Merge branch 'for-6.5/cxl-background' into for-6.5/cxl

		affinity for this device.

What:		/sys/bus/cxl/devices/memX/security/state

Date:		June, 2023

KernelVersion:	v6.5

Contact:	linux-cxl@vger.kernel.org

Description:

		(RO) Reading this file will display the CXL security state for

		that device. Such states can be: 'disabled', 'sanitize', when

		a sanitization is currently underway; or those available only

		for persistent memory: 'locked', 'unlocked' or 'frozen'. This

		sysfs entry is select/poll capable from userspace to notify

		upon completion of a sanitize operation.

What:           /sys/bus/cxl/devices/memX/security/sanitize

Date:           June, 2023

KernelVersion:  v6.5

Contact:        linux-cxl@vger.kernel.org

Description:

		(WO) Write a boolean 'true' string value to this attribute to

		sanitize the device to securely re-purpose or decommission it.

		This is done by ensuring that all user data and meta-data,

		whether it resides in persistent capacity, volatile capacity,

		or the LSA, is made permanently unavailable by whatever means

		is appropriate for the media type. This functionality requires

		the device to be not be actively decoding any HPA ranges.

What            /sys/bus/cxl/devices/memX/security/erase

Date:           June, 2023

KernelVersion:  v6.5

Contact:        linux-cxl@vger.kernel.org

Description:

		(WO) Write a boolean 'true' string value to this attribute to

		secure erase user data by changing the media encryption keys for

		all user data areas of the device.

What:		/sys/bus/cxl/devices/*/devtype

Date:		June, 2021

KernelVersion:	v5.14

	if (rc)

		return rc;

	if (mbox_cmd->return_code != CXL_MBOX_CMD_RC_SUCCESS)

	if (mbox_cmd->return_code != CXL_MBOX_CMD_RC_SUCCESS &&

	    mbox_cmd->return_code != CXL_MBOX_CMD_RC_BACKGROUND)

		return cxl_mbox_cmd_rc2errno(mbox_cmd);

	if (!out_size)

}

EXPORT_SYMBOL_NS_GPL(cxl_dev_state_identify, CXL);

/**

 * cxl_mem_sanitize() - Send a sanitization command to the device.

 * @cxlds: The device data for the operation

 * @cmd: The specific sanitization command opcode

 *

 * Return: 0 if the command was executed successfully, regardless of

 * whether or not the actual security operation is done in the background,

 * such as for the Sanitize case.

 * Error return values can be the result of the mailbox command, -EINVAL

 * when security requirements are not met or invalid contexts.

 *

 * See CXL 3.0 @8.2.9.8.5.1 Sanitize and @8.2.9.8.5.2 Secure Erase.

 */

int cxl_mem_sanitize(struct cxl_dev_state *cxlds, u16 cmd)

{

	int rc;

	u32 sec_out = 0;

	struct cxl_get_security_output {

		__le32 flags;

	} out;

	struct cxl_mbox_cmd sec_cmd = {

		.opcode = CXL_MBOX_OP_GET_SECURITY_STATE,

		.payload_out = &out,

		.size_out = sizeof(out),

	};

	struct cxl_mbox_cmd mbox_cmd = { .opcode = cmd };

	if (cmd != CXL_MBOX_OP_SANITIZE && cmd != CXL_MBOX_OP_SECURE_ERASE)

		return -EINVAL;

	rc = cxl_internal_send_cmd(cxlds, &sec_cmd);

	if (rc < 0) {

		dev_err(cxlds->dev, "Failed to get security state : %d", rc);

		return rc;

	}

	/*

	 * Prior to using these commands, any security applied to

	 * the user data areas of the device shall be DISABLED (or

	 * UNLOCKED for secure erase case).

