From b1d9d6cb30fe6bd1b844ae98a372471f17c4fdc4 Mon Sep 17 00:00:00 2001 From: Peng Hao Date: Tue, 6 Nov 2018 22:57:15 +0800 Subject: dt-bindings: misc/pvpanic: add document for pvpanic-mmio Add dt-bindings document for "qemu:pvpanic-mmio". Acked-by: Mark Rutland Signed-off-by: Peng Hao Signed-off-by: Greg Kroah-Hartman --- .../devicetree/bindings/misc/pvpanic-mmio.txt | 29 ++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 Documentation/devicetree/bindings/misc/pvpanic-mmio.txt (limited to 'Documentation') diff --git a/Documentation/devicetree/bindings/misc/pvpanic-mmio.txt b/Documentation/devicetree/bindings/misc/pvpanic-mmio.txt new file mode 100644 index 000000000000..985e90736780 --- /dev/null +++ b/Documentation/devicetree/bindings/misc/pvpanic-mmio.txt @@ -0,0 +1,29 @@ +* QEMU PVPANIC MMIO Configuration bindings + +QEMU's emulation / virtualization targets provide the following PVPANIC +MMIO Configuration interface on the "virt" machine. +type: + +- a read-write, 16-bit wide data register. + +QEMU exposes the data register to guests as memory mapped registers. + +Required properties: + +- compatible: "qemu,pvpanic-mmio". +- reg: the MMIO region used by the device. + * Bytes 0x0 Write panic event to the reg when guest OS panics. + * Bytes 0x1 Reserved. + +Example: + +/ { + #size-cells = <0x2>; + #address-cells = <0x2>; + + pvpanic-mmio@9060000 { + compatible = "qemu,pvpanic-mmio"; + reg = <0x0 0x9060000 0x0 0x2>; + }; +}; + -- cgit v1.2.3-59-g8ed1b From a2c1c192656b701939b9028646b8a8bb90edd911 Mon Sep 17 00:00:00 2001 From: Richard Gong Date: Tue, 13 Nov 2018 12:13:59 -0600 Subject: dt-bindings, firmware: add Intel Stratix10 service layer binding Add a device tree binding for the Intel Stratix10 service layer driver Signed-off-by: Richard Gong Signed-off-by: Alan Tull Reviewed-by: Rob Herring Acked-by: Moritz Fischer Signed-off-by: Greg Kroah-Hartman --- .../bindings/firmware/intel,stratix10-svc.txt | 57 ++++++++++++++++++++++ 1 file changed, 57 insertions(+) create mode 100644 Documentation/devicetree/bindings/firmware/intel,stratix10-svc.txt (limited to 'Documentation') diff --git a/Documentation/devicetree/bindings/firmware/intel,stratix10-svc.txt b/Documentation/devicetree/bindings/firmware/intel,stratix10-svc.txt new file mode 100644 index 000000000000..1fa66065acc6 --- /dev/null +++ b/Documentation/devicetree/bindings/firmware/intel,stratix10-svc.txt @@ -0,0 +1,57 @@ +Intel Service Layer Driver for Stratix10 SoC +============================================ +Intel Stratix10 SoC is composed of a 64 bit quad-core ARM Cortex A53 hard +processor system (HPS) and Secure Device Manager (SDM). When the FPGA is +configured from HPS, there needs to be a way for HPS to notify SDM the +location and size of the configuration data. Then SDM will get the +configuration data from that location and perform the FPGA configuration. + +To meet the whole system security needs and support virtual machine requesting +communication with SDM, only the secure world of software (EL3, Exception +Layer 3) can interface with SDM. All software entities running on other +exception layers must channel through the EL3 software whenever it needs +service from SDM. + +Intel Stratix10 service layer driver, running at privileged exception level +(EL1, Exception Layer 1), interfaces with the service providers and provides +the services for FPGA configuration, QSPI, Crypto and warm reset. Service layer +driver also manages secure monitor call (SMC) to communicate with secure monitor +code running in EL3. + +Required properties: +------------------- +The svc node has the following mandatory properties, must be located under +the firmware node. + +- compatible: "intel,stratix10-svc" +- method: smc or hvc + smc - Secure Monitor Call + hvc - Hypervisor Call +- memory-region: + phandle to the reserved memory node. See + Documentation/devicetree/bindings/reserved-memory/reserved-memory.txt + for details + +Example: +------- + + reserved-memory { + #address-cells = <2>; + #size-cells = <2>; + ranges; + + service_reserved: svcbuffer@0 { + compatible = "shared-dma-pool"; + reg = <0x0 0x0 0x0 0x1000000>; + alignment = <0x1000>; + no-map; + }; + }; + + firmware { + svc { + compatible = "intel,stratix10-svc"; + method = "smc"; + memory-region = <&service_reserved>; + }; + }; -- cgit v1.2.3-59-g8ed1b From 59e328039f47356c63c43c8617aba29a3afcc109 Mon Sep 17 00:00:00 2001 From: Alan Tull Date: Tue, 13 Nov 2018 12:14:02 -0600 Subject: dt-bindings: fpga: add Stratix10 SoC FPGA manager binding Add a Device Tree binding for the Intel Stratix10 SoC FPGA manager. Signed-off-by: Alan Tull Signed-off-by: Richard Gong Reviewed-by: Rob Herring Acked-by: Moritz Fischer Signed-off-by: Greg Kroah-Hartman --- .../bindings/fpga/intel-stratix10-soc-fpga-mgr.txt | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 Documentation/devicetree/bindings/fpga/intel-stratix10-soc-fpga-mgr.txt (limited to 'Documentation') diff --git a/Documentation/devicetree/bindings/fpga/intel-stratix10-soc-fpga-mgr.txt b/Documentation/devicetree/bindings/fpga/intel-stratix10-soc-fpga-mgr.txt new file mode 100644 index 000000000000..6e03f79287fb --- /dev/null +++ b/Documentation/devicetree/bindings/fpga/intel-stratix10-soc-fpga-mgr.txt @@ -0,0 +1,17 @@ +Intel Stratix10 SoC FPGA Manager + +Required properties: +The fpga_mgr node has the following mandatory property, must be located under +firmware/svc node. + +- compatible : should contain "intel,stratix10-soc-fpga-mgr" + +Example: + + firmware { + svc { + fpga_mgr: fpga-mgr { + compatible = "intel,stratix10-soc-fpga-mgr"; + }; + }; + }; -- cgit v1.2.3-59-g8ed1b From 0d5c06aa0ee8ba36e9c4a3ae7a3a3377c105b412 Mon Sep 17 00:00:00 2001 From: Richard Gong Date: Tue, 13 Nov 2018 12:14:05 -0600 Subject: Documentation: driver-api: add stratix10 service layer Add Intel Stratix10 service layer driver document Signed-off-by: Richard Gong Signed-off-by: Alan Tull Signed-off-by: Greg Kroah-Hartman --- .../driver-api/firmware/other_interfaces.rst | 30 ++++++++++++++++++++++ 1 file changed, 30 insertions(+) (limited to 'Documentation') diff --git a/Documentation/driver-api/firmware/other_interfaces.rst b/Documentation/driver-api/firmware/other_interfaces.rst index 36c47b1e9824..a4ac54b5fd79 100644 --- a/Documentation/driver-api/firmware/other_interfaces.rst +++ b/Documentation/driver-api/firmware/other_interfaces.rst @@ -13,3 +13,33 @@ EDD Interfaces .. kernel-doc:: drivers/firmware/edd.c :internal: +Intel Stratix10 SoC Service Layer +--------------------------------- +Some features of the Intel Stratix10 SoC require a level of privilege +higher than the kernel is granted. Such secure features include +FPGA programming. In terms of the ARMv8 architecture, the kernel runs +at Exception Level 1 (EL1), access to the features requires +Exception Level 3 (EL3). + +The Intel Stratix10 SoC service layer provides an in kernel API for +drivers to request access to the secure features. The requests are queued +and processed one by one. ARM’s SMCCC is used to pass the execution +of the requests on to a secure monitor (EL3). + +.. kernel-doc:: include/linux/firmware/intel/stratix10-svc-client.h + :functions: stratix10_svc_command_code + +.. kernel-doc:: include/linux/firmware/intel/stratix10-svc-client.h + :functions: stratix10_svc_client_msg + +.. kernel-doc:: include/linux/firmware/intel/stratix10-svc-client.h + :functions: stratix10_svc_command_reconfig_payload + +.. kernel-doc:: include/linux/firmware/intel/stratix10-svc-client.h + :functions: stratix10_svc_cb_data + +.. kernel-doc:: include/linux/firmware/intel/stratix10-svc-client.h + :functions: stratix10_svc_client + +.. kernel-doc:: drivers/firmware/stratix10-svc.c + :export: -- cgit v1.2.3-59-g8ed1b From dcc3c9e37fbd70e728d08cce0e50121605390fa0 Mon Sep 17 00:00:00 2001 From: Mika Westerberg Date: Wed, 31 Oct 2018 14:06:52 +0300 Subject: thunderbolt: Export IOMMU based DMA protection support to userspace Recent systems with Thunderbolt ports may support IOMMU natively. In practice this means that Thunderbolt connected devices are placed behind an IOMMU during the whole time it is connected (including during boot) making Thunderbolt security levels redundant. This is called Kernel DMA protection [1] by Microsoft. Some of these systems still have Thunderbolt security level set to "user" in order to support OS downgrade (the older version of the OS might not support IOMMU based DMA protection so connecting a device still relies on user approval). Export this information to userspace by introducing a new sysfs attribute (iommu_dma_protection). Based on it userspace tools can make more accurate decision whether or not authorize the connected device. In addition update Thunderbolt documentation regarding IOMMU based DMA protection. [1] https://docs.microsoft.com/en-us/windows/security/information-protection/kernel-dma-protection-for-thunderbolt Signed-off-by: Mika Westerberg Reviewed-by: Yehezkel Bernat --- Documentation/ABI/testing/sysfs-bus-thunderbolt | 9 +++++++++ Documentation/admin-guide/thunderbolt.rst | 20 ++++++++++++++++++++ drivers/thunderbolt/domain.c | 17 +++++++++++++++++ 3 files changed, 46 insertions(+) (limited to 'Documentation') diff --git a/Documentation/ABI/testing/sysfs-bus-thunderbolt b/Documentation/ABI/testing/sysfs-bus-thunderbolt index 151584a1f950..b21fba14689b 100644 --- a/Documentation/ABI/testing/sysfs-bus-thunderbolt +++ b/Documentation/ABI/testing/sysfs-bus-thunderbolt @@ -21,6 +21,15 @@ Description: Holds a comma separated list of device unique_ids that If a device is authorized automatically during boot its boot attribute is set to 1. +What: /sys/bus/thunderbolt/devices/.../domainX/iommu_dma_protection +Date: Mar 2019 +KernelVersion: 4.21 +Contact: thunderbolt-software@lists.01.org +Description: This attribute tells whether the system uses IOMMU + for DMA protection. Value of 1 means IOMMU is used 0 means + it is not (DMA protection is solely based on Thunderbolt + security levels). + What: /sys/bus/thunderbolt/devices/.../domainX/security Date: Sep 2017 KernelVersion: 4.13 diff --git a/Documentation/admin-guide/thunderbolt.rst b/Documentation/admin-guide/thunderbolt.rst index 35fccba6a9a6..898ad78f3cc7 100644 --- a/Documentation/admin-guide/thunderbolt.rst +++ b/Documentation/admin-guide/thunderbolt.rst @@ -133,6 +133,26 @@ If the user still wants to connect the device they can either approve the device without a key or write a new key and write 1 to the ``authorized`` file to get the new key stored on the device NVM. +DMA protection utilizing IOMMU +------------------------------ +Recent systems from 2018 and forward with Thunderbolt ports may natively +support IOMMU. This means that Thunderbolt security is handled by an IOMMU +so connected devices cannot access memory regions outside of what is +allocated for them by drivers. When Linux is running on such system it +automatically enables IOMMU if not enabled by the user already. These +systems can be identified by reading ``1`` from +``/sys/bus/thunderbolt/devices/domainX/iommu_dma_protection`` attribute. + +The driver does not do anything special in this case but because DMA +protection is handled by the IOMMU, security levels (if set) are +redundant. For this reason some systems ship with security level set to +``none``. Other systems have security level set to ``user`` in order to +support downgrade to older OS, so users who want to automatically +authorize