platform/chrome: wilco_ec: Add batt_ppid_info command to telemetry driver

Add the GET_BATT_PPID_INFO=0x8A command to the allowlist of accepted
telemetry commands. In addition, since this new command requires
verifying the contents of some of the arguments, I also restructure
the request to use a union of the argument structs. Also, zero out the
request buffer before each request, and change "whitelist" to
"allowlist".

Signed-off-by: Nick Crews <ncrews@chromium.org>
Signed-off-by: Enric Balletbo i Serra <enric.balletbo@collabora.com>
This commit is contained in:
Nick Crews 2019-08-05 14:22:14 -06:00 committed by Enric Balletbo i Serra
parent 5f9e832c13
commit 3b81d8bdd9
1 changed files with 43 additions and 21 deletions

View File

@ -9,7 +9,7 @@
* the OS sends a command to the EC via a write() to a char device,
* and can read the response with a read(). The write() request is
* verified by the driver to ensure that it is performing only one
* of the whitelisted commands, and that no extraneous data is
* of the allowlisted commands, and that no extraneous data is
* being transmitted to the EC. The response is passed directly
* back to the reader with no modification.
*
@ -59,21 +59,10 @@ static DEFINE_IDA(telem_ida);
#define WILCO_EC_TELEM_GET_TEMP_INFO 0x95
#define WILCO_EC_TELEM_GET_TEMP_READ 0x2C
#define WILCO_EC_TELEM_GET_BATT_EXT_INFO 0x07
#define WILCO_EC_TELEM_GET_BATT_PPID_INFO 0x8A
#define TELEM_ARGS_SIZE_MAX 30
/**
* struct wilco_ec_telem_request - Telemetry command and arguments sent to EC.
* @command: One of WILCO_EC_TELEM_GET_* command codes.
* @reserved: Must be 0.
* @args: The first N bytes are one of telem_args_get_* structs, the rest is 0.
*/
struct wilco_ec_telem_request {
u8 command;
u8 reserved;
u8 args[TELEM_ARGS_SIZE_MAX];
} __packed;
/*
* The following telem_args_get_* structs are embedded within the |args| field
* of wilco_ec_telem_request.
@ -122,6 +111,32 @@ struct telem_args_get_batt_ext_info {
u8 var_args[5];
} __packed;
struct telem_args_get_batt_ppid_info {
u8 always1; /* Should always be 1 */
} __packed;
/**
* struct wilco_ec_telem_request - Telemetry command and arguments sent to EC.
* @command: One of WILCO_EC_TELEM_GET_* command codes.
* @reserved: Must be 0.
* @args: The first N bytes are one of telem_args_get_* structs, the rest is 0.
*/
struct wilco_ec_telem_request {
u8 command;
u8 reserved;
union {
u8 buf[TELEM_ARGS_SIZE_MAX];
struct telem_args_get_log get_log;
struct telem_args_get_version get_version;
struct telem_args_get_fan_info get_fan_info;
struct telem_args_get_diag_info get_diag_info;
struct telem_args_get_temp_info get_temp_info;
struct telem_args_get_temp_read get_temp_read;
struct telem_args_get_batt_ext_info get_batt_ext_info;
struct telem_args_get_batt_ppid_info get_batt_ppid_info;
} args;
} __packed;
/**
* check_telem_request() - Ensure that a request from userspace is valid.
* @rq: Request buffer copied from userspace.
@ -133,7 +148,7 @@ struct telem_args_get_batt_ext_info {
* We do not want to allow userspace to send arbitrary telemetry commands to
* the EC. Therefore we check to ensure that
* 1. The request follows the format of struct wilco_ec_telem_request.
* 2. The supplied command code is one of the whitelisted commands.
* 2. The supplied command code is one of the allowlisted commands.
* 3. The request only contains the necessary data for the header and arguments.
*/
static int check_telem_request(struct wilco_ec_telem_request *rq,
@ -146,25 +161,31 @@ static int check_telem_request(struct wilco_ec_telem_request *rq,
switch (rq->command) {
case WILCO_EC_TELEM_GET_LOG:
max_size += sizeof(struct telem_args_get_log);
max_size += sizeof(rq->args.get_log);
break;
case WILCO_EC_TELEM_GET_VERSION:
max_size += sizeof(struct telem_args_get_version);
max_size += sizeof(rq->args.get_version);
break;
case WILCO_EC_TELEM_GET_FAN_INFO:
max_size += sizeof(struct telem_args_get_fan_info);
max_size += sizeof(rq->args.get_fan_info);
break;
case WILCO_EC_TELEM_GET_DIAG_INFO:
max_size += sizeof(struct telem_args_get_diag_info);
max_size += sizeof(rq->args.get_diag_info);
break;
case WILCO_EC_TELEM_GET_TEMP_INFO:
max_size += sizeof(struct telem_args_get_temp_info);
max_size += sizeof(rq->args.get_temp_info);
break;
case WILCO_EC_TELEM_GET_TEMP_READ:
max_size += sizeof(struct telem_args_get_temp_read);
max_size += sizeof(rq->args.get_temp_read);
break;
case WILCO_EC_TELEM_GET_BATT_EXT_INFO:
max_size += sizeof(struct telem_args_get_batt_ext_info);
max_size += sizeof(rq->args.get_batt_ext_info);
break;
case WILCO_EC_TELEM_GET_BATT_PPID_INFO:
if (rq->args.get_batt_ppid_info.always1 != 1)
return -EINVAL;
max_size += sizeof(rq->args.get_batt_ppid_info);
break;
default:
return -EINVAL;
@ -250,6 +271,7 @@ static ssize_t telem_write(struct file *filp, const char __user *buf,
if (count > sizeof(sess_data->request))
return -EMSGSIZE;
memset(&sess_data->request, 0, sizeof(sess_data->request));
if (copy_from_user(&sess_data->request, buf, count))
return -EFAULT;
ret = check_telem_request(&sess_data->request, count);