Linux 4.13.16
[linux/fpc-iii.git] / arch / powerpc / kernel / ima_kexec.c
blob5ea42c937ca9f1fb0df1a6fae9553f90707107a9
1 /*
2 * Copyright (C) 2016 IBM Corporation
4 * Authors:
5 * Thiago Jung Bauermann <bauerman@linux.vnet.ibm.com>
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
13 #include <linux/slab.h>
14 #include <linux/kexec.h>
15 #include <linux/of.h>
16 #include <linux/memblock.h>
17 #include <linux/libfdt.h>
19 static int get_addr_size_cells(int *addr_cells, int *size_cells)
21 struct device_node *root;
23 root = of_find_node_by_path("/");
24 if (!root)
25 return -EINVAL;
27 *addr_cells = of_n_addr_cells(root);
28 *size_cells = of_n_size_cells(root);
30 of_node_put(root);
32 return 0;
35 static int do_get_kexec_buffer(const void *prop, int len, unsigned long *addr,
36 size_t *size)
38 int ret, addr_cells, size_cells;
40 ret = get_addr_size_cells(&addr_cells, &size_cells);
41 if (ret)
42 return ret;
44 if (len < 4 * (addr_cells + size_cells))
45 return -ENOENT;
47 *addr = of_read_number(prop, addr_cells);
48 *size = of_read_number(prop + 4 * addr_cells, size_cells);
50 return 0;
53 /**
54 * ima_get_kexec_buffer - get IMA buffer from the previous kernel
55 * @addr: On successful return, set to point to the buffer contents.
56 * @size: On successful return, set to the buffer size.
58 * Return: 0 on success, negative errno on error.
60 int ima_get_kexec_buffer(void **addr, size_t *size)
62 int ret, len;
63 unsigned long tmp_addr;
64 size_t tmp_size;
65 const void *prop;
67 prop = of_get_property(of_chosen, "linux,ima-kexec-buffer", &len);
68 if (!prop)
69 return -ENOENT;
71 ret = do_get_kexec_buffer(prop, len, &tmp_addr, &tmp_size);
72 if (ret)
73 return ret;
75 *addr = __va(tmp_addr);
76 *size = tmp_size;
78 return 0;
81 /**
82 * ima_free_kexec_buffer - free memory used by the IMA buffer
84 int ima_free_kexec_buffer(void)
86 int ret;
87 unsigned long addr;
88 size_t size;
89 struct property *prop;
91 prop = of_find_property(of_chosen, "linux,ima-kexec-buffer", NULL);
92 if (!prop)
93 return -ENOENT;
95 ret = do_get_kexec_buffer(prop->value, prop->length, &addr, &size);
96 if (ret)
97 return ret;
99 ret = of_remove_property(of_chosen, prop);
100 if (ret)
101 return ret;
103 return memblock_free(addr, size);
108 * remove_ima_buffer - remove the IMA buffer property and reservation from @fdt
110 * The IMA measurement buffer is of no use to a subsequent kernel, so we always
111 * remove it from the device tree.
113 void remove_ima_buffer(void *fdt, int chosen_node)
115 int ret, len;
116 unsigned long addr;
117 size_t size;
118 const void *prop;
120 prop = fdt_getprop(fdt, chosen_node, "linux,ima-kexec-buffer", &len);
121 if (!prop)
122 return;
124 ret = do_get_kexec_buffer(prop, len, &addr, &size);
125 fdt_delprop(fdt, chosen_node, "linux,ima-kexec-buffer");
126 if (ret)
127 return;
129 ret = delete_fdt_mem_rsv(fdt, addr, size);
130 if (!ret)
131 pr_debug("Removed old IMA buffer reservation.\n");
134 #ifdef CONFIG_IMA_KEXEC
136 * arch_ima_add_kexec_buffer - do arch-specific steps to add the IMA buffer
138 * Architectures should use this function to pass on the IMA buffer
139 * information to the next kernel.
141 * Return: 0 on success, negative errno on error.
143 int arch_ima_add_kexec_buffer(struct kimage *image, unsigned long load_addr,
144 size_t size)
146 image->arch.ima_buffer_addr = load_addr;
147 image->arch.ima_buffer_size = size;
149 return 0;
152 static int write_number(void *p, u64 value, int cells)
154 if (cells == 1) {
155 u32 tmp;
157 if (value > U32_MAX)
158 return -EINVAL;
160 tmp = cpu_to_be32(value);
161 memcpy(p, &tmp, sizeof(tmp));
162 } else if (cells == 2) {
163 u64 tmp;
165 tmp = cpu_to_be64(value);
166 memcpy(p, &tmp, sizeof(tmp));
167 } else
168 return -EINVAL;
170 return 0;
174 * setup_ima_buffer - add IMA buffer information to the fdt
175 * @image: kexec image being loaded.
176 * @fdt: Flattened device tree for the next kernel.
177 * @chosen_node: Offset to the chosen node.
179 * Return: 0 on success, or negative errno on error.
181 int setup_ima_buffer(const struct kimage *image, void *fdt, int chosen_node)
183 int ret, addr_cells, size_cells, entry_size;
184 u8 value[16];
186 remove_ima_buffer(fdt, chosen_node);
187 if (!image->arch.ima_buffer_size)
188 return 0;
190 ret = get_addr_size_cells(&addr_cells, &size_cells);
191 if (ret)
192 return ret;
194 entry_size = 4 * (addr_cells + size_cells);
196 if (entry_size > sizeof(value))
197 return -EINVAL;
199 ret = write_number(value, image->arch.ima_buffer_addr, addr_cells);
200 if (ret)
201 return ret;
203 ret = write_number(value + 4 * addr_cells, image->arch.ima_buffer_size,
204 size_cells);
205 if (ret)
206 return ret;
208 ret = fdt_setprop(fdt, chosen_node, "linux,ima-kexec-buffer", value,
209 entry_size);
210 if (ret < 0)
211 return -EINVAL;
213 ret = fdt_add_mem_rsv(fdt, image->arch.ima_buffer_addr,
214 image->arch.ima_buffer_size);
215 if (ret)
216 return -EINVAL;
218 pr_debug("IMA buffer at 0x%llx, size = 0x%zx\n",
219 image->arch.ima_buffer_addr, image->arch.ima_buffer_size);
221 return 0;
223 #endif /* CONFIG_IMA_KEXEC */