defb70980f
- Fix memset argument order: The second argument is
the value, the length goes last.
- Fix an integer overflow reported by Alexander Bulekov.
Both issues allow the guest to overrun the host buffer
allocated for the ERST memory device.
Cc: Eric DeVolder <eric.devolder@oracle.com
Cc: Alexander Bulekov <alxndr@bu.edu>
Cc: qemu-stable@nongnu.org
Fixes: f7e26ffa59
("ACPI ERST: support for ACPI ERST feature")
Tested-by: Alexander Bulekov <alxndr@bu.edu>
Signed-off-by: Christian A. Ehrhardt <lk@c--e.de>
Message-Id: <20221024154233.1043347-1-lk@c--e.de>
Fixes: https://gitlab.com/qemu-project/qemu/-/issues/1268
Reviewed-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Eric DeVolder <eric.devolder@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
1050 lines
34 KiB
C
1050 lines
34 KiB
C
/*
|
|
* ACPI Error Record Serialization Table, ERST, Implementation
|
|
*
|
|
* ACPI ERST introduced in ACPI 4.0, June 16, 2009.
|
|
* ACPI Platform Error Interfaces : Error Serialization
|
|
*
|
|
* Copyright (c) 2021 Oracle and/or its affiliates.
|
|
*
|
|
* SPDX-License-Identifier: GPL-2.0-or-later
|
|
*/
|
|
|
|
#include "qemu/osdep.h"
|
|
#include "qapi/error.h"
|
|
#include "hw/qdev-core.h"
|
|
#include "exec/memory.h"
|
|
#include "qom/object.h"
|
|
#include "hw/pci/pci.h"
|
|
#include "qom/object_interfaces.h"
|
|
#include "qemu/error-report.h"
|
|
#include "migration/vmstate.h"
|
|
#include "hw/qdev-properties.h"
|
|
#include "hw/acpi/acpi.h"
|
|
#include "hw/acpi/acpi-defs.h"
|
|
#include "hw/acpi/aml-build.h"
|
|
#include "hw/acpi/bios-linker-loader.h"
|
|
#include "exec/address-spaces.h"
|
|
#include "sysemu/hostmem.h"
|
|
#include "hw/acpi/erst.h"
|
|
#include "trace.h"
|
|
|
|
/* ACPI 4.0: Table 17-16 Serialization Actions */
|
|
#define ACTION_BEGIN_WRITE_OPERATION 0x0
|
|
#define ACTION_BEGIN_READ_OPERATION 0x1
|
|
#define ACTION_BEGIN_CLEAR_OPERATION 0x2
|
|
#define ACTION_END_OPERATION 0x3
|
|
#define ACTION_SET_RECORD_OFFSET 0x4
|
|
#define ACTION_EXECUTE_OPERATION 0x5
|
|
#define ACTION_CHECK_BUSY_STATUS 0x6
|
|
#define ACTION_GET_COMMAND_STATUS 0x7
|
|
#define ACTION_GET_RECORD_IDENTIFIER 0x8
|
|
#define ACTION_SET_RECORD_IDENTIFIER 0x9
|
|
#define ACTION_GET_RECORD_COUNT 0xA
|
|
#define ACTION_BEGIN_DUMMY_WRITE_OPERATION 0xB
|
|
#define ACTION_RESERVED 0xC
|
|
#define ACTION_GET_ERROR_LOG_ADDRESS_RANGE 0xD
|
|
#define ACTION_GET_ERROR_LOG_ADDRESS_LENGTH 0xE
|
|
#define ACTION_GET_ERROR_LOG_ADDRESS_RANGE_ATTRIBUTES 0xF
|
|
#define ACTION_GET_EXECUTE_OPERATION_TIMINGS 0x10 /* ACPI 6.3 */
|
|
|
|
/* ACPI 4.0: Table 17-17 Command Status Definitions */
|
|
#define STATUS_SUCCESS 0x00
|
|
#define STATUS_NOT_ENOUGH_SPACE 0x01
|
|
#define STATUS_HARDWARE_NOT_AVAILABLE 0x02
|
|
#define STATUS_FAILED 0x03
|
|
#define STATUS_RECORD_STORE_EMPTY 0x04
|
|
#define STATUS_RECORD_NOT_FOUND 0x05
|
|
|
|
/* ACPI 4.0: Table 17-19 Serialization Instructions */
|
|
#define INST_READ_REGISTER 0x00
|
|
#define INST_READ_REGISTER_VALUE 0x01
|
|
#define INST_WRITE_REGISTER 0x02
|
|
#define INST_WRITE_REGISTER_VALUE 0x03
|
|
#define INST_NOOP 0x04
|
|
#define INST_LOAD_VAR1 0x05
|
|
#define INST_LOAD_VAR2 0x06
|
|
#define INST_STORE_VAR1 0x07
|
|
#define INST_ADD 0x08
|
|
#define INST_SUBTRACT 0x09
|
|
#define INST_ADD_VALUE 0x0A
|
|
#define INST_SUBTRACT_VALUE 0x0B
|
|
#define INST_STALL 0x0C
|
|
#define INST_STALL_WHILE_TRUE 0x0D
|
|
#define INST_SKIP_NEXT_INSTRUCTION_IF_TRUE 0x0E
|
|
#define INST_GOTO 0x0F
|
|
#define INST_SET_SRC_ADDRESS_BASE 0x10
|
|
#define INST_SET_DST_ADDRESS_BASE 0x11
|
|
#define INST_MOVE_DATA 0x12
|
|
|
|
/* UEFI 2.1: Appendix N Common Platform Error Record */
|
|
#define UEFI_CPER_RECORD_MIN_SIZE 128U
|
|
#define UEFI_CPER_RECORD_LENGTH_OFFSET 20U
|
|
#define UEFI_CPER_RECORD_ID_OFFSET 96U
|
|
|
|
/*
|
|
* NOTE that when accessing CPER fields within a record, memcpy()
|
|
* is utilized to avoid a possible misaligned access on the host.
|
|
*/
|
|
|
|
/*
|
|
* This implementation is an ACTION (cmd) and VALUE (data)
|
|
* interface consisting of just two 64-bit registers.