	 */

	sec_out = le32_to_cpu(out.flags);

	if (sec_out & CXL_PMEM_SEC_STATE_USER_PASS_SET)

		return -EINVAL;

	if (cmd == CXL_MBOX_OP_SECURE_ERASE &&

	    sec_out & CXL_PMEM_SEC_STATE_LOCKED)

		return -EINVAL;

	rc = cxl_internal_send_cmd(cxlds, &mbox_cmd);

	if (rc < 0) {

		dev_err(cxlds->dev, "Failed to sanitize device : %d", rc);

		return rc;

	}

	return 0;

}

EXPORT_SYMBOL_NS_GPL(cxl_mem_sanitize, CXL);

static int add_dpa_res(struct device *dev, struct resource *parent,

		       struct resource *res, resource_size_t start,

		       resource_size_t size, const char *type)

// SPDX-License-Identifier: GPL-2.0-only

/* Copyright(c) 2020 Intel Corporation. */

#include <linux/io-64-nonatomic-lo-hi.h>

#include <linux/device.h>

#include <linux/slab.h>

#include <linux/idr.h>

}

static DEVICE_ATTR_RO(numa_node);

static ssize_t security_state_show(struct device *dev,

				   struct device_attribute *attr,

				   char *buf)

{

	struct cxl_memdev *cxlmd = to_cxl_memdev(dev);

	struct cxl_dev_state *cxlds = cxlmd->cxlds;

	unsigned long state = cxlds->security.state;

	u64 reg = readq(cxlds->regs.mbox + CXLDEV_MBOX_BG_CMD_STATUS_OFFSET);

	u32 pct = FIELD_GET(CXLDEV_MBOX_BG_CMD_COMMAND_PCT_MASK, reg);

	u16 cmd = FIELD_GET(CXLDEV_MBOX_BG_CMD_COMMAND_OPCODE_MASK, reg);

	if (cmd == CXL_MBOX_OP_SANITIZE && pct != 100)

		return sysfs_emit(buf, "sanitize\n");

	if (!(state & CXL_PMEM_SEC_STATE_USER_PASS_SET))

		return sysfs_emit(buf, "disabled\n");

	if (state & CXL_PMEM_SEC_STATE_FROZEN ||

	    state & CXL_PMEM_SEC_STATE_MASTER_PLIMIT ||

	    state & CXL_PMEM_SEC_STATE_USER_PLIMIT)

		return sysfs_emit(buf, "frozen\n");

	if (state & CXL_PMEM_SEC_STATE_LOCKED)

		return sysfs_emit(buf, "locked\n");

	else

		return sysfs_emit(buf, "unlocked\n");

}

static struct device_attribute dev_attr_security_state =

	__ATTR(state, 0444, security_state_show, NULL);

static ssize_t security_sanitize_store(struct device *dev,

				       struct device_attribute *attr,

				       const char *buf, size_t len)

{

	struct cxl_memdev *cxlmd = to_cxl_memdev(dev);

	struct cxl_dev_state *cxlds = cxlmd->cxlds;

	struct cxl_port *port = dev_get_drvdata(&cxlmd->dev);

	ssize_t rc;

	bool sanitize;

	if (kstrtobool(buf, &sanitize) || !sanitize)

		return -EINVAL;

	if (!port || !is_cxl_endpoint(port))

		return -EINVAL;

	/* ensure no regions are mapped to this memdev */

	if (port->commit_end != -1)

		return -EBUSY;

	rc = cxl_mem_sanitize(cxlds, CXL_MBOX_OP_SANITIZE);

	return rc ? rc : len;

}

static struct device_attribute dev_attr_security_sanitize =

	__ATTR(sanitize, 0200, NULL, security_sanitize_store);

static ssize_t security_erase_store(struct device *dev,

				    struct device_attribute *attr,

				    const char *buf, size_t len)

{

	struct cxl_memdev *cxlmd = to_cxl_memdev(dev);

	struct cxl_dev_state *cxlds = cxlmd->cxlds;

	struct cxl_port *port = dev_get_drvdata(&cxlmd->dev);

	ssize_t rc;

	bool erase;

	if (kstrtobool(buf, &erase) || !erase)

		return -EINVAL;

	if (!port || !is_cxl_endpoint(port))

		return -EINVAL;

