[6.6]HYGON: Support identify Hygon pspccp on C86-2G/C86-3G/C86-4G cpus #341
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
hygon inclusion
category: feature
CVE: NA
---------------------------
Hygon secure processors provide a lot of security functions, which
require a lot of code to support. In order to prevent Hygon function
code from invading the driver's native code, we introduce specific
files for Hygon. We'll leave the native code unchanged as much as
possible.
In this patch, we add files as below:
a. files for codes to support Hygon secure processor:
drivers/crypto/ccp/hygon/sp-dev.h
drivers/crypto/ccp/hygon/sp-pci.c
drivers/crypto/ccp/hygon/psp-dev.c
drivers/crypto/ccp/hygon/psp-dev.h
b. header file to define data types and structures for HYGON
Platform Security Processor:
include/linux/psp-hygon.h
c. header file to define userspace interface for HYGON Platform
Security Processor:
include/uapi/linux/psp-hygon.h
We'll add more Hygon specific code in the following commits.
Signed-off-by: hanliyang <hanliyang@hygon.cn>
hygon inclusion category: feature CVE: NA --------------------------- The meaning of the data read from feature register of Hygon PSP is not exactly the same as AMD ASP. The bit 1 in feature register is used to indicates TEE in AMD ASP, but not in Hygon PSP, which will cause host to crash during module initialization, as shown below. [ 27.898723] BUG: kernel NULL pointer dereference, address: 0000000000000014 [ 27.906503] #PF: supervisor read access in kernel mode [ 27.912242] #PF: error_code(0x0000) - not-present page [ 27.917981] PGD 0 P4D 0 [ 27.920810] Oops: 0000 [#1] PREEMPT SMP NOPTI [ 27.925676] CPU: 67 PID: 1668 Comm: systemd-udevd Not tainted 6.6.7-for-gerrit deepin-community#3 [ 27.934033] Hardware name: HYGON Hygon65N32/65N32, BIOS A0173036 02/01/2023 [ 27.941807] RIP: 0010:psp_firmware_is_visible+0x3c/0x70 [ccp] [ 27.948240] Code: 00 00 48 85 c0 74 12 48 81 fe e0 54 53 c1 74 2f 48 81 fe c0 54 53 c1 74 03 31 c0 c3 f6 40 70 02 74 f7 48 8b 50 10 48 8b 52 08 <8b> 52 14 85 d2 74 e8 48 03 50 38 48 89 d7 e8 51 71 0a d7 eb 14 48 [ 27.969204] RSP: 0018:ffffc9000b80fa70 EFLAGS: 00010202 [ 27.975039] RAX: ffff888113c2d9a8 RBX: ffffffffc1535460 RCX: 0000000000000124 [ 27.983008] RDX: 0000000000000000 RSI: ffffffffc15354c0 RDI: ffff8888830dc0c0 [ 27.993320] RBP: ffff888883060980 R08: 0000000000000001 R09: 00000006c8df7639 [ 28.005756] R10: ffff888100258278 R11: 0000000000000100 R12: ffff8888830dc0c0 [ 28.019695] R13: 0000000000000001 R14: 0000000000000000 R15: ffffffffc1535490 [ 28.032285] FS: 00007f7c9ba2b880(0000) GS:ffff88885fcc0000(0000) knlGS:0000000000000000 [ 28.044626] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 28.054928] CR2: 0000000000000014 CR3: 0000800106e50000 CR4: 00000000003506e0 [ 28.065028] Call Trace: [ 28.067751] <TASK> [ 28.070095] ? __die_body+0x1f/0x60 [ 28.073995] ? page_fault_oops+0x15d/0x460 [ 28.078573] ? exc_page_fault+0x78/0x170 [ 28.082956] ? asm_exc_page_fault+0x26/0x30 [ 28.087632] ? psp_firmware_is_visible+0x3c/0x70 [ccp] [ 28.093384] internal_create_group+0xde/0x3a0 [ 28.093392] internal_create_groups.part.0+0x3d/0xa0 [ 28.093396] really_probe+0x197/0x3c0 [ 28.093402] ? __device_attach_driver+0x100/0x100 [[ 0 ;2382.m0 9 3O4K0 5 ] __driver_probe_device+0x78/0x160 [ 28.093409] driver_probe_device+0x1e/0xa0 [ 28.126379] __driver_attach+0xaa/0x160 [ 28.130667] ? __device_attach_driver+0x100/0x100 [ 28.135921] bus_for_each_dev+0x75/0xc0 [ 28.142419] bus_add_driver+0x112/0x210 [ 28.149240] driver_register+0x5c/0x110 [ 28.154875] ? 