|
|
*/
|
|
#define ERST_REG_SIZE (16UL)
|
|
#define ERST_ACTION_OFFSET (0UL) /* action (cmd) */
|
|
#define ERST_VALUE_OFFSET (8UL) /* argument/value (data) */
|
|
|
|
/*
|
|
* ERST_RECORD_SIZE is the buffer size for exchanging ERST
|
|
* record contents. Thus, it defines the maximum record size.
|
|
* As this is mapped through a PCI BAR, it must be a power of
|
|
* two and larger than UEFI_CPER_RECORD_MIN_SIZE.
|
|
* The backing storage is divided into fixed size "slots",
|
|
* each ERST_RECORD_SIZE in length, and each "slot"
|
|
* storing a single record. No attempt at optimizing storage
|
|
* through compression, compaction, etc is attempted.
|
|
* NOTE that slot 0 is reserved for the backing storage header.
|
|
* Depending upon the size of the backing storage, additional
|
|
* slots will be part of the slot 0 header in order to account
|
|
* for a record_id for each available remaining slot.
|
|
*/
|
|
/* 8KiB records, not too small, not too big */
|
|
#define ERST_RECORD_SIZE (8192UL)
|
|
|
|
#define ACPI_ERST_MEMDEV_PROP "memdev"
|
|
#define ACPI_ERST_RECORD_SIZE_PROP "record_size"
|
|
|
|
/*
|
|
* From the ACPI ERST spec sections:
|
|
* A record id of all 0s is used to indicate 'unspecified' record id.
|
|
* A record id of all 1s is used to indicate empty or end.
|
|
*/
|
|
#define ERST_UNSPECIFIED_RECORD_ID (0UL)
|
|
#define ERST_EMPTY_END_RECORD_ID (~0UL)
|
|
|
|
#define ERST_IS_VALID_RECORD_ID(rid) \
|
|
((rid != ERST_UNSPECIFIED_RECORD_ID) && \
|
|
(rid != ERST_EMPTY_END_RECORD_ID))
|
|
|
|
/*
|
|
* Implementation-specific definitions and types.
|
|
* Values are arbitrary and chosen for this implementation.
|
|
* See erst.rst documentation for details.
|
|
*/
|
|
#define ERST_EXECUTE_OPERATION_MAGIC 0x9CUL
|
|
#define ERST_STORE_MAGIC 0x524F545354535245UL /* ERSTSTOR */
|
|
typedef struct {
|
|
uint64_t magic;
|
|
uint32_t record_size;
|
|
uint32_t storage_offset; /* offset to record storage beyond header */
|
|
uint16_t version;
|
|
uint16_t reserved;
|
|
uint32_t record_count;
|
|
uint64_t map[]; /* contains record_ids, and position indicates index */
|
|
} __attribute__((packed)) ERSTStorageHeader;
|
|
|
|
/*
|
|
* Object cast macro
|
|
*/
|
|
#define ACPIERST(obj) \
|
|
OBJECT_CHECK(ERSTDeviceState, (obj), TYPE_ACPI_ERST)
|
|
|
|
/*
|
|
* Main ERST device state structure
|
|
*/
|
|
typedef struct {
|
|
PCIDevice parent_obj;
|
|
|
|
/* Backend storage */
|
|
HostMemoryBackend *hostmem;
|
|
MemoryRegion *hostmem_mr;
|
|
uint32_t storage_size;
|
|
uint32_t default_record_size;
|
|
|
|
/* Programming registers */
|
|
MemoryRegion iomem_mr;
|
|
|
|
/* Exchange buffer */
|
|
MemoryRegion exchange_mr;
|
|
|
|
/* Interface state */
|
|
uint8_t operation;
|
|
uint8_t busy_status;
|
|
uint8_t command_status;
|
|
uint32_t record_offset;
|
|
uint64_t reg_action;
|
|
uint64_t reg_value;
|
|
uint64_t record_identifier;
|
|
ERSTStorageHeader *header;
|
|
unsigned first_record_index;
|
|
unsigned last_record_index;
|
|
unsigned next_record_index;
|
|
|
|
} ERSTDeviceState;
|
|
|
|
/*******************************************************************/
|
|
/*******************************************************************/
|
|
typedef struct {
|
|
GArray *table_data;
|
|
pcibus_t bar;
|
|
uint8_t instruction;
|
|
uint8_t flags;
|
|
uint8_t register_bit_width;
|
|
pcibus_t register_offset;
|
|
} BuildSerializationInstructionEntry;
|
|
|
|
/* ACPI 4.0: 17.4.1.2 Serialization Instruction Entries */
|
|
static void build_serialization_instruction(
|
|
BuildSerializationInstructionEntry *e,
|
|
uint8_t serialization_action,
|
|
uint64_t value)
|
|
{
|
|
/* ACPI 4.0: Table 17-18 Serialization Instruction Entry */
|
|
struct AcpiGenericAddress gas;
|
|
uint64_t mask;
|
|
|
|
/* Serialization Action */
|
|
build_append_int_noprefix(e->table_data, serialization_action, 1);
|
|
/* Instruction */
|
|
build_append_int_noprefix(e->table_data, e->instruction, 1);
|
|
/* Flags */
|
|
build_append_int_noprefix(e->table_data, e->flags, 1);
|
|
/* Reserved */
|
|
build_append_int_noprefix(e->table_data, 0, 1);
|
|
/* Register Region */
|
|
gas.space_id = AML_SYSTEM_MEMORY;
|
|
gas.bit_width = e->register_bit_width;
|
|
gas.bit_offset = 0;
|
|
gas.access_width = (uint8_t)ctz32(e->register_bit_width) - 2;
|
|
gas.address = (uint64_t)(e->bar + e->register_offset);
|
|
build_append_gas_from_struct(e->table_data, &gas);
|
|
/* Value */
|
|
build_append_int_noprefix(e->table_data, value, 8);
|
|
/* Mask */
|
|
mask = (1ULL << (e->register_bit_width - 1) << 1) - 1;
|
|
build_append_int_noprefix(e->table_data, mask, 8);
|
|
}
|
|
|
|
/* ACPI 4.0: 17.4.1 Serialization Action Table */
|
|
void build_erst(GArray *table_data, BIOSLinker *linker, Object *erst_dev,
|
|
const char *oem_id, const char *oem_table_id)
|
|
{
|
|
/*
|
|
* Serialization Action Table
|
|
* The serialization action table must be generated first
|
|
* so that its size can be known in order to populate the
|
|
* Instruction Entry Count field.