	/* ensure no regions are mapped to this memdev */

	if (port->commit_end != -1)

		return -EBUSY;

	rc = cxl_mem_sanitize(cxlds, CXL_MBOX_OP_SECURE_ERASE);

	return rc ? rc : len;

}

static struct device_attribute dev_attr_security_erase =

	__ATTR(erase, 0200, NULL, security_erase_store);

static int cxl_get_poison_by_memdev(struct cxl_memdev *cxlmd)

{

	struct cxl_dev_state *cxlds = cxlmd->cxlds;

	NULL,

};

static struct attribute *cxl_memdev_security_attributes[] = {

	&dev_attr_security_state.attr,

	&dev_attr_security_sanitize.attr,

	&dev_attr_security_erase.attr,

	NULL,

};

static umode_t cxl_memdev_visible(struct kobject *kobj, struct attribute *a,

				  int n)

{

	.attrs = cxl_memdev_pmem_attributes,

};

static struct attribute_group cxl_memdev_security_attribute_group = {

	.name = "security",

	.attrs = cxl_memdev_security_attributes,

};

static const struct attribute_group *cxl_memdev_attribute_groups[] = {

	&cxl_memdev_attribute_group,

	&cxl_memdev_ram_attribute_group,

	&cxl_memdev_pmem_attribute_group,

	&cxl_memdev_security_attribute_group,

	NULL,

};

}

EXPORT_SYMBOL_NS_GPL(clear_exclusive_cxl_commands, CXL);

static void cxl_memdev_security_shutdown(struct device *dev)

{

	struct cxl_memdev *cxlmd = to_cxl_memdev(dev);

	struct cxl_dev_state *cxlds = cxlmd->cxlds;

	if (cxlds->security.poll)

		cancel_delayed_work_sync(&cxlds->security.poll_dwork);

}

static void cxl_memdev_shutdown(struct device *dev)

{

	struct cxl_memdev *cxlmd = to_cxl_memdev(dev);

	down_write(&cxl_memdev_rwsem);

	cxl_memdev_security_shutdown(dev);

	cxlmd->cxlds = NULL;

	up_write(&cxl_memdev_rwsem);

}

	.llseek = noop_llseek,

};

static void put_sanitize(void *data)

{

	struct cxl_dev_state *cxlds = data;

	sysfs_put(cxlds->security.sanitize_node);

}

static int cxl_memdev_security_init(struct cxl_memdev *cxlmd)

{

	struct cxl_dev_state *cxlds = cxlmd->cxlds;

	struct device *dev = &cxlmd->dev;

	struct kernfs_node *sec;

	sec = sysfs_get_dirent(dev->kobj.sd, "security");

	if (!sec) {

		dev_err(dev, "sysfs_get_dirent 'security' failed\n");

		return -ENODEV;

	}

	cxlds->security.sanitize_node = sysfs_get_dirent(sec, "state");

	sysfs_put(sec);

	if (!cxlds->security.sanitize_node) {

		dev_err(dev, "sysfs_get_dirent 'state' failed\n");

		return -ENODEV;

	}

	return devm_add_action_or_reset(cxlds->dev, put_sanitize, cxlds);

 }

struct cxl_memdev *devm_cxl_add_memdev(struct cxl_dev_state *cxlds)

{

	struct cxl_memdev *cxlmd;

	if (rc)

		goto err;

	rc = cxl_memdev_security_init(cxlmd);

	if (rc)

		goto err;

	rc = devm_add_action_or_reset(cxlds->dev, cxl_memdev_unregister, cxlmd);

	if (rc)

		return ERR_PTR(rc);

/* CXL 2.0 8.2.8.4 Mailbox Registers */

#define CXLDEV_MBOX_CAPS_OFFSET 0x00

#define   CXLDEV_MBOX_CAP_PAYLOAD_SIZE_MASK GENMASK(4, 0)

#define   CXLDEV_MBOX_CAP_BG_CMD_IRQ BIT(6)

#define   CXLDEV_MBOX_CAP_IRQ_MSGNUM_MASK GENMASK(10, 7)