0xffffffffc14a4000 [ 28.160197] sp_mod_init+0x10/0x1000 [ccp] [ 28.166164] do_one_initcall+0x45/0x210 [ 28.170453] ? kmalloc_trace+0x29/0x90 [ 28.174642] do_init_module+0x64/0x240 [ 28.178831] load_module+0x1d84/0x2010 [ 28.183024] ? init_module_from_file+0x8b/0xd0 [ 28.187986] init_module_from_file+0x8b/0xd0 [ 28.192763] do_syscall_64+0x39/0x80 [ 28.206672] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 28.212318] RIP: 0033:0x7f7c9b91ea3d [ 28.216312] Code: 5b 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d c3 a3 0f 00 f7 d8 64 89 01 48 [ 28.237272] RSP: 002b:00007ffe6cee5368 EFLAGS: 00000246 ORIG_RAX: 0000000000000139 [ 28.245725] RAX: ffffffffffffffda RBX: 000055700e302260 RCX: 00007f7c9b91ea3d [ 28.253691] RDX: 0000000000000000 RSI: 00007f7c9ba5cded RDI: 0000000000000006 [ 28.261658] RBP: 0000000000020000 R08: 0000000000000000 R09: 000055700e4d3188 [ 28.269624] R10: 0000000000000006 R11: 0000000000000246 R12: 00007f7c9ba5cded [ 28.277590] R13: 0000000000000000 R14: 000055700e4cb7b0 R15: 000055700e302260 [ 28.285552] </TASK> [ 28.287995] Modules linked in: k10temp ccp(+) drm_kms_helper ipmi_si(+) ipmi_devintf ipmi_msghandler mac_hid sch_fq_codel parport_pc ppdev lp parport ramoops drm reed_solomon efi_pstore ip_tables x_tables autofs4 btrfs blake2b_generic raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 multipath linear igb i2c_algo_bit dca ptp crc32_pclmul pps_core ahci libahci i2c_piix4 hid_generic usbhid hid [ 28.288027] CR2: 0000000000000014 [ 28.288031] ---[ end trace 0000000000000000 ]--- [ 28.533899] ipmi_si IPI0001:00: IPMI message handler: Found new BMC (man_id: 0x00d455, prod_id: 0x0202, dev_id: 0x20) [ 28.604507] RIP: 0010:psp_firmware_is_visible+0x3c/0x70 [ccp] [ 28.604527] Code: 00 00 48 85 c0 74 12 48 81 fe e0 54 53 c1 74 2f 48 81 fe c0 54 53 c1 74 03 31 c0 c3 f6 40 70 02 74 f7 48 8b 50 10 48 8b 52 08 <8b> 52 14 85 d2 74 e8 48 03 50 38 48 89 d7 e8 51 71 0a d7 eb 14 48 [ 28.604530] RSP: 0018:ffffc9000b80fa70 EFLAGS: 00010202 [ 28.604533] RAX: ffff888113c2d9a8 RBX: ffffffffc1535460 RCX: 0000000000000124 [ 28.604535] RDX: 0000000000000000 RSI: ffffffffc15354c0 RDI: ffff8888830dc0c0 [ 28.604536] RBP: ffff888883060980 R08: 0000000000000001 R09: 00000006c8df7639 [ 28.604537] R10: ffff888100258278 R11: 0000000000000100 R12: ffff8888830dc0c0 [ 28.604539] R13: 0000000000000001 R14: 0000000000000000 R15: ffffffffc1535490 [ 28.604540] FS: 00007f7c9ba2b880(0000) GS:ffff88885fcc0000(0000) knlGS:0000000000000000 [ 28.604542] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 28.604543] CR2: 0000000000000014 CR3: 0000800106e50000 CR4: 00000000003506e0 Also, the meaning of bit 7 in the feature register of Hygon PSP is not the same as AMD ASP. The Hygon PSP works only when CSV is configured in feature register. Signed-off-by: hanliyang <hanliyang@hygon.cn>
hygon inclusion category: feature CVE: NA --------------------------- The are Secure Processor devices with 2 different PCI device IDs on Hygon 2nd and 3rd CPUs, add them in the device list. Signed-off-by: hanliyang <hanliyang@hygon.cn>
hygon inclusion category: feature CVE: NA --------------------------- Since Hygon 4th CPUs, there are new Secure Processor devices with 3 different PCI device IDs, add them in the device list. Signed-off-by: Xin Jiang <jiangxin@hygon.cn> Signed-off-by: hanliyang <hanliyang@hygon.cn>