|
|
*/
|
|
unsigned action;
|
|
GArray *table_instruction_data = g_array_new(FALSE, FALSE, sizeof(char));
|
|
pcibus_t bar0 = pci_get_bar_addr(PCI_DEVICE(erst_dev), 0);
|
|
AcpiTable table = { .sig = "ERST", .rev = 1, .oem_id = oem_id,
|
|
.oem_table_id = oem_table_id };
|
|
/* Contexts for the different ways ACTION and VALUE are accessed */
|
|
BuildSerializationInstructionEntry rd_value_32_val = {
|
|
.table_data = table_instruction_data, .bar = bar0, .flags = 0,
|
|
.instruction = INST_READ_REGISTER_VALUE,
|
|
.register_bit_width = 32,
|
|
.register_offset = ERST_VALUE_OFFSET,
|
|
};
|
|
BuildSerializationInstructionEntry rd_value_32 = {
|
|
.table_data = table_instruction_data, .bar = bar0, .flags = 0,
|
|
.instruction = INST_READ_REGISTER,
|
|
.register_bit_width = 32,
|
|
.register_offset = ERST_VALUE_OFFSET,
|
|
};
|
|
BuildSerializationInstructionEntry rd_value_64 = {
|
|
.table_data = table_instruction_data, .bar = bar0, .flags = 0,
|
|
.instruction = INST_READ_REGISTER,
|
|
.register_bit_width = 64,
|
|
.register_offset = ERST_VALUE_OFFSET,
|
|
};
|
|
BuildSerializationInstructionEntry wr_value_32_val = {
|
|
.table_data = table_instruction_data, .bar = bar0, .flags = 0,
|
|
.instruction = INST_WRITE_REGISTER_VALUE,
|
|
.register_bit_width = 32,
|
|
.register_offset = ERST_VALUE_OFFSET,
|
|
};
|
|
BuildSerializationInstructionEntry wr_value_32 = {
|
|
.table_data = table_instruction_data, .bar = bar0, .flags = 0,
|
|
.instruction = INST_WRITE_REGISTER,
|
|
.register_bit_width = 32,
|
|
.register_offset = ERST_VALUE_OFFSET,
|
|
};
|
|
BuildSerializationInstructionEntry wr_value_64 = {
|
|
.table_data = table_instruction_data, .bar = bar0, .flags = 0,
|
|
.instruction = INST_WRITE_REGISTER,
|
|
.register_bit_width = 64,
|
|
.register_offset = ERST_VALUE_OFFSET,
|
|
};
|
|
BuildSerializationInstructionEntry wr_action = {
|
|
.table_data = table_instruction_data, .bar = bar0, .flags = 0,
|
|
.instruction = INST_WRITE_REGISTER_VALUE,
|
|
.register_bit_width = 32,
|
|
.register_offset = ERST_ACTION_OFFSET,
|
|
};
|
|
|
|
trace_acpi_erst_pci_bar_0(bar0);
|
|
|
|
/* Serialization Instruction Entries */
|
|
action = ACTION_BEGIN_WRITE_OPERATION;
|
|
build_serialization_instruction(&wr_action, action, action);
|
|
|
|
action = ACTION_BEGIN_READ_OPERATION;
|
|
build_serialization_instruction(&wr_action, action, action);
|
|
|
|
action = ACTION_BEGIN_CLEAR_OPERATION;
|
|
build_serialization_instruction(&wr_action, action, action);
|
|
|
|
action = ACTION_END_OPERATION;
|
|
build_serialization_instruction(&wr_action, action, action);
|
|
|
|
action = ACTION_SET_RECORD_OFFSET;
|
|
build_serialization_instruction(&wr_value_32, action, 0);
|
|
build_serialization_instruction(&wr_action, action, action);
|
|
|
|
action = ACTION_EXECUTE_OPERATION;
|
|
build_serialization_instruction(&wr_value_32_val, action,
|
|
ERST_EXECUTE_OPERATION_MAGIC);
|
|
build_serialization_instruction(&wr_action, action, action);
|
|
|
|
action = ACTION_CHECK_BUSY_STATUS;
|
|
build_serialization_instruction(&wr_action, action, action);
|
|
build_serialization_instruction(&rd_value_32_val, action, 0x01);
|
|
|
|
action = ACTION_GET_COMMAND_STATUS;
|
|
build_serialization_instruction(&wr_action, action, action);
|
|
build_serialization_instruction(&rd_value_32, action, 0);
|
|
|
|
action = ACTION_GET_RECORD_IDENTIFIER;
|
|
build_serialization_instruction(&wr_action, action, action);
|
|
build_serialization_instruction(&rd_value_64, action, 0);
|
|
|
|
action = ACTION_SET_RECORD_IDENTIFIER;
|
|
build_serialization_instruction(&wr_value_64, action, 0);
|
|
build_serialization_instruction(&wr_action, action, action);
|
|
|
|
action = ACTION_GET_RECORD_COUNT;
|
|
build_serialization_instruction(&wr_action, action, action);
|
|
build_serialization_instruction(&rd_value_32, action, 0);
|
|
|
|
action = ACTION_BEGIN_DUMMY_WRITE_OPERATION;
|
|
build_serialization_instruction(&wr_action, action, action);
|
|
|
|
action = ACTION_GET_ERROR_LOG_ADDRESS_RANGE;
|
|
build_serialization_instruction(&wr_action, action, action);
|
|
build_serialization_instruction(&rd_value_64, action, 0);
|
|
|
|
action = ACTION_GET_ERROR_LOG_ADDRESS_LENGTH;
|
|
build_serialization_instruction(&wr_action, action, action);
|
|
build_serialization_instruction(&rd_value_64, action, 0);
|
|
|
|
action = ACTION_GET_ERROR_LOG_ADDRESS_RANGE_ATTRIBUTES;
|
|
build_serialization_instruction(&wr_action, action, action);
|
|
