1// SPDX-License-Identifier: GPL-2.0-only
  2/*
  3 * memconsole-coreboot.c
  4 *
  5 * Memory based BIOS console accessed through coreboot table.
  6 *
  7 * Copyright 2017 Google Inc.
  8 */
  9
 10#include <linux/device.h>
 11#include <linux/io.h>
 12#include <linux/kernel.h>
 13#include <linux/module.h>
 14
 15#include "memconsole.h"
 16#include "coreboot_table.h"
 17
 18#define CB_TAG_CBMEM_CONSOLE	0x17
 19
 20/* CBMEM firmware console log descriptor. */
 21struct cbmem_cons {
 22	u32 size_dont_access_after_boot;
 23	u32 cursor;
 24	u8  body[];
 25} __packed;
 26
 27#define CURSOR_MASK ((1 << 28) - 1)
 28#define OVERFLOW (1 << 31)
 29
 30static struct cbmem_cons *cbmem_console;
 31static u32 cbmem_console_size;
 32
 33/*
 34 * The cbmem_console structure is read again on every access because it may
 35 * change at any time if runtime firmware logs new messages. This may rarely
 36 * lead to race conditions where the firmware overwrites the beginning of the
 37 * ring buffer with more lines after we have already read |cursor|. It should be
 38 * rare and harmless enough that we don't spend extra effort working around it.
 39 */
 40static ssize_t memconsole_coreboot_read(char *buf, loff_t pos, size_t count)
 41{
 42	u32 cursor = cbmem_console->cursor & CURSOR_MASK;
 43	u32 flags = cbmem_console->cursor & ~CURSOR_MASK;
 44	u32 size = cbmem_console_size;
 45	struct seg {	/* describes ring buffer segments in logical order */
 46		u32 phys;	/* physical offset from start of mem buffer */
 47		u32 len;	/* length of segment */
 48	} seg[2] = { {0}, {0} };
 49	size_t done = 0;
 50	int i;
 51
 52	if (flags & OVERFLOW) {
 53		if (cursor > size)	/* Shouldn't really happen, but... */
 54			cursor = 0;
 55		seg[0] = (struct seg){.phys = cursor, .len = size - cursor};
 56		seg[1] = (struct seg){.phys = 0, .len = cursor};
 57	} else {
 58		seg[0] = (struct seg){.phys = 0, .len = min(cursor, size)};
 59	}
 60
 61	for (i = 0; i < ARRAY_SIZE(seg) && count > done; i++) {
 62		done += memory_read_from_buffer(buf + done, count - done, &pos,
 63			cbmem_console->body + seg[i].phys, seg[i].len);
 64		pos -= seg[i].len;
 65	}
 66	return done;
 67}
 68
 69static int memconsole_probe(struct coreboot_device *dev)
 70{
 71	struct cbmem_cons *tmp_cbmc;
 72
 73	tmp_cbmc = memremap(dev->cbmem_ref.cbmem_addr,
 74			    sizeof(*tmp_cbmc), MEMREMAP_WB);
 75
 76	if (!tmp_cbmc)
 77		return -ENOMEM;
 78
 79	/* Read size only once to prevent overrun attack through /dev/mem. */
 80	cbmem_console_size = tmp_cbmc->size_dont_access_after_boot;
 81	cbmem_console = devm_memremap(&dev->dev, dev->cbmem_ref.cbmem_addr,
 82				 cbmem_console_size + sizeof(*cbmem_console),
 83				 MEMREMAP_WB);
 84	memunmap(tmp_cbmc);
 85
 86	if (IS_ERR(cbmem_console))
 87		return PTR_ERR(cbmem_console);
 88
 89	memconsole_setup(memconsole_coreboot_read);
 90
 91	return memconsole_sysfs_init();
 92}
 93
 94static void memconsole_remove(struct coreboot_device *dev)
 95{
 96	memconsole_exit();
 97}
 98
 99static const struct coreboot_device_id memconsole_ids[] = {
100	{ .tag = CB_TAG_CBMEM_CONSOLE },
101	{ /* sentinel */ }
102};
103MODULE_DEVICE_TABLE(coreboot, memconsole_ids);
104
105static struct coreboot_driver memconsole_driver = {
106	.probe = memconsole_probe,
107	.remove = memconsole_remove,
108	.drv = {
109		.name = "memconsole",
110	},
111	.id_table = memconsole_ids,
112};
113module_coreboot_driver(memconsole_driver);
114
115MODULE_AUTHOR("Google, Inc.");
116MODULE_LICENSE("GPL");