devices when IOMMU DMA protection is enabled can use the +following ``udev`` rule:: + + ACTION=="add", SUBSYSTEM=="thunderbolt", ATTRS{iommu_dma_protection}=="1", ATTR{authorized}=="0", ATTR{authorized}="1" + Upgrading NVM on Thunderbolt device or host ------------------------------------------- Since most of the functionality is handled in firmware running on a diff --git a/drivers/thunderbolt/domain.c b/drivers/thunderbolt/domain.c index 93e562f18d40..7416bdbd8576 100644 --- a/drivers/thunderbolt/domain.c +++ b/drivers/thunderbolt/domain.c @@ -7,7 +7,9 @@ */ #include +#include #include +#include #include #include #include @@ -236,6 +238,20 @@ err_free_str: } static DEVICE_ATTR_RW(boot_acl); +static ssize_t iommu_dma_protection_show(struct device *dev, + struct device_attribute *attr, + char *buf) +{ + /* + * Kernel DMA protection is a feature where Thunderbolt security is + * handled natively using IOMMU. It is enabled when IOMMU is + * enabled and ACPI DMAR table has DMAR_PLATFORM_OPT_IN set. + */ + return sprintf(buf, "%d\n", + iommu_present(&pci_bus_type) && dmar_platform_optin()); +} +static DEVICE_ATTR_RO(iommu_dma_protection); + static ssize_t security_show(struct device *dev, struct device_attribute *attr, char *buf) { @@ -251,6 +267,7 @@ static DEVICE_ATTR_RO(security); static struct attribute *domain_attrs[] = { &dev_attr_boot_acl.attr, + &dev_attr_iommu_dma_protection.attr, &dev_attr_security.attr, NULL, }; -- cgit v1.2.3-59-g8ed1b From a91ae340ad05c24b921f433357ca82a83480ce95 Mon Sep 17 00:00:00 2001 From: Jerome Brunet Date: Fri, 30 Nov 2018 11:53:22 +0000 Subject: nvmem: meson-efuse: bindings: add peripheral clock The efuse found in gx SoC requires a peripheral clock to properly operate. We have been able to work without it until now because the clock was on by default, and left on by the CCF. Soon, it will not be the case anymore, so the device needs to claim the clock it needs Signed-off-by: Jerome Brunet Reviewed-by: Rob Herring Signed-off-by: Srinivas Kandagatla Signed-off-by: Greg Kroah-Hartman --- Documentation/devicetree/bindings/nvmem/amlogic-efuse.txt | 3 +++ 1 file changed, 3 insertions(+) (limited to 'Documentation') diff --git a/Documentation/devicetree/bindings/nvmem/amlogic-efuse.txt b/Documentation/devicetree/bindings/nvmem/amlogic-efuse.txt index e3298e18de26..2e0723ab3384 100644 --- a/Documentation/devicetree/bindings/nvmem/amlogic-efuse.txt +++ b/Documentation/devicetree/bindings/nvmem/amlogic-efuse.txt @@ -2,6 +2,8 @@ Required properties: - compatible: should be "amlogic,meson-gxbb-efuse" +- clocks: phandle to the efuse peripheral clock provided by the + clock controller. = Data cells = Are child nodes of eFuse, bindings of which as described in @@ -11,6 +13,7 @@ Example: efuse: efuse { compatible = "amlogic,meson-gxbb-efuse"; + clocks = <&clkc CLKID_EFUSE>; #address-cells = <1>; #size-cells = <1>; -- cgit v1.2.3-59-g8ed1b From 4cdd41585c5196f75e1e496c4f64345b2c700e0b Mon Sep 17 00:00:00 2001 From: Alexander Shishkin Date: Wed, 19 Dec 2018 17:19:21 +0200 Subject: stm class: Add a reference to the SyS-T document Commit 4cb3653df0cd ("stm class: Document the MIPI SyS-T protocol usage") added a document describing the SyS-T protocol usage, but forgot to add it to the directory index. Fix that. Signed-off-by: Alexander Shishkin Fixes: 4cb3653df0cd ("stm class: Document the MIPI SyS-T protocol usage") Signed-off-by: Greg Kroah-Hartman --- Documentation/trace/index.rst | 1 + 1 file changed, 1 insertion(+) (limited to 'Documentation') diff --git a/Documentation/trace/index.rst b/Documentation/trace/index.rst index 306997941ba1..6b4107cf4b98 100644 --- a/Documentation/trace/index.rst +++ b/Documentation/trace/index.rst @@ -22,3 +22,4 @@ Linux Tracing Technologies hwlat_detector intel_th stm + sys-t -- cgit v1.2.3-59-g8ed1b