build_serialization_instruction(&rd_value_32, action, 0);
|
|
|
|
action = ACTION_GET_EXECUTE_OPERATION_TIMINGS;
|
|
build_serialization_instruction(&wr_action, action, action);
|
|
build_serialization_instruction(&rd_value_64, action, 0);
|
|
|
|
/* Serialization Header */
|
|
acpi_table_begin(&table, table_data);
|
|
|
|
/* Serialization Header Size */
|
|
build_append_int_noprefix(table_data, 48, 4);
|
|
|
|
/* Reserved */
|
|
build_append_int_noprefix(table_data, 0, 4);
|
|
|
|
/*
|
|
* Instruction Entry Count
|
|
* Each instruction entry is 32 bytes
|
|
*/
|
|
g_assert((table_instruction_data->len) % 32 == 0);
|
|
build_append_int_noprefix(table_data,
|
|
(table_instruction_data->len / 32), 4);
|
|
|
|
/* Serialization Instruction Entries */
|
|
g_array_append_vals(table_data, table_instruction_data->data,
|
|
table_instruction_data->len);
|
|
g_array_free(table_instruction_data, TRUE);
|
|
|
|
acpi_table_end(linker, &table);
|
|
}
|
|
|
|
/*******************************************************************/
|
|
/*******************************************************************/
|
|
static uint8_t *get_nvram_ptr_by_index(ERSTDeviceState *s, unsigned index)
|
|
{
|
|
uint8_t *rc = NULL;
|
|
off_t offset = (index * le32_to_cpu(s->header->record_size));
|
|
|
|
g_assert(offset < s->storage_size);
|
|
|
|
rc = memory_region_get_ram_ptr(s->hostmem_mr);
|
|
rc += offset;
|
|
|
|
return rc;
|
|
}
|
|
|
|
static void make_erst_storage_header(ERSTDeviceState *s)
|
|
{
|
|
ERSTStorageHeader *header = s->header;
|
|
unsigned mapsz, headersz;
|
|
|
|
header->magic = cpu_to_le64(ERST_STORE_MAGIC);
|
|
header->record_size = cpu_to_le32(s->default_record_size);
|
|
header->version = cpu_to_le16(0x0100);
|
|
header->reserved = cpu_to_le16(0x0000);
|
|
|
|
/* Compute mapsize */
|
|
mapsz = s->storage_size / s->default_record_size;
|
|
mapsz *= sizeof(uint64_t);
|
|
/* Compute header+map size */
|
|
headersz = sizeof(ERSTStorageHeader) + mapsz;
|
|
/* Round up to nearest integer multiple of ERST_RECORD_SIZE */
|
|
headersz = QEMU_ALIGN_UP(headersz, s->default_record_size);
|
|
header->storage_offset = cpu_to_le32(headersz);
|
|
|
|
/*
|
|
* The HostMemoryBackend initializes contents to zero,
|
|
* so all record_ids stashed in the map are zero'd.
|
|
* As well the record_count is zero. Properly initialized.
|
|
*/
|
|
}
|
|
|
|
static void check_erst_backend_storage(ERSTDeviceState *s, Error **errp)
|
|
{
|
|
ERSTStorageHeader *header;
|
|
uint32_t record_size;
|
|
|
|
header = memory_region_get_ram_ptr(s->hostmem_mr);
|
|
s->header = header;
|
|
|
|
/* Ensure pointer to header is 64-bit aligned */
|
|
g_assert(QEMU_PTR_IS_ALIGNED(header, sizeof(uint64_t)));
|
|
|
|
/*
|
|
* Check if header is uninitialized; HostMemoryBackend inits to 0
|
|
*/
|
|
if (le64_to_cpu(header->magic) == 0UL) {
|
|
make_erst_storage_header(s);
|
|
}
|
|
|
|
/* Validity check record_size */
|
|
record_size = le32_to_cpu(header->record_size);
|
|
if (!(
|
|
(record_size) && /* non zero */
|
|
(record_size >= UEFI_CPER_RECORD_MIN_SIZE) &&
|
|
(((record_size - 1) & record_size) == 0) && /* is power of 2 */
|
|
(record_size >= 4096) /* PAGE_SIZE */
|
|
)) {
|
|
error_setg(errp, "ERST record_size %u is invalid", record_size);
|
|
return;
|
|
}
|
|
|
|
/* Validity check header */
|
|
if (!(
|
|
(le64_to_cpu(header->magic) == ERST_STORE_MAGIC) &&
|
|
((le32_to_cpu(header->storage_offset) % record_size) == 0) &&
|
|
(le16_to_cpu(header->version) == 0x0100) &&
|
|
(le16_to_cpu(header->reserved) == 0)
|
|
)) {
|
|
error_setg(errp, "ERST backend storage header is invalid");
|
|
return;
|
|
}
|
|
|
|
/* Check storage_size against record_size */
|
|
if (((s->storage_size % record_size) != 0) ||
|
|
(record_size > s->storage_size)) {
|
|
error_setg(errp, "ACPI ERST requires storage size be multiple of "
|
|
"record size (%uKiB)", record_size);
|
|
return;
|
|
}
|
|
|
|
/* Compute offset of first and last record storage slot */
|
|
s->first_record_index = le32_to_cpu(header->storage_offset)
|
|
/ record_size;
|
|
s->last_record_index = (s->storage_size / record_size);
|
|
}
|
|
|
|
static void update_map_entry(ERSTDeviceState *s, unsigned index,
|
|
uint64_t record_id)
|
|
{
|
|
if (index < s->last_record_index) {
|
|
s->header->map[index] = cpu_to_le64(record_id);
|
|
}
|
|
}
|
|
|
|
static unsigned find_next_empty_record_index(ERSTDeviceState *s)
|
|
{
|
|
unsigned rc = 0; /* 0 not a valid index */
|
|
