->type, signature);
return -EINVAL;
}
if (record_boot) {
pr_err("Duplicate boot performance record found.\n");
continue;
}
record_boot = (struct boot_performance_record *)record_header;
result = sysfs_create_group(fpdt_kobj, &boot_attr_group);
if (result)
return result;
break;
default:
/* Other types are reserved in ACPI 6.4 spec. */
break;
}
}
return 0;
}
static int __init acpi_init_fpdt(void)
{
acpi_status status;
struct acpi_table_header *header;
struct fpdt_subtable_entry *subtable;
u32 offset = sizeof(*header);
status = acpi_get_table(ACPI_SIG_FPDT, 0, &header);
if (ACPI_FAILURE(status))
return 0;
fpdt_kobj = kobject_create_and_add("fpdt", acpi_kobj);
if (!fpdt_kobj) {
acpi_put_table(header);
return -ENOMEM;
}
while (offset < header->length) {
subtable = (void *)header + offset;
switch (subtable->type) {
case SUBTABLE_FBPT:
case SUBTABLE_S3PT:
fpdt_process_subtable(subtable->address,
subtable->type);
break;
default:
/* Other types are reserved in ACPI 6.4 spec. */
break;
}
offset += sizeof(*subtable);
}
return 0;
}
fs_initcall(acpi_init_fpdt);