summaryrefslogtreecommitdiff
path: root/drivers/firmware/google/memconsole-coreboot.c
AgeCommit message (Collapse)Author
2018-04-23firmware: memconsole: Probe via coreboot busSamuel Holland
Remove the ad-hoc coreboot table search. Now the driver will only be probed when the necessary coreboot table entry has already been found. Signed-off-by: Samuel Holland <samuel@sholland.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-05-25firmware: google: memconsole: Prevent overrun attack on coreboot consoleJulius Werner
The recent coreboot memory console update (firmware: google: memconsole: Adapt to new coreboot ring buffer format) introduced a small security issue in the driver: The new driver implementation parses the memory console structure again on every access. This is intentional so that additional lines added concurrently by runtime firmware can be read out. However, if an attacker can write to the structure, they could increase the size value to a point where the driver would read potentially sensitive memory areas from outside the original console buffer during the next access. This can be done through /dev/mem, since the console buffer usually resides in firmware-reserved memory that is not covered by STRICT_DEVMEM. This patch resolves that problem by reading the buffer's size value only once during boot (where we can still trust the structure). Other parts of the structure can still be modified at runtime, but the driver's bounds checks make sure that it will never read outside the buffer. Fixes: a5061d028 ("firmware: google: memconsole: Adapt to new coreboot ring buffer format") Signed-off-by: Julius Werner <jwerner@chromium.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-05-18firmware: google: memconsole: Adapt to new coreboot ring buffer formatJulius Werner
The upstream coreboot implementation of memconsole was enhanced from a single-boot console to a persistent ring buffer (https://review.coreboot.org/#/c/18301). This patch changes the kernel memconsole driver to be able to read the new format in all cases. Signed-off-by: Julius Werner <jwerner@chromium.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-05-18firmware: google: memconsole: Make memconsole interface more flexibleJulius Werner
This patch redesigns the interface between the generic memconsole driver and its implementations to become more flexible than a flat memory buffer with unchanging bounds. This allows memconsoles like coreboot's to include lines that were added by runtime firmware after the driver was initialized. Since the console log size is thus no longer static, this means that the /sys/firmware/log file has to become unseekable. Signed-off-by: Julius Werner <jwerner@chromium.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-04-26firmware: google memconsole: Fix return value check in ↵Wei Yongjun
platform_memconsole_init() In case of error, the function platform_device_register_simple() returns ERR_PTR() and never returns NULL. The NULL test in the return value check should be replaced with IS_ERR(). Fixes: d384d6f43d1e ("firmware: google memconsole: Add coreboot support") Signed-off-by: Wei Yongjun <weiyongjun1@huawei.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-04-08firmware: google memconsole: Add coreboot supportThierry Escande
Coreboot (http://www.coreboot.org) allows to save the firmware console output in a memory buffer. With this patch, the address of this memory buffer is obtained from coreboot tables on x86 chromebook devices declaring an ACPI device with name matching GOOGCB00 or BOOT0000. If the memconsole-coreboot driver is able to find the coreboot table, the memconsole driver sets the cbmem_console address and initializes the memconsole sysfs entries. The coreboot_table-acpi driver is responsible for setting the address of the coreboot table header when probed. If this address is not yet set when memconsole-coreboot is probed, then the probe is deferred by returning -EPROBE_DEFER. This patch is a rework/split/merge of patches from the chromeos v4.4 kernel tree originally authored by: Vadim Bendebury <vbendeb@chromium.org> Wei-Ning Huang <wnhuang@google.com> Yuji Sasaki <sasakiy@google.com> Duncan Laurie <dlaurie@chromium.org> Julius Werner <jwerner@chromium.org> Brian Norris <briannorris@chromium.org> Signed-off-by: Thierry Escande <thierry.escande@collabora.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>