unsigned index = s->first_record_index;
|
|
|
|
for (; index < s->last_record_index; ++index) {
|
|
if (le64_to_cpu(s->header->map[index]) == ERST_UNSPECIFIED_RECORD_ID) {
|
|
rc = index;
|
|
break;
|
|
}
|
|
}
|
|
|
|
return rc;
|
|
}
|
|
|
|
static unsigned lookup_erst_record(ERSTDeviceState *s,
|
|
uint64_t record_identifier)
|
|
{
|
|
unsigned rc = 0; /* 0 not a valid index */
|
|
|
|
/* Find the record_identifier in the map */
|
|
if (record_identifier != ERST_UNSPECIFIED_RECORD_ID) {
|
|
/*
|
|
* Count number of valid records encountered, and
|
|
* short-circuit the loop if identifier not found
|
|
*/
|
|
uint32_t record_count = le32_to_cpu(s->header->record_count);
|
|
unsigned count = 0;
|
|
unsigned index;
|
|
for (index = s->first_record_index; index < s->last_record_index &&
|
|
count < record_count; ++index) {
|
|
if (le64_to_cpu(s->header->map[index]) == record_identifier) {
|
|
rc = index;
|
|
break;
|
|
}
|
|
if (le64_to_cpu(s->header->map[index]) !=
|
|
ERST_UNSPECIFIED_RECORD_ID) {
|
|
++count;
|
|
}
|
|
}
|
|
}
|
|
|
|
return rc;
|
|
}
|
|
|
|
/*
|
|
* ACPI 4.0: 17.4.1.1 Serialization Actions, also see
|
|
* ACPI 4.0: 17.4.2.2 Operations - Reading 6.c and 2.c
|
|
*/
|
|
static unsigned get_next_record_identifier(ERSTDeviceState *s,
|
|
uint64_t *record_identifier, bool first)
|
|
{
|
|
unsigned found = 0;
|
|
unsigned index;
|
|
|
|
/* For operations needing to return 'first' record identifier */
|
|
if (first) {
|
|
/* Reset initial index to beginning */
|
|
s->next_record_index = s->first_record_index;
|
|
}
|
|
index = s->next_record_index;
|
|
|
|
*record_identifier = ERST_EMPTY_END_RECORD_ID;
|
|
|
|
if (le32_to_cpu(s->header->record_count)) {
|
|
for (; index < s->last_record_index; ++index) {
|
|
if (le64_to_cpu(s->header->map[index]) !=
|
|
ERST_UNSPECIFIED_RECORD_ID) {
|
|
/* where to start next time */
|
|
s->next_record_index = index + 1;
|
|
*record_identifier = le64_to_cpu(s->header->map[index]);
|
|
found = 1;
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
if (!found) {
|
|
/* at end (ie scan complete), reset */
|
|
s->next_record_index = s->first_record_index;
|
|
}
|
|
|
|
return STATUS_SUCCESS;
|
|
}
|
|
|
|
/* ACPI 4.0: 17.4.2.3 Operations - Clearing */
|
|
static unsigned clear_erst_record(ERSTDeviceState *s)
|
|
{
|
|
unsigned rc = STATUS_RECORD_NOT_FOUND;
|
|
unsigned index;
|
|
|
|
/* Check for valid record identifier */
|
|
if (!ERST_IS_VALID_RECORD_ID(s->record_identifier)) {
|
|
return STATUS_FAILED;
|
|
}
|
|
|
|
index = lookup_erst_record(s, s->record_identifier);
|
|
if (index) {
|
|
/* No need to wipe record, just invalidate its map entry */
|
|
uint32_t record_count;
|
|
update_map_entry(s, index, ERST_UNSPECIFIED_RECORD_ID);
|
|
record_count = le32_to_cpu(s->header->record_count);
|
|
record_count -= 1;
|
|
s->header->record_count = cpu_to_le32(record_count);
|
|
rc = STATUS_SUCCESS;
|
|
}
|
|
|
|
return rc;
|
|
}
|
|
|
|
/* ACPI 4.0: 17.4.2.2 Operations - Reading */
|
|
static unsigned read_erst_record(ERSTDeviceState *s)
|
|
{
|
|
unsigned rc = STATUS_RECORD_NOT_FOUND;
|
|
unsigned exchange_length;
|
|
unsigned index;
|
|
|
|
/* Check if backend storage is empty */
|
|
if (le32_to_cpu(s->header->record_count) == 0) {
|
|
return STATUS_RECORD_STORE_EMPTY;
|
|
}
|
|
|
|
exchange_length = memory_region_size(&s->exchange_mr);
|
|
|
|
/* Check for record identifier of all 0s */
|
|
if (s->record_identifier == ERST_UNSPECIFIED_RECORD_ID) {
|
|
/* Set to 'first' record in storage */
|
|
get_next_record_identifier(s, &s->record_identifier, true);
|
|
/* record_identifier is now a valid id, or all 1s */
|
|
}
|
|
|
|
/* Check for record identifier of all 1s */
|
|
if (s->record_identifier == ERST_EMPTY_END_RECORD_ID) {
|
|
return STATUS_FAILED;
|
|
}
|
|
|
|
/* Validate record_offset */
|
|
if (s->record_offset > (exchange_length - UEFI_CPER_RECORD_MIN_SIZE)) {
|
|
return STATUS_FAILED;
|
|
}
|
|
|
|
index = lookup_erst_record(s, s->record_identifier);
|
|
if (index) {
|
|
uint8_t *nvram;
|
|
uint8_t *exchange;
|
|
uint32_t record_length;
|
|
|
|
/* Obtain pointer to the exchange buffer */
|
|
exchange = memory_region_get_ram_ptr(&s->exchange_mr);
|
|
exchange += s->record_offset;
|
|
/* Obtain pointer to slot in storage */
|
|
nvram = get_nvram_ptr_by_index(s, index);
|
|
/* Validate CPER record_length */
|
|
memcpy((uint8_t *)&record_length,
|
|
&nvram[UEFI_CPER_RECORD_LENGTH_OFFSET],
|
|
sizeof(uint32_t));
|
|