#define CXLDEV_MBOX_CTRL_OFFSET 0x04

#define   CXLDEV_MBOX_CTRL_DOORBELL BIT(0)

#define   CXLDEV_MBOX_CTRL_BG_CMD_IRQ BIT(2)

#define CXLDEV_MBOX_CMD_OFFSET 0x08

#define   CXLDEV_MBOX_CMD_COMMAND_OPCODE_MASK GENMASK_ULL(15, 0)

#define   CXLDEV_MBOX_CMD_PAYLOAD_LENGTH_MASK GENMASK_ULL(36, 16)

#define CXLDEV_MBOX_STATUS_OFFSET 0x10

#define   CXLDEV_MBOX_STATUS_BG_CMD BIT(0)

#define   CXLDEV_MBOX_STATUS_RET_CODE_MASK GENMASK_ULL(47, 32)

#define CXLDEV_MBOX_BG_CMD_STATUS_OFFSET 0x18

#define   CXLDEV_MBOX_BG_CMD_COMMAND_OPCODE_MASK GENMASK_ULL(15, 0)

#define   CXLDEV_MBOX_BG_CMD_COMMAND_PCT_MASK GENMASK_ULL(22, 16)

#define   CXLDEV_MBOX_BG_CMD_COMMAND_RC_MASK GENMASK_ULL(47, 32)

#define   CXLDEV_MBOX_BG_CMD_COMMAND_VENDOR_MASK GENMASK_ULL(63, 48)

#define CXLDEV_MBOX_PAYLOAD_OFFSET 0x20

/*

#include <uapi/linux/cxl_mem.h>

#include <linux/cdev.h>

#include <linux/uuid.h>

#include <linux/rcuwait.h>

#include "cxl.h"

/* CXL 2.0 8.2.8.5.1.1 Memory Device Status Register */

 *            variable sized output commands, it tells the exact number of bytes

 *            written.

 * @min_out: (input) internal command output payload size validation

 * @poll_count: (input) Number of timeouts to attempt.

 * @poll_interval_ms: (input) Time between mailbox background command polling

 *                    interval timeouts.

 * @return_code: (output) Error code returned from hardware.

 *

 * This is the primary mechanism used to send commands to the hardware.

	size_t size_in;

	size_t size_out;

	size_t min_out;

	int poll_count;

	int poll_interval_ms;

	u16 return_code;

};

	struct mutex lock;  /* Protect reads of poison list */

};

/**

 * struct cxl_security_state - Device security state

 *

 * @state: state of last security operation

 * @poll: polling for sanitization is enabled, device has no mbox irq support

 * @poll_tmo_secs: polling timeout

 * @poll_dwork: polling work item

 * @sanitize_node: sanitation sysfs file to notify

 */

struct cxl_security_state {

	unsigned long state;

	bool poll;

	int poll_tmo_secs;

	struct delayed_work poll_dwork;

	struct kernfs_node *sanitize_node;

};

/**

 * struct cxl_dev_state - The driver device state

 *

	struct cxl_event_state event;

	struct cxl_poison_state poison;

	struct cxl_security_state security;

	struct rcuwait mbox_wait;

	int (*mbox_send)(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd *cmd);

};

	CXL_MBOX_OP_GET_SCAN_MEDIA_CAPS	= 0x4303,

	CXL_MBOX_OP_SCAN_MEDIA		= 0x4304,

	CXL_MBOX_OP_GET_SCAN_MEDIA	= 0x4305,

	CXL_MBOX_OP_SANITIZE		= 0x4400,

	CXL_MBOX_OP_SECURE_ERASE	= 0x4401,

	CXL_MBOX_OP_GET_SECURITY_STATE	= 0x4500,

	CXL_MBOX_OP_SET_PASSPHRASE	= 0x4501,

	CXL_MBOX_OP_DISABLE_PASSPHRASE	= 0x4502,

}

#endif

int cxl_mem_sanitize(struct cxl_dev_state *cxlds, u16 cmd);

struct cxl_hdm {

	struct cxl_component_regs regs;

	unsigned int decoder_count;