deepin pr auto review关键摘要:
是否建议立即修改: |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
龙芯构建失败是网络问题,我们要是没有好一点的代理那就拉倒了 |
Avenger-285714
merged commit 1308a0d
into
deepin-community:linux-6.6.y
4 of 5 checks passed
opsiff
pushed a commit
to opsiff/UOS-kernel
that referenced
this pull request
Jul 29, 2024
[ Upstream commit 5f1d18de79180deac2822c93e431bbe547f7d3ce ] Add a test case which replaces an active ingress qdisc while keeping the miniq in-tact during the transition period to the new clsact qdisc. # ./vmtest.sh -- ./test_progs -t tc_link [...] ./test_progs -t tc_link [ 3.412871] bpf_testmod: loading out-of-tree module taints kernel. [ 3.413343] bpf_testmod: module verification failed: signature and/or required key missing - tainting kernel deepin-community#332 tc_links_after:OK deepin-community#333 tc_links_append:OK deepin-community#334 tc_links_basic:OK deepin-community#335 tc_links_before:OK deepin-community#336 tc_links_chain_classic:OK deepin-community#337 tc_links_chain_mixed:OK deepin-community#338 tc_links_dev_chain0:OK deepin-community#339 tc_links_dev_cleanup:OK deepin-community#340 tc_links_dev_mixed:OK deepin-community#341 tc_links_ingress:OK deepin-community#342 tc_links_invalid:OK deepin-community#343 tc_links_prepend:OK deepin-community#344 tc_links_replace:OK deepin-community#345 tc_links_revision:OK Summary: 14/0 PASSED, 0 SKIPPED, 0 FAILED Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Cc: Martin KaFai Lau <martin.lau@kernel.org> Link: https://lore.kernel.org/r/20240708133130.11609-2-daniel@iogearbox.net Signed-off-by: Martin KaFai Lau <martin.lau@kernel.org> Signed-off-by: Sasha Levin <sashal@kernel.org> (cherry picked from commit e41db26543ef24b6906a832f73119cfadcd99f35)
Avenger-285714
pushed a commit
that referenced
this pull request
Aug 12, 2024
[ Upstream commit 5f1d18de79180deac2822c93e431bbe547f7d3ce ] Add a test case which replaces an active ingress qdisc while keeping the miniq in-tact during the transition period to the new clsact qdisc. # ./vmtest.sh -- ./test_progs -t tc_link [...] ./test_progs -t tc_link [ 3.412871] bpf_testmod: loading out-of-tree module taints kernel. [ 3.413343] bpf_testmod: module verification failed: signature and/or required key missing - tainting kernel #332 tc_links_after:OK #333 tc_links_append:OK #334 tc_links_basic:OK #335 tc_links_before:OK #336 tc_links_chain_classic:OK #337 tc_links_chain_mixed:OK #338 tc_links_dev_chain0:OK #339 tc_links_dev_cleanup:OK #340 tc_links_dev_mixed:OK #341 tc_links_ingress:OK #342 tc_links_invalid:OK #343 tc_links_prepend:OK #344 tc_links_replace:OK #345 tc_links_revision:OK Summary: 14/0 PASSED, 0 SKIPPED, 0 FAILED Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Cc: Martin KaFai Lau <martin.lau@kernel.org> Link: https://lore.kernel.org/r/20240708133130.11609-2-daniel@iogearbox.net Signed-off-by: Martin KaFai Lau <martin.lau@kernel.org> Signed-off-by: Sasha Levin <sashal@kernel.org> (cherry picked from commit e41db26543ef24b6906a832f73119cfadcd99f35)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
PSPCCP is the device which includes Platform Secure Processor and Cryptographic Co-Processor
in Hygon CPU, NTBCCP is Cryptographic Co-Processor in Hygon CPU. There are various device
IDs for PSPCCP/NTBCCP on Hygon C86-2G/C86-3G/C86-4G cpus. In order to avoid code intrusion
as much as possible, we introduce many files specific to Hygon.
Link: https://gitee.com/deepin-kernelsig/kernel/pulls/2