record_length = le32_to_cpu(record_length);
|
|
if (record_length < UEFI_CPER_RECORD_MIN_SIZE) {
|
|
rc = STATUS_FAILED;
|
|
}
|
|
if (record_length > exchange_length - s->record_offset) {
|
|
rc = STATUS_FAILED;
|
|
}
|
|
/* If all is ok, copy the record to the exchange buffer */
|
|
if (rc != STATUS_FAILED) {
|
|
memcpy(exchange, nvram, record_length);
|
|
rc = STATUS_SUCCESS;
|
|
}
|
|
} else {
|
|
/*
|
|
* See "Reading : 'The steps performed by the platform ...' 2.c"
|
|
* Set to 'first' record in storage
|
|
*/
|
|
get_next_record_identifier(s, &s->record_identifier, true);
|
|
}
|
|
|
|
return rc;
|
|
}
|
|
|
|
/* ACPI 4.0: 17.4.2.1 Operations - Writing */
|
|
static unsigned write_erst_record(ERSTDeviceState *s)
|
|
{
|
|
unsigned rc = STATUS_FAILED;
|
|
unsigned exchange_length;
|
|
unsigned index;
|
|
uint64_t record_identifier;
|
|
uint32_t record_length;
|
|
uint8_t *exchange;
|
|
uint8_t *nvram = NULL;
|
|
bool record_found = false;
|
|
|
|
exchange_length = memory_region_size(&s->exchange_mr);
|
|
|
|
/* Validate record_offset */
|
|
if (s->record_offset > (exchange_length - UEFI_CPER_RECORD_MIN_SIZE)) {
|
|
return STATUS_FAILED;
|
|
}
|
|
|
|
/* Obtain pointer to record in the exchange buffer */
|
|
exchange = memory_region_get_ram_ptr(&s->exchange_mr);
|
|
exchange += s->record_offset;
|
|
|
|
/* Validate CPER record_length */
|
|
memcpy((uint8_t *)&record_length, &exchange[UEFI_CPER_RECORD_LENGTH_OFFSET],
|
|
sizeof(uint32_t));
|
|
record_length = le32_to_cpu(record_length);
|
|
if (record_length < UEFI_CPER_RECORD_MIN_SIZE) {
|
|
return STATUS_FAILED;
|
|
}
|
|
if (record_length > exchange_length - s->record_offset) {
|
|
return STATUS_FAILED;
|
|
}
|
|
|
|
/* Extract record identifier */
|
|
memcpy((uint8_t *)&record_identifier, &exchange[UEFI_CPER_RECORD_ID_OFFSET],
|
|
sizeof(uint64_t));
|
|
record_identifier = le64_to_cpu(record_identifier);
|
|
|
|
/* Check for valid record identifier */
|
|
if (!ERST_IS_VALID_RECORD_ID(record_identifier)) {
|
|
return STATUS_FAILED;
|
|
}
|
|
|
|
index = lookup_erst_record(s, record_identifier);
|
|
if (index) {
|
|
/* Record found, overwrite existing record */
|
|
nvram = get_nvram_ptr_by_index(s, index);
|
|
record_found = true;
|
|
} else {
|
|
/* Record not found, not an overwrite, allocate for write */
|
|
index = find_next_empty_record_index(s);
|
|
if (index) {
|
|
nvram = get_nvram_ptr_by_index(s, index);
|
|
} else {
|
|
/* All slots are occupied */
|
|
rc = STATUS_NOT_ENOUGH_SPACE;
|
|
}
|
|
}
|
|
if (nvram) {
|
|
/* Write the record into the slot */
|
|
memcpy(nvram, exchange, record_length);
|
|
memset(nvram + record_length, 0xFF, exchange_length - record_length);
|
|
/* If a new record, increment the record_count */
|
|
if (!record_found) {
|
|
uint32_t record_count;
|
|
record_count = le32_to_cpu(s->header->record_count);
|
|
record_count += 1; /* writing new record */
|
|
s->header->record_count = cpu_to_le32(record_count);
|
|
}
|
|
update_map_entry(s, index, record_identifier);
|
|
rc = STATUS_SUCCESS;
|
|
}
|
|
|
|
return rc;
|
|
}
|
|
|
|
/*******************************************************************/
|
|
|
|
static uint64_t erst_rd_reg64(hwaddr addr,
|
|
uint64_t reg, unsigned size)
|
|
{
|
|
uint64_t rdval;
|
|
uint64_t mask;
|
|
unsigned shift;
|
|
|
|
if (size == sizeof(uint64_t)) {
|
|
/* 64b access */
|
|
mask = 0xFFFFFFFFFFFFFFFFUL;
|
|
shift = 0;
|
|
} else {
|
|
/* 32b access */
|
|
mask = 0x00000000FFFFFFFFUL;
|
|
shift = ((addr & 0x4) == 0x4) ? 32 : 0;
|
|
}
|
|
|
|
rdval = reg;
|
|
rdval >>= shift;
|
|
rdval &= mask;
|
|
|
|
return rdval;
|
|
}
|
|
|
|
static uint64_t erst_wr_reg64(hwaddr addr,
|
|
uint64_t reg, uint64_t val, unsigned size)
|
|
{
|
|
uint64_t wrval;
|
|
uint64_t mask;
|
|
unsigned shift;
|
|
|
|
if (size == sizeof(uint64_t)) {
|
|
/* 64b access */
|
|
mask = 0xFFFFFFFFFFFFFFFFUL;
|
|
shift = 0;
|
|
} else {
|
|
/* 32b access */
|
|
mask = 0x00000000FFFFFFFFUL;
|
|
shift = ((addr & 0x4) == 0x4) ? 32 : 0;
|
|
}
|
|
|
|
val &= mask;
|
|
val <<= shift;
|
|
mask <<= shift;
|
|
wrval = reg;
|
|
wrval &= ~mask;
|
|
wrval |= val;
|
|
|
|
return wrval;
|
|
}
|
|
|
|
static void erst_reg_write(void *opaque, hwaddr addr,
|
|
uint64_t val, unsigned size)
|
|
{
|
|
ERSTDeviceState *s = (ERSTDeviceState *)opaque;
|
|
|
|
/*
|
|
* NOTE: All actions/operations/side effects happen on the WRITE,
|
|
* by this implementation's design. The READs simply return the
|
|
* reg_value contents.
|
|
*/
|
|
trace_acpi_erst_reg_write(addr, val, size);
|
|
|
|
switch (addr) {
|
|
case ERST_VALUE_OFFSET + 0:
|
|
case ERST_VALUE_OFFSET + 4:
|
|
s->reg_value = erst_wr_reg64(addr, s->reg_value, val, size);
|
|
break;
|
|
case ERST_ACTION_OFFSET + 0:
|
|
/*
|
|
* NOTE: all valid values written to this register are of the
|
|
* ACTION_* variety. Thus there is no need to make this a 64-bit
|
|
* register, 32-bits is appropriate. As such ERST_ACTION_OFFSET+4
|
|
* is not needed.
|
|
*/
|
|
switch (val) {
|
|
case ACTION_BEGIN_WRITE_OPERATION:
|
|
case ACTION_BEGIN_READ_OPERATION:
|
|
case ACTION_BEGIN_CLEAR_OPERATION:
|
|
case ACTION_BEGIN_DUMMY_WRITE_OPERATION:
|
|
case ACTION_END_OPERATION:
|
|
s->operation = val;
|
|
break;
|
|
case ACTION_SET_RECORD_OFFSET:
|
|
s->record_offset = s->reg_value;
|
|
break;
|
|
case ACTION_EXECUTE_OPERATION:
|
|
if ((uint8_t)s->reg_value == ERST_EXECUTE_OPERATION_MAGIC) {
|
|
s->busy_status = 1;
|
|
switch (s->operation) {
|
|
case ACTION_BEGIN_WRITE_OPERATION:
|
|
s->command_status = write_erst_record(s);
|
|
break;
|
|
case ACTION_BEGIN_READ_OPERATION:
|
|
s->command_status = read_erst_record(s);
|
|
break;
|
|
case ACTION_BEGIN_CLEAR_OPERATION:
|
|
s->command_status = clear_erst_record(s);
|
|
break;
|
|
case ACTION_BEGIN_DUMMY_WRITE_OPERATION:
|
|
s->command_status = STATUS_SUCCESS;
|
|
break;
|
|
case ACTION_END_OPERATION:
|
|
s->command_status = STATUS_SUCCESS;
|
|
break;
|
|
default:
|
|
s->command_status = STATUS_FAILED;
|
|
break;
|
|
}
|
|
s->busy_status = 0;
|
|
}
|
|
break;
|
|
case ACTION_CHECK_BUSY_STATUS:
|
|
s->reg_value = s->busy_status;
|
|
break;
|
|
case ACTION_GET_COMMAND_STATUS:
|
|
s->reg_value = s->command_status;
|
|
break;
|
|
case ACTION_GET_RECORD_IDENTIFIER:
|
|
s->command_status = get_next_record_identifier(s,
|
|
&s->reg_value, false);
|
|
break;
|
|
case ACTION_SET_RECORD_IDENTIFIER:
|
|
s->record_identifier = s->reg_value;
|
|
break;
|
|
case ACTION_GET_RECORD_COUNT:
|
|
s->reg_value = le32_to_cpu(s->header->record_count);
|
|
break;
|
|
case ACTION_GET_ERROR_LOG_ADDRESS_RANGE:
|
|
s->reg_value = (hwaddr)pci_get_bar_addr(PCI_DEVICE(s), 1);
|
|
break;
|
|
case ACTION_GET_ERROR_LOG_ADDRESS_LENGTH:
|
|
s->reg_value = le32_to_cpu(s->header->record_size);
|
|
break;
|
|
case ACTION_GET_ERROR_LOG_ADDRESS_RANGE_ATTRIBUTES:
|
|
s->reg_value = 0x0; /* intentional, not NVRAM mode */
|
|
break;
|
|
case ACTION_GET_EXECUTE_OPERATION_TIMINGS:
|
|
s->reg_value =
|
|
(100ULL << 32) | /* 100us max time */
|
|
(10ULL << 0) ; /* 10us min time */
|
|
break;
|
|
default:
|
|
/* Unknown action/command, NOP */
|
|
break;
|
|
}
|
|
break;
|
|
default:
|
|
/* This should not happen, but if it does, NOP */
|
|
break;
|
|
}
|
|
}
|
|
|
|
static uint64_t erst_reg_read(void *opaque, hwaddr addr,
|
|
unsigned size)
|
|
{
|
|
ERSTDeviceState *s = (ERSTDeviceState *)opaque;
|
|
uint64_t val = 0;
|
|
|
|
switch (addr) {
|
|
case ERST_ACTION_OFFSET + 0:
|
|
case ERST_ACTION_OFFSET + 4:
|
|
val = erst_rd_reg64(addr, s->reg_action, size);
|
|
break;
|
|
case ERST_VALUE_OFFSET + 0:
|
|
case ERST_VALUE_OFFSET + 4:
|
|
val = erst_rd_reg64(addr, s->reg_value, size);
|
|
break;
|
|
default:
|
|
break;
|
|
}
|
|
trace_acpi_erst_reg_read(addr, val, size);
|
|
return val;
|
|
}
|
|
|
|
static const MemoryRegionOps erst_reg_ops = {
|
|
.read = erst_reg_read,
|
|
.write = erst_reg_write,
|
|
.endianness = DEVICE_NATIVE_ENDIAN,
|
|
};
|
|
|
|
/*******************************************************************/
|
|
/*******************************************************************/
|
|
static int erst_post_load(void *opaque, int version_id)
|
|
{
|
|
ERSTDeviceState *s = opaque;
|
|
|
|
/* Recompute pointer to header */
|
|
s->header = (ERSTStorageHeader *)get_nvram_ptr_by_index(s, 0);
|
|
trace_acpi_erst_post_load(s->header, le32_to_cpu(s->header->record_size));
|
|
|
|
return 0;
|
|
}
|
|
|
|
static const VMStateDescription erst_vmstate = {
|
|
.name = "acpi-erst",
|
|
.version_id = 1,
|
|
.minimum_version_id = 1,
|
|
.post_load = erst_post_load,
|
|
.fields = (VMStateField[]) {
|
|
VMSTATE_UINT8(operation, ERSTDeviceState),
|
|
VMSTATE_UINT8(busy_status, ERSTDeviceState),
|
|
VMSTATE_UINT8(command_status, ERSTDeviceState),
|
|
VMSTATE_UINT32(record_offset, ERSTDeviceState),
|
|
VMSTATE_UINT64(reg_action, ERSTDeviceState),
|
|
VMSTATE_UINT64(reg_value, ERSTDeviceState),
|
|
VMSTATE_UINT64(record_identifier, ERSTDeviceState),
|
|
VMSTATE_UINT32(next_record_index, ERSTDeviceState),
|
|
VMSTATE_END_OF_LIST()
|
|
}
|
|
};
|
|
|
|
static void erst_realizefn(PCIDevice *pci_dev, Error **errp)
|
|
{
|
|
ERSTDeviceState *s = ACPIERST(pci_dev);
|
|
|
|
trace_acpi_erst_realizefn_in();
|
|
|
|
if (!s->hostmem) {
|
|
error_setg(errp, "'" ACPI_ERST_MEMDEV_PROP "' property is not set");
|
|
return;
|
|
} else if (host_memory_backend_is_mapped(s->hostmem)) {
|
|
error_setg(errp, "can't use already busy memdev: %s",
|
|
object_get_canonical_path_component(OBJECT(s->hostmem)));
|
|
return;
|
|
}
|
|
|
|
s->hostmem_mr = host_memory_backend_get_memory(s->hostmem);
|
|
|
|
/* HostMemoryBackend size will be multiple of PAGE_SIZE */
|
|
s->storage_size = object_property_get_int(OBJECT(s->hostmem), "size", errp);
|
|
|
|
/* Initialize backend storage and record_count */
|
|
check_erst_backend_storage(s, errp);
|
|
|
|
/* BAR 0: Programming registers */
|
|
memory_region_init_io(&s->iomem_mr, OBJECT(pci_dev), &erst_reg_ops, s,
|
|
TYPE_ACPI_ERST, ERST_REG_SIZE);
|
|
pci_register_bar(pci_dev, 0, PCI_BASE_ADDRESS_SPACE_MEMORY, &s->iomem_mr);
|
|
|
|
/* BAR 1: Exchange buffer memory */
|
|
memory_region_init_ram(&s->exchange_mr, OBJECT(pci_dev),
|
|
"erst.exchange",
|
|
le32_to_cpu(s->header->record_size), errp);
|
|
pci_register_bar(pci_dev, 1, PCI_BASE_ADDRESS_SPACE_MEMORY,
|
|
&s->exchange_mr);
|
|
|
|
/* Include the backend storage in the migration stream */
|
|
vmstate_register_ram_global(s->hostmem_mr);
|
|
|
|
trace_acpi_erst_realizefn_out(s->storage_size);
|
|
}
|
|
|
|
static void erst_reset(DeviceState *dev)
|
|
{
|
|
ERSTDeviceState *s = ACPIERST(dev);
|
|
|
|
trace_acpi_erst_reset_in(le32_to_cpu(s->header->record_count));
|
|
s->operation = 0;
|
|
s->busy_status = 0;
|
|
s->command_status = STATUS_SUCCESS;
|
|
s->record_identifier = ERST_UNSPECIFIED_RECORD_ID;
|
|
s->record_offset = 0;
|
|
s->next_record_index = s->first_record_index;
|
|
/* NOTE: first/last_record_index are computed only once */
|
|
trace_acpi_erst_reset_out(le32_to_cpu(s->header->record_count));
|
|
}
|
|
|
|
static Property erst_properties[] = {
|
|
DEFINE_PROP_LINK(ACPI_ERST_MEMDEV_PROP, ERSTDeviceState, hostmem,
|
|
TYPE_MEMORY_BACKEND, HostMemoryBackend *),
|
|
DEFINE_PROP_UINT32(ACPI_ERST_RECORD_SIZE_PROP, ERSTDeviceState,
|
|
default_record_size, ERST_RECORD_SIZE),
|
|
DEFINE_PROP_END_OF_LIST(),
|
|
};
|
|
|
|
static void erst_class_init(ObjectClass *klass, void *data)
|
|
{
|
|
DeviceClass *dc = DEVICE_CLASS(klass);
|
|
PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
|
|
|
|
trace_acpi_erst_class_init_in();
|
|
k->realize = erst_realizefn;
|
|
k->vendor_id = PCI_VENDOR_ID_REDHAT;
|
|
k->device_id = PCI_DEVICE_ID_REDHAT_ACPI_ERST;
|
|
k->revision = 0x00;
|
|
k->class_id = PCI_CLASS_OTHERS;
|
|
dc->reset = erst_reset;
|
|
dc->vmsd = &erst_vmstate;
|
|
dc->user_creatable = true;
|
|
dc->hotpluggable = false;
|
|
device_class_set_props(dc, erst_properties);
|
|
dc->desc = "ACPI Error Record Serialization Table (ERST) device";
|
|
set_bit(DEVICE_CATEGORY_MISC, dc->categories);
|
|
trace_acpi_erst_class_init_out();
|
|
}
|
|
|
|
static const TypeInfo erst_type_info = {
|
|
.name = TYPE_ACPI_ERST,
|
|
.parent = TYPE_PCI_DEVICE,
|
|
.class_init = erst_class_init,
|
|
.instance_size = sizeof(ERSTDeviceState),
|
|
.interfaces = (InterfaceInfo[]) {
|
|
{ INTERFACE_CONVENTIONAL_PCI_DEVICE },
|
|
{ }
|
|
}
|
|
};
|
|
|
|
static void erst_register_types(void)
|
|
{
|
|
type_register_static(&erst_type_info);
|
|
}
|
|
|
|
type_init(erst_register_types)
|